Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/EcM90ZQyydTCn7dRplZnvyJEL-c.roa
File: EcM90ZQyydTCn7dRplZnvyJEL-c.roa (raw, json)
Hash identifier: EZ2t33SbdutwwEKKxtBBYnuH20K0oZgPBW6QoGpkPZQ=
Subject key identifier: 11:C3:3D:D1:94:32:C9:D4:C2:9F:B7:51:A6:56:67:BF:22:44:2F:E7
Certificate issuer: /CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Certificate serial: 018CC86FE8050D69EB674644ADE4F415A059
Authority key identifier: 09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/EcM90ZQyydTCn7dRplZnvyJEL-c.roa
Signing time: Tue 02 Jan 2024 04:30:26 +0000
ROA not before: Tue 02 Jan 2024 04:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39810
IP address blocks: 89.187.0.0/23 maxlen: 24
89.187.2.0/24 maxlen: 24
89.187.3.0/24 maxlen: 24
2a10:e400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:e8:05:0d:69:eb:67:46:44:ad:e4:f4:15:a0:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=091ec7ccf0fa761ed99bc5a7a9ec0d0eeb0bf055
Validity
Not Before: Jan 2 04:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11c33dd19432c9d4c29fb751a65667bf22442fe7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:4a:3a:65:df:47:b9:d7:cc:aa:9f:58:43:9d:
3c:d6:9b:1a:a8:04:91:8b:fc:ee:37:1d:60:bf:04:
77:0b:98:b5:99:75:e0:92:bb:45:2e:f5:68:59:95:
f2:9b:1f:d5:35:de:dc:31:3e:87:e2:0b:d2:65:6c:
6b:b3:63:8e:bb:f2:38:14:67:7f:b7:dc:0b:3e:9c:
8d:ce:3b:90:dc:f8:d5:cc:ad:08:59:a8:91:aa:56:
ee:72:55:06:a5:7e:95:0f:1e:e4:15:84:38:94:43:
a9:99:60:7f:e2:f1:e2:13:f5:6f:8c:31:c4:41:6d:
ad:1d:88:fb:cb:4d:06:6a:2c:01:df:47:7f:33:af:
7c:11:44:99:54:f9:1e:c7:54:d7:8b:f8:88:f5:99:
b6:fc:11:92:b2:ae:6d:f1:19:84:b8:f7:f4:6b:16:
7e:37:f1:4e:59:10:ac:b8:aa:7e:8c:de:09:8a:5c:
44:91:a2:68:56:f7:6a:3c:d5:68:74:6e:a3:06:52:
6b:f6:9b:ea:7c:73:7b:4a:60:c6:f2:05:26:04:b3:
20:9f:3b:82:ed:80:dd:04:3f:00:f3:97:56:aa:62:
aa:d6:48:c0:44:93:8b:11:3b:31:b3:21:61:d9:e5:
78:51:97:8b:db:10:85:78:cd:13:14:a3:2f:41:2e:
c3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:C3:3D:D1:94:32:C9:D4:C2:9F:B7:51:A6:56:67:BF:22:44:2F:E7
X509v3 Authority Key Identifier:
keyid:09:1E:C7:CC:F0:FA:76:1E:D9:9B:C5:A7:A9:EC:0D:0E:EB:0B:F0:55
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CR7HzPD6dh7Zm8WnqewNDusL8FU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/EcM90ZQyydTCn7dRplZnvyJEL-c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/79/e6478a-7b73-4758-addd-45cfc857dddd/1/CR7HzPD6dh7Zm8WnqewNDusL8FU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.0.0/22
IPv6:
