Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/keu2Ce9PU2xU3gLaC9wOr1JklCE.roa
File: keu2Ce9PU2xU3gLaC9wOr1JklCE.roa (raw, json)
Hash identifier: 4tbx+1Hl3wPYrMpjMeKGbxC0wk3l0/kMphyp9sIzBW8=
Subject key identifier: 91:EB:B6:09:EF:4F:53:6C:54:DE:02:DA:0B:DC:0E:AF:52:64:94:21
Certificate issuer: /CN=40479ea562dd3a7d0cf2a6e978b6bbf378f73ce4
Certificate serial: 018CC94DBA5964DD176FA8599503B623238B
Authority key identifier: 40:47:9E:A5:62:DD:3A:7D:0C:F2:A6:E9:78:B6:BB:F3:78:F7:3C:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QEeepWLdOn0M8qbpeLa783j3POQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/keu2Ce9PU2xU3gLaC9wOr1JklCE.roa
Signing time: Tue 02 Jan 2024 08:32:43 +0000
ROA not before: Tue 02 Jan 2024 08:32:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60407
IP address blocks: 185.31.125.0/24 maxlen: 24
185.31.124.0/22 maxlen: 22
185.31.124.0/23 maxlen: 23
185.31.124.0/24 maxlen: 24
185.31.127.0/24 maxlen: 24
185.31.126.0/24 maxlen: 24
185.31.126.0/23 maxlen: 23
2a00:bc60::/30 maxlen: 30
2a00:bc61::/32 maxlen: 32
2a00:bc60::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/QEeepWLdOn0M8qbpeLa783j3POQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/QEeepWLdOn0M8qbpeLa783j3POQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/QEeepWLdOn0M8qbpeLa783j3POQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:ba:59:64:dd:17:6f:a8:59:95:03:b6:23:23:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40479ea562dd3a7d0cf2a6e978b6bbf378f73ce4
Validity
Not Before: Jan 2 08:32:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=91ebb609ef4f536c54de02da0bdc0eaf52649421
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:55:11:d6:04:24:ff:59:2c:b2:7b:18:9f:69:
52:f0:27:6f:51:3d:58:f4:86:16:97:5b:48:27:2f:
b2:6b:f4:24:ea:eb:b2:e0:10:cf:ea:d0:32:f9:cc:
58:49:80:d7:1b:16:bb:0a:f8:6d:ba:d4:31:16:3d:
f8:f3:98:30:64:74:cf:1b:a9:d8:01:70:87:30:56:
69:f2:8d:b1:d5:7d:d7:23:c0:5e:60:89:49:30:19:
c1:45:15:65:1c:68:41:44:ba:1c:1d:52:2a:b4:d7:
28:eb:c6:58:04:8f:f6:73:aa:08:00:2a:85:b1:ea:
5b:44:ae:c4:45:65:13:af:ea:26:ec:1c:20:8e:ab:
3f:09:86:17:6e:d2:d0:a9:84:52:8f:88:30:c8:89:
be:e3:d1:eb:e0:f0:ef:7f:19:53:9a:2e:fd:eb:69:
32:46:3f:3b:f3:ba:5e:50:01:e4:0b:d6:f7:e9:1d:
e2:0c:ec:66:05:6f:4f:17:e2:a8:8e:80:22:62:48:
fc:e5:a5:cd:41:ec:ac:44:57:76:f6:c9:79:16:b0:
d8:19:7c:4f:68:12:c3:3e:f9:a4:b8:1b:3a:92:bc:
5c:f1:7c:d2:7b:61:91:58:08:21:e5:cd:59:3e:34:
d3:1b:54:86:62:55:ed:52:ce:5b:1a:59:d0:df:32:
e5:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:EB:B6:09:EF:4F:53:6C:54:DE:02:DA:0B:DC:0E:AF:52:64:94:21
X509v3 Authority Key Identifier:
keyid:40:47:9E:A5:62:DD:3A:7D:0C:F2:A6:E9:78:B6:BB:F3:78:F7:3C:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QEeepWLdOn0M8qbpeLa783j3POQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/keu2Ce9PU2xU3gLaC9wOr1JklCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/e74a58-bb9e-4ae9-a746-8936f091f4f4/1/QEeepWLdOn0M8qbpeLa783j3POQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.31.124.0/22
