Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/e7fbe8-d98e-45d2-b19c-11627d7469ab/1/eJL1xlCA2Gkj9Ujf3WryCemY7DM.roa
File: eJL1xlCA2Gkj9Ujf3WryCemY7DM.roa (raw, json)
Hash identifier: 5kMiEhpUQwfwEgl5+sVa7C31lagzQ11yeaDTRxnKeAU=
Subject key identifier: 78:92:F5:C6:50:80:D8:69:23:F5:48:DF:DD:6A:F2:09:E9:98:EC:33
Certificate issuer: /CN=282434a9a038b0fe73caf776bccd542fd3e2f6a5
Certificate serial: 018CC8DFA3720A2FE5D39017395ECDB088B5
Authority key identifier: 28:24:34:A9:A0:38:B0:FE:73:CA:F7:76:BC:CD:54:2F:D3:E2:F6:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KCQ0qaA4sP5zyvd2vM1UL9Pi9qU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/e7fbe8-d98e-45d2-b19c-11627d7469ab/1/eJL1xlCA2Gkj9Ujf3WryCemY7DM.roa
Signing time: Tue 02 Jan 2024 06:32:28 +0000
ROA not before: Tue 02 Jan 2024 06:32:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39419
IP address blocks: 185.237.24.0/22 maxlen: 24
2a0c:180::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/e7fbe8-d98e-45d2-b19c-11627d7469ab/1/KCQ0qaA4sP5zyvd2vM1UL9Pi9qU.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/e7fbe8-d98e-45d2-b19c-11627d7469ab/1/KCQ0qaA4sP5zyvd2vM1UL9Pi9qU.mft
rsync://rpki.ripe.net/repository/DEFAULT/KCQ0qaA4sP5zyvd2vM1UL9Pi9qU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:a3:72:0a:2f:e5:d3:90:17:39:5e:cd:b0:88:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=282434a9a038b0fe73caf776bccd542fd3e2f6a5
Validity
Not Before: Jan 2 06:32:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7892f5c65080d86923f548dfdd6af209e998ec33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:5a:09:8b:14:db:96:e6:23:38:d9:d1:c4:fa:
17:3d:af:65:43:2f:22:2d:5f:dc:2b:28:7d:00:51:
be:ac:f4:67:7a:f9:da:5c:f2:95:d0:66:55:01:5a:
44:fa:e4:0d:ef:bf:79:25:b0:9c:bb:e5:95:37:ca:
ee:93:a3:ea:7e:95:c6:ee:7f:d2:4e:17:3c:c3:c3:
5f:e7:69:b9:64:b7:58:14:b7:36:f9:cb:ac:b9:41:
a4:fe:25:4e:ca:fd:09:40:99:df:7e:5c:25:a4:88:
1b:62:57:2c:83:c1:ed:bc:0f:67:52:46:22:a3:64:
63:dc:3f:02:1c:16:4b:c3:1e:0d:6d:d2:93:9c:71:
48:01:7a:06:9c:dc:df:e2:ee:ba:3b:df:97:b0:11:
1e:b2:39:95:89:7b:ca:62:bd:f1:8a:bf:81:28:82:
36:a5:fc:76:f7:85:80:b1:d2:dc:ea:4c:d1:b3:83:
2c:13:0c:1f:26:b2:71:32:80:42:24:db:03:d7:26:
e9:4c:8c:10:d9:ae:bc:06:79:cb:8a:fa:66:d5:51:
f1:12:c9:a0:c6:71:03:4f:f2:cd:11:a1:a1:6c:46:
12:bb:bd:21:d2:67:62:f2:e8:c7:b9:de:b4:82:6b:
14:9b:fb:34:92:f8:ef:5a:7a:f2:23:2f:02:be:fb:
5c:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:92:F5:C6:50:80:D8:69:23:F5:48:DF:DD:6A:F2:09:E9:98:EC:33
X509v3 Authority Key Identifier:
keyid:28:24:34:A9:A0:38:B0:FE:73:CA:F7:76:BC:CD:54:2F:D3:E2:F6:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KCQ0qaA4sP5zyvd2vM1UL9Pi9qU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/e7fbe8-d98e-45d2-b19c-11627d7469ab/1/eJL1xlCA2Gkj9Ujf3WryCemY7DM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/e7fbe8-d98e-45d2-b19c-11627d7469ab/1/KCQ0qaA4sP5zyvd2vM1UL9Pi9qU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.24.0/22
