Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/e8rt5plcsa8ZEbSXisYTWqCqWVE.roa
File: e8rt5plcsa8ZEbSXisYTWqCqWVE.roa (raw, json)
Hash identifier: t0rWcb0Jopzs06ByDLdxefJafVVLmz00rHD8A8xbAjI=
Subject key identifier: 7B:CA:ED:E6:99:5C:B1:AF:19:11:B4:97:8A:C6:13:5A:A0:AA:59:51
Certificate issuer: /CN=dee72c8faecb7052c841201b25f6a018e477b1c2
Certificate serial: 0190D49607842161E25E29C35785FFEFB91B
Authority key identifier: DE:E7:2C:8F:AE:CB:70:52:C8:41:20:1B:25:F6:A0:18:E4:77:B1:C2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ucsj67LcFLIQSAbJfagGOR3scI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/e8rt5plcsa8ZEbSXisYTWqCqWVE.roa
Signing time: Sun 21 Jul 2024 09:18:40 +0000
ROA not before: Sun 21 Jul 2024 09:18:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47216
IP address blocks: 193.111.236.0/24 maxlen: 24
194.59.215.0/24 maxlen: 24
2a11:7bc0::/29 maxlen: 29
2a11:7bc0:b001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/3ucsj67LcFLIQSAbJfagGOR3scI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/3ucsj67LcFLIQSAbJfagGOR3scI.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ucsj67LcFLIQSAbJfagGOR3scI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d4:96:07:84:21:61:e2:5e:29:c3:57:85:ff:ef:b9:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dee72c8faecb7052c841201b25f6a018e477b1c2
Validity
Not Before: Jul 21 09:18:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bcaede6995cb1af1911b4978ac6135aa0aa5951
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:7d:5f:09:38:83:aa:04:59:9b:2d:99:e9:61:
27:66:53:eb:f2:07:38:f6:4e:b5:b7:a7:7f:8b:5e:
ab:16:90:04:9a:e1:f9:d4:c8:b9:b4:28:45:9d:16:
db:fe:23:30:56:d2:c5:a1:ef:35:19:2e:0d:b3:b2:
96:4c:ac:c0:24:36:bc:e9:20:22:c6:53:09:25:ef:
7a:23:e0:bb:9e:92:9d:6c:d7:0e:bd:2a:d4:f8:32:
06:2a:7b:c4:a0:35:5e:a6:2c:8e:da:63:09:37:63:
3d:07:10:43:86:4d:39:44:b3:01:4a:52:ae:e0:a9:
ed:d0:df:2a:58:9a:95:81:43:1d:2d:10:41:d3:5c:
1a:65:49:91:d8:ed:4a:51:e6:32:e2:51:b3:d4:5e:
f4:29:f6:7c:da:03:1d:66:63:43:46:a7:c7:f1:1e:
9e:09:b4:33:f7:c7:b1:ac:be:88:97:d7:8a:ef:22:
28:d2:1e:12:91:eb:b6:17:ee:6a:88:38:6e:9b:d1:
bc:f3:c8:3a:3d:33:1c:2c:91:cf:bf:0a:f9:14:ea:
66:ac:89:3d:0a:c5:6f:6d:b7:b6:27:ac:e4:78:eb:
c6:15:87:18:e2:66:36:3b:48:6f:96:aa:65:9d:8f:
f4:8c:7b:2e:b1:71:4d:c1:3e:d8:ec:af:b1:6c:3f:
50:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:CA:ED:E6:99:5C:B1:AF:19:11:B4:97:8A:C6:13:5A:A0:AA:59:51
X509v3 Authority Key Identifier:
keyid:DE:E7:2C:8F:AE:CB:70:52:C8:41:20:1B:25:F6:A0:18:E4:77:B1:C2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ucsj67LcFLIQSAbJfagGOR3scI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/e8rt5plcsa8ZEbSXisYTWqCqWVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/ef829a-acfc-4402-95ce-383fb2b954d9/1/3ucsj67LcFLIQSAbJfagGOR3scI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.111.236.0/24