IPv6:
2a00:bc60::/30
Signature Algorithm: sha256WithRSAEncryption
d5:69:99:f8:ec:ab:77:0e:ce:11:23:3a:28:ae:e5:a8:e6:58:
b5:b1:a3:73:bc:34:de:d9:fc:c7:38:3e:d0:0d:89:3d:8e:1e:
44:af:05:e9:b7:00:f5:a4:ab:5c:fa:40:50:52:76:41:2b:73:
de:a6:2a:f6:52:f6:33:52:4d:5e:07:c3:43:8a:c7:ca:4e:30:
db:4f:5c:dd:68:87:71:91:da:75:2e:98:2f:5e:e0:6b:b8:2e:
ed:47:f5:4d:41:6c:41:30:dd:06:28:4f:b3:dc:76:4b:dd:fd:
a8:f0:27:af:0c:e4:cf:2a:62:36:30:4d:4e:6b:4a:c7:f8:9f:
49:3b:dc:1a:43:ff:2b:05:b5:aa:fa:16:9a:62:3c:86:1f:d2:
2c:32:5d:93:f2:ae:d2:4c:75:76:cf:3d:b4:0d:87:a9:39:67:
b8:30:64:ea:45:59:6d:97:f9:0c:08:bc:a5:31:56:2e:96:4f:
12:13:4f:50:b2:4e:6d:7c:52:40:eb:2a:3c:56:67:55:7b:ac:
aa:93:8f:9f:a7:3b:df:84:42:c0:ac:0b:b5:dd:bd:b8:b6:e9:
85:c8:93:32:23:e1:28:f2:bc:f2:2d:72:44:ef:3f:c5:dd:6d:
56:47:c4:10:9c:64:a7:1a:78:84:89:50:01:13:85:fe:29:e7:
0b:fd:94:ae
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTbpZZN0Xb6hZlQO2IyOLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwNDc5ZWE1NjJkZDNhN2QwY2YyYTZlOTc4YjZiYmYzNzhm
NzNjZTQwHhcNMjQwMTAyMDgzMjQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWViYjYwOWVmNGY1MzZjNTRkZTAyZGEwYmRjMGVhZjUyNjQ5NDIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlFUR1gQk/1kssnsYn2lS8CdvUT1Y
9IYWl1tIJy+ya/Qk6uuy4BDP6tAy+cxYSYDXGxa7CvhtutQxFj3485gwZHTPG6nY
AXCHMFZp8o2x1X3XI8BeYIlJMBnBRRVlHGhBRLocHVIqtNco68ZYBI/2c6oIACqF
sepbRK7ERWUTr+om7Bwgjqs/CYYXbtLQqYRSj4gwyIm+49Hr4PDvfxlTmi7962ky
Rj8787peUAHkC9b36R3iDOxmBW9PF+KojoAiYkj85aXNQeysRFd29sl5FrDYGXxP
aBLDPvmkuBs6krxc8XzSe2GRWAgh5c1ZPjTTG1SGYlXtUs5bGlnQ3zLl1QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJHrtgnvT1NsVN4C2gvcDq9SZJQhMB8GA1UdIwQY
MBaAFEBHnqVi3Tp9DPKm6Xi2u/N49zzkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUVlZXBXTGRPbjBNOHFicGVMYTc4M2ozUE9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy9lNzRhNTgtYmI5ZS00YWU5LWE3NDYt
ODkzNmYwOTFmNGY0LzEva2V1MkNlOVBVMnhVM2dMYUM5d09yMUprbENFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy9lNzRhNTgtYmI5ZS00YWU5LWE3NDYtODkzNmYwOTFmNGY0
LzEvUUVlZXBXTGRPbjBNOHFicGVMYTc4M2ozUE9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuR98MA0E
AgACMAcDBQIqALxgMA0GCSqGSIb3DQEBCwUAA4IBAQDVaZn47Kt3Ds4RIzooruWo
5li1saNzvDTe2fzHOD7QDYk9jh5ErwXptwD1pKtc+kBQUnZBK3Pepir2UvYzUk1e
B8NDisfKTjDbT1zdaIdxkdp1LpgvXuBruC7tR/VNQWxBMN0GKE+z3HZL3f2o8Cev
DOTPKmI2ME1Oa0rH+J9JO9waQ/8rBbWq+haaYjyGH9IsMl2T8q7STHV2zz20DYep
OWe4MGTqRVltl/kMCLylMVYulk8SE09Qsk5tfFJA6yo8VmdVe6yqk4+fpzvfhELA
rAu13b24tumFyJMyI+Eo8rzyLXJE7z/F3W1WR8QQnGSnGniEiVABE4X+KecL/ZSu
-----END CERTIFICATE-----
Generated at Sat Jun 1 08:33:47 2024 by rpki-client on console-ams.rpki-client.org