Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/e6a02e-0146-44a6-9dfc-d4209fc7f3c9/1/E3kiTrEU66dVBxHFOYx5GdCWD3Q.roa
File: E3kiTrEU66dVBxHFOYx5GdCWD3Q.roa (raw, json)
Hash identifier: xU6RadsoGxLivExOqHnKqmc/DkEimy8zx5ugcZzXGxE=
Subject key identifier: 13:79:22:4E:B1:14:EB:A7:55:07:11:C5:39:8C:79:19:D0:96:0F:74
Certificate issuer: /CN=762c60af4d73725845ceaf0b7b585e7757066965
Certificate serial: 018CCEE4C4D370780FF9B5AFACE1BB1DBED8
Authority key identifier: 76:2C:60:AF:4D:73:72:58:45:CE:AF:0B:7B:58:5E:77:57:06:69:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dixgr01zclhFzq8Le1hed1cGaWU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/e6a02e-0146-44a6-9dfc-d4209fc7f3c9/1/E3kiTrEU66dVBxHFOYx5GdCWD3Q.roa
Signing time: Wed 03 Jan 2024 10:35:48 +0000
ROA not before: Wed 03 Jan 2024 10:35:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13044
IP address blocks: 91.240.82.0/24 maxlen: 24
91.240.83.0/24 maxlen: 24
91.240.80.0/24 maxlen: 24
91.240.81.0/24 maxlen: 24
194.246.89.0/24 maxlen: 24
194.246.90.0/24 maxlen: 24
194.246.91.0/24 maxlen: 24
194.246.88.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/e6a02e-0146-44a6-9dfc-d4209fc7f3c9/1/dixgr01zclhFzq8Le1hed1cGaWU.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/e6a02e-0146-44a6-9dfc-d4209fc7f3c9/1/dixgr01zclhFzq8Le1hed1cGaWU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dixgr01zclhFzq8Le1hed1cGaWU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 02:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:e4:c4:d3:70:78:0f:f9:b5:af:ac:e1:bb:1d:be:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=762c60af4d73725845ceaf0b7b585e7757066965
Validity
Not Before: Jan 3 10:35:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1379224eb114eba7550711c5398c7919d0960f74
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0b:0f:68:fd:59:23:77:ed:be:09:81:db:ef:
9d:9c:74:d7:51:32:7a:23:a5:70:f4:43:36:59:e5:
fc:bd:29:83:f5:9c:d0:8b:c6:49:db:30:67:c0:98:
4c:52:d7:ab:6e:68:31:3b:9a:4b:36:7b:b9:c6:1d:
2d:2c:a7:54:d3:4c:e2:c1:21:22:62:39:36:4d:3b:
64:b0:ab:56:c5:c1:1b:76:4f:56:db:ce:78:7f:10:
c0:d6:fe:b0:1b:8a:0d:25:e9:61:3a:ca:5e:df:19:
f1:b8:70:52:4d:d2:e1:bb:3f:85:98:8c:3d:b4:9f:
ac:51:d6:ee:18:74:32:2b:c5:e4:cb:86:82:24:83:
f7:d9:3c:74:75:67:92:c7:b8:f7:1b:48:aa:7a:c4:
9a:90:d6:46:a3:96:8e:da:2b:86:08:94:6f:a6:72:
ca:13:4a:a5:9f:d1:39:78:71:15:ae:90:0a:7b:90:
a5:b6:a4:cc:7a:42:0d:db:a8:a6:42:d2:c5:75:63:
a6:cb:58:03:91:8f:85:a4:38:56:a1:97:85:a6:0c:
dc:6b:8e:49:2c:4b:d3:2e:bc:1b:50:2e:b6:1f:cb:
3a:25:5c:fc:bf:12:34:3c:50:b3:f2:72:f8:d1:80:
f5:cf:f9:4d:bd:f2:a3:1d:35:a0:40:0b:8d:da:9f:
29:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:79:22:4E:B1:14:EB:A7:55:07:11:C5:39:8C:79:19:D0:96:0F:74
X509v3 Authority Key Identifier:
