Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/150282-c9e0-44e3-aa12-570aed58c194/1/e9EGyQLhUqjVQ6BG8_mU1KL6A7A.roa
File: e9EGyQLhUqjVQ6BG8_mU1KL6A7A.roa (raw, json)
Hash identifier: jP8pq1seuFSUlCZN84g8cWweLLMUl5jdlT0W3VB+uto=
Subject key identifier: 7B:D1:06:C9:02:E1:52:A8:D5:43:A0:46:F3:F9:94:D4:A2:FA:03:B0
Certificate issuer: /CN=aff35e383e9cd44a7249ac5d41b6dfadf4357b4f
Certificate serial: 018CC86FAD4BEBB83CA878A3AA9A9B2F9416
Authority key identifier: AF:F3:5E:38:3E:9C:D4:4A:72:49:AC:5D:41:B6:DF:AD:F4:35:7B:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r_NeOD6c1EpySaxdQbbfrfQ1e08.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/150282-c9e0-44e3-aa12-570aed58c194/1/e9EGyQLhUqjVQ6BG8_mU1KL6A7A.roa
Signing time: Tue 02 Jan 2024 04:30:11 +0000
ROA not before: Tue 02 Jan 2024 04:30:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44033
IP address blocks: 185.186.216.0/22 maxlen: 22
193.218.132.0/22 maxlen: 22
193.22.83.0/24 maxlen: 24
194.126.207.0/24 maxlen: 24
194.116.192.0/23 maxlen: 23
2001:67c:2118::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/150282-c9e0-44e3-aa12-570aed58c194/1/r_NeOD6c1EpySaxdQbbfrfQ1e08.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/150282-c9e0-44e3-aa12-570aed58c194/1/r_NeOD6c1EpySaxdQbbfrfQ1e08.mft
rsync://rpki.ripe.net/repository/DEFAULT/r_NeOD6c1EpySaxdQbbfrfQ1e08.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:ad:4b:eb:b8:3c:a8:78:a3:aa:9a:9b:2f:94:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aff35e383e9cd44a7249ac5d41b6dfadf4357b4f
Validity
Not Before: Jan 2 04:30:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7bd106c902e152a8d543a046f3f994d4a2fa03b0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:de:fc:44:48:11:8f:e2:db:81:a8:f2:e4:fc:
9f:a5:04:d8:00:e9:90:b0:4a:b9:09:5a:69:a5:22:
aa:79:b4:71:38:8a:07:07:27:04:b6:d8:84:f6:fc:
36:2d:75:61:39:a1:35:09:fe:53:e2:b3:16:3a:97:
26:e9:b9:de:85:1c:a5:b3:62:1c:cb:e6:1c:86:89:
9f:32:2d:74:d4:67:b9:9f:90:79:da:c2:b2:c9:be:
d2:0a:ae:86:bf:6c:4b:9f:b9:61:bd:f8:2c:c3:8e:
68:87:9b:44:4c:5a:b0:01:0d:1b:69:5d:56:62:55:
38:aa:a6:6c:e8:fe:23:c3:a6:2b:c1:dc:af:91:5e:
10:8e:28:e8:19:34:ab:c8:6f:a0:f1:29:d7:3b:bc:
b1:97:2d:26:8a:5b:57:cd:f5:a3:d3:18:e8:58:7b:
8c:ce:1c:de:3f:c9:28:00:5e:d3:4d:f8:6e:34:74:
4c:be:8a:c1:03:ec:24:d9:14:89:91:b4:23:d1:12:
cf:f9:a1:73:03:9b:4e:f8:80:61:86:27:10:ec:e9:
e1:7e:38:8b:86:cb:d3:11:61:4a:9f:14:ea:82:a7:
28:2a:56:78:3f:a7:26:ca:2b:25:d8:9c:32:43:eb:
4b:2b:55:40:a6:46:e2:3c:9a:47:c7:c9:09:80:6c:
4b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:D1:06:C9:02:E1:52:A8:D5:43:A0:46:F3:F9:94:D4:A2:FA:03:B0
X509v3 Authority Key Identifier:
keyid:AF:F3:5E:38:3E:9C:D4:4A:72:49:AC:5D:41:B6:DF:AD:F4:35:7B:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r_NeOD6c1EpySaxdQbbfrfQ1e08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/150282-c9e0-44e3-aa12-570aed58c194/1/e9EGyQLhUqjVQ6BG8_mU1KL6A7A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/150282-c9e0-44e3-aa12-570aed58c194/1/r_NeOD6c1EpySaxdQbbfrfQ1e08.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.186.216.0/22
