Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/E-at7fFEfuw1LhaoYYc3FRfO6XQ.roa
File: E-at7fFEfuw1LhaoYYc3FRfO6XQ.roa (raw, json)
Hash identifier: 8fZfWD2S/PSFVpzy86LdHRpJs9otdP13r9CoGdp7NZ4=
Subject key identifier: 13:E6:AD:ED:F1:44:7E:EC:35:2E:16:A8:61:87:37:15:17:CE:E9:74
Certificate issuer: /CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Certificate serial: 018FBD66818ADB35B7E37257E17F32EC5D93
Authority key identifier: 8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/E-at7fFEfuw1LhaoYYc3FRfO6XQ.roa
Signing time: Tue 28 May 2024 04:12:42 +0000
ROA not before: Tue 28 May 2024 04:12:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39855
IP address blocks: 194.99.112.0/24 maxlen: 24
194.104.1.0/24 maxlen: 24
194.104.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.crl
rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.mft
rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:bd:66:81:8a:db:35:b7:e3:72:57:e1:7f:32:ec:5d:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8fc69646457a8bf8ef9569b9b427e9f2c462e56e
Validity
Not Before: May 28 04:12:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=13e6adedf1447eec352e16a86187371517cee974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:87:81:e0:ff:14:fc:ed:c0:dc:b5:44:cb:46:
3a:96:e4:ae:dc:df:4e:98:93:d8:66:8c:ed:59:9d:
c4:29:5d:84:01:94:69:bf:35:9b:8a:08:d5:42:67:
5e:b3:11:52:bc:3f:ef:30:1e:91:bd:49:8c:fc:e0:
52:d7:08:45:d8:2c:3e:39:87:43:7b:48:c0:b4:4c:
6f:87:b0:e4:e3:ef:09:df:c3:f3:e9:6e:50:3e:5a:
28:da:54:17:bc:60:d1:01:2d:bf:5e:f3:de:e9:52:
90:51:16:06:6c:1b:8c:f7:cd:0c:bf:f2:94:99:ab:
d3:84:59:71:40:f4:1a:fc:4f:4a:c9:3a:e9:a9:49:
ba:6d:3f:d1:1e:9b:11:cc:e5:33:cf:39:46:0b:9d:
27:aa:d9:bc:ec:db:a8:8c:b5:dd:c7:c6:ee:57:8b:
bf:34:1b:b7:89:c8:ec:25:b7:d4:a9:f0:8d:de:8f:
aa:61:38:e5:38:38:19:e3:aa:5e:8d:47:a3:d7:33:
19:6d:4c:43:50:4c:6e:7b:d5:1d:cd:34:fd:5c:2e:
d0:b4:a6:81:4a:12:50:80:01:e3:9f:5d:1b:38:1d:
76:da:e7:84:61:c2:75:56:8f:a7:5a:e3:d1:fc:59:
b6:06:0f:50:47:49:e6:70:45:16:37:16:61:91:8e:
83:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:E6:AD:ED:F1:44:7E:EC:35:2E:16:A8:61:87:37:15:17:CE:E9:74
X509v3 Authority Key Identifier:
keyid:8F:C6:96:46:45:7A:8B:F8:EF:95:69:B9:B4:27:E9:F2:C4:62:E5:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j8aWRkV6i_jvlWm5tCfp8sRi5W4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/E-at7fFEfuw1LhaoYYc3FRfO6XQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/77/9fab5c-e138-4ef6-8799-b0b35a34e388/1/j8aWRkV6i_jvlWm5tCfp8sRi5W4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.99.112.0/24
