Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/CEKDk2DSJ1RiYEEupBDW_jJsdcI.roa
File: CEKDk2DSJ1RiYEEupBDW_jJsdcI.roa (raw, json)
Hash identifier: w0o4OYX25wyFGMYwtjveegKftZMZqyfyZrwifoaqaXQ=
Subject key identifier: 08:42:83:93:60:D2:27:54:62:60:41:2E:A4:10:D6:FE:32:6C:75:C2
Certificate issuer: /CN=dd0b663c45d7bc2724d168485087581e14448fb6
Certificate serial: 018CC801B180E3D4C01501324EC0E34A78AC
Authority key identifier: DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/CEKDk2DSJ1RiYEEupBDW_jJsdcI.roa
Signing time: Tue 02 Jan 2024 02:30:02 +0000
ROA not before: Tue 02 Jan 2024 02:30:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24634
IP address blocks: 82.112.160.0/21 maxlen: 24
193.227.160.0/19 maxlen: 24
37.209.248.0/21 maxlen: 24
213.175.160.0/19 maxlen: 24
185.124.212.0/22 maxlen: 24
2a06:b540::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/3QtmPEXXvCck0WhIUIdYHhREj7Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/3QtmPEXXvCck0WhIUIdYHhREj7Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:b1:80:e3:d4:c0:15:01:32:4e:c0:e3:4a:78:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd0b663c45d7bc2724d168485087581e14448fb6
Validity
Not Before: Jan 2 02:30:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0842839360d227546260412ea410d6fe326c75c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ff:16:c8:94:cd:63:64:d8:e9:a0:9b:5b:a0:
0a:c5:ca:70:97:a7:08:cf:34:46:3d:1f:a7:85:d0:
b0:6c:b7:cc:a7:85:b9:98:8e:f6:1f:58:78:64:36:
24:06:1d:dd:31:47:46:92:6b:7a:2c:8d:4c:23:33:
65:16:72:73:ec:e5:68:27:d5:e3:2d:d1:31:e9:a7:
4d:61:38:6d:71:29:e0:0a:33:36:c9:eb:49:df:7a:
56:36:9e:75:8b:46:2f:f8:dc:c9:fa:07:b5:8c:d0:
61:9b:9c:25:7e:e5:35:ea:50:1d:3a:a6:f0:4f:c9:
99:66:7a:97:6c:52:a5:6d:f3:d3:b3:a4:ba:f7:7d:
74:a3:62:8a:e1:f5:18:9c:87:4b:90:dd:83:df:24:
ff:12:5b:36:89:2c:42:48:ca:ed:b4:65:31:2e:f2:
fe:0b:78:4f:c6:74:a4:57:39:49:00:4a:0f:be:4e:
06:06:22:8b:c0:e0:eb:b4:21:09:b4:eb:ac:24:22:
7f:11:40:c1:dd:01:46:8c:00:46:47:c2:cf:6f:84:
31:c3:da:d2:11:86:28:ed:57:a4:15:0a:ec:7c:72:
d7:64:b1:a8:58:e3:d4:74:d8:18:e6:b9:2a:d0:ee:
fb:8f:22:7b:0b:ab:fe:4e:61:15:74:ff:c0:4c:0d:
91:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:42:83:93:60:D2:27:54:62:60:41:2E:A4:10:D6:FE:32:6C:75:C2
X509v3 Authority Key Identifier:
keyid:DD:0B:66:3C:45:D7:BC:27:24:D1:68:48:50:87:58:1E:14:44:8F:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3QtmPEXXvCck0WhIUIdYHhREj7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/CEKDk2DSJ1RiYEEupBDW_jJsdcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/edc238-4c0a-46ed-bc24-3b9e3c8a2fca/1/3QtmPEXXvCck0WhIUIdYHhREj7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.209.248.0/21
82.112.160.0/21
