Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/4OY2EkQB_a9wmt1y9aVCHfcXvr0.roa
File: 4OY2EkQB_a9wmt1y9aVCHfcXvr0.roa (raw, json)
Hash identifier: jLCtPqzATE1FJD1QAqVfxe1BoGXcB3hXqfSnt9VHQdA=
Subject key identifier: E0:E6:36:12:44:01:FD:AF:70:9A:DD:72:F5:A5:42:1D:F7:17:BE:BD
Certificate issuer: /CN=e10d5c29a3439703d89b5abf03a75d861771bef4
Certificate serial: 018CC56EE285A14DADA319199471EFCA12D1
Authority key identifier: E1:0D:5C:29:A3:43:97:03:D8:9B:5A:BF:03:A7:5D:86:17:71:BE:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/4OY2EkQB_a9wmt1y9aVCHfcXvr0.roa
Signing time: Mon 01 Jan 2024 14:30:27 +0000
ROA not before: Mon 01 Jan 2024 14:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35547
IP address blocks: 188.119.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:e2:85:a1:4d:ad:a3:19:19:94:71:ef:ca:12:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e10d5c29a3439703d89b5abf03a75d861771bef4
Validity
Not Before: Jan 1 14:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e0e636124401fdaf709add72f5a5421df717bebd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:fc:6e:63:f0:ac:41:d0:5e:dd:87:6b:96:77:
e9:9a:7e:8e:64:3c:3c:d9:e2:96:c7:58:50:1d:9a:
35:32:ac:9f:91:df:cb:7e:bb:a3:68:c3:ca:b0:e7:
76:eb:f5:69:52:0c:f3:c8:18:54:47:82:45:fd:99:
38:14:b9:db:41:08:e1:79:16:93:2b:b6:0e:c1:28:
8d:37:05:63:86:38:a2:6e:49:8c:75:e2:5f:ab:35:
1b:30:42:a5:9c:c8:8c:f8:3a:72:4e:e8:e2:b6:1f:
a9:48:77:7d:b6:8a:0f:98:e2:2a:92:e8:61:f7:7d:
7a:87:a4:3d:d6:7e:d8:9d:99:55:6a:58:05:31:cc:
30:bb:0a:90:8e:16:a4:52:a2:e0:18:c1:77:45:44:
9f:21:81:28:32:90:fa:b9:91:2b:74:41:aa:2e:54:
50:7c:1c:c8:cb:7d:f3:74:74:b3:c2:71:8e:18:2e:
e1:6f:56:fb:b9:3d:f7:8b:6c:d0:0b:60:38:d1:59:
a1:aa:b1:09:9f:4a:97:12:c5:56:f5:d6:f6:bc:87:
f0:ff:e7:4b:a9:2c:9e:b3:a3:31:67:36:33:1d:e8:
16:ae:58:dd:94:76:47:26:a9:58:da:e0:20:ee:d8:
17:88:33:5f:e3:b6:f9:d3:5f:94:ee:0f:46:53:30:
79:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:E6:36:12:44:01:FD:AF:70:9A:DD:72:F5:A5:42:1D:F7:17:BE:BD
X509v3 Authority Key Identifier:
keyid:E1:0D:5C:29:A3:43:97:03:D8:9B:5A:BF:03:A7:5D:86:17:71:BE:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/4OY2EkQB_a9wmt1y9aVCHfcXvr0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/3edb47-fd6e-4c59-a7ab-e42a58064a63/1/4Q1cKaNDlwPYm1q_A6ddhhdxvvQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.119.35.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:af:df:30:b4:f0:34:18:e4:38:fb:6d:d2:2b:2f:99:12:a5:
