Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/9e57aa-8901-4bd8-8295-9c1a53580e39/1/ezgp3pt0gNcFS0wtctJhB2ybhmY.roa
File: ezgp3pt0gNcFS0wtctJhB2ybhmY.roa (raw, json)
Hash identifier: MzNVINZLb2LlxNfWLmmhF0X1PYN/6m/1kHcPQ2ID8+s=
Subject key identifier: 7B:38:29:DE:9B:74:80:D7:05:4B:4C:2D:72:D2:61:07:6C:9B:86:66
Certificate issuer: /CN=266e0c40e4e9370db99ad27a97298d7d05598f73
Certificate serial: 018CC26D1664063FAD7A22F4AB27F157FB40
Authority key identifier: 26:6E:0C:40:E4:E9:37:0D:B9:9A:D2:7A:97:29:8D:7D:05:59:8F:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jm4MQOTpNw25mtJ6lymNfQVZj3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/9e57aa-8901-4bd8-8295-9c1a53580e39/1/ezgp3pt0gNcFS0wtctJhB2ybhmY.roa
Signing time: Mon 01 Jan 2024 00:29:38 +0000
ROA not before: Mon 01 Jan 2024 00:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204324
IP address blocks: 185.252.41.0/24 maxlen: 24
185.252.40.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/9e57aa-8901-4bd8-8295-9c1a53580e39/1/Jm4MQOTpNw25mtJ6lymNfQVZj3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/9e57aa-8901-4bd8-8295-9c1a53580e39/1/Jm4MQOTpNw25mtJ6lymNfQVZj3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jm4MQOTpNw25mtJ6lymNfQVZj3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 10:03:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:16:64:06:3f:ad:7a:22:f4:ab:27:f1:57:fb:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=266e0c40e4e9370db99ad27a97298d7d05598f73
Validity
Not Before: Jan 1 00:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b3829de9b7480d7054b4c2d72d261076c9b8666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:13:59:2d:06:c2:3c:3e:95:68:59:49:31:a2:
7c:36:7c:99:6f:19:da:ba:ba:23:61:6d:ee:c6:25:
83:07:c9:de:0b:8e:c2:a6:66:69:26:35:86:20:04:
58:4f:d9:00:e0:63:2f:f7:f6:98:02:dc:43:58:ab:
e3:05:09:d7:2c:de:d9:02:11:cb:bb:da:24:de:2e:
8d:7c:49:bb:16:d7:4c:a2:82:69:d0:b2:48:aa:6f:
e2:ec:f3:67:1c:63:2f:ec:a7:57:3d:7b:86:9c:86:
60:4c:e6:a4:04:57:1f:4e:c9:49:4c:ac:41:28:58:
78:40:19:01:bb:07:d2:51:ef:60:08:88:40:2d:31:
d0:4d:db:28:a1:d3:e4:9b:f0:30:42:30:a3:3c:4f:
e2:13:b8:1b:e3:fc:13:2c:59:59:a1:28:eb:dc:21:
bd:19:07:74:a6:d7:c8:a3:56:cb:b8:df:43:c2:e6:
77:72:3a:21:52:b0:10:2f:58:d4:33:8e:90:04:9f:
78:d1:ce:da:2a:f3:47:2c:7f:28:9e:e1:fb:02:cc:
0a:90:cd:77:f9:a8:73:b6:a2:d4:db:7f:59:72:5a:
2d:14:b0:2b:72:a6:2a:18:78:6a:5c:88:21:ba:ca:
f7:f9:7d:b2:82:ad:89:07:68:fd:cc:6e:40:16:c8:
61:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:38:29:DE:9B:74:80:D7:05:4B:4C:2D:72:D2:61:07:6C:9B:86:66
X509v3 Authority Key Identifier:
