Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/6123c4-2bc5-4df9-ad13-e1d99b8706e4/1/cExVDPoO72sgQ6JKP4TGEfZSY8A.roa
File: cExVDPoO72sgQ6JKP4TGEfZSY8A.roa (raw, json)
Hash identifier: nPjoP3C3sSzPXZDoK2WULn3Llj58N3uMGde8mq+qX+s=
Subject key identifier: 70:4C:55:0C:FA:0E:EF:6B:20:43:A2:4A:3F:84:C6:11:F6:52:63:C0
Certificate issuer: /CN=1008ba5429a709bc58ecdbae3f17e1bc9d3a4d5c
Certificate serial: 0190C7A3B9C3BBE893A0D21DD8B44C2D840C
Authority key identifier: 10:08:BA:54:29:A7:09:BC:58:EC:DB:AE:3F:17:E1:BC:9D:3A:4D:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EAi6VCmnCbxY7NuuPxfhvJ06TVw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/6123c4-2bc5-4df9-ad13-e1d99b8706e4/1/cExVDPoO72sgQ6JKP4TGEfZSY8A.roa
Signing time: Thu 18 Jul 2024 20:58:34 +0000
ROA not before: Thu 18 Jul 2024 20:58:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48408
IP address blocks: 91.209.133.0/24 maxlen: 24
109.233.104.0/22 maxlen: 22
185.77.12.0/24 maxlen: 24
185.142.224.0/22 maxlen: 24
2a07:3140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/6123c4-2bc5-4df9-ad13-e1d99b8706e4/1/EAi6VCmnCbxY7NuuPxfhvJ06TVw.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/6123c4-2bc5-4df9-ad13-e1d99b8706e4/1/EAi6VCmnCbxY7NuuPxfhvJ06TVw.mft
rsync://rpki.ripe.net/repository/DEFAULT/EAi6VCmnCbxY7NuuPxfhvJ06TVw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c7:a3:b9:c3:bb:e8:93:a0:d2:1d:d8:b4:4c:2d:84:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1008ba5429a709bc58ecdbae3f17e1bc9d3a4d5c
Validity
Not Before: Jul 18 20:58:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=704c550cfa0eef6b2043a24a3f84c611f65263c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:62:64:98:e2:60:1d:56:ac:08:4e:03:42:03:
38:27:26:1b:23:3d:e1:59:84:a4:72:4c:54:1a:64:
d4:23:6b:2f:84:a7:49:7b:f1:dc:5d:43:42:15:27:
4b:01:88:77:fc:da:52:6a:fb:71:2a:5e:e6:f5:f3:
2b:ee:58:b9:7b:0f:80:eb:ba:fe:35:26:98:83:46:
5d:cf:f6:2a:be:d5:e6:7f:f6:2d:2c:5a:d1:2c:ac:
2f:dc:80:72:be:47:b0:65:20:85:37:87:8f:00:0d:
2e:14:69:3c:1f:80:58:5c:78:e5:58:5d:be:32:7c:
de:37:11:32:62:10:e2:86:09:9b:0c:0d:ad:2f:72:
d8:76:43:24:cd:53:06:a8:f9:e8:99:b0:1e:ef:54:
ec:6b:c3:e1:95:52:5d:ea:50:da:44:1f:6e:87:1a:
5c:76:03:76:71:b6:10:fd:86:a2:6a:5c:68:de:24:
ce:0e:85:54:70:22:e9:e6:d9:2a:45:e8:eb:f6:05:
b8:dd:f2:0b:57:7f:25:6f:57:7c:c8:7c:7d:0e:09:
26:ea:df:df:df:56:8d:60:06:62:fe:c9:a1:87:ec:
da:1f:06:fb:6f:f0:6a:bd:32:3c:60:9a:44:b3:83:
5f:e2:1a:06:fc:08:c2:4b:ee:86:5a:13:b2:49:9f:
07:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:4C:55:0C:FA:0E:EF:6B:20:43:A2:4A:3F:84:C6:11:F6:52:63:C0
X509v3 Authority Key Identifier:
keyid:10:08:BA:54:29:A7:09:BC:58:EC:DB:AE:3F:17:E1:BC:9D:3A:4D:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EAi6VCmnCbxY7NuuPxfhvJ06TVw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/6123c4-2bc5-4df9-ad13-e1d99b8706e4/1/cExVDPoO72sgQ6JKP4TGEfZSY8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/6123c4-2bc5-4df9-ad13-e1d99b8706e4/1/EAi6VCmnCbxY7NuuPxfhvJ06TVw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.133.0/24
