Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/esbx-vbqSIJ3h9n5otBRbgpW6HM.roa
File: esbx-vbqSIJ3h9n5otBRbgpW6HM.roa (raw, json)
Hash identifier: ML5nokz/6aBa/N4kALbXJqMfk7SLetlu0rG42WxSMOY=
Subject key identifier: 7A:C6:F1:FA:F6:EA:48:82:77:87:D9:F9:A2:D0:51:6E:0A:56:E8:73
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 018F330A51D15DAC9E76BC9C8DBCD6570BBF
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/esbx-vbqSIJ3h9n5otBRbgpW6HM.roa
Signing time: Wed 01 May 2024 07:24:25 +0000
ROA not before: Wed 01 May 2024 07:24:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207106
IP address blocks: 147.234.8.0/21 maxlen: 24
147.234.10.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 17:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:33:0a:51:d1:5d:ac:9e:76:bc:9c:8d:bc:d6:57:0b:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: May 1 07:24:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ac6f1faf6ea48827787d9f9a2d0516e0a56e873
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e7:3b:5d:64:27:ea:2e:a9:2e:15:cb:a0:b4:
84:c2:54:51:05:7d:a7:b8:bc:ad:e8:de:5c:08:37:
d6:22:4c:9a:00:ed:9e:3d:a7:df:5d:cd:93:52:47:
fb:39:10:9b:3b:d8:d1:79:76:2d:81:0a:9f:02:27:
64:72:44:2b:db:ed:fe:4b:3e:c3:66:51:5d:04:e8:
a5:62:2e:71:34:d4:9c:d9:28:2c:1e:38:bd:fd:d1:
fd:5b:aa:0c:cc:8b:0d:cc:86:65:0e:72:e6:e4:62:
b1:11:60:60:f1:a0:92:ed:13:21:8a:f1:21:7e:31:
02:f8:39:a0:bb:3d:20:27:73:0e:e8:e8:9d:6d:52:
b0:a6:49:e9:6d:8e:64:0b:06:81:c7:b3:8b:59:49:
d9:db:54:db:65:84:ca:7b:6d:dc:6c:06:0a:ac:8e:
a8:6f:be:22:2a:28:b2:57:8b:51:a9:61:1d:cd:95:
36:38:fc:ce:ee:18:48:c7:80:01:34:c4:90:f1:82:
9a:ba:9b:76:22:86:dc:f9:21:a8:63:67:f1:b8:03:
d2:12:de:5e:70:38:85:ac:25:37:cb:b0:52:29:fe:
35:bc:3d:3c:48:69:2a:e2:e9:03:e7:82:c4:d4:54:
7f:69:40:10:6c:f4:e0:b2:9c:05:55:75:d6:fe:4a:
38:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:C6:F1:FA:F6:EA:48:82:77:87:D9:F9:A2:D0:51:6E:0A:56:E8:73
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/esbx-vbqSIJ3h9n5otBRbgpW6HM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.234.8.0/21
Signature Algorithm: sha256WithRSAEncryption
63:7a:f6:28:8d:f9:b1:4a:ca:3b:36:2a:31:fa:a4:b3:65:66:
27:b5:58:d3:d7:87:13:1e:94:d6:d5:8f:bc:39:5c:52:0d:89:
e7:61:ab:25:e5:f4:05:3e:86:35:85:b8:34:47:89:0f:dc:e9:
80:a9:7c:36:e2:cd:02:2f:29:fc:64:60:33:64:23:7b:88:9b:
2c:aa:d5:3c:42:71:ee:67:57:34:a5:8f:d5:30:65:4c:fa:58:
c3:8b:1d:12:e3:57:be:f3:37:b3:47:07:c4:b7:97:f8:93:65:
87:15:16:a8:25:de:86:9a:52:a7:f4:6a:dc:e9:e8:d0:47:eb:
87:95:4d:1f:bb:1a:74:72:41:7e:e2:5b:14:48:c8:39:0b:a4:
f0:7b:4f:e9:6e:a2:5a:0b:89:92:eb:64:e0:b7:d3:b5:4e:09:
3a:36:25:83:bb:71:4f:dd:56:b3:60:ed:9b:52:66:71:fb:2f:
3b:0a:e5:db:24:34:4e:1c:f8:2c:1e:6f:39:f9:68:4c:ef:8f:
6b:b0:76:4d:ce:ba:06:75:1c:3a:50:88:d2:8f:74:d7:6f:f7:
64:49:f6:15:f8:72:dd:1e:4a:31:a7:4f:ad:64:70:15:de:6d:
08:d9:09:b4:d5:c4:83:9e:68:66:2a:ee:97:4b:3b:90:b3:03:
f3:ea:a3:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY8zClHRXayedrycjbzWVwu/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjQwNTAxMDcyNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWM2ZjFmYWY2ZWE0ODgyNzc4N2Q5ZjlhMmQwNTE2ZTBhNTZlODczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlec7XWQn6i6pLhXLoLSEwlRRBX2n
uLyt6N5cCDfWIkyaAO2ePaffXc2TUkf7ORCbO9jReXYtgQqfAidkckQr2+3+Sz7D
ZlFdBOilYi5xNNSc2SgsHji9/dH9W6oMzIsNzIZlDnLm5GKxEWBg8aCS7RMhivEh
fjEC+Dmguz0gJ3MO6OidbVKwpknpbY5kCwaBx7OLWUnZ21TbZYTKe23cbAYKrI6o
b74iKiiyV4tRqWEdzZU2OPzO7hhIx4ABNMSQ8YKaupt2Iobc+SGoY2fxuAPSEt5e
cDiFrCU3y7BSKf41vD08SGkq4ukD54LE1FR/aUAQbPTgspwFVXXW/ko4gQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHrG8fr26kiCd4fZ+aLQUW4KVuhzMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvZXNieC12YnFTSUozaDluNW90QlJiZ3BXNkhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDk+oIMA0G
CSqGSIb3DQEBCwUAA4IBAQBjevYojfmxSso7Niox+qSzZWYntVjT14cTHpTW1Y+8
OVxSDYnnYasl5fQFPoY1hbg0R4kP3OmAqXw24s0CLyn8ZGAzZCN7iJssqtU8QnHu
Z1c0pY/VMGVM+ljDix0S41e+8zezRwfEt5f4k2WHFRaoJd6GmlKn9Grc6ejQR+uH
lU0fuxp0ckF+4lsUSMg5C6Twe0/pbqJaC4mS62Tgt9O1Tgk6NiWDu3FP3VazYO2b
UmZx+y87CuXbJDROHPgsHm85+WhM749rsHZNzroGdRw6UIjSj3TXb/dkSfYV+HLd
Hkoxp0+tZHAV3m0I2Qm01cSDnmhmKu6XSzuQswPz6qP3
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:19:51 2024 by rpki-client on console-ams.rpki-client.org