Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/EycxawVVHS5mGfUvRl1GYOvOFok.roa
File: EycxawVVHS5mGfUvRl1GYOvOFok.roa (raw, json)
Hash identifier: V8qmFacrsVVZZhXgaVlG5Y6ukyEwFBBVxLcUpI1atVs=
Subject key identifier: 13:27:31:6B:05:55:1D:2E:66:19:F5:2F:46:5D:46:60:EB:CE:16:89
Certificate issuer: /CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Certificate serial: 018CC8DE4B3930FA967346990C9A41EDC1DC
Authority key identifier: 1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/EycxawVVHS5mGfUvRl1GYOvOFok.roa
Signing time: Tue 02 Jan 2024 06:31:00 +0000
ROA not before: Tue 02 Jan 2024 06:31:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209372
IP address blocks: 194.113.238.0/24 maxlen: 24
194.113.239.0/24 maxlen: 24
185.221.196.0/23 maxlen: 24
185.238.88.0/22 maxlen: 24
45.80.228.0/22 maxlen: 24
185.246.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 04:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:4b:39:30:fa:96:73:46:99:0c:9a:41:ed:c1:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1e9fdc7fb39ebbbed4ee54f703d3ac6153ddee69
Validity
Not Before: Jan 2 06:31:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1327316b05551d2e6619f52f465d4660ebce1689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:98:63:d4:0c:80:e9:8b:63:ce:2f:68:59:7a:
f3:8b:0b:89:f3:de:c2:22:a0:80:96:24:cd:f9:c1:
d7:c0:3c:4c:d8:c1:4b:44:b1:e9:5d:bf:8b:d6:2c:
53:a4:85:e1:47:25:08:c9:3d:5e:37:0d:01:b4:da:
8f:91:61:75:77:ac:ef:48:12:24:05:24:ea:73:47:
c3:ee:37:ee:9b:1b:7e:f8:88:dd:cf:f9:08:e1:0d:
37:f1:c9:81:71:af:99:0b:0f:d5:78:50:0c:44:9e:
45:e5:6f:90:37:f4:27:50:50:e8:fd:f3:a9:b7:b8:
b6:9b:fb:d7:49:31:bf:8c:e0:5c:28:64:7c:1d:a1:
23:3b:40:60:6c:b9:8a:96:1d:b3:36:fa:64:9f:21:
89:f0:4d:95:93:e9:bb:f7:34:5a:36:0d:31:ed:77:
9b:4a:33:8c:46:fd:7a:64:e7:cb:34:e4:f8:12:46:
84:9f:3d:16:d7:b3:3a:71:65:5c:0a:bf:4b:8b:81:
cd:01:58:c0:01:51:bb:2e:bd:3e:58:fa:63:24:d8:
41:fd:1e:2b:ad:c9:8e:00:6a:f9:36:3e:44:9d:32:
ca:46:ef:c6:21:70:3e:d6:37:b5:84:cd:7c:07:a2:
1c:ee:84:84:52:74:df:c9:70:c4:77:5a:90:32:f0:
7b:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:27:31:6B:05:55:1D:2E:66:19:F5:2F:46:5D:46:60:EB:CE:16:89
X509v3 Authority Key Identifier:
keyid:1E:9F:DC:7F:B3:9E:BB:BE:D4:EE:54:F7:03:D3:AC:61:53:DD:EE:69
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/EycxawVVHS5mGfUvRl1GYOvOFok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/59/40fdd1-1092-4f69-b648-691ff5b44b01/1/Hp_cf7Oeu77U7lT3A9OsYVPd7mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.228.0/22
185.221.196.0/23
