Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/c2a5bd-5f28-46f9-a414-3f1c1523a123/1/1-ASZez0i0MyTytcWAgj4iBy5z_Q.roa
File: 1-ASZez0i0MyTytcWAgj4iBy5z_Q.roa (raw, json)
Hash identifier: orVdx0YxDxIJBTYx5DQ//4wS5RPo6X0ZBuMo4rivTH4=
Subject key identifier: F8:04:99:7B:3D:22:D0:CC:93:CA:D7:16:02:08:F8:88:1C:B9:CF:F4
Certificate issuer: /CN=eccfdaee1e9eabd80237602961baa25abc69cd64
Certificate serial: 018CC8014EE4EFBAEF9B498184FFAE16B6F8
Authority key identifier: EC:CF:DA:EE:1E:9E:AB:D8:02:37:60:29:61:BA:A2:5A:BC:69:CD:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7M_a7h6eq9gCN2ApYbqiWrxpzWQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/c2a5bd-5f28-46f9-a414-3f1c1523a123/1/1-ASZez0i0MyTytcWAgj4iBy5z_Q.roa
Signing time: Tue 02 Jan 2024 02:29:38 +0000
ROA not before: Tue 02 Jan 2024 02:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50399
IP address blocks: 92.42.232.0/21 maxlen: 24
185.223.140.0/22 maxlen: 24
185.3.204.0/22 maxlen: 24
109.232.40.0/21 maxlen: 24
2a00:11e8::/32 maxlen: 64
2a03:3300::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/c2a5bd-5f28-46f9-a414-3f1c1523a123/1/7M_a7h6eq9gCN2ApYbqiWrxpzWQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/c2a5bd-5f28-46f9-a414-3f1c1523a123/1/7M_a7h6eq9gCN2ApYbqiWrxpzWQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/7M_a7h6eq9gCN2ApYbqiWrxpzWQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 May 2024 10:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:4e:e4:ef:ba:ef:9b:49:81:84:ff:ae:16:b6:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eccfdaee1e9eabd80237602961baa25abc69cd64
Validity
Not Before: Jan 2 02:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f804997b3d22d0cc93cad7160208f8881cb9cff4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ea:2a:d1:97:5e:29:e9:48:6a:68:7b:cc:5a:
2a:de:e3:63:c6:1a:f4:7b:c4:80:4b:7e:65:a4:c5:
b7:18:54:cf:ad:0c:7f:0f:70:b4:37:e3:dd:20:ff:
c0:ff:a7:d5:13:68:3b:d9:bd:59:13:61:73:0e:bd:
82:b8:0e:99:c1:6a:7c:7e:f6:ae:71:aa:12:06:ae:
7b:f0:80:dc:48:58:bf:28:03:9a:cd:b8:31:ee:8e:
7b:dd:27:1e:53:d7:00:b5:a0:08:40:d1:26:51:bb:
bc:e9:03:75:a2:d6:7e:f9:72:ec:f4:f7:02:a8:d7:
46:d5:c0:3a:89:da:36:3a:1c:1b:85:88:f5:ae:2e:
ba:d4:87:e3:dd:75:a1:d0:8a:55:54:4a:2e:af:a4:
82:c1:b0:77:3c:7a:5e:dc:a1:1d:9d:2e:92:63:e4:
e9:78:d6:f8:82:14:ba:10:c8:15:48:11:3d:90:34:
01:ae:59:e3:16:b6:5a:a2:9f:d2:91:96:f2:a7:b2:
73:4f:fb:d3:d1:03:64:83:69:c4:06:d2:d5:48:f0:
97:a0:68:b5:f8:10:83:fb:1e:23:0c:dc:49:e0:59:
ed:a1:91:f6:51:01:f9:33:b9:38:cc:91:96:4f:da:
b2:a9:97:4f:35:39:4e:7a:29:be:7a:fc:81:5b:41:
76:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:04:99:7B:3D:22:D0:CC:93:CA:D7:16:02:08:F8:88:1C:B9:CF:F4
X509v3 Authority Key Identifier:
keyid:EC:CF:DA:EE:1E:9E:AB:D8:02:37:60:29:61:BA:A2:5A:BC:69:CD:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7M_a7h6eq9gCN2ApYbqiWrxpzWQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c2a5bd-5f28-46f9-a414-3f1c1523a123/1/1-ASZez0i0MyTytcWAgj4iBy5z_Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/c2a5bd-5f28-46f9-a414-3f1c1523a123/1/7M_a7h6eq9gCN2ApYbqiWrxpzWQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.42.232.0/21
