Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/evAefIT-5ivxFK3OeDxA8bVKH9U.roa
File: evAefIT-5ivxFK3OeDxA8bVKH9U.roa (raw, json)
Hash identifier: Fgt8jkjfjHQnlZsyZ1jAIW3gkRZkXtyt6wn/Yak8EBw=
Subject key identifier: 7A:F0:1E:7C:84:FE:E6:2B:F1:14:AD:CE:78:3C:40:F1:B5:4A:1F:D5
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 018CC424F641A85BE858815097A25207BCED
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/evAefIT-5ivxFK3OeDxA8bVKH9U.roa
Signing time: Mon 01 Jan 2024 08:30:05 +0000
ROA not before: Mon 01 Jan 2024 08:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209371
IP address blocks: 193.35.152.0/24 maxlen: 24
193.35.155.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
193.223.106.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
185.184.24.0/24 maxlen: 24
185.249.200.0/24 maxlen: 24
185.249.203.0/24 maxlen: 24
185.249.201.0/24 maxlen: 24
193.160.140.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 01 May 2024 18:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:f6:41:a8:5b:e8:58:81:50:97:a2:52:07:bc:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Jan 1 08:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7af01e7c84fee62bf114adce783c40f1b54a1fd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:28:5a:19:5c:ea:1b:cf:87:c4:ee:d7:38:81:
ab:34:f9:27:df:40:d2:e1:94:35:e0:0e:4d:af:1c:
7e:19:e8:e8:4c:ca:31:52:90:bf:71:91:a7:d2:d9:
e8:45:98:29:bf:65:8c:65:6a:d8:4f:47:78:df:1f:
61:a4:70:8c:cc:5e:6e:b4:41:72:d4:99:e4:d6:fa:
20:f0:17:f8:92:ab:48:42:8e:7a:b7:13:4f:2b:d8:
a2:d0:84:11:e9:07:3a:9c:9b:92:65:05:ce:a6:cb:
25:3c:d1:22:22:c9:0b:1f:c6:2d:75:ec:75:6c:d6:
8e:8b:1b:f0:b2:ad:df:88:21:ff:85:29:d1:0b:ee:
73:e7:e4:62:6a:1d:8c:28:2a:45:b5:0d:38:63:ef:
c0:c4:6d:02:62:89:db:7d:97:95:35:68:ee:40:36:
6e:dd:99:ba:c0:49:65:e7:6b:84:ac:3a:28:29:39:
16:60:bd:9a:71:4d:3a:81:4a:57:cb:95:da:60:f2:
cd:c2:d7:7d:0e:51:f2:0e:97:17:94:91:e6:db:4c:
14:41:9f:84:cf:df:8d:f2:9d:86:74:32:fa:7d:fe:
95:ea:d3:21:f0:82:cd:78:8a:bc:19:bd:54:cb:e7:
9a:84:68:0b:ba:e7:dd:7e:d8:f9:44:5a:ca:5a:25:
52:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:F0:1E:7C:84:FE:E6:2B:F1:14:AD:CE:78:3C:40:F1:B5:4A:1F:D5
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/evAefIT-5ivxFK3OeDxA8bVKH9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.88.175.0/24
185.184.24.0/24
185.243.181.0/24
185.249.200.0/23
185.249.203.0/24
193.35.152.0/24
193.35.155.0/24
193.160.140.0/24
193.223.106.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:72:a0:ee:09:2d:47:34:f3:a0:2e:6e:34:60:41:4d:c7:83:
14:ad:ab:5e:d3:34:1e:f4:72:74:c9:1a:b3:71:0e:2f:12:7e:
78:bf:73:d4:66:50:d1:3f:e0:0a:7a:e0:3e:23:03:c5:fe:17:
28:b0:be:84:ea:52:17:7b:2d:bc:24:3e:88:ab:05:6a:41:24:
8f:5f:7a:28:ea:d8:23:61:4d:35:76:e0:63:66:4c:8a:f6:9e:
d2:67:04:7e:32:e0:3a:80:77:c5:d3:d3:87:d9:2e:f0:98:4b:
39:fc:bb:0f:43:86:34:cb:c5:65:99:ee:b3:7c:76:32:70:19:
f6:c5:97:20:4a:a6:72:cd:51:29:66:fb:29:6b:9a:5d:65:05:
a2:54:b4:91:b5:51:8f:04:d6:75:dd:cb:b9:e1:81:2f:f3:e1:
73:b6:e8:b3:ac:29:02:af:f3:95:8c:f1:f4:b9:3a:47:4f:e9:
f7:83:bc:b4:30:be:12:57:1c:eb:aa:45:7e:4d:96:08:da:7a:
a3:ff:7c:d7:11:fb:45:a7:4a:90:63:8d:14:cc:5b:79:e8:fb:
88:dc:42:a4:6e:a0:21:6a:2b:58:b2:fb:e4:2f:38:e6:bc:fd:
b9:2a:3a:74:07:59:30:e1:d8:87:7b:7a:4f:2a:6b:86:e1:37:
e0:9f:09:2d
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAYzEJPZBqFvoWIFQl6JSB7ztMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjQwMTAxMDgzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWYwMWU3Yzg0ZmVlNjJiZjExNGFkY2U3ODNjNDBmMWI1NGExZmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoihaGVzqG8+HxO7XOIGrNPkn30DS
4ZQ14A5Nrxx+GejoTMoxUpC/cZGn0tnoRZgpv2WMZWrYT0d43x9hpHCMzF5utEFy
1Jnk1vog8Bf4kqtIQo56txNPK9ii0IQR6Qc6nJuSZQXOpsslPNEiIskLH8Ytdex1
bNaOixvwsq3fiCH/hSnRC+5z5+Riah2MKCpFtQ04Y+/AxG0CYonbfZeVNWjuQDZu
3Zm6wEll52uErDooKTkWYL2acU06gUpXy5XaYPLNwtd9DlHyDpcXlJHm20wUQZ+E
z9+N8p2GdDL6ff6V6tMh8ILNeIq8Gb1Uy+eahGgLuufdftj5RFrKWiVSsQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHrwHnyE/uYr8RStzng8QPG1Sh/VMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvZXZBZWZJVC01aXZ4RkszT2VEeEE4YlZLSDlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAuVivAwQA
ubgYAwQAufO1AwQBufnIAwQAufnLAwQAwSOYAwQAwSObAwQAwaCMAwQAwd9qMA0G
CSqGSIb3DQEBCwUAA4IBAQCicqDuCS1HNPOgLm40YEFNx4MUrate0zQe9HJ0yRqz
cQ4vEn54v3PUZlDRP+AKeuA+IwPF/hcosL6E6lIXey28JD6IqwVqQSSPX3oo6tgj
YU01duBjZkyK9p7SZwR+MuA6gHfF09OH2S7wmEs5/LsPQ4Y0y8Vlme6zfHYycBn2
xZcgSqZyzVEpZvspa5pdZQWiVLSRtVGPBNZ13cu54YEv8+FztuizrCkCr/OVjPH0
uTpHT+n3g7y0ML4SVxzrqkV+TZYI2nqj/3zXEftFp0qQY40UzFt56PuI3EKkbqAh
aitYsvvkLzjmvP25Kjp0B1kw4diHe3pPKmuG4Tfgnwkt
-----END CERTIFICATE-----
Generated at Wed May 1 03:43:15 2024 by rpki-client on console-fra.rpki-client.org