Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/egMGQNbSFhdbicOTJ5jEZxb2EI8.roa
File: egMGQNbSFhdbicOTJ5jEZxb2EI8.roa (raw, json)
Hash identifier: oIF6s3VLEjfgEznkUk05hCAGGg89qlRDBv7UHttVEGQ=
Subject key identifier: 7A:03:06:40:D6:D2:16:17:5B:89:C3:93:27:98:C4:67:16:F6:10:8F
Certificate issuer: /CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Certificate serial: 018CC6B8F8AA97D762F958FD3CB4CA3FAFF0
Authority key identifier: E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/egMGQNbSFhdbicOTJ5jEZxb2EI8.roa
Signing time: Mon 01 Jan 2024 20:31:00 +0000
ROA not before: Mon 01 Jan 2024 20:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 375
IP address blocks: 192.163.145.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:f8:aa:97:d7:62:f9:58:fd:3c:b4:ca:3f:af:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Validity
Not Before: Jan 1 20:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a030640d6d216175b89c3932798c46716f6108f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0e:35:03:37:86:12:8f:37:af:95:1a:91:43:
ac:4d:0a:cd:16:cd:91:ba:12:2d:d5:37:10:71:51:
1d:97:69:d2:29:54:85:7c:c2:92:ca:ca:9c:7b:32:
dc:85:6a:79:ef:50:71:0f:8b:7e:79:ba:ab:d2:5a:
a3:11:0d:42:79:e5:61:f1:5e:53:b8:3a:73:40:83:
89:41:7a:06:32:4c:77:37:15:28:21:c1:db:f3:93:
7f:55:f8:02:00:08:29:c8:37:4d:7c:f8:12:fa:1e:
bd:a2:92:8a:7a:f7:25:83:06:45:ae:f2:d4:a7:ed:
f6:ec:19:b1:26:6c:14:29:b2:38:72:f7:04:ba:ad:
8c:fe:e9:5d:3c:12:d5:6f:9f:c7:1f:54:f0:19:f0:
70:d3:0c:2b:cb:ec:52:13:f4:03:8d:34:20:d3:21:
f3:15:1a:66:aa:b7:de:c9:0a:67:fe:0d:65:c9:04:
9f:92:de:e2:96:b5:18:cb:b2:fe:65:a6:13:12:d1:
6f:09:3e:68:e6:4f:a8:f1:5a:50:a4:d4:66:4f:12:
62:9f:94:1b:6e:62:24:14:1b:9a:cc:9d:28:aa:5e:
db:79:b9:7a:2b:a4:f1:90:ec:00:df:e4:e2:af:0d:
30:1d:22:b7:2f:03:9d:ec:e7:0f:2b:68:67:3a:93:
a1:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:03:06:40:D6:D2:16:17:5B:89:C3:93:27:98:C4:67:16:F6:10:8F
X509v3 Authority Key Identifier:
keyid:E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/egMGQNbSFhdbicOTJ5jEZxb2EI8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.163.145.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:2c:c5:20:3a:a8:f4:e7:c5:b2:98:a6:4b:1a:49:66:35:6c:
5b:68:3c:19:48:72:b1:a9:79:89:70:72:36:f8:28:27:a1:eb:
96:03:a0:5f:bf:f6:f1:82:91:44:a7:2a:86:93:72:2d:25:9c:
37:11:5b:6d:79:28:e8:7f:97:af:32:dd:96:2f:27:f2:ae:51:
5f:aa:68:5a:4a:3e:76:b4:77:44:60:d6:c6:d8:1f:b0:9a:ac:
7c:7a:86:2c:c7:d7:dd:bb:bb:22:7d:4e:28:c1:05:25:83:89:
9a:09:d9:b5:0c:46:4d:5f:b6:8e:71:1d:f4:45:58:e8:ef:30:
40:e3:14:43:6c:c3:7e:84:7b:c3:c1:09:1b:44:84:07:4e:9d:
42:78:04:8b:b0:d5:83:2d:b0:12:a9:22:42:4b:72:b0:99:2d:
81:5b:ef:32:e8:47:30:f7:79:47:5c:78:a7:62:c8:16:a0:f0:
c5:a8:24:52:17:93:22:21:98:e9:af:e9:ff:be:52:30:76:a9:
41:32:9f:8b:45:06:91:c0:6e:2a:4d:2b:76:f2:a7:85:0f:95:
10:22:83:ed:15:43:cb:fa:cd:62:45:12:c9:f1:a8:d0:bc:1d:
16:b3:32:18:ca:06:39:05:80:d6:f1:ff:b4:0b:61:cb:7c:74:
59:27:1e:41
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuPiql9di+Vj9PLTKP6/wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZGVlMWIwNmJhMjRhNjc2MjEzZjk3NmE0YjUwYzEyOWRj
YjJiNzMwHhcNMjQwMTAxMjAzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTAzMDY0MGQ2ZDIxNjE3NWI4OWMzOTMyNzk4YzQ2NzE2ZjYxMDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArw41AzeGEo83r5UakUOsTQrNFs2R
uhIt1TcQcVEdl2nSKVSFfMKSysqcezLchWp571BxD4t+ebqr0lqjEQ1CeeVh8V5T
uDpzQIOJQXoGMkx3NxUoIcHb85N/VfgCAAgpyDdNfPgS+h69opKKevclgwZFrvLU
p+327BmxJmwUKbI4cvcEuq2M/uldPBLVb5/HH1TwGfBw0wwry+xSE/QDjTQg0yHz
FRpmqrfeyQpn/g1lyQSfkt7ilrUYy7L+ZaYTEtFvCT5o5k+o8VpQpNRmTxJin5Qb
bmIkFBuazJ0oql7bebl6K6TxkOwA3+Tirw0wHSK3LwOd7OcPK2hnOpOh4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHoDBkDW0hYXW4nDkyeYxGcW9hCPMB8GA1UdIwQY
MBaAFODe4bBrokpnYhP5dqS1DBKdyytzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMt
MTVlOTBiZjg3ZmFiLzEvZWdNR1FOYlNGaGRiaWNPVEo1akVaeGIyRUk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMtMTVlOTBiZjg3ZmFi
LzEvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwKORMA0G
CSqGSIb3DQEBCwUAA4IBAQAdLMUgOqj058WymKZLGklmNWxbaDwZSHKxqXmJcHI2
+CgnoeuWA6Bfv/bxgpFEpyqGk3ItJZw3EVtteSjof5evMt2WLyfyrlFfqmhaSj52
tHdEYNbG2B+wmqx8eoYsx9fdu7sifU4owQUlg4maCdm1DEZNX7aOcR30RVjo7zBA
4xRDbMN+hHvDwQkbRIQHTp1CeASLsNWDLbASqSJCS3KwmS2BW+8y6Ecw93lHXHin
YsgWoPDFqCRSF5MiIZjpr+n/vlIwdqlBMp+LRQaRwG4qTSt28qeFD5UQIoPtFUPL
+s1iRRLJ8ajQvB0WszIYygY5BYDW8f+0C2HLfHRZJx5B
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:40:42 2024 by rpki-client on console-ams.rpki-client.org