194.104.1.0/24
194.104.85.0/24
Signature Algorithm: sha256WithRSAEncryption
2d:39:a8:b2:ba:1b:2a:d3:da:82:55:53:c8:db:aa:04:06:63:
58:2b:07:94:0a:19:55:cd:09:b9:0f:37:04:5d:d4:cc:cc:03:
e6:cf:de:55:aa:94:2a:80:da:ff:4d:4e:79:c0:7e:34:f5:30:
c5:e4:be:f2:c4:d8:f4:6a:6e:4c:01:49:aa:62:c1:c7:aa:78:
74:78:5c:0f:5e:03:30:cc:5d:11:af:0b:40:a0:e6:f0:50:f3:
a5:d6:b5:40:39:f7:b0:aa:e9:9d:0c:3e:3a:e1:f7:97:c4:78:
d6:19:f8:b9:6d:ba:23:e0:d3:dc:2a:c4:51:c8:7f:27:14:ca:
63:5f:b8:a6:27:4e:49:03:6a:fa:73:9f:32:d0:39:da:9a:45:
c9:cb:5c:c2:e3:51:4c:fd:7b:fc:17:7e:e7:97:27:3a:30:2d:
59:ae:1e:7d:6b:5c:b9:e2:37:82:7b:68:ba:ae:e3:ae:a2:f1:
25:f3:07:e5:d4:9e:ba:d3:63:11:0c:4a:71:9f:48:7c:4c:08:
d2:34:0d:31:cc:62:74:1a:c4:33:27:a2:f7:20:af:b2:94:be:
20:be:72:06:4e:ec:4e:7c:3e:6e:fe:8d:be:28:e4:29:e6:16:
5f:78:c0:0a:56:8d:20:2e:c5:77:bd:53:d8:ed:41:bd:86:a9:
a7:f4:26:e1
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY+9ZoGK2zW343JX4X8y7F2TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmYzY5NjQ2NDU3YThiZjhlZjk1NjliOWI0MjdlOWYyYzQ2
MmU1NmUwHhcNMjQwNTI4MDQxMjQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2U2YWRlZGYxNDQ3ZWVjMzUyZTE2YTg2MTg3MzcxNTE3Y2VlOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4eB4P8U/O3A3LVEy0Y6luSu3N9O
mJPYZoztWZ3EKV2EAZRpvzWbigjVQmdesxFSvD/vMB6RvUmM/OBS1whF2Cw+OYdD
e0jAtExvh7Dk4+8J38Pz6W5QPloo2lQXvGDRAS2/XvPe6VKQURYGbBuM980Mv/KU
mavThFlxQPQa/E9KyTrpqUm6bT/RHpsRzOUzzzlGC50nqtm87NuojLXdx8buV4u/
NBu3icjsJbfUqfCN3o+qYTjlODgZ46pejUej1zMZbUxDUExue9UdzTT9XC7QtKaB
ShJQgAHjn10bOB122ueEYcJ1Vo+nWuPR/Fm2Bg9QR0nmcEUWNxZhkY6DSQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFBPmre3xRH7sNS4WqGGHNxUXzul0MB8GA1UdIwQY
MBaAFI/GlkZFeov475VpubQn6fLEYuVuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTkt
YjBiMzVhMzRlMzg4LzEvRS1hdDdmRkVmdXcxTGhhb1lZYzNGUmZPNlhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ny85ZmFiNWMtZTEzOC00ZWY2LTg3OTktYjBiMzVhMzRlMzg4
LzEvajhhV1JrVjZpX2p2bFdtNXRDZnA4c1JpNVc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwmNwAwQA
wmgBAwQAwmhVMA0GCSqGSIb3DQEBCwUAA4IBAQAtOaiyuhsq09qCVVPI26oEBmNY
KweUChlVzQm5DzcEXdTMzAPmz95VqpQqgNr/TU55wH409TDF5L7yxNj0am5MAUmq
YsHHqnh0eFwPXgMwzF0RrwtAoObwUPOl1rVAOfewqumdDD464feXxHjWGfi5bboj
4NPcKsRRyH8nFMpjX7imJ05JA2r6c58y0DnamkXJy1zC41FM/Xv8F37nlyc6MC1Z
rh59a1y54jeCe2i6ruOuovEl8wfl1J6602MRDEpxn0h8TAjSNA0xzGJ0GsQzJ6L3
IK+ylL4gvnIGTuxOfD5u/o2+KOQp5hZfeMAKVo0gLsV3vVPY7UG9hqmn9Cbh
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:30:28 2024 by rpki-client on console-fra.rpki-client.org