Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/c3f995-86ef-4a67-acac-e4391fbcaf14/1/EH31K6AeAlTxuZgsWC0CP6nqgCw.roa
File: EH31K6AeAlTxuZgsWC0CP6nqgCw.roa (raw, json)
Hash identifier: 5F10SKVR7MZweS+vgHdYbBmQMLKWeQTvpJE6zRYHQ8A=
Subject key identifier: 10:7D:F5:2B:A0:1E:02:54:F1:B9:98:2C:58:2D:02:3F:A9:EA:80:2C
Certificate issuer: /CN=6ce3fb867861daafd781279897fe25a8eb371468
Certificate serial: 019422FB55830DC32393596E491C5558CDA9
Authority key identifier: 6C:E3:FB:86:78:61:DA:AF:D7:81:27:98:97:FE:25:A8:EB:37:14:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bOP7hnhh2q_XgSeYl_4lqOs3FGg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/c3f995-86ef-4a67-acac-e4391fbcaf14/1/EH31K6AeAlTxuZgsWC0CP6nqgCw.roa
Signing time: Wed 01 Jan 2025 17:48:04 +0000
ROA not before: Wed 01 Jan 2025 17:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 196954
IP address blocks: 185.28.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/c3f995-86ef-4a67-acac-e4391fbcaf14/1/bOP7hnhh2q_XgSeYl_4lqOs3FGg.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/c3f995-86ef-4a67-acac-e4391fbcaf14/1/bOP7hnhh2q_XgSeYl_4lqOs3FGg.mft
rsync://rpki.ripe.net/repository/DEFAULT/bOP7hnhh2q_XgSeYl_4lqOs3FGg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:55:83:0d:c3:23:93:59:6e:49:1c:55:58:cd:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ce3fb867861daafd781279897fe25a8eb371468
Validity
Not Before: Jan 1 17:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=107df52ba01e0254f1b9982c582d023fa9ea802c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bd:cc:38:54:30:61:60:04:76:f2:52:8e:89:
cf:e8:4c:2b:a8:ef:46:aa:8e:e6:3d:ce:18:3c:ce:
37:b7:e5:1b:8d:6d:f4:50:22:42:4e:89:1f:d4:77:
68:cc:fe:76:7b:20:5c:25:61:0b:f6:8d:05:ff:d1:
e9:7f:dc:08:0a:28:7e:2a:20:de:ce:fd:94:d4:99:
cd:56:2c:bb:6c:bb:cb:99:f8:c1:d8:f3:d4:bb:09:
2d:22:37:73:23:1e:e5:68:90:53:6e:b2:fb:6a:16:
08:b3:c7:3e:4d:42:94:01:37:15:7e:81:a0:fb:25:
97:1b:17:28:c4:ba:38:83:f5:db:01:59:93:95:b7:
52:a2:d0:55:5d:b7:37:22:21:60:30:8c:ff:b1:96:
9f:a9:1f:ba:4c:cc:74:4c:25:f8:3c:15:75:e9:1b:
fe:26:e2:e1:6e:1e:59:54:79:e6:36:41:6f:a7:37:
28:e0:53:d8:df:b2:92:50:a9:9c:20:c2:d0:7d:03:
e6:0d:e1:60:29:38:8b:08:e0:be:c9:10:13:6c:de:
26:e5:bb:7e:4d:e6:c2:6f:83:f6:63:ba:c6:66:1b:
52:e5:dd:c4:4d:87:f6:d8:d2:d0:69:4f:12:73:81:
04:12:60:11:55:47:55:71:b7:14:b6:35:46:c5:5c:
d2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:7D:F5:2B:A0:1E:02:54:F1:B9:98:2C:58:2D:02:3F:A9:EA:80:2C
X509v3 Authority Key Identifier:
keyid:6C:E3:FB:86:78:61:DA:AF:D7:81:27:98:97:FE:25:A8:EB:37:14:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bOP7hnhh2q_XgSeYl_4lqOs3FGg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c3f995-86ef-4a67-acac-e4391fbcaf14/1/EH31K6AeAlTxuZgsWC0CP6nqgCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/c3f995-86ef-4a67-acac-e4391fbcaf14/1/bOP7hnhh2q_XgSeYl_4lqOs3FGg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.28.116.0/24
