Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/1EAV_3m3awVfINAAW_JWrMkLOCo.roa
File: 1EAV_3m3awVfINAAW_JWrMkLOCo.roa (raw, json)
Hash identifier: f5hZCa2VTqTPNjzWBNfEFYgT9dax+38FWGJKDtoJUqQ=
Subject key identifier: D4:40:15:FF:79:B7:6B:05:5F:20:D0:00:5B:F2:56:AC:C9:0B:38:2A
Certificate issuer: /CN=494d0eaf80250ab8248989be71a4039718d6935a
Certificate serial: 018CC64B5D509F4C454B6866EB1392266D20
Authority key identifier: 49:4D:0E:AF:80:25:0A:B8:24:89:89:BE:71:A4:03:97:18:D6:93:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SU0Or4AlCrgkiYm-caQDlxjWk1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/1EAV_3m3awVfINAAW_JWrMkLOCo.roa
Signing time: Mon 01 Jan 2024 18:31:16 +0000
ROA not before: Mon 01 Jan 2024 18:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34197
IP address blocks: 195.95.224.0/23 maxlen: 23
185.150.162.0/24 maxlen: 24
185.150.160.0/24 maxlen: 24
185.150.160.0/22 maxlen: 22
194.187.224.0/22 maxlen: 22
2a07:7200:ffff::/48 maxlen: 48
2a07:7200::/29 maxlen: 29
2a07:7200:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/SU0Or4AlCrgkiYm-caQDlxjWk1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/SU0Or4AlCrgkiYm-caQDlxjWk1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/SU0Or4AlCrgkiYm-caQDlxjWk1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:01:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:5d:50:9f:4c:45:4b:68:66:eb:13:92:26:6d:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=494d0eaf80250ab8248989be71a4039718d6935a
Validity
Not Before: Jan 1 18:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d44015ff79b76b055f20d0005bf256acc90b382a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:31:34:54:34:2e:7f:e0:f8:74:82:45:f3:fa:
99:49:2c:ee:ef:61:7b:7b:dc:0f:50:97:6a:6a:96:
ce:47:58:9c:de:80:25:43:46:43:04:b4:57:df:8e:
91:d9:53:9c:04:f9:c3:d9:a9:ff:33:c4:6d:e1:b6:
b9:60:43:d4:52:c1:94:fe:28:6b:f4:b1:1d:43:25:
4d:4e:b6:cd:06:6e:a3:4e:0d:55:b0:fc:85:08:d6:
aa:ca:af:d2:c3:68:f1:dd:12:df:f1:03:7f:3e:81:
fe:5a:0a:56:ac:77:bf:d2:7d:03:a8:c9:a7:0a:0b:
9a:3e:89:6b:2f:05:09:68:6b:1f:04:de:d1:a4:af:
9d:46:7f:97:14:76:27:f0:d3:99:f9:70:18:33:fc:
ae:3d:a1:39:64:83:ce:54:c4:e8:0c:f9:74:09:52:
e2:13:56:c9:58:8c:df:b5:e8:9d:5e:43:67:90:83:
95:0a:69:ff:f9:a9:d0:d5:20:70:02:0f:6a:ca:16:
44:22:b1:39:74:13:1e:99:d1:f9:24:50:5c:62:b6:
19:74:ec:2b:59:1d:1b:82:bb:17:30:79:77:8c:cf:
6a:bd:6d:0d:bc:b4:b6:5f:2a:77:59:a3:9e:a0:19:
f9:06:6a:0c:ff:fa:af:cf:af:c6:80:2b:74:8a:16:
21:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:40:15:FF:79:B7:6B:05:5F:20:D0:00:5B:F2:56:AC:C9:0B:38:2A
X509v3 Authority Key Identifier:
keyid:49:4D:0E:AF:80:25:0A:B8:24:89:89:BE:71:A4:03:97:18:D6:93:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SU0Or4AlCrgkiYm-caQDlxjWk1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/1EAV_3m3awVfINAAW_JWrMkLOCo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/c88555-abb7-4b10-ab64-19c5427e416f/1/SU0Or4AlCrgkiYm-caQDlxjWk1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.150.160.0/22
