Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/477c86-c7d6-4e37-bff6-a0072bac9f48/1/E80lh0LrfNfeUqBslLdbM3uXafk.roa
File: E80lh0LrfNfeUqBslLdbM3uXafk.roa (raw, json)
Hash identifier: yHS7OP9zyYHHbeVGy60L4ybvG4D34RwfwaeUfsPgyWw=
Subject key identifier: 13:CD:25:87:42:EB:7C:D7:DE:52:A0:6C:94:B7:5B:33:7B:97:69:F9
Certificate issuer: /CN=726b350e9f4f1259e2f9c609b22e65fbd186206b
Certificate serial: 018CC56DF0D8D7EFDC9B320CA84AA6232885
Authority key identifier: 72:6B:35:0E:9F:4F:12:59:E2:F9:C6:09:B2:2E:65:FB:D1:86:20:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cms1Dp9PElni-cYJsi5l-9GGIGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/477c86-c7d6-4e37-bff6-a0072bac9f48/1/E80lh0LrfNfeUqBslLdbM3uXafk.roa
Signing time: Mon 01 Jan 2024 14:29:25 +0000
ROA not before: Mon 01 Jan 2024 14:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30781
IP address blocks: 149.232.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/477c86-c7d6-4e37-bff6-a0072bac9f48/1/cms1Dp9PElni-cYJsi5l-9GGIGs.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/477c86-c7d6-4e37-bff6-a0072bac9f48/1/cms1Dp9PElni-cYJsi5l-9GGIGs.mft
rsync://rpki.ripe.net/repository/DEFAULT/cms1Dp9PElni-cYJsi5l-9GGIGs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f0:d8:d7:ef:dc:9b:32:0c:a8:4a:a6:23:28:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=726b350e9f4f1259e2f9c609b22e65fbd186206b
Validity
Not Before: Jan 1 14:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=13cd258742eb7cd7de52a06c94b75b337b9769f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:b5:eb:3c:43:0c:5c:70:6a:d6:5c:c4:7f:e9:
fe:11:1a:b0:80:8e:7a:f2:ea:a1:bd:20:29:d4:6c:
fc:23:3f:b1:9d:78:af:ed:92:b4:54:62:55:1e:0b:
db:49:39:98:bd:8b:44:06:d7:8c:bc:e8:f0:0c:a3:
11:f4:f9:e6:4c:10:73:fe:d7:35:7b:c5:8a:c2:69:
ad:82:89:5c:c2:38:40:7a:05:d8:63:bc:0e:12:b9:
b3:22:34:ce:08:b1:92:29:e1:0d:d8:9b:59:0d:7f:
1f:18:14:48:91:9f:c8:7b:d9:60:3a:4e:e3:21:9c:
5d:a6:51:e8:51:27:f2:3a:9b:1f:9f:ff:3a:93:0d:
f8:21:b4:dc:00:d5:6f:df:6f:c8:f0:f4:39:1a:6b:
e5:b7:a4:d7:d2:39:52:99:72:78:01:07:b7:73:60:
17:42:fc:4e:82:67:1e:c3:e4:11:3b:14:3c:36:c2:
a9:e2:5d:de:3e:07:7f:b4:a6:f6:92:fe:6f:e5:da:
4a:20:e3:ea:3e:18:26:c3:c2:c8:72:a7:cb:4e:f7:
a4:21:15:52:06:d3:5f:91:9d:b4:ae:e4:e0:4b:6b:
49:ef:1f:29:cf:10:80:66:5f:24:96:9f:0e:36:66:
b1:41:76:20:0c:8d:67:52:f8:aa:d5:50:af:c9:2f:
70:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:CD:25:87:42:EB:7C:D7:DE:52:A0:6C:94:B7:5B:33:7B:97:69:F9
X509v3 Authority Key Identifier:
keyid:72:6B:35:0E:9F:4F:12:59:E2:F9:C6:09:B2:2E:65:FB:D1:86:20:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cms1Dp9PElni-cYJsi5l-9GGIGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/477c86-c7d6-4e37-bff6-a0072bac9f48/1/E80lh0LrfNfeUqBslLdbM3uXafk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/477c86-c7d6-4e37-bff6-a0072bac9f48/1/cms1Dp9PElni-cYJsi5l-9GGIGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.232.188.0/24
