Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/6b169d-7f1f-4214-a25b-8c498077578f/1/Eho67qyLyk0Un50bzwF3LwrwlUg.roa
File: Eho67qyLyk0Un50bzwF3LwrwlUg.roa (raw, json)
Hash identifier: ZU3wT1Kc11x7b3C14TSWWog1KU7wRCU0L2MDDGZwmJY=
Subject key identifier: 12:1A:3A:EE:AC:8B:CA:4D:14:9F:9D:1B:CF:01:77:2F:0A:F0:95:48
Certificate issuer: /CN=d7ca53ae8442236757a78066e4e21733f758407a
Certificate serial: 018CC7955DF16A2E238B838BC6B7F1FA7B04
Authority key identifier: D7:CA:53:AE:84:42:23:67:57:A7:80:66:E4:E2:17:33:F7:58:40:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/18pTroRCI2dXp4Bm5OIXM_dYQHo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/6b169d-7f1f-4214-a25b-8c498077578f/1/Eho67qyLyk0Un50bzwF3LwrwlUg.roa
Signing time: Tue 02 Jan 2024 00:31:44 +0000
ROA not before: Tue 02 Jan 2024 00:31:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211941
IP address blocks: 185.197.237.0/24 maxlen: 24
185.197.236.0/24 maxlen: 24
185.197.236.0/22 maxlen: 24
2a0a:7fc0:4::/46 maxlen: 46
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/6b169d-7f1f-4214-a25b-8c498077578f/1/18pTroRCI2dXp4Bm5OIXM_dYQHo.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/6b169d-7f1f-4214-a25b-8c498077578f/1/18pTroRCI2dXp4Bm5OIXM_dYQHo.mft
rsync://rpki.ripe.net/repository/DEFAULT/18pTroRCI2dXp4Bm5OIXM_dYQHo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 07:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:5d:f1:6a:2e:23:8b:83:8b:c6:b7:f1:fa:7b:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7ca53ae8442236757a78066e4e21733f758407a
Validity
Not Before: Jan 2 00:31:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=121a3aeeac8bca4d149f9d1bcf01772f0af09548
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:b1:ff:77:b6:4f:f3:c5:16:c9:02:82:11:39:
bc:e3:4a:11:59:4c:d2:31:9d:c1:0d:91:88:03:32:
f8:08:cf:3e:8f:ca:b0:17:28:88:ba:df:3e:1a:ed:
1b:c0:a6:17:b3:33:89:25:2a:9b:b4:d6:8b:e2:f5:
94:73:e1:7e:d0:fb:dd:41:75:d3:c9:74:f2:0b:4c:
58:8d:fb:cc:62:6a:87:ed:33:a4:44:68:04:c0:7e:
85:49:0e:bc:bd:64:12:f3:9a:4b:3b:7f:e3:a6:10:
88:1b:fa:9d:c5:2a:07:90:e7:1a:b5:e8:e4:5a:af:
2a:9e:7d:01:83:e8:f6:66:5c:49:2c:48:cf:32:ea:
5f:53:0e:24:75:e7:d0:9f:ad:a0:c7:ba:36:cc:ad:
d9:f8:cf:d4:1e:0e:63:1c:d2:cc:f0:06:fe:96:f0:
a0:6e:3e:27:1c:30:e1:aa:41:8b:44:af:30:89:26:
d7:b0:d9:48:ae:37:7e:90:44:ba:9f:d9:40:2c:46:
c2:ea:61:55:cf:6e:5b:9b:3d:88:8b:f9:c6:4d:dc:
64:95:c3:7b:16:6c:73:37:74:6d:53:4e:98:4f:f7:
db:1f:17:bb:68:42:33:f1:9f:bb:ef:78:4d:ed:b4:
93:8c:76:39:69:dd:fc:e0:71:7d:6c:cb:9f:6a:29:
39:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:1A:3A:EE:AC:8B:CA:4D:14:9F:9D:1B:CF:01:77:2F:0A:F0:95:48
X509v3 Authority Key Identifier:
keyid:D7:CA:53:AE:84:42:23:67:57:A7:80:66:E4:E2:17:33:F7:58:40:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/18pTroRCI2dXp4Bm5OIXM_dYQHo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/6b169d-7f1f-4214-a25b-8c498077578f/1/Eho67qyLyk0Un50bzwF3LwrwlUg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/6b169d-7f1f-4214-a25b-8c498077578f/1/18pTroRCI2dXp4Bm5OIXM_dYQHo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.197.236.0/22
IPv6:
2a0a:7fc0:4::/46
Signature Algorithm: sha256WithRSAEncryption
33:dd:e5:53:d7:ce:83:8a:1f:5e:bb:24:05:62:e2:89:da:c4:
bc:30:f2:33:a5:7c:09:38:c8:0a:b2:d2:bb:37:9a:11:7a:5c:
b4:8e:fe:53:53:87:76:b8:19:1c:c3:9c:49:93:cd:26:1c:82:
cc:e0:00:84:16:67:cc:1c:72:50:fa:b6:a9:01:f7:d3:8b:6e:
ac:a0:87:13:1d:85:18:57:22:98:b1:51:f6:12:15:46:43:bb:
3e:e0:53:a8:67:57:d0:fa:40:da:59:a8:da:80:7d:b3:17:4d:
a7:bc:d4:22:23:14:b2:c6:17:ae:22:1f:44:c5:97:fe:ed:23:
da:80:84:e7:ba:21:d1:62:24:b1:08:33:f9:fd:d5:f1:f2:a1:
35:f4:72:a6:0e:dc:c0:28:f4:36:a9:8b:14:43:b5:b2:c5:4d:
3d:1b:90:16:e4:0f:f7:72:a2:db:21:9c:2f:e9:9c:cc:c8:3d:
75:a5:ce:5b:a6:dd:6a:c1:d3:16:3a:89:f3:11:a8:12:c1:83:
c4:09:f5:a1:65:8e:ca:9c:b2:0f:86:79:79:88:57:6b:04:2c:
4e:dc:41:b7:6b:3f:79:8a:fd:1f:c9:08:43:4f:da:5b:21:56:
c4:07:23:50:59:a8:f5:a9:ee:14:1e:37:56:cb:a3:5b:ac:c5:
a6:68:15:89
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzHlV3xai4ji4OLxrfx+nsEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3Y2E1M2FlODQ0MjIzNjc1N2E3ODA2NmU0ZTIxNzMzZjc1
ODQwN2EwHhcNMjQwMTAyMDAzMTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjFhM2FlZWFjOGJjYTRkMTQ5ZjlkMWJjZjAxNzcyZjBhZjA5NTQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlrH/d7ZP88UWyQKCETm840oRWUzS
MZ3BDZGIAzL4CM8+j8qwFyiIut8+Gu0bwKYXszOJJSqbtNaL4vWUc+F+0PvdQXXT
yXTyC0xYjfvMYmqH7TOkRGgEwH6FSQ68vWQS85pLO3/jphCIG/qdxSoHkOcatejk
Wq8qnn0Bg+j2ZlxJLEjPMupfUw4kdefQn62gx7o2zK3Z+M/UHg5jHNLM8Ab+lvCg
bj4nHDDhqkGLRK8wiSbXsNlIrjd+kES6n9lALEbC6mFVz25bmz2Ii/nGTdxklcN7
FmxzN3RtU06YT/fbHxe7aEIz8Z+773hN7bSTjHY5ad384HF9bMufaik5bwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFBIaOu6si8pNFJ+dG88Bdy8K8JVIMB8GA1UdIwQY
MBaAFNfKU66EQiNnV6eAZuTiFzP3WEB6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMThwVHJvUkNJMmRYcDRCbTVPSVhNX2RZUUhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS82YjE2OWQtN2YxZi00MjE0LWEyNWIt
OGM0OTgwNzc1NzhmLzEvRWhvNjdxeUx5azBVbjUwYnp3RjNMd3J3bFVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS82YjE2OWQtN2YxZi00MjE0LWEyNWItOGM0OTgwNzc1Nzhm
LzEvMThwVHJvUkNJMmRYcDRCbTVPSVhNX2RZUUhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCucXsMA8E
AgACMAkDBwIqCn/AAAQwDQYJKoZIhvcNAQELBQADggEBADPd5VPXzoOKH167JAVi
4onaxLww8jOlfAk4yAqy0rs3mhF6XLSO/lNTh3a4GRzDnEmTzSYcgszgAIQWZ8wc
clD6tqkB99OLbqyghxMdhRhXIpixUfYSFUZDuz7gU6hnV9D6QNpZqNqAfbMXTae8
1CIjFLLGF64iH0TFl/7tI9qAhOe6IdFiJLEIM/n91fHyoTX0cqYO3MAo9DapixRD
tbLFTT0bkBbkD/dyotshnC/pnMzIPXWlzlum3WrB0xY6ifMRqBLBg8QJ9aFljsqc
sg+GeXmIV2sELE7cQbdrP3mK/R/JCENP2lshVsQHI1BZqPWp7hQeN1bLo1usxaZo
FYk=
-----END CERTIFICATE-----
Generated at Tue Jun 18 11:21:58 2024 by rpki-client on console-ams.rpki-client.org