Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/e0b_dgijAp0SSwAgQXoR0nco18k.roa
File: e0b_dgijAp0SSwAgQXoR0nco18k.roa (raw, json)
Hash identifier: DQyPSYTHEKymg5F9kg9e1+LVfApZzn8EsxmVxHAImS0=
Subject key identifier: 7B:46:FF:76:08:A3:02:9D:12:4B:00:20:41:7A:11:D2:77:28:D7:C9
Certificate issuer: /CN=923a2b3dd7667275f09886df7da079f755ceed59
Certificate serial: 018CCA2A3E791E924E9CA210D50036E8F5C1
Authority key identifier: 92:3A:2B:3D:D7:66:72:75:F0:98:86:DF:7D:A0:79:F7:55:CE:ED:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kjorPddmcnXwmIbffaB591XO7Vk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/e0b_dgijAp0SSwAgQXoR0nco18k.roa
Signing time: Tue 02 Jan 2024 12:33:35 +0000
ROA not before: Tue 02 Jan 2024 12:33:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207143
IP address blocks: 185.229.89.0/24 maxlen: 24
185.229.88.0/24 maxlen: 24
185.229.91.0/24 maxlen: 24
185.229.90.0/24 maxlen: 24
185.101.157.0/24 maxlen: 24
185.101.156.0/22 maxlen: 22
185.101.156.0/24 maxlen: 24
185.101.159.0/24 maxlen: 24
185.101.158.0/24 maxlen: 24
2a11:8b82::/32 maxlen: 32
2a11:8b81::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/kjorPddmcnXwmIbffaB591XO7Vk.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/kjorPddmcnXwmIbffaB591XO7Vk.mft
rsync://rpki.ripe.net/repository/DEFAULT/kjorPddmcnXwmIbffaB591XO7Vk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 16:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:3e:79:1e:92:4e:9c:a2:10:d5:00:36:e8:f5:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=923a2b3dd7667275f09886df7da079f755ceed59
Validity
Not Before: Jan 2 12:33:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b46ff7608a3029d124b0020417a11d27728d7c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:3e:8f:32:0f:d2:d7:a4:43:d3:2a:4d:fe:2b:
52:92:94:26:32:88:b3:8e:f1:3f:12:ba:58:47:b7:
c0:b7:1c:44:58:39:60:93:c2:ed:f1:df:31:85:2e:
57:2f:ef:d7:95:90:d5:72:dc:6e:7d:6c:55:ea:c2:
20:62:05:c2:33:94:57:d0:e1:1b:ac:c4:9e:e4:f4:
92:c1:25:0d:c0:36:1c:66:7b:b0:ab:1e:9a:f2:54:
57:69:a8:af:b4:cf:49:c6:a6:3b:42:21:bd:57:11:
74:48:38:16:cd:05:8c:34:89:ee:33:16:4b:7d:f5:
19:f6:e5:7c:2f:8a:80:5b:a9:b4:17:d9:6d:66:53:
61:d2:1a:d8:ab:52:56:a1:91:b7:f7:b0:a2:ae:b3:
0b:82:49:e4:6d:f7:ab:f6:39:5c:b8:e9:a7:bc:31:
e3:99:e7:e3:d1:57:32:32:a3:79:e3:6f:11:cc:f0:
d4:d5:4c:07:b2:cc:1c:14:42:90:c9:cc:9c:b0:30:
a3:55:f2:70:ff:a6:6f:03:30:ab:1b:c5:e8:9c:b8:
c7:97:d6:c9:4e:97:a6:fa:8b:84:1f:40:da:fd:6d:
33:3a:49:a0:8f:b2:0f:98:51:58:35:a1:7d:77:eb:
e6:82:3e:c3:10:2e:e6:00:ad:83:a9:a2:ba:0e:62:
e5:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:46:FF:76:08:A3:02:9D:12:4B:00:20:41:7A:11:D2:77:28:D7:C9
X509v3 Authority Key Identifier:
