Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/1-eOST_CHnc4L791GMotLi5Rwcsw.roa
File: 1-eOST_CHnc4L791GMotLi5Rwcsw.roa (raw, json)
Hash identifier: lxV8Z8MtTmtmVhK3IsStqNfTMjgZjFREsuGDW6qh0u8=
Subject key identifier: F9:E3:92:4F:F0:87:9D:CE:0B:EF:DD:46:32:8B:4B:8B:94:70:72:CC
Certificate issuer: /CN=acc48f7a59120588d4170ea2815e6ae51be6bcff
Certificate serial: 018CC725A094CBB9A798CA8B622207F9D394
Authority key identifier: AC:C4:8F:7A:59:12:05:88:D4:17:0E:A2:81:5E:6A:E5:1B:E6:BC:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rMSPelkSBYjUFw6igV5q5RvmvP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/1-eOST_CHnc4L791GMotLi5Rwcsw.roa
Signing time: Mon 01 Jan 2024 22:29:41 +0000
ROA not before: Mon 01 Jan 2024 22:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3215
IP address blocks: 193.56.38.0/24 maxlen: 24
193.56.43.0/24 maxlen: 24
2a00:6fc0:c010::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/rMSPelkSBYjUFw6igV5q5RvmvP8.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/rMSPelkSBYjUFw6igV5q5RvmvP8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rMSPelkSBYjUFw6igV5q5RvmvP8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:a0:94:cb:b9:a7:98:ca:8b:62:22:07:f9:d3:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=acc48f7a59120588d4170ea2815e6ae51be6bcff
Validity
Not Before: Jan 1 22:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9e3924ff0879dce0befdd46328b4b8b947072cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:c8:d3:21:95:88:44:a7:47:1a:5c:01:fa:8c:
dc:1b:64:18:e3:55:c4:55:bf:58:be:62:f7:0d:87:
00:b7:09:a5:4b:31:76:2f:4a:da:1c:df:d5:f8:bb:
fd:dd:4c:31:a3:b6:5d:8c:23:0b:ff:1e:82:bf:f8:
8a:71:b0:a6:b2:cc:4f:62:52:8c:28:44:29:4c:ae:
ab:12:b6:4f:a5:41:04:b6:65:03:a3:7d:82:e2:10:
d9:88:5a:37:30:e0:db:15:f4:81:4c:1d:7c:29:78:
f5:16:5c:5f:9b:d3:1c:f0:9c:99:ec:4f:ac:ea:69:
21:b5:ab:3f:ec:af:ec:cb:a0:8e:71:cc:87:82:35:
fd:cf:a3:7a:15:da:80:af:d2:8a:1d:61:e5:98:eb:
8f:45:2d:fb:a4:3a:92:38:9d:fd:e2:0d:17:63:ed:
cd:48:13:c5:a0:86:f8:a4:a8:3d:84:84:5d:8c:4f:
22:2e:bc:4e:ee:46:1a:4f:06:eb:36:78:a7:7a:4f:
e1:73:3d:28:e0:e8:b4:5a:d6:19:54:fc:80:22:52:
2c:5e:86:f4:9f:af:7b:c2:30:f7:df:60:97:ac:5b:
cb:f0:1e:61:f4:e1:23:d6:a4:e2:2d:1d:db:61:53:
95:4f:fa:02:9f:fe:07:29:43:70:ef:c1:7b:84:db:
09:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:E3:92:4F:F0:87:9D:CE:0B:EF:DD:46:32:8B:4B:8B:94:70:72:CC
X509v3 Authority Key Identifier:
keyid:AC:C4:8F:7A:59:12:05:88:D4:17:0E:A2:81:5E:6A:E5:1B:E6:BC:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rMSPelkSBYjUFw6igV5q5RvmvP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/1-eOST_CHnc4L791GMotLi5Rwcsw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d8679e-46bb-44f5-ba52-b52b3a236fa7/1/rMSPelkSBYjUFw6igV5q5RvmvP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.56.38.0/24
