Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/4b99b8-0657-4162-ab04-f572a0fce0ee/1/EcF8Qs5P0UwlhY2rDG9DuG432A4.roa
File: EcF8Qs5P0UwlhY2rDG9DuG432A4.roa (raw, json)
Hash identifier: sMWLiM0rqOnqBoiICQ00NwMYFRL4XsmE8FVjgEJT85w=
Subject key identifier: 11:C1:7C:42:CE:4F:D1:4C:25:85:8D:AB:0C:6F:43:B8:6E:37:D8:0E
Certificate issuer: /CN=83c966da5eead50905091c3b599c9a44074739d0
Certificate serial: 018CC34933094A67E0073E74AD0195019019
Authority key identifier: 83:C9:66:DA:5E:EA:D5:09:05:09:1C:3B:59:9C:9A:44:07:47:39:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g8lm2l7q1QkFCRw7WZyaRAdHOdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/4b99b8-0657-4162-ab04-f572a0fce0ee/1/EcF8Qs5P0UwlhY2rDG9DuG432A4.roa
Signing time: Mon 01 Jan 2024 04:30:03 +0000
ROA not before: Mon 01 Jan 2024 04:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209242
IP address blocks: 216.120.180.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/4b99b8-0657-4162-ab04-f572a0fce0ee/1/g8lm2l7q1QkFCRw7WZyaRAdHOdA.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/4b99b8-0657-4162-ab04-f572a0fce0ee/1/g8lm2l7q1QkFCRw7WZyaRAdHOdA.mft
rsync://rpki.ripe.net/repository/DEFAULT/g8lm2l7q1QkFCRw7WZyaRAdHOdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:33:09:4a:67:e0:07:3e:74:ad:01:95:01:90:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83c966da5eead50905091c3b599c9a44074739d0
Validity
Not Before: Jan 1 04:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11c17c42ce4fd14c25858dab0c6f43b86e37d80e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f8:5d:ea:df:03:ee:e3:34:97:ec:3d:da:b0:
aa:59:af:4e:a2:0c:3d:4e:7f:fc:29:57:de:84:48:
b4:1b:78:50:0b:18:f1:91:49:71:9a:00:e8:db:97:
ec:0a:fb:98:c9:7f:96:b9:14:e3:ea:31:ba:40:e2:
59:40:d0:4c:ab:9c:ff:64:76:d5:ef:d8:3e:05:a2:
91:ff:31:67:30:1c:68:c5:e0:cd:91:f4:57:e2:1d:
dd:c8:44:af:04:f5:95:63:7f:58:81:ec:e7:f3:b4:
8c:59:28:d5:0b:ef:9e:93:23:db:aa:30:4e:fe:fb:
ec:61:6c:b5:eb:9f:23:1d:17:c5:6e:19:3f:90:2d:
0f:b2:9c:91:db:a0:51:c9:f4:4d:0d:51:7a:3c:69:
f8:19:a7:2e:40:82:92:5e:77:5a:e9:91:15:fb:3d:
93:0a:55:d3:c9:e5:19:c3:0d:df:4f:30:07:ab:d7:
dc:5f:55:e7:58:53:87:81:63:c2:ce:39:43:45:fc:
39:4d:d5:9c:a6:9a:ce:7f:de:c6:cf:11:d2:a8:65:
b9:f2:0b:be:5d:86:51:a7:9b:d2:ce:d2:34:6f:f4:
78:e0:e5:db:64:94:d5:74:12:19:3c:ad:bd:4b:34:
ab:12:c7:47:8f:ee:f2:d1:ea:ae:3f:16:bd:c3:0b:
2a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:C1:7C:42:CE:4F:D1:4C:25:85:8D:AB:0C:6F:43:B8:6E:37:D8:0E
X509v3 Authority Key Identifier:
keyid:83:C9:66:DA:5E:EA:D5:09:05:09:1C:3B:59:9C:9A:44:07:47:39:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g8lm2l7q1QkFCRw7WZyaRAdHOdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4b99b8-0657-4162-ab04-f572a0fce0ee/1/EcF8Qs5P0UwlhY2rDG9DuG432A4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/4b99b8-0657-4162-ab04-f572a0fce0ee/1/g8lm2l7q1QkFCRw7WZyaRAdHOdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