keyid:26:6E:0C:40:E4:E9:37:0D:B9:9A:D2:7A:97:29:8D:7D:05:59:8F:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jm4MQOTpNw25mtJ6lymNfQVZj3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9e57aa-8901-4bd8-8295-9c1a53580e39/1/ezgp3pt0gNcFS0wtctJhB2ybhmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/9e57aa-8901-4bd8-8295-9c1a53580e39/1/Jm4MQOTpNw25mtJ6lymNfQVZj3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.252.40.0/23
Signature Algorithm: sha256WithRSAEncryption
9e:ae:dc:b6:8c:fa:31:0a:d6:7b:ed:e3:44:a1:3c:30:f8:57:
53:e6:b6:22:91:16:aa:d7:a3:70:4f:09:be:9b:b0:76:19:a3:
16:9a:3d:9c:9a:1c:c5:6d:2d:0b:ea:19:71:4d:ee:bd:dc:97:
bf:f8:7d:97:19:56:9e:a3:2c:01:45:0d:24:4e:ff:d3:c7:aa:
64:51:7c:2f:98:ca:67:27:19:72:13:86:70:24:e9:db:72:de:
01:7c:46:b5:db:23:fd:21:40:fe:f1:b4:5a:81:97:57:f0:3f:
a0:b2:50:cf:2e:eb:db:0a:ab:db:cf:f2:be:85:f3:fd:62:94:
c0:af:ce:e3:76:c0:f5:0a:52:cf:44:9d:53:17:71:cb:a6:a1:
25:cf:ce:3b:ae:65:ed:ba:19:75:00:06:10:50:fc:93:99:63:
1b:2b:2a:30:7c:dc:6a:d4:b3:7b:64:c0:06:6e:60:5f:86:cf:
3e:8a:5a:44:1e:31:11:f0:9a:08:5d:fa:c7:c3:1e:0c:55:74:
a8:99:b1:54:66:59:50:fe:80:58:af:f8:62:1d:5b:8c:df:13:
be:68:0e:b9:42:06:3f:5f:ab:b8:7d:1c:71:5e:55:1b:b3:75:
46:9b:2f:1c:81:49:14:0c:19:3c:52:85:6a:2e:d5:16:d4:f5:
12:ab:61:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbRZkBj+teiL0qyfxV/tAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NmUwYzQwZTRlOTM3MGRiOTlhZDI3YTk3Mjk4ZDdkMDU1
OThmNzMwHhcNMjQwMTAxMDAyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjM4MjlkZTliNzQ4MGQ3MDU0YjRjMmQ3MmQyNjEwNzZjOWI4NjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxNZLQbCPD6VaFlJMaJ8NnyZbxna
urojYW3uxiWDB8neC47CpmZpJjWGIARYT9kA4GMv9/aYAtxDWKvjBQnXLN7ZAhHL
u9ok3i6NfEm7FtdMooJp0LJIqm/i7PNnHGMv7KdXPXuGnIZgTOakBFcfTslJTKxB
KFh4QBkBuwfSUe9gCIhALTHQTdsoodPkm/AwQjCjPE/iE7gb4/wTLFlZoSjr3CG9
GQd0ptfIo1bLuN9DwuZ3cjohUrAQL1jUM46QBJ940c7aKvNHLH8onuH7AswKkM13
+ahztqLU239ZclotFLArcqYqGHhqXIghusr3+X2ygq2JB2j9zG5AFshh/wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHs4Kd6bdIDXBUtMLXLSYQdsm4ZmMB8GA1UdIwQY
MBaAFCZuDEDk6TcNuZrSepcpjX0FWY9zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm00TVFPVHBOdzI1bXRKNmx5bU5mUVZaajNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC85ZTU3YWEtODkwMS00YmQ4LTgyOTUt
OWMxYTUzNTgwZTM5LzEvZXpncDNwdDBnTmNGUzB3dGN0SmhCMnliaG1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC85ZTU3YWEtODkwMS00YmQ4LTgyOTUtOWMxYTUzNTgwZTM5
LzEvSm00TVFPVHBOdzI1bXRKNmx5bU5mUVZaajNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBufwoMA0G
CSqGSIb3DQEBCwUAA4IBAQCerty2jPoxCtZ77eNEoTww+FdT5rYikRaq16NwTwm+
m7B2GaMWmj2cmhzFbS0L6hlxTe693Je/+H2XGVaeoywBRQ0kTv/Tx6pkUXwvmMpn
JxlyE4ZwJOnbct4BfEa12yP9IUD+8bRagZdX8D+gslDPLuvbCqvbz/K+hfP9YpTA
r87jdsD1ClLPRJ1TF3HLpqElz847rmXtuhl1AAYQUPyTmWMbKyowfNxq1LN7ZMAG
bmBfhs8+ilpEHjER8JoIXfrHwx4MVXSombFUZllQ/oBYr/hiHVuM3xO+aA65QgY/
X6u4fRxxXlUbs3VGmy8cgUkUDBk8UoVqLtUW1PUSq2HX
-----END CERTIFICATE-----
Generated at Sun Jun 2 14:55:14 2024 by rpki-client on console-fra.rpki-client.org