185.124.212.0/22
193.227.160.0/19
213.175.160.0/19
IPv6:
2a06:b540::/29
Signature Algorithm: sha256WithRSAEncryption
55:8c:3d:99:13:80:56:61:55:a0:41:b3:88:a7:5c:45:bf:ab:
f3:c4:ca:eb:a7:bf:64:d1:1d:88:b7:a4:39:dc:d7:dc:ff:50:
18:f6:40:5d:70:fd:56:08:3b:1e:3c:6a:a2:5c:d1:85:ec:07:
ae:a8:da:23:c1:74:7b:05:1e:d6:c8:8d:5f:28:d3:cb:1d:e4:
4d:97:52:22:a1:1c:f9:60:84:c7:b9:12:4f:8b:e8:bc:47:c4:
fe:67:dd:da:6e:cd:e6:ad:a0:56:e8:0b:7b:1f:53:94:de:d4:
55:ca:21:2b:13:2d:7d:0d:3c:bd:80:07:14:19:df:04:f8:4c:
21:f7:30:fd:eb:62:8b:18:82:71:63:30:5b:a6:2d:f7:c8:6a:
5e:0c:5b:84:cc:4c:d4:30:81:64:50:7d:1d:33:37:3a:48:2f:
cb:69:35:e6:20:b4:d8:12:6a:93:ec:91:ed:4e:ac:10:de:8f:
b7:a1:5e:95:bd:d9:76:97:68:cc:7e:a1:3d:f5:ef:b1:5b:43:
c7:14:20:d2:b5:f3:96:ad:88:59:11:f5:0c:54:06:08:06:27:
7c:fb:b3:05:10:08:d4:ae:a9:97:4f:e4:2b:1b:4c:52:1c:78:
3a:3f:1c:94:fd:57:63:01:25:7b:bd:42:f8:79:64:54:65:38:
5d:4e:99:45
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzIAbGA49TAFQEyTsDjSnisMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkMGI2NjNjNDVkN2JjMjcyNGQxNjg0ODUwODc1ODFlMTQ0
NDhmYjYwHhcNMjQwMTAyMDIzMDAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODQyODM5MzYwZDIyNzU0NjI2MDQxMmVhNDEwZDZmZTMyNmM3NWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjP8WyJTNY2TY6aCbW6AKxcpwl6cI
zzRGPR+nhdCwbLfMp4W5mI72H1h4ZDYkBh3dMUdGkmt6LI1MIzNlFnJz7OVoJ9Xj
LdEx6adNYThtcSngCjM2yetJ33pWNp51i0Yv+NzJ+ge1jNBhm5wlfuU16lAdOqbw
T8mZZnqXbFKlbfPTs6S69310o2KK4fUYnIdLkN2D3yT/Els2iSxCSMrttGUxLvL+
C3hPxnSkVzlJAEoPvk4GBiKLwODrtCEJtOusJCJ/EUDB3QFGjABGR8LPb4Qxw9rS
EYYo7VekFQrsfHLXZLGoWOPUdNgY5rkq0O77jyJ7C6v+TmEVdP/ATA2R6QIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFAhCg5Ng0idUYmBBLqQQ1v4ybHXCMB8GA1UdIwQY
MBaAFN0LZjxF17wnJNFoSFCHWB4URI+2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1F0bVBFWFh2Q2NrMFdoSVVJZFlIaFJFajdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC9lZGMyMzgtNGMwYS00NmVkLWJjMjQt
M2I5ZTNjOGEyZmNhLzEvQ0VLRGsyRFNKMVJpWUVFdXBCRFdfakpzZGNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC9lZGMyMzgtNGMwYS00NmVkLWJjMjQtM2I5ZTNjOGEyZmNh
LzEvM1F0bVBFWFh2Q2NrMFdoSVVJZFlIaFJFajdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQDJdH4AwQD
UnCgAwQCuXzUAwQFweOgAwQF1a+gMA0EAgACMAcDBQMqBrVAMA0GCSqGSIb3DQEB
CwUAA4IBAQBVjD2ZE4BWYVWgQbOIp1xFv6vzxMrrp79k0R2It6Q53Nfc/1AY9kBd
cP1WCDsePGqiXNGF7AeuqNojwXR7BR7WyI1fKNPLHeRNl1IioRz5YITHuRJPi+i8
R8T+Z93abs3mraBW6At7H1OU3tRVyiErEy19DTy9gAcUGd8E+Ewh9zD962KLGIJx
YzBbpi33yGpeDFuEzEzUMIFkUH0dMzc6SC/LaTXmILTYEmqT7JHtTqwQ3o+3oV6V
vdl2l2jMfqE99e+xW0PHFCDStfOWrYhZEfUMVAYIBid8+7MFEAjUrqmXT+QrG0xS
HHg6PxyU/VdjASV7vUL4eWRUZThdTplF
-----END CERTIFICATE-----
Generated at Sun May 19 05:03:57 2024 by rpki-client on console-fra.rpki-client.org