216.120.180.0/23
Signature Algorithm: sha256WithRSAEncryption
8e:1e:c5:c8:78:f4:8f:ef:e8:61:0a:dc:ff:b0:11:04:15:2e:
0b:aa:e2:49:ca:b6:f7:76:ee:1a:c8:f2:68:29:cb:a7:0b:0f:
37:cf:e8:61:6b:52:8e:34:d2:31:38:a4:c8:bb:7f:64:b8:32:
4a:42:dd:53:87:d3:9b:82:aa:4a:10:6b:21:93:3c:79:59:7d:
8c:91:44:d2:f3:22:4f:a7:ed:3a:fd:36:32:54:37:7a:c0:61:
d8:96:ad:1d:46:74:45:46:e8:b4:62:8c:f4:ce:dd:c8:dd:6b:
6f:47:4a:47:9a:31:51:e3:fb:76:fa:2d:6a:80:01:aa:26:66:
66:ec:f2:97:57:dd:37:c5:62:f5:11:97:aa:88:3e:e1:79:0d:
fb:57:94:c7:10:24:de:c5:03:b9:5e:c7:f4:1f:e3:6d:80:d7:
9f:ac:93:a4:a8:17:62:18:20:8f:bb:ba:d5:42:bb:a4:55:20:
ce:01:69:99:b3:1d:1c:04:e6:12:6d:b3:bd:13:96:5d:2d:1c:
00:35:03:a9:7d:20:ec:46:f3:73:a7:12:a8:eb:44:f6:23:87:
8b:0e:ed:b6:c4:45:9f:7c:46:65:17:80:09:82:c3:da:7b:21:
aa:9e:ff:4c:35:19:b9:55:b7:d6:51:78:2f:8e:c0:75:85:36:
e9:bd:30:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSTMJSmfgBz50rQGVAZAZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzYzk2NmRhNWVlYWQ1MDkwNTA5MWMzYjU5OWM5YTQ0MDc0
NzM5ZDAwHhcNMjQwMTAxMDQzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWMxN2M0MmNlNGZkMTRjMjU4NThkYWIwYzZmNDNiODZlMzdkODBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPhd6t8D7uM0l+w92rCqWa9Oogw9
Tn/8KVfehEi0G3hQCxjxkUlxmgDo25fsCvuYyX+WuRTj6jG6QOJZQNBMq5z/ZHbV
79g+BaKR/zFnMBxoxeDNkfRX4h3dyESvBPWVY39Ygezn87SMWSjVC++ekyPbqjBO
/vvsYWy1658jHRfFbhk/kC0PspyR26BRyfRNDVF6PGn4GacuQIKSXnda6ZEV+z2T
ClXTyeUZww3fTzAHq9fcX1XnWFOHgWPCzjlDRfw5TdWcpprOf97GzxHSqGW58gu+
XYZRp5vSztI0b/R44OXbZJTVdBIZPK29SzSrEsdHj+7y0equPxa9wwsqHwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBHBfELOT9FMJYWNqwxvQ7huN9gOMB8GA1UdIwQY
MBaAFIPJZtpe6tUJBQkcO1mcmkQHRznQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZzhsbTJsN3ExUWtGQ1J3N1daeWFSQWRIT2RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC80Yjk5YjgtMDY1Ny00MTYyLWFiMDQt
ZjU3MmEwZmNlMGVlLzEvRWNGOFFzNVAwVXdsaFkyckRHOUR1RzQzMkE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC80Yjk5YjgtMDY1Ny00MTYyLWFiMDQtZjU3MmEwZmNlMGVl
LzEvZzhsbTJsN3ExUWtGQ1J3N1daeWFSQWRIT2RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQB2Hi0MA0G
CSqGSIb3DQEBCwUAA4IBAQCOHsXIePSP7+hhCtz/sBEEFS4LquJJyrb3du4ayPJo
KcunCw83z+hha1KONNIxOKTIu39kuDJKQt1Th9ObgqpKEGshkzx5WX2MkUTS8yJP
p+06/TYyVDd6wGHYlq0dRnRFRui0Yoz0zt3I3WtvR0pHmjFR4/t2+i1qgAGqJmZm
7PKXV903xWL1EZeqiD7heQ37V5THECTexQO5Xsf0H+NtgNefrJOkqBdiGCCPu7rV
QrukVSDOAWmZsx0cBOYSbbO9E5ZdLRwANQOpfSDsRvNzpxKo60T2I4eLDu22xEWf
fEZlF4AJgsPaeyGqnv9MNRm5VbfWUXgvjsB1hTbpvTCv
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:55:06 2024 by rpki-client on console-ams.rpki-client.org