193.22.83.0/24
193.218.132.0/22
194.116.192.0/23
194.126.207.0/24
IPv6:
2001:67c:2118::/48
Signature Algorithm: sha256WithRSAEncryption
4b:95:c8:60:c9:58:1d:c3:cd:38:bb:bd:c0:6f:15:4b:d0:de:
28:4f:76:f6:97:5c:be:5c:d1:48:8c:53:55:82:88:de:ac:fb:
d5:4c:75:12:fe:15:bb:d1:78:93:a7:22:2f:03:6e:4c:bf:59:
0e:e9:e8:dc:eb:d8:94:9b:22:23:11:a0:45:99:4e:53:34:1f:
f9:e2:bd:14:44:21:36:56:8f:cc:11:aa:b8:38:84:27:24:57:
08:d6:6e:31:ca:02:a2:2a:72:87:70:dc:7a:47:53:df:83:b2:
f9:57:d6:dc:46:dd:ef:3f:26:c8:36:1a:87:c5:8e:e5:6a:91:
95:8b:8b:9f:f8:4b:a6:45:9e:49:b9:7d:16:b6:32:ec:08:80:
f2:6c:65:13:9c:80:db:78:11:77:5f:8c:95:f2:05:30:8b:7c:
36:a6:4f:5f:10:6b:81:c9:d6:5a:22:40:2d:d2:57:f8:a6:5b:
3c:be:2d:5e:e6:29:4d:34:36:19:a9:57:fd:86:be:8f:ac:a3:
b0:47:6a:cd:5b:04:6e:6a:ff:e7:7f:95:63:4b:dc:ac:ef:69:
1f:39:c4:df:79:23:7c:57:ee:5a:81:78:ea:c8:ba:70:ac:71:
4e:07:7f:df:c9:cf:ba:f8:5c:6e:50:23:1f:78:ef:66:2b:ca:
c8:8d:53:d5
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzIb61L67g8qHijqpqbL5QWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmZjM1ZTM4M2U5Y2Q0NGE3MjQ5YWM1ZDQxYjZkZmFkZjQz
NTdiNGYwHhcNMjQwMTAyMDQzMDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmQxMDZjOTAyZTE1MmE4ZDU0M2EwNDZmM2Y5OTRkNGEyZmEwM2IwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjN78REgRj+Lbgajy5PyfpQTYAOmQ
sEq5CVpppSKqebRxOIoHBycEttiE9vw2LXVhOaE1Cf5T4rMWOpcm6bnehRyls2Ic
y+YchomfMi101Ge5n5B52sKyyb7SCq6Gv2xLn7lhvfgsw45oh5tETFqwAQ0baV1W
YlU4qqZs6P4jw6YrwdyvkV4QjijoGTSryG+g8SnXO7yxly0miltXzfWj0xjoWHuM
zhzeP8koAF7TTfhuNHRMvorBA+wk2RSJkbQj0RLP+aFzA5tO+IBhhicQ7OnhfjiL
hsvTEWFKnxTqgqcoKlZ4P6cmyisl2JwyQ+tLK1VApkbiPJpHx8kJgGxL8wIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFHvRBskC4VKo1UOgRvP5lNSi+gOwMB8GA1UdIwQY
MBaAFK/zXjg+nNRKckmsXUG23630NXtPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcl9OZU9ENmMxRXB5U2F4ZFFiYmZyZlExZTA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My8xNTAyODItYzllMC00NGUzLWFhMTIt
NTcwYWVkNThjMTk0LzEvZTlFR3lRTGhVcWpWUTZCRzhfbVUxS0w2QTdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My8xNTAyODItYzllMC00NGUzLWFhMTItNTcwYWVkNThjMTk0
LzEvcl9OZU9ENmMxRXB5U2F4ZFFiYmZyZlExZTA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQCubrYAwQA
wRZTAwQCwdqEAwQBwnTAAwQAwn7PMA8EAgACMAkDBwAgAQZ8IRgwDQYJKoZIhvcN
AQELBQADggEBAEuVyGDJWB3DzTi7vcBvFUvQ3ihPdvaXXL5c0UiMU1WCiN6s+9VM
dRL+FbvReJOnIi8Dbky/WQ7p6Nzr2JSbIiMRoEWZTlM0H/nivRREITZWj8wRqrg4
hCckVwjWbjHKAqIqcodw3HpHU9+DsvlX1txG3e8/Jsg2GofFjuVqkZWLi5/4S6ZF
nkm5fRa2MuwIgPJsZROcgNt4EXdfjJXyBTCLfDamT18Qa4HJ1loiQC3SV/imWzy+
LV7mKU00NhmpV/2Gvo+so7BHas1bBG5q/+d/lWNL3KzvaR85xN95I3xX7lqBeOrI
unCscU4Hf9/Jz7r4XG5QIx9472YrysiNU9U=
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:57:23 2024 by rpki-client on console-fra.rpki-client.org