194.59.215.0/24
IPv6:
2a11:7bc0::/29
Signature Algorithm: sha256WithRSAEncryption
99:03:8a:49:60:c9:f9:6b:d6:25:70:ee:67:16:cf:56:fa:5f:
a3:36:ee:09:dc:e2:c0:62:5a:fd:8f:41:46:c2:f3:75:e2:11:
c5:24:6f:d6:79:f0:29:9a:aa:d4:52:e4:0f:ec:ca:73:1b:8f:
b4:1e:42:a5:20:0e:3d:e0:7b:9f:2d:0a:f5:79:f5:d5:f5:5c:
c7:53:3d:2b:5f:7e:df:c8:17:11:8a:de:c6:ce:50:f8:83:8a:
89:0f:fd:e7:fe:c9:5c:8d:5c:59:57:fa:bd:28:2c:66:ed:e4:
61:f7:1b:0b:00:57:3d:5f:33:2b:0f:dd:1a:b9:fb:1e:bd:c6:
b5:97:c4:be:64:e9:cf:96:21:6f:e0:50:6d:5f:8f:65:d9:ff:
20:f1:d7:2c:75:f5:bd:2b:30:92:f0:be:fb:a0:16:27:f0:65:
eb:1b:fb:60:3b:b2:26:ea:67:b4:b2:43:9d:f6:2c:4a:6c:ca:
28:9e:0f:55:65:0d:b3:52:37:0f:78:9c:9e:46:9c:08:cf:71:
b6:1b:8e:3f:67:6f:eb:ce:92:b7:50:c3:8e:82:01:28:24:9e:
88:0b:78:9e:b8:30:61:a5:ed:fd:96:d2:1c:75:f5:7b:b4:58:
82:8e:c9:5d:aa:54:44:35:e2:27:a6:e7:66:2e:2d:df:a4:f9:
3e:5d:07:c5
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZDUlgeEIWHiXinDV4X/77kbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlZTcyYzhmYWVjYjcwNTJjODQxMjAxYjI1ZjZhMDE4ZTQ3
N2IxYzIwHhcNMjQwNzIxMDkxODQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmNhZWRlNjk5NWNiMWFmMTkxMWI0OTc4YWM2MTM1YWEwYWE1OTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzH1fCTiDqgRZmy2Z6WEnZlPr8gc4
9k61t6d/i16rFpAEmuH51Mi5tChFnRbb/iMwVtLFoe81GS4Ns7KWTKzAJDa86SAi
xlMJJe96I+C7npKdbNcOvSrU+DIGKnvEoDVepiyO2mMJN2M9BxBDhk05RLMBSlKu
4Knt0N8qWJqVgUMdLRBB01waZUmR2O1KUeYy4lGz1F70KfZ82gMdZmNDRqfH8R6e
CbQz98exrL6Il9eK7yIo0h4Skeu2F+5qiDhum9G888g6PTMcLJHPvwr5FOpmrIk9
CsVvbbe2J6zkeOvGFYcY4mY2O0hvlqplnY/0jHsusXFNwT7Y7K+xbD9QSwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHvK7eaZXLGvGRG0l4rGE1qgqllRMB8GA1UdIwQY
MBaAFN7nLI+uy3BSyEEgGyX2oBjkd7HCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3Vjc2o2N0xjRkxJUVNBYkpmYWdHT1Izc2NJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lZjgyOWEtYWNmYy00NDAyLTk1Y2Ut
MzgzZmIyYjk1NGQ5LzEvZThydDVwbGNzYThaRWJTWGlzWVRXcUNxV1ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lZjgyOWEtYWNmYy00NDAyLTk1Y2UtMzgzZmIyYjk1NGQ5
LzEvM3Vjc2o2N0xjRkxJUVNBYkpmYWdHT1Izc2NJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAwW/sAwQA
wjvXMA0EAgACMAcDBQMqEXvAMA0GCSqGSIb3DQEBCwUAA4IBAQCZA4pJYMn5a9Yl
cO5nFs9W+l+jNu4J3OLAYlr9j0FGwvN14hHFJG/WefApmqrUUuQP7MpzG4+0HkKl
IA494HufLQr1efXV9VzHUz0rX37fyBcRit7GzlD4g4qJD/3n/slcjVxZV/q9KCxm
7eRh9xsLAFc9XzMrD90aufsevca1l8S+ZOnPliFv4FBtX49l2f8g8dcsdfW9KzCS
8L77oBYn8GXrG/tgO7Im6me0skOd9ixKbMoong9VZQ2zUjcPeJyeRpwIz3G2G44/
Z2/rzpK3UMOOggEoJJ6IC3ieuDBhpe39ltIcdfV7tFiCjsldqlRENeInpudmLi3f
pPk+XQfF
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:39:53 2024 by rpki-client on console-fra.rpki-client.org