Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/52be56-ec7b-4434-93eb-09feaa14e31e/1/ey6moBnMvi08mKBXGdO4WD4Fk7M.roa
File: ey6moBnMvi08mKBXGdO4WD4Fk7M.roa (raw, json)
Hash identifier: iETUTlieU3BRdKkaBizaKB/Rn2NtsA7P4u52bLOGprc=
Subject key identifier: 7B:2E:A6:A0:19:CC:BE:2D:3C:98:A0:57:19:D3:B8:58:3E:05:93:B3
Certificate issuer: /CN=1012216458bd7605ff95540fd204eb93a477f393
Certificate serial: 018CC8711A61210474EF2CBB0587BB6A9E9A
Authority key identifier: 10:12:21:64:58:BD:76:05:FF:95:54:0F:D2:04:EB:93:A4:77:F3:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EBIhZFi9dgX_lVQP0gTrk6R385M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/52be56-ec7b-4434-93eb-09feaa14e31e/1/ey6moBnMvi08mKBXGdO4WD4Fk7M.roa
Signing time: Tue 02 Jan 2024 04:31:44 +0000
ROA not before: Tue 02 Jan 2024 04:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51086
IP address blocks: 194.28.240.0/22 maxlen: 22
194.28.240.0/24 maxlen: 24
194.28.243.0/24 maxlen: 24
194.28.242.0/24 maxlen: 24
194.28.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/52be56-ec7b-4434-93eb-09feaa14e31e/1/EBIhZFi9dgX_lVQP0gTrk6R385M.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/52be56-ec7b-4434-93eb-09feaa14e31e/1/EBIhZFi9dgX_lVQP0gTrk6R385M.mft
rsync://rpki.ripe.net/repository/DEFAULT/EBIhZFi9dgX_lVQP0gTrk6R385M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:1a:61:21:04:74:ef:2c:bb:05:87:bb:6a:9e:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1012216458bd7605ff95540fd204eb93a477f393
Validity
Not Before: Jan 2 04:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b2ea6a019ccbe2d3c98a05719d3b8583e0593b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3a:7a:d8:68:ae:28:d2:71:ec:e1:87:8d:b2:
5f:3a:bd:b7:d6:bf:93:7b:a8:aa:a4:bc:b6:7f:7b:
2b:8a:5f:78:21:d4:63:df:37:28:89:b8:46:d5:4d:
f7:79:9a:0c:8c:42:8a:b7:6b:3d:cb:a3:3e:05:cc:
f2:6d:40:fd:0b:e6:1f:fd:1f:6c:70:b7:d7:54:84:
a6:5a:ea:26:32:25:bf:a3:81:92:c2:e6:b2:34:0f:
b0:da:b2:6c:c1:35:73:cb:18:ad:a5:e1:05:a4:a5:
15:ab:b4:39:c0:21:ae:fa:36:91:be:a0:97:12:c2:
92:6d:84:7b:32:4f:a2:2e:6d:dc:8b:f9:d3:85:01:
46:6f:2a:7b:6c:d0:16:10:0e:55:aa:b4:58:22:ad:
e5:f8:4c:cf:6d:82:08:9d:ab:4a:5b:11:bf:d5:6c:
3a:bf:c5:6a:d3:52:44:bb:b5:a4:1d:81:ca:e1:54:
a1:3d:aa:ad:e5:d6:7a:97:ae:00:45:34:af:a5:7b:
81:52:ae:66:72:03:c8:46:de:f2:c2:13:a7:19:b6:
d8:f1:ab:9f:a1:fb:5d:54:70:2e:07:32:14:ce:f4:
e4:d7:1b:ab:56:d5:c6:e8:7d:43:2e:e4:10:b9:53:
f4:95:57:61:f8:96:38:5a:a6:3e:32:bd:93:bd:80:
d3:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:2E:A6:A0:19:CC:BE:2D:3C:98:A0:57:19:D3:B8:58:3E:05:93:B3
X509v3 Authority Key Identifier:
keyid:10:12:21:64:58:BD:76:05:FF:95:54:0F:D2:04:EB:93:A4:77:F3:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EBIhZFi9dgX_lVQP0gTrk6R385M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/52be56-ec7b-4434-93eb-09feaa14e31e/1/ey6moBnMvi08mKBXGdO4WD4Fk7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/52be56-ec7b-4434-93eb-09feaa14e31e/1/EBIhZFi9dgX_lVQP0gTrk6R385M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.28.240.0/22
Signature Algorithm: sha256WithRSAEncryption
58:79:15:a9:26:db:df:28:6d:64:4d:9a:d8:83:f4:47:d5:a8:
83:78:c4:b3:9f:fd:ea:4d:90:55:96:58:7d:79:01:0b:92:7c:
5b:4d:e7:86:48:3b:f6:cf:af:ec:aa:71:eb:9c:8f:c8:d1:33:
55:47:72:bc:38:fe:90:29:82:ef:b0:6a:55:bb:bd:56:0a:de:
d8:62:7a:a2:58:23:bd:14:08:47:74:7a:a2:79:13:1e:69:07:
8f:e7:c5:fe:9a:06:fa:99:2d:d7:64:00:cc:5b:d1:15:91:c2:
c5:16:0d:77:df:54:7b:3e:58:50:9b:38:f4:43:bb:cb:fc:c8:
dc:59:c7:e4:d8:50:54:ec:fe:d9:96:66:9c:bd:4f:ce:dc:e7:
56:a1:52:55:e6:6e:e6:75:35:83:4f:b5:b2:c9:6e:81:78:cc:
d0:15:08:b7:37:4f:b1:a9:b1:2d:06:ab:35:0d:76:43:af:45:
80:6c:57:11:bf:8b:7c:5c:21:8d:c8:96:87:6b:67:bb:b6:14:
6c:69:67:bf:13:d1:7a:1e:3f:78:97:09:e9:38:c2:7a:10:9f:
ea:f6:6b:42:a9:c7:b5:3c:cf:a5:7c:1f:32:4e:f5:77:b8:ef:
ac:60:ce:f9:ed:13:25:27:41:08:d8:ae:eb:c2:70:09:cb:d5:
a4:8a:bc:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIcRphIQR07yy7BYe7ap6aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMTIyMTY0NThiZDc2MDVmZjk1NTQwZmQyMDRlYjkzYTQ3
N2YzOTMwHhcNMjQwMTAyMDQzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjJlYTZhMDE5Y2NiZTJkM2M5OGEwNTcxOWQzYjg1ODNlMDU5M2IzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjp62GiuKNJx7OGHjbJfOr231r+T
e6iqpLy2f3sril94IdRj3zcoibhG1U33eZoMjEKKt2s9y6M+BczybUD9C+Yf/R9s
cLfXVISmWuomMiW/o4GSwuayNA+w2rJswTVzyxitpeEFpKUVq7Q5wCGu+jaRvqCX
EsKSbYR7Mk+iLm3ci/nThQFGbyp7bNAWEA5VqrRYIq3l+EzPbYIInatKWxG/1Ww6
v8Vq01JEu7WkHYHK4VShPaqt5dZ6l64ARTSvpXuBUq5mcgPIRt7ywhOnGbbY8auf
oftdVHAuBzIUzvTk1xurVtXG6H1DLuQQuVP0lVdh+JY4WqY+Mr2TvYDTXwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHsupqAZzL4tPJigVxnTuFg+BZOzMB8GA1UdIwQY
MBaAFBASIWRYvXYF/5VUD9IE65Okd/OTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUJJaFpGaTlkZ1hfbFZRUDBnVHJrNlIzODVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi81MmJlNTYtZWM3Yi00NDM0LTkzZWIt
MDlmZWFhMTRlMzFlLzEvZXk2bW9Cbk12aTA4bUtCWEdkTzRXRDRGazdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi81MmJlNTYtZWM3Yi00NDM0LTkzZWItMDlmZWFhMTRlMzFl
LzEvRUJJaFpGaTlkZ1hfbFZRUDBnVHJrNlIzODVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwhzwMA0G
CSqGSIb3DQEBCwUAA4IBAQBYeRWpJtvfKG1kTZrYg/RH1aiDeMSzn/3qTZBVllh9
eQELknxbTeeGSDv2z6/sqnHrnI/I0TNVR3K8OP6QKYLvsGpVu71WCt7YYnqiWCO9
FAhHdHqieRMeaQeP58X+mgb6mS3XZADMW9EVkcLFFg1331R7PlhQmzj0Q7vL/Mjc
Wcfk2FBU7P7ZlmacvU/O3OdWoVJV5m7mdTWDT7WyyW6BeMzQFQi3N0+xqbEtBqs1
DXZDr0WAbFcRv4t8XCGNyJaHa2e7thRsaWe/E9F6Hj94lwnpOMJ6EJ/q9mtCqce1
PM+lfB8yTvV3uO+sYM757RMlJ0EI2K7rwnAJy9WkiryF
-----END CERTIFICATE-----
Generated at Sun May 19 20:30:36 2024 by rpki-client on console-fra.rpki-client.org