2a10:e400::/29
Signature Algorithm: sha256WithRSAEncryption
2d:84:ff:fd:d2:36:6e:9c:a0:46:11:bc:55:fb:71:c2:c3:3c:
08:5c:0d:0d:37:f6:ce:44:67:18:81:b7:72:81:c5:d9:35:84:
8a:d9:85:76:bb:2c:e4:57:75:f6:51:bb:66:01:32:0c:bd:9b:
a4:e1:57:5f:bb:12:d3:64:29:9b:8d:e2:f9:ef:0a:79:d4:c4:
ef:34:96:bf:35:fe:0c:7c:81:91:01:c9:bf:12:51:af:9e:ed:
6d:0b:74:64:0a:79:b6:4c:54:13:a8:f4:af:d6:77:a3:d5:ef:
cf:61:23:85:2d:05:79:b6:06:52:98:18:b7:e5:0f:a1:5e:70:
56:ce:35:34:84:82:6c:7d:dc:46:2b:a1:ea:51:f9:82:98:30:
25:71:2d:2b:37:0c:6b:89:10:42:46:79:0a:31:4e:85:f6:86:
b0:4e:af:55:8b:8a:5e:d5:ee:01:8a:d3:09:c2:7b:92:55:10:
c8:2e:5c:d6:9c:e1:71:52:7b:b5:8c:56:14:64:2c:47:8b:9f:
68:96:12:fb:b7:42:09:fc:83:bc:78:20:c7:a0:38:09:ea:09:
52:06:f3:14:33:e9:34:72:0a:b1:47:ca:60:16:57:30:8e:d1:
00:a3:42:8d:57:49:de:c3:11:6b:35:3b:66:62:29:96:1e:6e:
d2:da:31:23
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIb+gFDWnrZ0ZEreT0FaBZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MWVjN2NjZjBmYTc2MWVkOTliYzVhN2E5ZWMwZDBlZWIw
YmYwNTUwHhcNMjQwMTAyMDQzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWMzM2RkMTk0MzJjOWQ0YzI5ZmI3NTFhNjU2NjdiZjIyNDQyZmU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0o6Zd9HudfMqp9YQ5081psaqASR
i/zuNx1gvwR3C5i1mXXgkrtFLvVoWZXymx/VNd7cMT6H4gvSZWxrs2OOu/I4FGd/
t9wLPpyNzjuQ3PjVzK0IWaiRqlbuclUGpX6VDx7kFYQ4lEOpmWB/4vHiE/VvjDHE
QW2tHYj7y00GaiwB30d/M698EUSZVPkex1TXi/iI9Zm2/BGSsq5t8RmEuPf0axZ+
N/FOWRCsuKp+jN4JilxEkaJoVvdqPNVodG6jBlJr9pvqfHN7SmDG8gUmBLMgnzuC
7YDdBD8A85dWqmKq1kjARJOLETsxsyFh2eV4UZeL2xCFeM0TFKMvQS7D2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBHDPdGUMsnUwp+3UaZWZ78iRC/nMB8GA1UdIwQY
MBaAFAkex8zw+nYe2ZvFp6nsDQ7rC/BVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQt
NDVjZmM4NTdkZGRkLzEvRWNNOTBaUXl5ZFRDbjdkUnBsWm52eUpFTC1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OS9lNjQ3OGEtN2I3My00NzU4LWFkZGQtNDVjZmM4NTdkZGRk
LzEvQ1I3SHpQRDZkaDdabThXbnFld05EdXNMOEZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCWbsAMA0E
AgACMAcDBQMqEOQAMA0GCSqGSIb3DQEBCwUAA4IBAQAthP/90jZunKBGEbxV+3HC
wzwIXA0NN/bORGcYgbdygcXZNYSK2YV2uyzkV3X2UbtmATIMvZuk4VdfuxLTZCmb
jeL57wp51MTvNJa/Nf4MfIGRAcm/ElGvnu1tC3RkCnm2TFQTqPSv1nej1e/PYSOF
LQV5tgZSmBi35Q+hXnBWzjU0hIJsfdxGK6HqUfmCmDAlcS0rNwxriRBCRnkKMU6F
9oawTq9Vi4pe1e4BitMJwnuSVRDILlzWnOFxUnu1jFYUZCxHi59olhL7t0IJ/IO8
eCDHoDgJ6glSBvMUM+k0cgqxR8pgFlcwjtEAo0KNV0newxFrNTtmYimWHm7S2jEj
-----END CERTIFICATE-----
Generated at Mon May 20 17:48:05 2024 by rpki-client on console-fra.rpki-client.org