IPv6:
2a0c:180::/29
Signature Algorithm: sha256WithRSAEncryption
3a:10:69:0d:28:d8:a6:86:0b:40:c5:52:49:9e:79:3c:67:db:
bf:0c:c3:96:1b:06:69:d1:d7:25:6f:10:96:f0:37:eb:66:ff:
8d:8a:51:93:9d:2f:73:74:be:eb:ae:f0:05:e6:c2:86:09:78:
62:ae:09:42:02:a5:82:04:32:0c:ca:84:5e:17:c3:b2:c4:bd:
d4:d1:70:c7:04:08:da:95:b2:b3:64:e9:8b:8c:47:62:b8:7c:
63:40:07:a3:76:a8:76:bc:79:88:2d:53:2a:0a:99:c5:b1:53:
e6:d8:3a:8b:08:36:11:c1:44:ce:b5:03:23:d1:b2:b4:21:4f:
9b:d9:9d:94:ab:c7:dc:76:1b:20:98:1a:1a:23:48:45:50:90:
7e:26:29:18:c6:c4:ce:a0:ac:1c:5b:df:a6:e6:10:3a:4f:35:
e2:d9:6b:3e:1c:83:2f:78:3c:d8:be:7b:56:25:f4:e6:5f:3b:
23:67:0c:0b:c3:c3:ff:b5:0a:37:c6:19:f7:26:75:2c:86:3f:
c4:b0:e3:4f:2c:e6:1a:db:4d:f1:d4:ba:8c:fd:90:65:ff:37:
cb:42:e5:fa:95:fa:cb:33:3e:f0:27:65:97:6f:7f:03:36:d0:
b9:c4:8b:7e:55:c6:2f:87:5a:a7:ba:1b:8e:83:dd:4f:61:f8:
3d:83:63:d2
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI36NyCi/l05AXOV7NsIi1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI4MjQzNGE5YTAzOGIwZmU3M2NhZjc3NmJjY2Q1NDJmZDNl
MmY2YTUwHhcNMjQwMTAyMDYzMjI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODkyZjVjNjUwODBkODY5MjNmNTQ4ZGZkZDZhZjIwOWU5OThlYzMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoloJixTbluYjONnRxPoXPa9lQy8i
LV/cKyh9AFG+rPRnevnaXPKV0GZVAVpE+uQN7795JbCcu+WVN8ruk6PqfpXG7n/S
Thc8w8Nf52m5ZLdYFLc2+cusuUGk/iVOyv0JQJnfflwlpIgbYlcsg8HtvA9nUkYi
o2Rj3D8CHBZLwx4NbdKTnHFIAXoGnNzf4u66O9+XsBEesjmViXvKYr3xir+BKII2
pfx294WAsdLc6kzRs4MsEwwfJrJxMoBCJNsD1ybpTIwQ2a68BnnLivpm1VHxEsmg
xnEDT/LNEaGhbEYSu70h0mdi8ujHud60gmsUm/s0kvjvWnryIy8Cvvtc6QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHiS9cZQgNhpI/VI391q8gnpmOwzMB8GA1UdIwQY
MBaAFCgkNKmgOLD+c8r3drzNVC/T4valMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS0NRMHFhQTRzUDV6eXZkMnZNMVVMOVBpOXFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9lN2ZiZTgtZDk4ZS00NWQyLWIxOWMt
MTE2MjdkNzQ2OWFiLzEvZUpMMXhsQ0EyR2tqOVVqZjNXcnlDZW1ZN0RNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9lN2ZiZTgtZDk4ZS00NWQyLWIxOWMtMTE2MjdkNzQ2OWFi
LzEvS0NRMHFhQTRzUDV6eXZkMnZNMVVMOVBpOXFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCue0YMA0E
AgACMAcDBQMqDAGAMA0GCSqGSIb3DQEBCwUAA4IBAQA6EGkNKNimhgtAxVJJnnk8
Z9u/DMOWGwZp0dclbxCW8DfrZv+NilGTnS9zdL7rrvAF5sKGCXhirglCAqWCBDIM
yoReF8OyxL3U0XDHBAjalbKzZOmLjEdiuHxjQAejdqh2vHmILVMqCpnFsVPm2DqL
CDYRwUTOtQMj0bK0IU+b2Z2Uq8fcdhsgmBoaI0hFUJB+JikYxsTOoKwcW9+m5hA6
TzXi2Ws+HIMveDzYvntWJfTmXzsjZwwLw8P/tQo3xhn3JnUshj/EsONPLOYa203x
1LqM/ZBl/zfLQuX6lfrLMz7wJ2WXb38DNtC5xIt+VcYvh1qnuhuOg91PYfg9g2PS
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:40:39 2024 by rpki-client on console-ams.rpki-client.org