Signature Algorithm: sha256WithRSAEncryption
55:ba:87:d2:8d:ce:04:25:95:07:4d:31:d3:22:22:fb:e6:9d:
d2:20:b8:ce:80:34:72:b5:da:ac:82:ad:12:80:15:62:bc:7e:
4f:4a:91:06:d5:ca:80:be:68:5b:46:ca:f2:d1:2f:c9:56:11:
21:1c:d1:23:4c:14:78:86:a3:c1:cb:1d:5b:6a:72:ec:52:ee:
28:d3:ad:bd:83:44:71:cf:fa:4c:4c:03:74:0c:d1:db:6a:14:
68:42:78:e2:1a:ce:a2:d3:f2:c4:38:25:ce:b0:28:14:f9:93:
cb:2a:3c:a7:94:c8:19:83:06:4e:cc:c3:93:f2:49:09:9f:48:
fa:a9:5f:01:ef:8a:05:7f:ff:6a:ec:2c:5c:db:f2:9c:a5:1a:
18:ea:cb:b7:bf:9a:15:b4:98:16:42:55:89:94:ab:d0:84:e3:
a4:62:64:51:34:06:e1:2e:6a:be:f5:b1:72:db:d0:f4:c7:c1:
87:b8:9d:e5:24:f4:3a:ab:49:f1:84:a0:fc:56:94:4d:18:bc:
6a:fe:4f:8e:ef:6c:37:bd:9e:e6:4d:28:62:3c:8d:b9:2e:38:
d9:30:94:ef:fc:ff:2d:02:69:dc:2a:89:b6:65:f5:04:d9:e7:
bc:b9:89:c1:8a:6a:d6:01:dd:9d:bc:9d:c2:86:51:71:d0:c2:
ba:fa:b1:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbfDY1+/cmzIMqEqmIyiFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNmIzNTBlOWY0ZjEyNTllMmY5YzYwOWIyMmU2NWZiZDE4
NjIwNmIwHhcNMjQwMTAxMTQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2NkMjU4NzQyZWI3Y2Q3ZGU1MmEwNmM5NGI3NWIzMzdiOTc2OWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmLXrPEMMXHBq1lzEf+n+ERqwgI56
8uqhvSAp1Gz8Iz+xnXiv7ZK0VGJVHgvbSTmYvYtEBteMvOjwDKMR9PnmTBBz/tc1
e8WKwmmtgolcwjhAegXYY7wOErmzIjTOCLGSKeEN2JtZDX8fGBRIkZ/Ie9lgOk7j
IZxdplHoUSfyOpsfn/86kw34IbTcANVv32/I8PQ5Gmvlt6TX0jlSmXJ4AQe3c2AX
QvxOgmcew+QROxQ8NsKp4l3ePgd/tKb2kv5v5dpKIOPqPhgmw8LIcqfLTvekIRVS
BtNfkZ20ruTgS2tJ7x8pzxCAZl8klp8ONmaxQXYgDI1nUviq1VCvyS9wPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBPNJYdC63zX3lKgbJS3WzN7l2n5MB8GA1UdIwQY
MBaAFHJrNQ6fTxJZ4vnGCbIuZfvRhiBrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY21zMURwOVBFbG5pLWNZSnNpNWwtOUdHSUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS80NzdjODYtYzdkNi00ZTM3LWJmZjYt
YTAwNzJiYWM5ZjQ4LzEvRTgwbGgwTHJmTmZlVXFCc2xMZGJNM3VYYWZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS80NzdjODYtYzdkNi00ZTM3LWJmZjYtYTAwNzJiYWM5ZjQ4
LzEvY21zMURwOVBFbG5pLWNZSnNpNWwtOUdHSUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAlei8MA0G
CSqGSIb3DQEBCwUAA4IBAQBVuofSjc4EJZUHTTHTIiL75p3SILjOgDRytdqsgq0S
gBVivH5PSpEG1cqAvmhbRsry0S/JVhEhHNEjTBR4hqPByx1banLsUu4o0629g0Rx
z/pMTAN0DNHbahRoQnjiGs6i0/LEOCXOsCgU+ZPLKjynlMgZgwZOzMOT8kkJn0j6
qV8B74oFf/9q7Cxc2/KcpRoY6su3v5oVtJgWQlWJlKvQhOOkYmRRNAbhLmq+9bFy
29D0x8GHuJ3lJPQ6q0nxhKD8VpRNGLxq/k+O72w3vZ7mTShiPI25LjjZMJTv/P8t
AmncKom2ZfUE2ee8uYnBimrWAd2dvJ3ChlFx0MK6+rEv
-----END CERTIFICATE-----
Generated at Fri Jun 7 19:29:21 2024 by rpki-client on console-ams.rpki-client.org