Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/aa2a44-3b3e-4b0f-a153-a486be3569a7/1/ESpolfeCn9LHaxj61H1nIUQ6Lgc.roa
File: ESpolfeCn9LHaxj61H1nIUQ6Lgc.roa (raw, json)
Hash identifier: /qu8MJY8MD9QcESPJa8DniducuemfxRqR+kauhzFMo8=
Subject key identifier: 11:2A:68:95:F7:82:9F:D2:C7:6B:18:FA:D4:7D:67:21:44:3A:2E:07
Certificate issuer: /CN=5f1fd44ccc54b5ceb3a79cb3794b9c66aeb67e49
Certificate serial: 018CC424D30A20730020A0E136215E93FC33
Authority key identifier: 5F:1F:D4:4C:CC:54:B5:CE:B3:A7:9C:B3:79:4B:9C:66:AE:B6:7E:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Xx_UTMxUtc6zp5yzeUucZq62fkk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/aa2a44-3b3e-4b0f-a153-a486be3569a7/1/ESpolfeCn9LHaxj61H1nIUQ6Lgc.roa
Signing time: Mon 01 Jan 2024 08:29:56 +0000
ROA not before: Mon 01 Jan 2024 08:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39647
IP address blocks: 185.93.117.0/24 maxlen: 24
185.93.116.0/22 maxlen: 22
185.93.116.0/24 maxlen: 24
194.34.240.0/22 maxlen: 22
194.34.240.0/24 maxlen: 24
185.93.118.0/24 maxlen: 24
194.34.242.0/24 maxlen: 24
194.34.241.0/24 maxlen: 24
185.93.119.0/24 maxlen: 24
194.34.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/aa2a44-3b3e-4b0f-a153-a486be3569a7/1/Xx_UTMxUtc6zp5yzeUucZq62fkk.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/aa2a44-3b3e-4b0f-a153-a486be3569a7/1/Xx_UTMxUtc6zp5yzeUucZq62fkk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Xx_UTMxUtc6zp5yzeUucZq62fkk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:d3:0a:20:73:00:20:a0:e1:36:21:5e:93:fc:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f1fd44ccc54b5ceb3a79cb3794b9c66aeb67e49
Validity
Not Before: Jan 1 08:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=112a6895f7829fd2c76b18fad47d6721443a2e07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:70:f2:e9:3b:35:09:9c:ac:32:20:0b:22:49:
42:df:2c:3a:d5:60:f1:1f:14:22:16:c0:31:55:87:
c0:28:6e:e8:8b:b9:0b:a2:82:b5:80:97:c2:c0:17:
f4:ea:56:a2:b0:60:3e:a6:4e:33:54:12:8d:de:2c:
cf:4e:18:01:00:f5:65:60:e4:b7:d6:6b:fd:a1:6f:
70:bb:9f:08:fc:17:6b:a8:8f:c5:c0:7d:56:39:ed:
75:fe:be:dc:6f:21:d1:00:52:ba:65:6c:09:ec:8c:
dc:10:cb:51:e5:2b:d4:c5:17:69:14:d7:27:a0:29:
f8:6b:75:48:20:a3:2a:da:2e:32:4d:e9:66:23:51:
79:85:3a:12:b5:0d:47:61:4f:c5:d7:3a:35:87:01:
26:34:bb:9c:fc:5e:73:9c:db:40:d5:2c:d3:d3:be:
af:df:e5:cf:46:cb:0d:ed:cb:69:2f:65:f7:52:67:
88:97:90:bd:b6:7d:c7:c1:54:21:7a:58:67:06:f6:
28:c7:47:f6:ca:c6:43:8d:92:89:52:04:63:58:a4:
1d:b1:2f:b5:02:1f:15:51:96:77:e8:54:97:cb:b0:
0c:1e:4b:df:c6:d7:61:b0:c4:72:71:af:72:74:0b:
c8:88:b9:d0:55:54:54:f7:b9:b5:24:d7:ad:41:db:
15:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:2A:68:95:F7:82:9F:D2:C7:6B:18:FA:D4:7D:67:21:44:3A:2E:07
X509v3 Authority Key Identifier:
keyid:5F:1F:D4:4C:CC:54:B5:CE:B3:A7:9C:B3:79:4B:9C:66:AE:B6:7E:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Xx_UTMxUtc6zp5yzeUucZq62fkk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/aa2a44-3b3e-4b0f-a153-a486be3569a7/1/ESpolfeCn9LHaxj61H1nIUQ6Lgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/aa2a44-3b3e-4b0f-a153-a486be3569a7/1/Xx_UTMxUtc6zp5yzeUucZq62fkk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.116.0/22
194.34.240.0/22
Signature Algorithm: sha256WithRSAEncryption
85:63:28:6c:48:fa:0d:08:4a:aa:e4:cb:70:1d:88:a3:68:a0:
49:bb:66:27:1e:f3:d0:ae:75:57:3f:25:f5:50:a2:de:cb:66:
80:3f:1e:3f:cf:a1:4a:f5:e5:53:48:e5:9a:79:f5:2a:0c:05:
60:a7:4f:2f:36:d3:04:60:b7:26:50:7c:c9:16:4f:01:b4:4f:
c6:a2:e4:55:db:33:e5:29:42:b5:11:ca:d5:f4:65:e6:64:44:
a9:a8:48:c6:7f:7d:38:ce:27:14:96:9f:7f:8a:bb:b9:9e:07:
15:85:fc:fd:cc:92:7c:55:e4:e3:8a:35:78:ad:a8:69:50:60:
89:e7:e9:ea:b8:16:61:c1:41:03:eb:46:a0:34:12:84:d1:2d:
cd:d5:d9:18:6b:19:43:77:7f:02:57:25:94:ab:11:7f:37:5b:
43:eb:6a:73:b4:ae:d7:ad:a4:20:5f:a0:98:e3:cf:cf:42:fc:
d7:e1:47:7c:dc:42:d4:ca:b0:ea:5c:f5:d8:25:60:b0:81:fb:
93:db:1f:12:9f:5d:90:69:64:a6:a8:2a:d7:d8:27:61:d8:15:
b6:3e:5f:e0:47:7e:4e:09:7d:b7:ef:79:48:92:74:93:ef:12:
9a:9d:a1:03:b8:ac:8f:49:4a:90:4c:79:36:24:1d:44:d0:33:
18:ee:f1:43
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJNMKIHMAIKDhNiFek/wzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMWZkNDRjY2M1NGI1Y2ViM2E3OWNiMzc5NGI5YzY2YWVi
NjdlNDkwHhcNMjQwMTAxMDgyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTJhNjg5NWY3ODI5ZmQyYzc2YjE4ZmFkNDdkNjcyMTQ0M2EyZTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhXDy6Ts1CZysMiALIklC3yw61WDx
HxQiFsAxVYfAKG7oi7kLooK1gJfCwBf06laisGA+pk4zVBKN3izPThgBAPVlYOS3
1mv9oW9wu58I/BdrqI/FwH1WOe11/r7cbyHRAFK6ZWwJ7IzcEMtR5SvUxRdpFNcn
oCn4a3VIIKMq2i4yTelmI1F5hToStQ1HYU/F1zo1hwEmNLuc/F5znNtA1SzT076v
3+XPRssN7ctpL2X3UmeIl5C9tn3HwVQhelhnBvYox0f2ysZDjZKJUgRjWKQdsS+1
Ah8VUZZ36FSXy7AMHkvfxtdhsMRyca9ydAvIiLnQVVRU97m1JNetQdsVPQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBEqaJX3gp/Sx2sY+tR9ZyFEOi4HMB8GA1UdIwQY
MBaAFF8f1EzMVLXOs6ecs3lLnGautn5JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHhfVVRNeFV0YzZ6cDV5emVVdWNacTYyZmtrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9hYTJhNDQtM2IzZS00YjBmLWExNTMt
YTQ4NmJlMzU2OWE3LzEvRVNwb2xmZUNuOUxIYXhqNjFIMW5JVVE2TGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9hYTJhNDQtM2IzZS00YjBmLWExNTMtYTQ4NmJlMzU2OWE3
LzEvWHhfVVRNeFV0YzZ6cDV5emVVdWNacTYyZmtrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuV10AwQC
wiLwMA0GCSqGSIb3DQEBCwUAA4IBAQCFYyhsSPoNCEqq5MtwHYijaKBJu2YnHvPQ
rnVXPyX1UKLey2aAPx4/z6FK9eVTSOWaefUqDAVgp08vNtMEYLcmUHzJFk8BtE/G
ouRV2zPlKUK1EcrV9GXmZESpqEjGf304zicUlp9/iru5ngcVhfz9zJJ8VeTjijV4
rahpUGCJ5+nquBZhwUED60agNBKE0S3N1dkYaxlDd38CVyWUqxF/N1tD62pztK7X
raQgX6CY48/PQvzX4Ud83ELUyrDqXPXYJWCwgfuT2x8Sn12QaWSmqCrX2Cdh2BW2
Pl/gR35OCX2373lIknST7xKanaEDuKyPSUqQTHk2JB1E0DMY7vFD
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:06:35 2024 by rpki-client on console-fra.rpki-client.org