Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7c/f7c11f-4e9e-436d-a3df-fedbd4c66a0e/1/CEp-lW3ew45rAYWRer6bxDEPe2g.roa
File: CEp-lW3ew45rAYWRer6bxDEPe2g.roa (raw, json)
Hash identifier: yAmQi/74ClfRMYft4f1YG7z1emLzX3XTnSxpAjj6VRo=
Subject key identifier: 08:4A:7E:95:6D:DE:C3:8E:6B:01:85:91:7A:BE:9B:C4:31:0F:7B:68
Certificate issuer: /CN=50f88e05c898796c82ff0147568816e933420e18
Certificate serial: 018CC7936E8D68DC77210D552A32381E95F2
Authority key identifier: 50:F8:8E:05:C8:98:79:6C:82:FF:01:47:56:88:16:E9:33:42:0E:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UPiOBciYeWyC_wFHVogW6TNCDhg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7c/f7c11f-4e9e-436d-a3df-fedbd4c66a0e/1/CEp-lW3ew45rAYWRer6bxDEPe2g.roa
Signing time: Tue 02 Jan 2024 00:29:37 +0000
ROA not before: Tue 02 Jan 2024 00:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60781
IP address blocks: 185.211.155.0/24 maxlen: 24
185.211.154.0/24 maxlen: 24
178.18.21.0/24 maxlen: 24
178.18.20.0/22 maxlen: 22
178.18.24.0/23 maxlen: 23
178.18.24.0/24 maxlen: 24
178.18.23.0/24 maxlen: 24
178.18.22.0/24 maxlen: 24
178.18.27.0/24 maxlen: 24
178.18.31.0/24 maxlen: 24
178.18.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7c/f7c11f-4e9e-436d-a3df-fedbd4c66a0e/1/UPiOBciYeWyC_wFHVogW6TNCDhg.crl
rsync://rpki.ripe.net/repository/DEFAULT/7c/f7c11f-4e9e-436d-a3df-fedbd4c66a0e/1/UPiOBciYeWyC_wFHVogW6TNCDhg.mft
rsync://rpki.ripe.net/repository/DEFAULT/UPiOBciYeWyC_wFHVogW6TNCDhg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:6e:8d:68:dc:77:21:0d:55:2a:32:38:1e:95:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=50f88e05c898796c82ff0147568816e933420e18
Validity
Not Before: Jan 2 00:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=084a7e956ddec38e6b0185917abe9bc4310f7b68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ea:96:9f:91:44:8f:97:e1:27:f6:32:29:4c:
41:d1:51:e7:20:5e:c6:bf:4c:a9:81:0f:9f:22:1a:
78:18:b3:65:90:0c:2c:da:32:68:2b:75:09:7c:2c:
fd:c4:e2:15:72:5b:ff:f7:fe:29:e5:bd:9a:49:f7:
ea:61:d3:0e:be:bc:3c:a2:fa:2e:bd:34:bc:63:53:
90:9f:38:3c:6e:12:5e:68:a5:77:e2:ac:23:3e:6d:
5a:42:1c:6f:63:2d:b1:3e:73:1a:24:5e:12:f1:d4:
02:1f:b0:85:14:54:a4:f3:83:50:67:a9:87:1c:13:
36:08:5d:d8:1f:06:15:50:7e:fb:1c:76:77:68:94:
1e:53:ed:fc:6d:f3:4a:22:d4:0a:7b:25:0e:2c:dd:
22:b2:96:10:45:a1:83:34:13:de:9f:c9:de:56:5d:
1c:49:20:0a:b1:7f:43:a1:c0:49:df:2f:de:9d:98:
7d:ad:ba:be:93:d9:ff:e6:bb:9d:e5:d1:62:02:e8:
a3:75:6b:eb:8c:ed:03:18:7e:20:68:b0:1a:9f:34:
26:11:15:72:3a:70:0b:b1:85:d9:01:1b:bf:78:13:
8e:ee:e0:f4:ae:59:7f:b1:b9:c8:f4:a6:0d:6d:90:
e8:ea:75:5f:fa:82:bb:2f:85:16:31:2f:3b:d2:41:
8f:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:4A:7E:95:6D:DE:C3:8E:6B:01:85:91:7A:BE:9B:C4:31:0F:7B:68
X509v3 Authority Key Identifier:
keyid:50:F8:8E:05:C8:98:79:6C:82:FF:01:47:56:88:16:E9:33:42:0E:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UPiOBciYeWyC_wFHVogW6TNCDhg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f7c11f-4e9e-436d-a3df-fedbd4c66a0e/1/CEp-lW3ew45rAYWRer6bxDEPe2g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7c/f7c11f-4e9e-436d-a3df-fedbd4c66a0e/1/UPiOBciYeWyC_wFHVogW6TNCDhg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.18.20.0-178.18.25.255
178.18.27.0/24
178.18.30.0/23
185.211.154.0/23
Signature Algorithm: sha256WithRSAEncryption
7f:69:d7:58:ee:6c:2c:c6:4d:e2:1e:5a:c0:91:9e:7d:93:1b:
a8:b2:09:6b:8e:50:1d:c2:b3:9e:d7:2e:bf:01:a3:fa:3e:c1:
84:09:97:84:e9:ca:0d:ed:c3:28:c5:4c:f8:f6:4f:2c:6d:d4:
00:b4:a9:e1:7c:13:4b:9d:ca:ce:84:d1:41:a3:c7:2c:4b:c1:
71:5e:13:2a:c4:65:e8:59:da:93:9c:f8:d6:17:f1:f5:7a:47:
9d:b9:8f:0f:ee:e1:60:28:09:65:c2:5e:97:99:8b:e7:72:63:
a6:d7:71:4f:e6:65:e5:69:b2:77:63:6b:e8:76:27:0c:f9:06:
22:5c:cd:e4:09:78:0c:f3:29:c2:9d:ee:6d:de:f4:10:42:45:
ca:5e:a2:5c:2a:04:6e:f1:ef:ac:37:78:6c:91:d2:dd:4e:2a:
7d:31:90:98:eb:2a:81:e0:58:fa:e1:24:f5:4c:1f:57:3f:c5:
52:c6:1a:c0:ad:bd:aa:85:bb:e9:56:cc:c0:d7:9a:13:e1:f2:
29:ce:ed:51:d9:f1:cc:a3:51:32:6f:ce:87:30:e6:20:ff:fb:
89:3b:e1:38:24:5f:7d:0b:31:b0:0c:db:f2:5f:dd:1f:bd:b3:
fb:aa:5b:d7:00:8b:d0:0f:6b:c2:ba:b0:19:92:82:61:c4:ff:
ae:c2:9d:00
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzHk26NaNx3IQ1VKjI4HpXyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwZjg4ZTA1Yzg5ODc5NmM4MmZmMDE0NzU2ODgxNmU5MzM0
MjBlMTgwHhcNMjQwMTAyMDAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODRhN2U5NTZkZGVjMzhlNmIwMTg1OTE3YWJlOWJjNDMxMGY3YjY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuqWn5FEj5fhJ/YyKUxB0VHnIF7G
v0ypgQ+fIhp4GLNlkAws2jJoK3UJfCz9xOIVclv/9/4p5b2aSffqYdMOvrw8ovou
vTS8Y1OQnzg8bhJeaKV34qwjPm1aQhxvYy2xPnMaJF4S8dQCH7CFFFSk84NQZ6mH
HBM2CF3YHwYVUH77HHZ3aJQeU+38bfNKItQKeyUOLN0ispYQRaGDNBPen8neVl0c
SSAKsX9DocBJ3y/enZh9rbq+k9n/5rud5dFiAuijdWvrjO0DGH4gaLAanzQmERVy
OnALsYXZARu/eBOO7uD0rll/sbnI9KYNbZDo6nVf+oK7L4UWMS870kGPJQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFAhKfpVt3sOOawGFkXq+m8QxD3toMB8GA1UdIwQY
MBaAFFD4jgXImHlsgv8BR1aIFukzQg4YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVBpT0JjaVllV3lDX3dGSFZvZ1c2VE5DRGhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yy9mN2MxMWYtNGU5ZS00MzZkLWEzZGYt
ZmVkYmQ0YzY2YTBlLzEvQ0VwLWxXM2V3NDVyQVlXUmVyNmJ4REVQZTJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yy9mN2MxMWYtNGU5ZS00MzZkLWEzZGYtZmVkYmQ0YzY2YTBl
LzEvVVBpT0JjaVllV3lDX3dGSFZvZ1c2VE5DRGhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAKyEhQD
BAGyEhgDBACyEhsDBAGyEh4DBAG505owDQYJKoZIhvcNAQELBQADggEBAH9p11ju
bCzGTeIeWsCRnn2TG6iyCWuOUB3Cs57XLr8Bo/o+wYQJl4Tpyg3twyjFTPj2Tyxt
1AC0qeF8E0udys6E0UGjxyxLwXFeEyrEZehZ2pOc+NYX8fV6R525jw/u4WAoCWXC
XpeZi+dyY6bXcU/mZeVpsndja+h2Jwz5BiJczeQJeAzzKcKd7m3e9BBCRcpeolwq
BG7x76w3eGyR0t1OKn0xkJjrKoHgWPrhJPVMH1c/xVLGGsCtvaqFu+lWzMDXmhPh
8inO7VHZ8cyjUTJvzocw5iD/+4k74TgkX30LMbAM2/Jf3R+9s/uqW9cAi9APa8K6
sBmSgmHE/67CnQA=
-----END CERTIFICATE-----
Generated at Wed May 8 16:12:03 2024 by rpki-client on console-fra.rpki-client.org