Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/EeWSrEZyfl0G5nAU84ekfly9AXw.roa
File: EeWSrEZyfl0G5nAU84ekfly9AXw.roa (raw, json)
Hash identifier: Sha2hKyoW7JiIjsIQm6ydOgyRNeWX9uT39Ssp0VoiAw=
Subject key identifier: 11:E5:92:AC:46:72:7E:5D:06:E6:70:14:F3:87:A4:7E:5C:BD:01:7C
Certificate issuer: /CN=c2afc14dce450b05ec86c7c53070cd6bb6dbc7ee
Certificate serial: 018CCA2A3A636CBAC4B0BE3193443A66BE10
Authority key identifier: C2:AF:C1:4D:CE:45:0B:05:EC:86:C7:C5:30:70:CD:6B:B6:DB:C7:EE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wq_BTc5FCwXshsfFMHDNa7bbx-4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/EeWSrEZyfl0G5nAU84ekfly9AXw.roa
Signing time: Tue 02 Jan 2024 12:33:34 +0000
ROA not before: Tue 02 Jan 2024 12:33:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204818
IP address blocks: 217.16.0.0/20 maxlen: 20
185.158.4.0/22 maxlen: 22
46.182.4.0/22 maxlen: 22
2a05:36c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/wq_BTc5FCwXshsfFMHDNa7bbx-4.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/wq_BTc5FCwXshsfFMHDNa7bbx-4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wq_BTc5FCwXshsfFMHDNa7bbx-4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:3a:63:6c:ba:c4:b0:be:31:93:44:3a:66:be:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2afc14dce450b05ec86c7c53070cd6bb6dbc7ee
Validity
Not Before: Jan 2 12:33:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11e592ac46727e5d06e67014f387a47e5cbd017c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:be:42:e8:18:84:93:cc:a7:e1:53:14:72:99:
11:87:13:ac:85:78:26:4d:1d:c9:5d:58:ac:1f:0f:
c5:db:74:9a:1d:51:5c:d6:e8:33:d1:7e:e2:2b:5b:
85:86:a2:63:d9:49:fa:94:57:30:4d:60:03:b6:c0:
24:88:b1:f3:c4:1f:19:d1:a4:12:87:a0:a9:96:60:
50:cb:4d:63:ea:44:5a:05:4c:4f:2b:36:d1:89:73:
3f:09:7f:c0:bf:b8:79:d2:cd:4b:95:66:3b:54:0f:
78:bd:9b:2b:8a:94:5c:7b:78:93:99:23:cd:a3:6d:
82:1e:48:68:7d:5a:a6:b4:d1:cc:06:e2:8a:5e:66:
0e:9c:fa:cb:47:6c:eb:93:90:fa:4a:0e:fd:46:50:
60:13:a5:27:2c:af:2b:0b:92:ea:bb:61:18:80:42:
75:ee:2c:82:ae:5e:7c:52:0b:be:80:31:52:c8:9d:
9c:5f:1c:c8:9c:79:e2:fc:1d:98:49:77:65:92:50:
1f:57:bd:4a:27:af:4e:d2:eb:d7:ef:16:31:46:e8:
96:d7:38:30:34:90:77:1f:46:9f:f1:bc:11:fe:bf:
26:4c:92:04:f7:de:cf:78:de:aa:cc:48:0b:fd:00:
10:e6:38:a2:f0:6a:24:4f:35:e7:46:1f:9b:25:b3:
33:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:E5:92:AC:46:72:7E:5D:06:E6:70:14:F3:87:A4:7E:5C:BD:01:7C
X509v3 Authority Key Identifier:
keyid:C2:AF:C1:4D:CE:45:0B:05:EC:86:C7:C5:30:70:CD:6B:B6:DB:C7:EE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wq_BTc5FCwXshsfFMHDNa7bbx-4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/EeWSrEZyfl0G5nAU84ekfly9AXw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/ec3284-3576-4ee4-93b8-1847cb88e83a/1/wq_BTc5FCwXshsfFMHDNa7bbx-4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.182.4.0/22