185.238.88.0/22
185.246.216.0/24
194.113.238.0/23
Signature Algorithm: sha256WithRSAEncryption
95:7b:e9:27:bf:5d:f6:56:2e:00:15:af:0b:0e:c1:71:c4:ca:
ce:a0:8e:d6:fa:ed:7f:dd:de:15:14:be:7b:1f:5a:19:95:98:
08:12:70:4f:bd:63:15:c7:b2:4f:66:f5:3c:b2:70:b7:65:a8:
50:30:0b:14:72:50:21:89:c6:a3:3f:9f:a9:f1:50:d5:20:d2:
35:5c:56:32:6b:1b:c0:06:73:1f:74:51:f7:95:37:73:1d:12:
aa:ab:ee:d4:04:91:81:a7:16:25:af:c8:57:d0:e4:77:49:48:
e4:9f:67:ff:48:4e:95:0b:74:85:72:0a:56:c4:f3:d6:1a:db:
30:da:44:23:cb:fb:b8:36:a6:56:ca:8d:39:69:ca:e5:60:95:
0e:8d:94:95:4e:04:e5:10:2a:a7:a7:df:36:87:ee:41:00:02:
9c:bb:12:de:63:f4:e2:b7:f0:1c:54:a8:cb:f6:67:27:87:da:
f7:86:85:5c:26:df:96:6a:6f:33:e8:77:21:24:38:e7:1b:08:
14:0e:b6:68:9a:96:90:4f:2e:44:c8:4c:e0:eb:d2:f8:69:08:
ac:7e:ab:22:98:f0:fd:63:5b:1f:db:aa:e0:f6:08:ba:16:69:
df:09:e3:58:ba:fd:99:28:a0:92:40:65:78:16:a7:d2:45:41:
c9:43:b7:f6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzI3ks5MPqWc0aZDJpB7cHcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlOWZkYzdmYjM5ZWJiYmVkNGVlNTRmNzAzZDNhYzYxNTNk
ZGVlNjkwHhcNMjQwMTAyMDYzMTAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzI3MzE2YjA1NTUxZDJlNjYxOWY1MmY0NjVkNDY2MGViY2UxNjg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhphj1AyA6Ytjzi9oWXrziwuJ897C
IqCAliTN+cHXwDxM2MFLRLHpXb+L1ixTpIXhRyUIyT1eNw0BtNqPkWF1d6zvSBIk
BSTqc0fD7jfumxt++Ijdz/kI4Q038cmBca+ZCw/VeFAMRJ5F5W+QN/QnUFDo/fOp
t7i2m/vXSTG/jOBcKGR8HaEjO0BgbLmKlh2zNvpknyGJ8E2Vk+m79zRaNg0x7Xeb
SjOMRv16ZOfLNOT4EkaEnz0W17M6cWVcCr9Li4HNAVjAAVG7Lr0+WPpjJNhB/R4r
rcmOAGr5Nj5EnTLKRu/GIXA+1je1hM18B6Ic7oSEUnTfyXDEd1qQMvB7NwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBMnMWsFVR0uZhn1L0ZdRmDrzhaJMB8GA1UdIwQY
MBaAFB6f3H+znru+1O5U9wPTrGFT3e5pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgt
NjkxZmY1YjQ0YjAxLzEvRXljeGF3VlZIUzVtR2ZVdlJsMUdZT3ZPRm9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OS80MGZkZDEtMTA5Mi00ZjY5LWI2NDgtNjkxZmY1YjQ0YjAx
LzEvSHBfY2Y3T2V1NzdVN2xUM0E5T3NZVlBkN21rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCLVDkAwQB
ud3EAwQCue5YAwQAufbYAwQBwnHuMA0GCSqGSIb3DQEBCwUAA4IBAQCVe+knv132
Vi4AFa8LDsFxxMrOoI7W+u1/3d4VFL57H1oZlZgIEnBPvWMVx7JPZvU8snC3ZahQ
MAsUclAhicajP5+p8VDVINI1XFYyaxvABnMfdFH3lTdzHRKqq+7UBJGBpxYlr8hX
0OR3SUjkn2f/SE6VC3SFcgpWxPPWGtsw2kQjy/u4NqZWyo05acrlYJUOjZSVTgTl
ECqnp982h+5BAAKcuxLeY/Tit/AcVKjL9mcnh9r3hoVcJt+Wam8z6HchJDjnGwgU
DrZompaQTy5EyEzg69L4aQisfqsimPD9Y1sf26rg9gi6FmnfCeNYuv2ZKKCSQGV4
FqfSRUHJQ7f2
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:46:16 2024 by rpki-client on console-fra.rpki-client.org