59:94:45:28:8f:9e:09:e7:d8:38:c5:2b:68:3b:91:30:9e:df:
99:6b:86:3a:3f:0f:a2:88:a9:97:e8:f8:12:00:19:5b:c9:36:
b7:5c:c8:30:b7:2c:17:ca:39:36:43:f4:7c:12:a5:3d:67:df:
df:e2:20:e5:42:1c:b6:ed:1a:f6:15:b1:be:1a:0f:04:7a:ac:
84:38:00:cb:c4:2c:16:25:ec:9f:ca:4b:a2:e5:2e:4d:05:e5:
8b:47:c1:90:b1:13:dd:f9:93:93:8d:a9:01:cc:7d:a3:0e:fc:
ff:7b:4b:93:eb:f8:3f:c2:ed:f5:b0:46:bb:a7:a0:b0:55:aa:
77:45:90:24:fd:f5:20:4b:aa:d0:dc:12:21:d0:5a:5c:b1:e9:
4a:82:0b:70:ad:e4:42:70:85:65:b3:68:dd:a9:84:65:f5:e0:
27:51:27:38:b4:6a:64:a8:b6:ba:66:ff:2b:34:84:2f:db:79:
16:7f:1a:53:a2:d9:92:13:87:04:b8:ff:be:95:7e:4f:b9:5d:
f6:8f:c9:82:38:77:bd:f2:5e:68:9a:24:8c:41:19:46:59:9e:
0f:ce:a8:3d:ae:6a:7a:23:73:95:2d:2b:cd:8b:e7:91:6f:95:
10:f9:f9:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbuKFoU2toxkZlHHvyhLRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMGQ1YzI5YTM0Mzk3MDNkODliNWFiZjAzYTc1ZDg2MTc3
MWJlZjQwHhcNMjQwMTAxMTQzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGU2MzYxMjQ0MDFmZGFmNzA5YWRkNzJmNWE1NDIxZGY3MTdiZWJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh/xuY/CsQdBe3Ydrlnfpmn6OZDw8
2eKWx1hQHZo1Mqyfkd/LfrujaMPKsOd26/VpUgzzyBhUR4JF/Zk4FLnbQQjheRaT
K7YOwSiNNwVjhjiibkmMdeJfqzUbMEKlnMiM+DpyTujith+pSHd9tooPmOIqkuhh
9316h6Q91n7YnZlValgFMcwwuwqQjhakUqLgGMF3RUSfIYEoMpD6uZErdEGqLlRQ
fBzIy33zdHSzwnGOGC7hb1b7uT33i2zQC2A40VmhqrEJn0qXEsVW9db2vIfw/+dL
qSyes6MxZzYzHegWrljdlHZHJqlY2uAg7tgXiDNf47b501+U7g9GUzB5/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFODmNhJEAf2vcJrdcvWlQh33F769MB8GA1UdIwQY
MBaAFOENXCmjQ5cD2JtavwOnXYYXcb70MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFExY0thTkRsd1BZbTFxX0E2ZGRoaGR4dnZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC8zZWRiNDctZmQ2ZS00YzU5LWE3YWIt
ZTQyYTU4MDY0YTYzLzEvNE9ZMkVrUUJfYTl3bXQxeTlhVkNIZmNYdnIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC8zZWRiNDctZmQ2ZS00YzU5LWE3YWItZTQyYTU4MDY0YTYz
LzEvNFExY0thTkRsd1BZbTFxX0E2ZGRoaGR4dnZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAvHcjMA0G
CSqGSIb3DQEBCwUAA4IBAQAvr98wtPA0GOQ4+23SKy+ZEqVZlEUoj54J59g4xSto
O5Ewnt+Za4Y6Pw+iiKmX6PgSABlbyTa3XMgwtywXyjk2Q/R8EqU9Z9/f4iDlQhy2
7Rr2FbG+Gg8EeqyEOADLxCwWJeyfykui5S5NBeWLR8GQsRPd+ZOTjakBzH2jDvz/
e0uT6/g/wu31sEa7p6CwVap3RZAk/fUgS6rQ3BIh0FpcselKggtwreRCcIVls2jd
qYRl9eAnUSc4tGpkqLa6Zv8rNIQv23kWfxpTotmSE4cEuP++lX5PuV32j8mCOHe9
8l5omiSMQRlGWZ4Pzqg9rmp6I3OVLSvNi+eRb5UQ+fl5
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:36:26 2024 by rpki-client on console-ams.rpki-client.org