185.158.4.0/22
217.16.0.0/20
IPv6:
2a05:36c0::/29
Signature Algorithm: sha256WithRSAEncryption
03:80:73:05:fc:c5:ec:7f:7b:b6:56:fe:6f:a0:d3:f6:e8:a3:
55:e3:aa:74:d6:c7:ba:b4:f5:06:54:f7:39:aa:30:a7:a4:f8:
7c:eb:1c:04:f9:f9:8f:f5:74:7e:26:a1:9c:25:50:bc:11:58:
21:a2:b2:23:db:ca:d3:a0:05:9d:c3:38:bd:39:67:15:b1:89:
42:78:97:09:97:a9:44:0f:65:b2:c1:60:98:b7:94:7d:5f:e2:
01:fd:25:cc:3c:81:2a:ac:45:db:8c:49:87:5e:27:69:37:dc:
49:4f:6d:44:ef:c9:72:a2:6b:ab:12:7f:f8:6d:63:2c:82:99:
2f:16:88:d6:b1:7c:3f:b0:ad:27:0e:08:d8:55:09:17:d7:0c:
4b:90:4e:79:2d:0e:d9:ca:09:5b:5d:28:f7:c1:88:cc:6f:dd:
c3:ef:bf:91:a2:c1:c8:71:ce:3b:93:42:e8:e7:30:c6:fa:6b:
70:bc:1f:bc:08:52:67:8a:5f:08:33:9a:65:eb:26:05:2f:a1:
f3:2d:00:20:ed:5d:21:8c:95:ae:89:46:11:9c:d2:d5:bb:87:
9a:6d:47:71:da:d0:41:a5:bb:e0:42:6d:69:a3:f9:9f:8a:d8:
99:53:93:cf:99:f2:75:8f:46:d4:2a:5c:05:21:1b:49:46:0d:
15:a9:2a:7e
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzKKjpjbLrEsL4xk0Q6Zr4QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyYWZjMTRkY2U0NTBiMDVlYzg2YzdjNTMwNzBjZDZiYjZk
YmM3ZWUwHhcNMjQwMTAyMTIzMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWU1OTJhYzQ2NzI3ZTVkMDZlNjcwMTRmMzg3YTQ3ZTVjYmQwMTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAib5C6BiEk8yn4VMUcpkRhxOshXgm
TR3JXVisHw/F23SaHVFc1ugz0X7iK1uFhqJj2Un6lFcwTWADtsAkiLHzxB8Z0aQS
h6CplmBQy01j6kRaBUxPKzbRiXM/CX/Av7h50s1LlWY7VA94vZsripRce3iTmSPN
o22CHkhofVqmtNHMBuKKXmYOnPrLR2zrk5D6Sg79RlBgE6UnLK8rC5Lqu2EYgEJ1
7iyCrl58Ugu+gDFSyJ2cXxzInHni/B2YSXdlklAfV71KJ69O0uvX7xYxRuiW1zgw
NJB3H0af8bwR/r8mTJIE997PeN6qzEgL/QAQ5jii8GokTzXnRh+bJbMzwwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBHlkqxGcn5dBuZwFPOHpH5cvQF8MB8GA1UdIwQY
MBaAFMKvwU3ORQsF7IbHxTBwzWu228fuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3FfQlRjNUZDd1hzaHNmRk1IRE5hN2JieC00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC9lYzMyODQtMzU3Ni00ZWU0LTkzYjgt
MTg0N2NiODhlODNhLzEvRWVXU3JFWnlmbDBHNW5BVTg0ZWtmbHk5QVh3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC9lYzMyODQtMzU3Ni00ZWU0LTkzYjgtMTg0N2NiODhlODNh
LzEvd3FfQlRjNUZDd1hzaHNmRk1IRE5hN2JieC00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCLrYEAwQC
uZ4EAwQE2RAAMA0EAgACMAcDBQMqBTbAMA0GCSqGSIb3DQEBCwUAA4IBAQADgHMF
/MXsf3u2Vv5voNP26KNV46p01se6tPUGVPc5qjCnpPh86xwE+fmP9XR+JqGcJVC8
EVghorIj28rToAWdwzi9OWcVsYlCeJcJl6lED2WywWCYt5R9X+IB/SXMPIEqrEXb
jEmHXidpN9xJT21E78lyomurEn/4bWMsgpkvFojWsXw/sK0nDgjYVQkX1wxLkE55
LQ7ZyglbXSj3wYjMb93D77+RosHIcc47k0Lo5zDG+mtwvB+8CFJnil8IM5pl6yYF
L6HzLQAg7V0hjJWuiUYRnNLVu4eabUdx2tBBpbvgQm1po/mfitiZU5PPmfJ1j0bU
KlwFIRtJRg0VqSp+
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:05:43 2024 by rpki-client on console-fra.rpki-client.org