Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/EHCw315dQs8f9kK7SPutnkxrtTs.roa
File: EHCw315dQs8f9kK7SPutnkxrtTs.roa (raw, json)
Hash identifier: VKIPNKWpp5MhHKilmdkTIKxSbS37MhTA4EYQhFwBr4M=
Subject key identifier: 10:70:B0:DF:5E:5D:42:CF:1F:F6:42:BB:48:FB:AD:9E:4C:6B:B5:3B
Certificate issuer: /CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Certificate serial: 018CC2DB6792F4C268F771105A4B69DFA54A
Authority key identifier: 98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/EHCw315dQs8f9kK7SPutnkxrtTs.roa
Signing time: Mon 01 Jan 2024 02:30:07 +0000
ROA not before: Mon 01 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199627
IP address blocks: 185.9.20.0/24 maxlen: 24
2a03:42c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.mft
rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:67:92:f4:c2:68:f7:71:10:5a:4b:69:df:a5:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=985ae6c59c35e460387daebcfb866f8a1ebb3686
Validity
Not Before: Jan 1 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1070b0df5e5d42cf1ff642bb48fbad9e4c6bb53b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:87:0f:81:3a:34:25:37:fc:f1:0a:53:6a:8b:
3f:b4:27:d6:db:1f:e2:90:da:56:c6:c8:98:c6:55:
b2:36:da:c4:e3:d7:7f:3c:dc:d1:75:9f:d0:b8:1b:
7a:6a:60:74:04:9a:ac:fc:76:18:7c:9e:3a:28:c1:
0f:1f:ef:13:09:e4:dc:28:53:70:02:d0:61:61:54:
47:e0:6a:2b:10:56:ae:a9:6d:41:ed:b1:c7:9c:82:
34:08:f1:20:57:60:4e:48:38:b3:a5:3b:ed:7d:e3:
e9:80:9e:ea:1d:e1:4e:7b:47:5a:3e:4d:bd:20:ca:
78:7e:f3:cb:6a:5c:0d:11:fb:f7:85:0a:d9:6d:ad:
eb:e3:91:e6:d0:c7:cc:9a:57:b0:d8:54:de:08:0b:
4d:d2:f8:5c:8a:2a:db:49:ed:21:7f:39:6b:76:6e:
fb:65:22:cf:fb:2c:56:a0:af:48:1a:d5:cd:50:ba:
b2:24:5c:58:3d:07:44:c4:f8:7d:49:37:79:b1:6e:
8c:71:d6:a2:4c:2c:5e:10:72:a6:2d:6d:58:f2:24:
a0:1d:cd:f1:ef:9e:51:20:4b:e6:71:35:7e:fd:9b:
34:85:3b:68:d7:8d:d4:fd:26:1b:2f:c3:32:15:86:
da:8c:e0:8b:f1:2b:94:31:7e:8b:23:0c:aa:16:9e:
47:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:70:B0:DF:5E:5D:42:CF:1F:F6:42:BB:48:FB:AD:9E:4C:6B:B5:3B
X509v3 Authority Key Identifier:
keyid:98:5A:E6:C5:9C:35:E4:60:38:7D:AE:BC:FB:86:6F:8A:1E:BB:36:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFrmxZw15GA4fa68-4Zvih67NoY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/EHCw315dQs8f9kK7SPutnkxrtTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/8b906b-9c1d-45d9-86ba-c7fe62227df3/1/mFrmxZw15GA4fa68-4Zvih67NoY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.20.0/24
IPv6:
2a03:42c0::/32
Signature Algorithm: sha256WithRSAEncryption
2a:75:37:fd:10:99:42:05:23:e6:96:ff:73:4a:8f:0f:b5:4f:
e4:df:f8:7e:87:6c:79:8c:76:92:e8:d9:ba:b2:da:62:ab:45:
93:10:0d:5f:e6:d6:0a:b3:62:1a:07:99:8e:73:8e:e3:94:2b:
a3:5d:68:47:be:ac:c7:48:1a:b8:f1:52:87:fe:65:b0:df:7b:
4f:c4:cf:52:6c:ce:f3:70:be:a0:f0:0b:9b:87:cc:cd:5f:92:
26:47:9f:c9:fa:82:02:ab:b6:3f:83:e4:27:19:64:96:75:9e:
b1:0e:26:40:aa:4f:84:fd:75:fe:0c:7e:3c:dd:83:55:0e:2c:
8a:00:d3:cf:3f:d8:44:f9:b8:49:64:dd:32:f3:e8:6c:d2:96:
9e:9b:6f:97:90:d9:a5:9f:b3:56:8e:1e:67:ff:cc:a3:95:bf:
18:f4:4c:49:e1:f2:75:60:5d:8f:be:74:71:06:c1:5d:d1:50:
88:29:dd:ae:01:21:97:82:33:70:da:9c:25:aa:6a:01:ad:fa:
04:fd:ff:ca:da:2f:4d:04:6e:a5:87:ef:03:77:33:0d:23:6e:
9c:ba:35:6a:fc:ae:22:5f:fc:e0:85:7d:0b:af:ee:7c:da:19:
d5:88:16:0b:7a:20:35:4f:38:0a:49:45:7c:f8:49:5b:2b:79:
98:41:5d:74
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC22eS9MJo93EQWktp36VKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NWFlNmM1OWMzNWU0NjAzODdkYWViY2ZiODY2ZjhhMWVi
YjM2ODYwHhcNMjQwMTAxMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDcwYjBkZjVlNWQ0MmNmMWZmNjQyYmI0OGZiYWQ5ZTRjNmJiNTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYcPgTo0JTf88QpTaos/tCfW2x/i
kNpWxsiYxlWyNtrE49d/PNzRdZ/QuBt6amB0BJqs/HYYfJ46KMEPH+8TCeTcKFNw
AtBhYVRH4GorEFauqW1B7bHHnII0CPEgV2BOSDizpTvtfePpgJ7qHeFOe0daPk29
IMp4fvPLalwNEfv3hQrZba3r45Hm0MfMmlew2FTeCAtN0vhciirbSe0hfzlrdm77
ZSLP+yxWoK9IGtXNULqyJFxYPQdExPh9STd5sW6McdaiTCxeEHKmLW1Y8iSgHc3x
755RIEvmcTV+/Zs0hTto143U/SYbL8MyFYbajOCL8SuUMX6LIwyqFp5HjQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBBwsN9eXULPH/ZCu0j7rZ5Ma7U7MB8GA1UdIwQY
MBaAFJha5sWcNeRgOH2uvPuGb4oeuzaGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEt
YzdmZTYyMjI3ZGYzLzEvRUhDdzMxNWRRczhmOWtLN1NQdXRua3hydFRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84YjkwNmItOWMxZC00NWQ5LTg2YmEtYzdmZTYyMjI3ZGYz
LzEvbUZybXhadzE1R0E0ZmE2OC00WnZpaDY3Tm9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuQkUMA0E
AgACMAcDBQAqA0LAMA0GCSqGSIb3DQEBCwUAA4IBAQAqdTf9EJlCBSPmlv9zSo8P
tU/k3/h+h2x5jHaS6Nm6stpiq0WTEA1f5tYKs2IaB5mOc47jlCujXWhHvqzHSBq4
8VKH/mWw33tPxM9SbM7zcL6g8Aubh8zNX5ImR5/J+oICq7Y/g+QnGWSWdZ6xDiZA
qk+E/XX+DH483YNVDiyKANPPP9hE+bhJZN0y8+hs0paem2+XkNmln7NWjh5n/8yj
lb8Y9ExJ4fJ1YF2PvnRxBsFd0VCIKd2uASGXgjNw2pwlqmoBrfoE/f/K2i9NBG6l
h+8DdzMNI26cujVq/K4iX/zghX0Lr+582hnViBYLeiA1TzgKSUV8+ElbK3mYQV10
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:39:20 2024 by rpki-client on console-fra.rpki-client.org