109.233.104.0/22
185.77.12.0/24
185.142.224.0/22
IPv6:
2a07:3140::/29
Signature Algorithm: sha256WithRSAEncryption
16:7f:74:ec:21:a7:21:f8:08:ae:c1:83:a0:3a:f3:3e:ee:e2:
2a:a5:30:cf:d1:d4:85:65:3c:93:b9:4c:4b:06:59:34:c4:8a:
36:e5:02:60:8d:8e:c5:e2:57:68:08:e2:eb:6e:69:4c:d4:b8:
10:df:4d:81:39:fa:53:7c:62:03:e9:8a:0b:b5:90:cb:c3:a6:
d8:41:e7:09:e0:78:19:1a:ea:fd:03:8c:7b:3d:59:06:f2:36:
92:e8:51:26:ef:61:61:61:a6:9b:76:12:d6:01:99:05:26:e7:
1d:a7:67:b2:90:39:47:b4:52:d7:98:82:47:81:2c:a9:f9:08:
57:5e:0d:4d:3a:e9:88:10:4f:22:19:dd:68:b8:d6:4e:8f:a1:
d1:1e:16:90:fd:92:8a:d6:5c:ab:6d:7f:ec:65:a8:c8:71:92:
22:45:c7:5a:19:30:f2:39:d7:5e:73:51:fd:49:51:5d:58:bd:
7f:68:5c:bc:fc:18:1f:95:43:a6:77:b2:8b:cf:ba:63:49:fe:
ba:5a:72:2d:bf:72:fd:05:f1:f0:68:1d:ca:cb:e6:a9:ec:b4:
cf:87:78:68:55:1d:69:ee:1d:d8:43:62:81:98:6d:77:49:56:
00:84:c0:01:25:22:21:5a:cb:42:dd:1d:38:58:f5:2d:9d:b5:
a6:28:97:1d
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZDHo7nDu+iToNId2LRMLYQMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMDhiYTU0MjlhNzA5YmM1OGVjZGJhZTNmMTdlMWJjOWQz
YTRkNWMwHhcNMjQwNzE4MjA1ODM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDRjNTUwY2ZhMGVlZjZiMjA0M2EyNGEzZjg0YzYxMWY2NTI2M2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk2JkmOJgHVasCE4DQgM4JyYbIz3h
WYSkckxUGmTUI2svhKdJe/HcXUNCFSdLAYh3/NpSavtxKl7m9fMr7li5ew+A67r+
NSaYg0Zdz/YqvtXmf/YtLFrRLKwv3IByvkewZSCFN4ePAA0uFGk8H4BYXHjlWF2+
MnzeNxEyYhDihgmbDA2tL3LYdkMkzVMGqPnombAe71Tsa8PhlVJd6lDaRB9uhxpc
dgN2cbYQ/Yaialxo3iTODoVUcCLp5tkqRejr9gW43fILV38lb1d8yHx9Dgkm6t/f
31aNYAZi/smhh+zaHwb7b/BqvTI8YJpEs4Nf4hoG/AjCS+6GWhOySZ8HWwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHBMVQz6Du9rIEOiSj+ExhH2UmPAMB8GA1UdIwQY
MBaAFBAIulQppwm8WOzbrj8X4bydOk1cMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUFpNlZDbW5DYnhZN051dVB4Zmh2SjA2VFZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS82MTIzYzQtMmJjNS00ZGY5LWFkMTMt
ZTFkOTliODcwNmU0LzEvY0V4VkRQb083MnNnUTZKS1A0VEdFZlpTWThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS82MTIzYzQtMmJjNS00ZGY5LWFkMTMtZTFkOTliODcwNmU0
LzEvRUFpNlZDbW5DYnhZN051dVB4Zmh2SjA2VFZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAW9GFAwQC
beloAwQAuU0MAwQCuY7gMA0EAgACMAcDBQMqBzFAMA0GCSqGSIb3DQEBCwUAA4IB
AQAWf3TsIach+AiuwYOgOvM+7uIqpTDP0dSFZTyTuUxLBlk0xIo25QJgjY7F4ldo
COLrbmlM1LgQ302BOfpTfGID6YoLtZDLw6bYQecJ4HgZGur9A4x7PVkG8jaS6FEm
72FhYaabdhLWAZkFJucdp2eykDlHtFLXmIJHgSyp+QhXXg1NOumIEE8iGd1ouNZO
j6HRHhaQ/ZKK1lyrbX/sZajIcZIiRcdaGTDyOddec1H9SVFdWL1/aFy8/BgflUOm
d7KLz7pjSf66WnItv3L9BfHwaB3Ky+ap7LTPh3hoVR1p7h3YQ2KBmG13SVYAhMAB
JSIhWstC3R04WPUtnbWmKJcd
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:37:31 2024 by rpki-client on console-ams.rpki-client.org