Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/5cecc0-2a53-4500-85ae-e8b60a2dd6b4/1/EHnX1wxrkiG4u1lEA004mupnA1Q.roa
File: EHnX1wxrkiG4u1lEA004mupnA1Q.roa (raw, json)
Hash identifier: uzFFFalB9zcNsDIhTIoP9MbtfPZkdFppGxdATB2dOns=
Subject key identifier: 10:79:D7:D7:0C:6B:92:21:B8:BB:59:44:03:4D:38:9A:EA:67:03:54
Certificate issuer: /CN=d49922ca8d139a4d03d6d57cbc8177dc05feb9ec
Certificate serial: 018CC8DE3B63508E54B451E5FAFBFD928C2E
Authority key identifier: D4:99:22:CA:8D:13:9A:4D:03:D6:D5:7C:BC:81:77:DC:05:FE:B9:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Jkiyo0Tmk0D1tV8vIF33AX-uew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/5cecc0-2a53-4500-85ae-e8b60a2dd6b4/1/EHnX1wxrkiG4u1lEA004mupnA1Q.roa
Signing time: Tue 02 Jan 2024 06:30:56 +0000
ROA not before: Tue 02 Jan 2024 06:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51665
IP address blocks: 178.237.192.0/21 maxlen: 21
178.237.192.0/24 maxlen: 24
178.237.198.0/24 maxlen: 24
178.237.199.0/24 maxlen: 24
178.237.193.0/24 maxlen: 24
178.237.194.0/24 maxlen: 24
178.237.195.0/24 maxlen: 24
178.237.196.0/24 maxlen: 24
178.237.197.0/24 maxlen: 24
178.237.200.0/24 maxlen: 24
178.237.201.0/24 maxlen: 24
178.237.202.0/24 maxlen: 24
178.237.203.0/24 maxlen: 24
178.237.204.0/24 maxlen: 24
178.237.205.0/24 maxlen: 24
178.237.200.0/22 maxlen: 22
178.237.207.0/24 maxlen: 24
2a04:7e03::/32 maxlen: 32
2a04:7e02::/32 maxlen: 32
2a04:7e01::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/5cecc0-2a53-4500-85ae-e8b60a2dd6b4/1/1Jkiyo0Tmk0D1tV8vIF33AX-uew.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/5cecc0-2a53-4500-85ae-e8b60a2dd6b4/1/1Jkiyo0Tmk0D1tV8vIF33AX-uew.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Jkiyo0Tmk0D1tV8vIF33AX-uew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:3b:63:50:8e:54:b4:51:e5:fa:fb:fd:92:8c:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d49922ca8d139a4d03d6d57cbc8177dc05feb9ec
Validity
Not Before: Jan 2 06:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1079d7d70c6b9221b8bb5944034d389aea670354
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:80:cb:48:20:5e:5f:e9:a9:bf:54:93:fd:7b:
f9:36:20:b9:03:33:8f:a9:e4:73:5b:e9:bd:63:0f:
5c:c4:7b:1a:a9:02:d0:2e:8b:fc:a0:f0:46:9c:5a:
95:90:0d:12:31:0e:9f:93:5f:f0:e7:5f:6d:8b:9d:
93:dd:10:94:c3:6b:d8:d1:36:41:5c:b2:cc:21:7b:
e1:98:20:4e:ca:95:6e:f2:3c:a7:23:5a:28:09:13:
2a:c9:d7:19:f6:1e:b5:4b:89:b6:c4:7d:9b:58:42:
77:bb:fa:e2:19:da:bf:43:51:68:e7:5d:a3:b4:d2:
0a:41:63:72:64:c8:cc:c7:06:3b:f7:65:ed:b8:e2:
8d:d1:3d:a3:50:3e:f4:b4:2e:34:66:c9:b1:59:5d:
07:f4:60:ee:90:7f:41:e2:2a:10:7e:98:74:ef:b8:
f4:69:ca:9f:a5:8d:ec:27:f5:7d:de:fb:3d:32:74:
f6:b9:58:1a:12:76:c7:96:d9:2a:47:15:2b:d9:30:
dc:7d:fe:02:a0:aa:b1:f6:89:e4:e7:e4:a6:fb:24:
be:a7:2a:6b:8f:33:c7:0d:95:5c:28:b2:35:7e:09:
16:3f:be:b5:87:9b:7e:da:8c:0a:df:bb:a2:8d:71:
78:94:b3:a9:96:ad:1c:ac:47:a1:77:ab:2c:96:9a:
51:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:79:D7:D7:0C:6B:92:21:B8:BB:59:44:03:4D:38:9A:EA:67:03:54
X509v3 Authority Key Identifier:
keyid:D4:99:22:CA:8D:13:9A:4D:03:D6:D5:7C:BC:81:77:DC:05:FE:B9:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Jkiyo0Tmk0D1tV8vIF33AX-uew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5cecc0-2a53-4500-85ae-e8b60a2dd6b4/1/EHnX1wxrkiG4u1lEA004mupnA1Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5cecc0-2a53-4500-85ae-e8b60a2dd6b4/1/1Jkiyo0Tmk0D1tV8vIF33AX-uew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.237.192.0-178.237.205.255
178.237.207.0/24
IPv6:
2a04:7e01::-2a04:7e03:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
64:5b:4d:82:cb:bd:6a:6f:42:66:e9:a1:a3:8c:5f:0f:63:a6:
cc:e2:69:95:70:95:5e:65:9f:f7:4f:e3:24:18:c5:73:df:0e:
2f:db:7f:21:a4:a1:0b:d6:99:00:4b:bc:00:a3:e7:9b:90:17:
6c:52:34:06:95:ee:ae:95:03:45:96:8d:e5:ce:d3:f7:28:40:
ac:5f:91:3a:4a:cd:ee:82:e9:62:d3:73:4e:f6:4f:a1:15:fc:
bc:04:39:60:eb:c4:a5:b9:e3:55:54:32:e2:b7:77:46:a7:2d:
80:1c:b9:10:d0:3a:d5:c7:cb:8a:70:d3:35:47:eb:83:44:e8:
51:85:af:d5:60:b7:58:20:bd:08:ce:14:21:0b:02:6f:65:ae:
17:29:96:07:ba:cd:02:ee:e6:5f:77:d9:71:c7:38:43:97:74:
10:7c:ac:19:9d:4b:68:20:1b:41:58:09:2d:2c:82:12:0e:1b:
3c:37:7c:46:97:48:5e:2d:83:30:bb:e9:aa:7d:b5:b4:3e:fc:
7b:70:cc:ab:96:1a:25:cb:d3:f3:3f:fa:a9:c8:2e:58:34:5e:
be:ce:ea:e1:aa:32:e2:d8:d5:2c:37:62:9b:3d:8f:6e:79:93:
d1:01:e5:28:00:14:f6:d4:b8:ae:c7:a3:69:40:f4:34:06:2b:
5a:83:27:99
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzI3jtjUI5UtFHl+vv9kowuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OTkyMmNhOGQxMzlhNGQwM2Q2ZDU3Y2JjODE3N2RjMDVm
ZWI5ZWMwHhcNMjQwMTAyMDYzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDc5ZDdkNzBjNmI5MjIxYjhiYjU5NDQwMzRkMzg5YWVhNjcwMzU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIDLSCBeX+mpv1ST/Xv5NiC5AzOP
qeRzW+m9Yw9cxHsaqQLQLov8oPBGnFqVkA0SMQ6fk1/w519ti52T3RCUw2vY0TZB
XLLMIXvhmCBOypVu8jynI1ooCRMqydcZ9h61S4m2xH2bWEJ3u/riGdq/Q1Fo512j
tNIKQWNyZMjMxwY792XtuOKN0T2jUD70tC40ZsmxWV0H9GDukH9B4ioQfph077j0
acqfpY3sJ/V93vs9MnT2uVgaEnbHltkqRxUr2TDcff4CoKqx9onk5+Sm+yS+pypr
jzPHDZVcKLI1fgkWP761h5t+2owK37uijXF4lLOplq0crEehd6sslppRDQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFBB519cMa5IhuLtZRANNOJrqZwNUMB8GA1UdIwQY
MBaAFNSZIsqNE5pNA9bVfLyBd9wF/rnsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUpraXlvMFRtazBEMXRWOHZJRjMzQVgtdWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC81Y2VjYzAtMmE1My00NTAwLTg1YWUt
ZThiNjBhMmRkNmI0LzEvRUhuWDF3eHJraUc0dTFsRUEwMDRtdXBuQTFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC81Y2VjYzAtMmE1My00NTAwLTg1YWUtZThiNjBhMmRkNmI0
LzEvMUpraXlvMFRtazBEMXRWOHZJRjMzQVgtdWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAaBAIAATAUMAwDBAay7cAD
BAGy7cwDBACy7c8wFgQCAAIwEDAOAwUAKgR+AQMFAioEfgAwDQYJKoZIhvcNAQEL
BQADggEBAGRbTYLLvWpvQmbpoaOMXw9jpsziaZVwlV5ln/dP4yQYxXPfDi/bfyGk
oQvWmQBLvACj55uQF2xSNAaV7q6VA0WWjeXO0/coQKxfkTpKze6C6WLTc072T6EV
/LwEOWDrxKW541VUMuK3d0anLYAcuRDQOtXHy4pw0zVH64NE6FGFr9Vgt1ggvQjO
FCELAm9lrhcplge6zQLu5l932XHHOEOXdBB8rBmdS2ggG0FYCS0sghIOGzw3fEaX
SF4tgzC76ap9tbQ+/HtwzKuWGiXL0/M/+qnILlg0Xr7O6uGqMuLY1Sw3Yps9j255
k9EB5SgAFPbUuK7Ho2lA9DQGK1qDJ5k=
-----END CERTIFICATE-----
Generated at Sun May 19 14:53:26 2024 by rpki-client on console-ams.rpki-client.org