keyid:92:3A:2B:3D:D7:66:72:75:F0:98:86:DF:7D:A0:79:F7:55:CE:ED:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kjorPddmcnXwmIbffaB591XO7Vk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/e0b_dgijAp0SSwAgQXoR0nco18k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/b796f4-2e88-4eaa-a269-2738bcb43d6d/1/kjorPddmcnXwmIbffaB591XO7Vk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.101.156.0/22
185.229.88.0/22
IPv6:
2a11:8b81::-2a11:8b82:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2c:63:63:30:f9:35:f8:3a:f5:91:48:16:c4:f7:85:49:f5:54:
b9:6d:5f:4e:10:4b:c4:d8:ef:8f:1f:f2:84:5a:2c:01:30:4f:
6d:72:bc:94:41:f6:85:99:fd:d4:57:76:1a:dc:c4:dc:2a:98:
c4:72:2f:01:ce:b5:b2:e1:00:30:48:d3:8a:c8:97:8d:c6:37:
1e:34:75:88:8a:8d:1f:4a:68:23:e8:70:94:d7:d4:e6:a5:d3:
0c:02:db:4c:d3:53:5d:b2:d2:91:ae:8d:32:b8:95:31:24:5a:
22:ff:22:3d:e0:30:09:76:45:dd:4d:3f:bf:0f:bf:ae:7d:e5:
de:f1:fc:2d:39:58:3e:75:b9:ad:23:f9:85:f5:3f:08:d1:53:
5a:3c:41:97:b0:75:ec:c4:5b:8d:45:3a:d6:64:4a:c7:63:6e:
d7:47:1f:66:d6:23:fc:ee:85:0f:21:43:2e:2a:32:0c:1c:d5:
b5:41:ea:d3:f8:ff:19:c4:71:d7:18:ee:d5:8d:d5:dd:ca:b6:
de:6e:72:78:17:78:73:69:5b:a0:c0:17:72:35:27:85:56:90:
22:14:a0:1d:01:26:80:44:2d:bb:fe:3b:f5:13:56:d2:f2:d9:
83:0e:46:3b:12:ba:cd:da:6a:ff:b7:75:6a:a2:fe:f0:88:8c:
29:4f:78:88
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzKKj55HpJOnKIQ1QA26PXBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyM2EyYjNkZDc2NjcyNzVmMDk4ODZkZjdkYTA3OWY3NTVj
ZWVkNTkwHhcNMjQwMTAyMTIzMzM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjQ2ZmY3NjA4YTMwMjlkMTI0YjAwMjA0MTdhMTFkMjc3MjhkN2M5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlT6PMg/S16RD0ypN/itSkpQmMoiz
jvE/ErpYR7fAtxxEWDlgk8Lt8d8xhS5XL+/XlZDVctxufWxV6sIgYgXCM5RX0OEb
rMSe5PSSwSUNwDYcZnuwqx6a8lRXaaivtM9JxqY7QiG9VxF0SDgWzQWMNInuMxZL
ffUZ9uV8L4qAW6m0F9ltZlNh0hrYq1JWoZG397CirrMLgknkbfer9jlcuOmnvDHj
mefj0VcyMqN5428RzPDU1UwHsswcFEKQycycsDCjVfJw/6ZvAzCrG8XonLjHl9bJ
Tpem+ouEH0Da/W0zOkmgj7IPmFFYNaF9d+vmgj7DEC7mAK2DqaK6DmLldQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHtG/3YIowKdEksAIEF6EdJ3KNfJMB8GA1UdIwQY
MBaAFJI6Kz3XZnJ18JiG332gefdVzu1ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2pvclBkZG1jblh3bUliZmZhQjU5MVhPN1ZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9iNzk2ZjQtMmU4OC00ZWFhLWEyNjkt
MjczOGJjYjQzZDZkLzEvZTBiX2RnaWpBcDBTU3dBZ1FYb1IwbmNvMThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9iNzk2ZjQtMmU4OC00ZWFhLWEyNjktMjczOGJjYjQzZDZk
LzEva2pvclBkZG1jblh3bUliZmZhQjU5MVhPN1ZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCuWWcAwQC
ueVYMBYEAgACMBAwDgMFACoRi4EDBQAqEYuCMA0GCSqGSIb3DQEBCwUAA4IBAQAs
Y2Mw+TX4OvWRSBbE94VJ9VS5bV9OEEvE2O+PH/KEWiwBME9tcryUQfaFmf3UV3Ya
3MTcKpjEci8BzrWy4QAwSNOKyJeNxjceNHWIio0fSmgj6HCU19TmpdMMAttM01Nd
stKRro0yuJUxJFoi/yI94DAJdkXdTT+/D7+ufeXe8fwtOVg+dbmtI/mF9T8I0VNa
PEGXsHXsxFuNRTrWZErHY27XRx9m1iP87oUPIUMuKjIMHNW1QerT+P8ZxHHXGO7V
jdXdyrbebnJ4F3hzaVugwBdyNSeFVpAiFKAdASaARC27/jv1E1bS8tmDDkY7ErrN
2mr/t3Vqov7wiIwpT3iI
-----END CERTIFICATE-----
Generated at Sun Sep 29 01:41:43 2024 by rpki-client on console-ams.rpki-client.org