194.187.224.0/22
195.95.224.0/23
IPv6:
2a07:7200::/29
Signature Algorithm: sha256WithRSAEncryption
4f:86:98:46:f5:36:7e:c2:35:06:c7:b9:b1:27:d3:42:6b:84:
c8:fe:b8:90:ba:e7:9a:d2:89:0f:13:1c:87:2d:84:2d:9b:42:
eb:3b:cb:0d:79:a3:47:6a:be:06:11:fe:15:bd:2d:d4:4d:b3:
5d:f7:22:a2:cc:bc:73:b2:e6:51:40:5a:32:03:fe:1b:ea:41:
36:b9:00:c0:fa:66:61:9e:65:b4:54:8f:03:25:b9:ec:8b:7f:
e8:11:02:85:c6:15:6d:aa:53:0f:24:8c:26:72:53:b9:9b:46:
92:14:72:6b:74:17:61:9d:7b:59:63:f8:1f:ac:a6:fd:52:19:
43:d6:46:15:7d:8f:59:dd:00:f2:6a:2b:86:51:5c:b3:e0:7c:
04:ab:d3:5b:8d:e0:ba:44:fb:ac:e8:33:82:e5:ae:47:02:f8:
93:dc:20:72:57:a9:1d:db:3d:bc:91:0a:72:43:e6:57:f0:9e:
11:b5:8d:c6:24:bf:95:32:cd:20:14:e0:91:3e:d2:ba:74:dd:
95:d2:ac:5b:23:32:67:ba:20:85:c0:a7:69:e1:e4:39:33:06:
36:f5:39:f9:25:31:4a:73:85:73:23:8f:22:65:23:02:02:18:
5e:37:3b:bb:a3:4e:60:b1:86:bf:d6:cc:9a:51:1c:ca:36:3d:
70:11:c4:be
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGS11Qn0xFS2hm6xOSJm0gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5NGQwZWFmODAyNTBhYjgyNDg5ODliZTcxYTQwMzk3MThk
NjkzNWEwHhcNMjQwMTAxMTgzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDQwMTVmZjc5Yjc2YjA1NWYyMGQwMDA1YmYyNTZhY2M5MGIzODJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzE0VDQuf+D4dIJF8/qZSSzu72F7
e9wPUJdqapbOR1ic3oAlQ0ZDBLRX346R2VOcBPnD2an/M8Rt4ba5YEPUUsGU/ihr
9LEdQyVNTrbNBm6jTg1VsPyFCNaqyq/Sw2jx3RLf8QN/PoH+WgpWrHe/0n0DqMmn
CguaPolrLwUJaGsfBN7RpK+dRn+XFHYn8NOZ+XAYM/yuPaE5ZIPOVMToDPl0CVLi
E1bJWIzfteidXkNnkIOVCmn/+anQ1SBwAg9qyhZEIrE5dBMemdH5JFBcYrYZdOwr
WR0bgrsXMHl3jM9qvW0NvLS2Xyp3WaOeoBn5BmoM//qvz6/GgCt0ihYhcQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNRAFf95t2sFXyDQAFvyVqzJCzgqMB8GA1UdIwQY
MBaAFElNDq+AJQq4JImJvnGkA5cY1pNaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1UwT3I0QWxDcmdraVltLWNhUURseGpXazFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9jODg1NTUtYWJiNy00YjEwLWFiNjQt
MTljNTQyN2U0MTZmLzEvMUVBVl8zbTNhd1ZmSU5BQVdfSldyTWtMT0NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9jODg1NTUtYWJiNy00YjEwLWFiNjQtMTljNTQyN2U0MTZm
LzEvU1UwT3I0QWxDcmdraVltLWNhUURseGpXazFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuZagAwQC
wrvgAwQBw1/gMA0EAgACMAcDBQMqB3IAMA0GCSqGSIb3DQEBCwUAA4IBAQBPhphG
9TZ+wjUGx7mxJ9NCa4TI/riQuuea0okPExyHLYQtm0LrO8sNeaNHar4GEf4VvS3U
TbNd9yKizLxzsuZRQFoyA/4b6kE2uQDA+mZhnmW0VI8DJbnsi3/oEQKFxhVtqlMP
JIwmclO5m0aSFHJrdBdhnXtZY/gfrKb9UhlD1kYVfY9Z3QDyaiuGUVyz4HwEq9Nb
jeC6RPus6DOC5a5HAviT3CByV6kd2z28kQpyQ+ZX8J4RtY3GJL+VMs0gFOCRPtK6
dN2V0qxbIzJnuiCFwKdp4eQ5MwY29Tn5JTFKc4VzI48iZSMCAhheNzu7o05gsYa/
1syaURzKNj1wEcS+
-----END CERTIFICATE-----
Generated at Sat Jun 1 20:38:43 2024 by rpki-client on console-ams.rpki-client.org