193.56.43.0/24
IPv6:
2a00:6fc0:c010::/44
Signature Algorithm: sha256WithRSAEncryption
09:2a:c9:1d:be:98:08:7f:72:ad:7a:c6:af:5d:70:d6:81:9b:
e4:9c:e8:51:41:99:80:80:d8:06:bb:3a:91:da:e6:51:98:a5:
ab:d8:e9:fc:9b:80:90:97:13:e9:7f:2a:f1:87:f7:27:ac:c1:
28:b2:c7:d3:43:9a:3b:1a:4d:2f:9b:30:69:d0:9e:c8:77:6e:
d7:80:45:bf:f1:d6:11:73:c2:b9:05:29:35:94:d0:09:5d:47:
25:f0:93:61:c5:18:34:c2:b6:aa:0b:1f:cb:4e:92:f7:ee:22:
be:55:92:b6:9e:2c:f2:04:92:e6:a1:85:bd:58:af:e1:e3:62:
52:37:84:29:8e:11:15:a8:15:28:1a:6e:b6:c5:99:82:29:47:
10:48:25:21:1e:98:d4:bf:c6:03:e0:56:cc:11:b4:a0:85:ac:
6d:ad:5a:79:03:15:1e:15:da:f7:f3:b1:0f:7a:a9:44:a4:3e:
32:e0:5f:e0:f4:7d:f2:ba:4f:aa:b2:e0:cd:35:c3:17:f8:bc:
2b:77:5f:d0:59:0f:56:fd:c9:c0:a4:f3:c9:f1:3f:9c:71:83:
ba:4c:1f:a8:93:7c:23:b6:a4:0d:8d:54:54:4d:85:37:33:9a:
d9:b5:e7:f8:21:f7:b4:b9:87:7d:bb:94:cc:26:5a:73:75:0a:
c3:05:34:66
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzHJaCUy7mnmMqLYiIH+dOUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYzQ4ZjdhNTkxMjA1ODhkNDE3MGVhMjgxNWU2YWU1MWJl
NmJjZmYwHhcNMjQwMTAxMjIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWUzOTI0ZmYwODc5ZGNlMGJlZmRkNDYzMjhiNGI4Yjk0NzA3MmNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAysjTIZWIRKdHGlwB+ozcG2QY41XE
Vb9YvmL3DYcAtwmlSzF2L0raHN/V+Lv93Uwxo7ZdjCML/x6Cv/iKcbCmssxPYlKM
KEQpTK6rErZPpUEEtmUDo32C4hDZiFo3MODbFfSBTB18KXj1Flxfm9Mc8JyZ7E+s
6mkhtas/7K/sy6COccyHgjX9z6N6FdqAr9KKHWHlmOuPRS37pDqSOJ394g0XY+3N
SBPFoIb4pKg9hIRdjE8iLrxO7kYaTwbrNninek/hcz0o4Oi0WtYZVPyAIlIsXob0
n697wjD332CXrFvL8B5h9OEj1qTiLR3bYVOVT/oCn/4HKUNw78F7hNsJKQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPnjkk/wh53OC+/dRjKLS4uUcHLMMB8GA1UdIwQY
MBaAFKzEj3pZEgWI1BcOooFeauUb5rz/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvck1TUGVsa1NCWWpVRnc2aWdWNXE1UnZtdlA4LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kODY3OWUtNDZiYi00NGY1LWJhNTIt
YjUyYjNhMjM2ZmE3LzEvMS1lT1NUX0NIbmM0TDc5MUdNb3RMaTVSd2Nzdy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMzQvZDg2NzllLTQ2YmItNDRmNS1iYTUyLWI1MmIzYTIzNmZh
Ny8xL3JNU1BlbGtTQllqVUZ3NmlnVjVxNVJ2bXZQOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEAME4JgME
AME4KzAPBAIAAjAJAwcEKgBvwMAQMA0GCSqGSIb3DQEBCwUAA4IBAQAJKskdvpgI
f3KtesavXXDWgZvknOhRQZmAgNgGuzqR2uZRmKWr2On8m4CQlxPpfyrxh/cnrMEo
ssfTQ5o7Gk0vmzBp0J7Id27XgEW/8dYRc8K5BSk1lNAJXUcl8JNhxRg0wraqCx/L
TpL37iK+VZK2nizyBJLmoYW9WK/h42JSN4QpjhEVqBUoGm62xZmCKUcQSCUhHpjU
v8YD4FbMEbSghaxtrVp5AxUeFdr387EPeqlEpD4y4F/g9H3yuk+qsuDNNcMX+Lwr
d1/QWQ9W/cnApPPJ8T+ccYO6TB+ok3wjtqQNjVRUTYU3M5rZtef4Ife0uYd9u5TM
JlpzdQrDBTRm
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:36:40 2024 by rpki-client on console-ams.rpki-client.org