Signature Algorithm: sha256WithRSAEncryption
88:68:59:aa:df:d9:c5:1e:a3:20:29:42:16:46:e4:db:91:33:
d2:f5:cd:15:db:a5:cd:16:ba:94:50:44:61:e5:7b:56:13:f3:
46:25:19:de:ef:42:7c:f1:7f:c5:3e:8d:67:d9:53:c8:22:8f:
0f:52:58:a7:8f:88:76:50:ee:92:af:a0:9d:1d:af:13:95:2d:
34:4d:66:8f:e1:7f:91:cc:87:44:3f:6d:fa:85:17:bb:72:fc:
49:0c:d4:06:d5:43:f0:2c:c0:15:8a:8b:d9:ef:f2:8b:46:44:
b6:ec:ca:61:ad:d3:5e:73:95:bf:29:db:30:d1:0e:7f:fd:0d:
da:b0:60:c1:e7:97:a3:a4:7e:16:53:d7:cb:0a:3a:fa:ca:a8:
cd:8a:e9:9f:42:15:75:0c:3d:3e:23:49:a7:47:cd:84:db:17:
82:ca:0b:91:e4:1f:0d:8e:25:58:6a:3d:10:c9:d5:5f:e3:ef:
87:6d:a1:95:c8:e9:9f:67:f6:d8:c3:56:0c:87:9f:14:85:bb:
b0:eb:41:dd:75:8d:79:c4:60:e2:cc:19:e3:99:6e:4e:f1:dc:
e3:98:ed:81:59:c6:65:8e:10:e2:be:2b:c3:97:be:dd:42:f1:
bb:49:94:ba:bb:63:47:66:a0:6b:22:57:a0:eb:35:15:c8:05:
58:ae:04:22
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQi+1WDDcMjk1luSRxVWM2pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZTNmYjg2Nzg2MWRhYWZkNzgxMjc5ODk3ZmUyNWE4ZWIz
NzE0NjgwHhcNMjUwMTAxMTc0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDdkZjUyYmEwMWUwMjU0ZjFiOTk4MmM1ODJkMDIzZmE5ZWE4MDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqr3MOFQwYWAEdvJSjonP6EwrqO9G
qo7mPc4YPM43t+UbjW30UCJCTokf1HdozP52eyBcJWEL9o0F/9Hpf9wICih+KiDe
zv2U1JnNViy7bLvLmfjB2PPUuwktIjdzIx7laJBTbrL7ahYIs8c+TUKUATcVfoGg
+yWXGxcoxLo4g/XbAVmTlbdSotBVXbc3IiFgMIz/sZafqR+6TMx0TCX4PBV16Rv+
JuLhbh5ZVHnmNkFvpzco4FPY37KSUKmcIMLQfQPmDeFgKTiLCOC+yRATbN4m5bt+
TebCb4P2Y7rGZhtS5d3ETYf22NLQaU8Sc4EEEmARVUdVcbcUtjVGxVzSJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBB99SugHgJU8bmYLFgtAj+p6oAsMB8GA1UdIwQY
MBaAFGzj+4Z4Ydqv14EnmJf+JajrNxRoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk9QN2huaGgycV9YZ1NlWWxfNGxxT3MzRkdnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC9jM2Y5OTUtODZlZi00YTY3LWFjYWMt
ZTQzOTFmYmNhZjE0LzEvRUgzMUs2QWVBbFR4dVpnc1dDMENQNm5xZ0N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC9jM2Y5OTUtODZlZi00YTY3LWFjYWMtZTQzOTFmYmNhZjE0
LzEvYk9QN2huaGgycV9YZ1NlWWxfNGxxT3MzRkdnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRx0MA0G
CSqGSIb3DQEBCwUAA4IBAQCIaFmq39nFHqMgKUIWRuTbkTPS9c0V26XNFrqUUERh
5XtWE/NGJRne70J88X/FPo1n2VPIIo8PUlinj4h2UO6Sr6CdHa8TlS00TWaP4X+R
zIdEP236hRe7cvxJDNQG1UPwLMAViovZ7/KLRkS27MphrdNec5W/Kdsw0Q5//Q3a
sGDB55ejpH4WU9fLCjr6yqjNiumfQhV1DD0+I0mnR82E2xeCyguR5B8NjiVYaj0Q
ydVf4++HbaGVyOmfZ/bYw1YMh58Uhbuw60HddY15xGDizBnjmW5O8dzjmO2BWcZl
jhDivivDl77dQvG7SZS6u2NHZqBrIleg6zUVyAVYrgQi
-----END CERTIFICATE-----
Generated at Sun Feb 2 10:04:33 2025 by rpki-client