keyid:76:2C:60:AF:4D:73:72:58:45:CE:AF:0B:7B:58:5E:77:57:06:69:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dixgr01zclhFzq8Le1hed1cGaWU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/e6a02e-0146-44a6-9dfc-d4209fc7f3c9/1/E3kiTrEU66dVBxHFOYx5GdCWD3Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/e6a02e-0146-44a6-9dfc-d4209fc7f3c9/1/dixgr01zclhFzq8Le1hed1cGaWU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.80.0/22
194.246.88.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:fc:75:76:df:50:10:2e:45:59:70:bb:ad:fd:a4:a9:ef:87:
04:2a:75:8a:c9:a3:69:67:12:39:c0:c6:e5:d0:9d:0d:cc:28:
77:36:46:32:57:76:60:43:e9:84:d7:cf:34:33:ec:b5:01:93:
b2:08:f8:18:69:1e:a3:9f:ef:10:a6:84:db:70:48:14:fa:a9:
dd:f1:f5:0a:c0:6f:77:b1:43:7b:72:33:b7:06:e6:40:eb:54:
22:6a:b0:85:72:e4:26:c2:62:24:a0:a2:e3:eb:9c:c8:3a:40:
9f:7c:c2:fc:3e:e3:bd:4c:b5:00:2b:5b:16:1b:fd:cc:b2:cd:
e0:06:7d:23:ae:b8:1c:d4:a7:2f:3c:16:68:9a:d5:56:6e:75:
cc:53:44:42:cd:15:f2:d6:fe:88:69:78:80:f4:4d:0b:91:97:
61:c4:36:bb:19:17:24:93:ce:b8:b5:b6:7f:17:40:c3:1b:c9:
07:1e:9e:42:95:01:aa:f4:7c:95:fa:19:27:53:21:98:c5:71:
8e:e5:36:4c:26:3f:b6:7f:bc:66:f5:35:97:da:dd:33:fa:59:
1d:16:92:81:95:a5:9d:c1:41:65:6f:7c:4c:9a:5b:67:dd:ac:
1c:5d:df:0e:7d:6c:85:9d:7d:2d:10:a6:9d:1d:cb:8e:4e:cb:
9e:88:85:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzO5MTTcHgP+bWvrOG7Hb7YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MmM2MGFmNGQ3MzcyNTg0NWNlYWYwYjdiNTg1ZTc3NTcw
NjY5NjUwHhcNMjQwMTAzMTAzNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzc5MjI0ZWIxMTRlYmE3NTUwNzExYzUzOThjNzkxOWQwOTYwZjc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAigsPaP1ZI3ftvgmB2++dnHTXUTJ6
I6Vw9EM2WeX8vSmD9ZzQi8ZJ2zBnwJhMUterbmgxO5pLNnu5xh0tLKdU00ziwSEi
Yjk2TTtksKtWxcEbdk9W2854fxDA1v6wG4oNJelhOspe3xnxuHBSTdLhuz+FmIw9
tJ+sUdbuGHQyK8Xky4aCJIP32Tx0dWeSx7j3G0iqesSakNZGo5aO2iuGCJRvpnLK
E0qln9E5eHEVrpAKe5CltqTMekIN26imQtLFdWOmy1gDkY+FpDhWoZeFpgzca45J
LEvTLrwbUC62H8s6JVz8vxI0PFCz8nL40YD1z/lNvfKjHTWgQAuN2p8pkQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBN5Ik6xFOunVQcRxTmMeRnQlg90MB8GA1UdIwQY
MBaAFHYsYK9Nc3JYRc6vC3tYXndXBmllMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGl4Z3IwMXpjbGhGenE4TGUxaGVkMWNHYVdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9lNmEwMmUtMDE0Ni00NGE2LTlkZmMt
ZDQyMDlmYzdmM2M5LzEvRTNraVRyRVU2NmRWQnhIRk9ZeDVHZENXRDNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9lNmEwMmUtMDE0Ni00NGE2LTlkZmMtZDQyMDlmYzdmM2M5
LzEvZGl4Z3IwMXpjbGhGenE4TGUxaGVkMWNHYVdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW/BQAwQC
wvZYMA0GCSqGSIb3DQEBCwUAA4IBAQCn/HV231AQLkVZcLut/aSp74cEKnWKyaNp
ZxI5wMbl0J0NzCh3NkYyV3ZgQ+mE1880M+y1AZOyCPgYaR6jn+8QpoTbcEgU+qnd
8fUKwG93sUN7cjO3BuZA61QiarCFcuQmwmIkoKLj65zIOkCffML8PuO9TLUAK1sW
G/3Mss3gBn0jrrgc1KcvPBZomtVWbnXMU0RCzRXy1v6IaXiA9E0LkZdhxDa7GRck
k864tbZ/F0DDG8kHHp5ClQGq9HyV+hknUyGYxXGO5TZMJj+2f7xm9TWX2t0z+lkd
FpKBlaWdwUFlb3xMmltn3awcXd8OfWyFnX0tEKadHcuOTsueiIUa
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:30:14 2024 by rpki-client on console-fra.rpki-client.org