Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/EEpVLr6-9isxoASUwtFOw3dPetw.roa
File: EEpVLr6-9isxoASUwtFOw3dPetw.roa (raw, json)
Hash identifier: H5ihgWRJ7n4+YSEpiVpzWCYRe21+YPsbVn4JxQF5MzA=
Subject key identifier: 10:4A:55:2E:BE:BE:F6:2B:31:A0:04:94:C2:D1:4E:C3:77:4F:7A:DC
Certificate issuer: /CN=f94df2f8f5a13c645368914e3dbe42a24a36da5d
Certificate serial: 018CC4250FCA5F56B758F8B2D84D4EBDC0BB
Authority key identifier: F9:4D:F2:F8:F5:A1:3C:64:53:68:91:4E:3D:BE:42:A2:4A:36:DA:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-U3y-PWhPGRTaJFOPb5Coko22l0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/EEpVLr6-9isxoASUwtFOw3dPetw.roa
Signing time: Mon 01 Jan 2024 08:30:12 +0000
ROA not before: Mon 01 Jan 2024 08:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60781
IP address blocks: 91.184.46.0/23 maxlen: 23
91.184.48.0/20 maxlen: 20
2a01:198:ff00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/1-U3y-PWhPGRTaJFOPb5Coko22l0.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/1-U3y-PWhPGRTaJFOPb5Coko22l0.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-U3y-PWhPGRTaJFOPb5Coko22l0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:0f:ca:5f:56:b7:58:f8:b2:d8:4d:4e:bd:c0:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f94df2f8f5a13c645368914e3dbe42a24a36da5d
Validity
Not Before: Jan 1 08:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=104a552ebebef62b31a00494c2d14ec3774f7adc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4f:58:9d:d7:08:83:86:5b:ec:4b:80:b6:58:
a8:e6:0c:46:65:07:71:5d:2d:55:41:87:bb:86:85:
73:6c:38:72:ec:7e:e4:ae:5b:56:a6:50:1e:94:c1:
b4:11:ca:75:36:60:be:08:6a:36:1f:5a:64:48:6a:
e0:78:51:c4:63:34:09:52:22:d6:78:b1:1a:f7:30:
6e:8a:53:70:03:38:6a:4c:41:a3:26:88:cc:4d:c7:
f9:df:69:c7:ad:0a:20:49:b2:d6:6f:11:f5:8c:53:
98:bd:53:16:93:ad:ee:40:b6:de:ed:a4:57:66:cc:
06:5f:f3:7b:46:d1:05:81:4c:5b:45:6c:ca:38:cb:
c3:6f:40:c0:60:4b:db:ce:7a:8a:39:05:dc:bb:99:
b8:6a:bb:59:06:85:f3:b6:d6:b4:68:c5:f1:b5:89:
77:9d:52:74:9b:94:76:03:5c:2d:cc:85:47:13:6c:
35:ec:bd:0f:12:11:e2:85:0a:c4:77:3d:9e:f4:87:
2d:fe:89:18:87:cd:17:16:da:0f:ed:ab:7f:7f:f6:
a7:c0:f5:b9:45:17:48:64:15:bc:65:bc:d4:c4:51:
ad:fe:e8:c0:2b:ac:23:03:39:ce:60:40:52:1e:64:
1c:5e:65:8b:23:65:98:6d:6a:07:e6:78:ce:26:50:
e2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:4A:55:2E:BE:BE:F6:2B:31:A0:04:94:C2:D1:4E:C3:77:4F:7A:DC
X509v3 Authority Key Identifier:
keyid:F9:4D:F2:F8:F5:A1:3C:64:53:68:91:4E:3D:BE:42:A2:4A:36:DA:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-U3y-PWhPGRTaJFOPb5Coko22l0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/EEpVLr6-9isxoASUwtFOw3dPetw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/fd8074-223a-4b52-bedd-66bdffa8bdc1/1/1-U3y-PWhPGRTaJFOPb5Coko22l0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.184.46.0-91.184.63.255