109.232.40.0/21
185.3.204.0/22
185.223.140.0/22
IPv6:
2a00:11e8::/32
2a03:3300::/32
Signature Algorithm: sha256WithRSAEncryption
59:49:68:94:b6:a8:b1:98:97:52:77:13:ae:98:f0:72:ca:32:
3b:02:46:94:85:99:9f:9c:81:94:49:a3:ae:fd:43:4b:2b:07:
1b:63:fa:39:87:e1:ed:90:79:9e:fd:e9:cd:39:4b:f4:9b:4c:
85:72:ad:1f:1d:76:f3:2e:33:f4:4d:1d:14:be:c3:b2:ed:89:
83:4b:14:a5:46:93:4e:96:47:33:eb:b5:b4:ba:d1:44:8a:4d:
9a:b2:a6:3a:c3:55:d8:f8:94:fb:84:94:ed:88:3d:44:57:74:
84:fc:79:ce:2f:d8:22:d6:6b:1d:28:18:d1:bb:bd:a9:de:ac:
dc:86:ef:85:48:a4:61:99:14:6a:31:c9:30:7d:2f:ba:c9:8f:
60:1c:bd:eb:7b:ce:67:a5:ec:18:88:0a:19:dc:75:27:30:20:
bf:0e:96:bc:4b:5c:95:90:b1:40:b0:2e:bd:da:64:89:10:ea:
04:85:2e:69:07:46:0d:e7:7f:04:5d:7f:b0:7e:09:64:58:80:
ae:65:e9:5e:46:62:bc:5a:2e:4c:4d:c5:df:89:c5:0e:fc:82:
ca:d2:3a:be:f7:63:18:47:17:a7:b0:2c:c7:6f:47:65:21:46:
3f:20:7e:e5:e2:f2:14:84:80:e3:68:75:a6:91:76:a7:9c:46:
95:87:9b:0c
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzIAU7k77rvm0mBhP+uFrb4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjY2ZkYWVlMWU5ZWFiZDgwMjM3NjAyOTYxYmFhMjVhYmM2
OWNkNjQwHhcNMjQwMTAyMDIyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODA0OTk3YjNkMjJkMGNjOTNjYWQ3MTYwMjA4Zjg4ODFjYjljZmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzOoq0ZdeKelIamh7zFoq3uNjxhr0
e8SAS35lpMW3GFTPrQx/D3C0N+PdIP/A/6fVE2g72b1ZE2FzDr2CuA6ZwWp8fvau
caoSBq578IDcSFi/KAOazbgx7o573SceU9cAtaAIQNEmUbu86QN1otZ++XLs9PcC
qNdG1cA6ido2OhwbhYj1ri661Ifj3XWh0IpVVEour6SCwbB3PHpe3KEdnS6SY+Tp
eNb4ghS6EMgVSBE9kDQBrlnjFrZaop/SkZbyp7JzT/vT0QNkg2nEBtLVSPCXoGi1
+BCD+x4jDNxJ4FntoZH2UQH5M7k4zJGWT9qyqZdPNTlOeim+evyBW0F2BQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFPgEmXs9ItDMk8rXFgII+Igcuc/0MB8GA1UdIwQY
MBaAFOzP2u4enqvYAjdgKWG6olq8ac1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN01fYTdoNmVxOWdDTjJBcFlicWlXcnhweldRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9jMmE1YmQtNWYyOC00NmY5LWE0MTQt
M2YxYzE1MjNhMTIzLzEvMS1BU1plejBpME15VHl0Y1dBZ2o0aUJ5NXpfUS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjgvYzJhNWJkLTVmMjgtNDZmOS1hNDE0LTNmMWMxNTIzYTEy
My8xLzdNX2E3aDZlcTlnQ04yQXBZYnFpV3J4cHpXUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBHBggrBgEFBQcBBwEB/wQ4MDYwHgQCAAEwGAMEA1wq6AME
A23oKAMEArkDzAMEArnfjDAUBAIAAjAOAwUAKgAR6AMFACoDMwAwDQYJKoZIhvcN
AQELBQADggEBAFlJaJS2qLGYl1J3E66Y8HLKMjsCRpSFmZ+cgZRJo679Q0srBxtj
+jmH4e2QeZ796c05S/SbTIVyrR8ddvMuM/RNHRS+w7LtiYNLFKVGk06WRzPrtbS6
0USKTZqypjrDVdj4lPuElO2IPURXdIT8ec4v2CLWax0oGNG7vanerNyG74VIpGGZ
FGoxyTB9L7rJj2Acvet7zmel7BiIChncdScwIL8OlrxLXJWQsUCwLr3aZIkQ6gSF
LmkHRg3nfwRdf7B+CWRYgK5l6V5GYrxaLkxNxd+JxQ78gsrSOr73YxhHF6ewLMdv
R2UhRj8gfuXi8hSEgONodaaRdqecRpWHmww=
-----END CERTIFICATE-----
Generated at Thu May 30 19:05:36 2024 by rpki-client on console-ams.rpki-client.org