IPv6:
2a01:198:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
1d:de:42:48:47:d4:3e:25:55:db:0f:8f:3d:ce:7b:75:c5:87:
98:75:14:29:a4:2b:38:ad:f7:23:73:be:c0:83:76:ed:6c:d9:
ab:75:db:d7:a6:6d:10:d4:a2:62:ea:a3:f0:42:03:bc:bb:ed:
44:80:ef:28:9e:47:34:46:2a:de:5a:7c:9c:fb:0b:5b:ad:83:
37:81:34:1f:83:4c:5d:05:f9:da:41:9f:79:1c:23:17:0c:cb:
8b:9f:46:d8:66:11:89:76:36:cd:cb:eb:18:16:0d:54:7e:02:
21:17:70:0b:6a:c9:a7:4c:62:5c:4f:fc:e2:fb:53:ae:d6:2a:
a3:d7:9f:31:4b:42:0d:7a:30:c8:f8:7d:ac:0b:e8:1d:92:db:
22:f9:ff:eb:98:df:46:47:7e:1f:fa:be:03:d0:20:8a:68:47:
1d:b8:ce:d3:ac:79:0b:1e:73:73:f7:b6:ee:6c:71:89:4c:9a:
ee:fe:d2:4f:cd:ea:7d:8f:b8:87:65:bf:5d:ad:e8:23:ed:14:
8f:59:10:a5:ad:60:ed:95:ee:c5:f8:c2:c8:90:85:9e:d2:a1:
f3:c1:7d:88:90:7d:db:54:da:5f:62:19:5b:48:ba:20:48:fb:
f2:9c:aa:de:0d:c3:12:41:6c:ac:8a:2e:81:5a:b1:64:d4:21:
b2:a6:4a:71
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzEJQ/KX1a3WPiy2E1OvcC7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5NGRmMmY4ZjVhMTNjNjQ1MzY4OTE0ZTNkYmU0MmEyNGEz
NmRhNWQwHhcNMjQwMTAxMDgzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDRhNTUyZWJlYmVmNjJiMzFhMDA0OTRjMmQxNGVjMzc3NGY3YWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2k9YndcIg4Zb7EuAtlio5gxGZQdx
XS1VQYe7hoVzbDhy7H7krltWplAelMG0Ecp1NmC+CGo2H1pkSGrgeFHEYzQJUiLW
eLEa9zBuilNwAzhqTEGjJojMTcf532nHrQogSbLWbxH1jFOYvVMWk63uQLbe7aRX
ZswGX/N7RtEFgUxbRWzKOMvDb0DAYEvbznqKOQXcu5m4artZBoXztta0aMXxtYl3
nVJ0m5R2A1wtzIVHE2w17L0PEhHihQrEdz2e9Ict/okYh80XFtoP7at/f/anwPW5
RRdIZBW8ZbzUxFGt/ujAK6wjAznOYEBSHmQcXmWLI2WYbWoH5njOJlDiMwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBBKVS6+vvYrMaAElMLRTsN3T3rcMB8GA1UdIwQY
MBaAFPlN8vj1oTxkU2iRTj2+QqJKNtpdMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1VM3ktUFdoUEdSVGFKRk9QYjVDb2tvMjJsMC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvMmIvZmQ4MDc0LTIyM2EtNGI1Mi1iZWRk
LTY2YmRmZmE4YmRjMS8xL0VFcFZMcjYtOWlzeG9BU1V3dEZPdzNkUGV0dy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMmIvZmQ4MDc0LTIyM2EtNGI1Mi1iZWRkLTY2YmRmZmE4YmRj
MS8xLzEtVTN5LVBXaFBHUlRhSkZPUGI1Q29rbzIybDAuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNwYIKwYBBQUHAQcBAf8EKDAmMBQEAgABMA4wDAMEAVu4
LgMEBlu4ADAOBAIAAjAIAwYAKgEBmP8wDQYJKoZIhvcNAQELBQADggEBAB3eQkhH
1D4lVdsPjz3Oe3XFh5h1FCmkKzit9yNzvsCDdu1s2at129embRDUomLqo/BCA7y7
7USA7yieRzRGKt5afJz7C1utgzeBNB+DTF0F+dpBn3kcIxcMy4ufRthmEYl2Ns3L
6xgWDVR+AiEXcAtqyadMYlxP/OL7U67WKqPXnzFLQg16MMj4fawL6B2S2yL5/+uY
30ZHfh/6vgPQIIpoRx24ztOseQsec3P3tu5scYlMmu7+0k/N6n2PuIdlv12t6CPt
FI9ZEKWtYO2V7sX4wsiQhZ7SofPBfYiQfdtU2l9iGVtIuiBI+/Kcqt4NwxJBbKyK
LoFasWTUIbKmSnE=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:08:58 2024 by rpki-client on console-ams.rpki-client.org