Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/aa9e97-4001-48a4-bf80-3d25458b39ee/1/eRx8CNVcjmThRczm0A2FUDkF1FQ.roa
File: eRx8CNVcjmThRczm0A2FUDkF1FQ.roa (raw, json)
Hash identifier: YPlHuKBY1VwQjrW5j3bGvE3GKoY9KuaYMjheu6J3z/A=
Subject key identifier: 79:1C:7C:08:D5:5C:8E:64:E1:45:CC:E6:D0:0D:85:50:39:05:D4:54
Certificate issuer: /CN=d2cb5d181afea69f39e17112593be4b00e584b4d
Certificate serial: 018FC3BA129C358AAF15CCD1BC6B8061E28E
Authority key identifier: D2:CB:5D:18:1A:FE:A6:9F:39:E1:71:12:59:3B:E4:B0:0E:58:4B:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0stdGBr-pp854XESWTvksA5YS00.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/aa9e97-4001-48a4-bf80-3d25458b39ee/1/eRx8CNVcjmThRczm0A2FUDkF1FQ.roa
Signing time: Wed 29 May 2024 09:41:42 +0000
ROA not before: Wed 29 May 2024 09:41:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202971
IP address blocks: 193.164.134.0/23 maxlen: 23
193.164.209.0/24 maxlen: 24
2a0f:e080::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/aa9e97-4001-48a4-bf80-3d25458b39ee/1/0stdGBr-pp854XESWTvksA5YS00.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/aa9e97-4001-48a4-bf80-3d25458b39ee/1/0stdGBr-pp854XESWTvksA5YS00.mft
rsync://rpki.ripe.net/repository/DEFAULT/0stdGBr-pp854XESWTvksA5YS00.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 21:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c3:ba:12:9c:35:8a:af:15:cc:d1:bc:6b:80:61:e2:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d2cb5d181afea69f39e17112593be4b00e584b4d
Validity
Not Before: May 29 09:41:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=791c7c08d55c8e64e145cce6d00d85503905d454
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:10:53:fb:c9:f4:77:24:e7:a2:96:c6:ea:be:
f6:21:2b:b5:be:72:0c:f7:51:c3:05:9b:bd:5c:da:
07:d9:cb:fd:2d:6f:ed:ae:43:47:76:c1:67:84:d9:
72:a9:21:11:3a:7b:ce:98:e7:bb:2d:c4:b3:54:e5:
47:bf:de:99:e2:63:a3:b1:36:b6:ad:50:f6:b4:4c:
29:55:79:13:70:7d:bd:27:64:1d:67:7a:22:70:26:
e3:fc:92:c6:5e:6a:a6:ff:8f:72:29:b6:9c:d3:2c:
ed:c2:70:1a:2c:43:85:94:fb:6c:21:5f:2b:40:24:
99:cc:67:c6:4b:ef:e2:33:1c:c5:23:c7:11:34:1d:
89:04:ed:05:28:d6:04:29:9c:8f:00:58:97:57:ac:
14:a7:a9:b1:41:7c:47:c4:83:eb:27:c8:57:07:c3:
73:5d:47:e7:53:8b:10:d3:ef:76:02:bb:83:71:be:
18:30:ac:e6:71:73:e4:e7:d4:6b:3b:df:66:dd:66:
e9:1c:7b:f7:52:9b:ab:c2:29:89:c6:1a:92:21:91:
31:5f:a6:9a:6a:70:57:8b:54:e7:86:de:4f:a0:03:
3c:3c:0c:a1:44:ef:97:39:59:c9:20:51:0a:58:1d:
33:7d:fc:9b:f4:86:d3:c9:74:d5:f1:e1:70:19:d3:
d8:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:1C:7C:08:D5:5C:8E:64:E1:45:CC:E6:D0:0D:85:50:39:05:D4:54
X509v3 Authority Key Identifier:
keyid:D2:CB:5D:18:1A:FE:A6:9F:39:E1:71:12:59:3B:E4:B0:0E:58:4B:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0stdGBr-pp854XESWTvksA5YS00.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/aa9e97-4001-48a4-bf80-3d25458b39ee/1/eRx8CNVcjmThRczm0A2FUDkF1FQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/aa9e97-4001-48a4-bf80-3d25458b39ee/1/0stdGBr-pp854XESWTvksA5YS00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.164.134.0/23
193.164.209.0/24
IPv6:
2a0f:e080::/48
Signature Algorithm: sha256WithRSAEncryption
a0:19:67:19:ad:a4:b2:ce:47:a7:43:82:8e:3d:54:f7:82:29:
cc:c0:dd:cf:bb:2b:fa:d8:6e:df:57:d0:59:fd:2d:b9:c4:f3:
52:77:f2:10:3c:2f:8e:f0:51:34:fb:4e:e3:b2:6b:a6:52:5a:
06:ed:7c:70:b2:40:10:de:b6:24:7d:0f:d4:60:c8:2d:31:61:
86:66:a2:84:67:be:a1:42:1c:24:aa:9e:f5:d8:21:36:01:5b:
d6:7a:41:8a:d4:b1:02:f2:71:f6:e0:39:77:75:7c:e2:8a:08:
36:db:b0:b0:f9:ac:3e:79:c9:7d:00:93:85:c6:5b:ba:20:21:
02:e9:8e:9c:47:a3:ff:c2:87:09:4a:5d:04:2a:b6:32:07:cb:
51:ad:3e:64:47:f6:10:44:8f:77:cb:2d:69:10:1e:ae:4a:74:
eb:7d:5c:f8:39:e6:19:a8:e2:c7:b7:11:a3:08:44:18:9e:5d:
fd:66:86:d5:b5:76:7a:01:64:65:80:ad:fa:e6:a6:6b:fe:ea:
b5:03:82:3f:9a:fb:75:b6:fc:1c:ae:37:9a:62:1f:33:65:d4:
15:1e:52:5e:50:a8:b9:db:c8:4c:b3:70:1a:9a:54:8e:c0:be:
73:c9:59:b4:23:f2:9e:3d:98:13:ad:f1:06:44:62:ca:b2:b6:
3a:54:64:41
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY/DuhKcNYqvFczRvGuAYeKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyY2I1ZDE4MWFmZWE2OWYzOWUxNzExMjU5M2JlNGIwMGU1
ODRiNGQwHhcNMjQwNTI5MDk0MTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTFjN2MwOGQ1NWM4ZTY0ZTE0NWNjZTZkMDBkODU1MDM5MDVkNDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2xBT+8n0dyTnopbG6r72ISu1vnIM
91HDBZu9XNoH2cv9LW/trkNHdsFnhNlyqSEROnvOmOe7LcSzVOVHv96Z4mOjsTa2
rVD2tEwpVXkTcH29J2QdZ3oicCbj/JLGXmqm/49yKbac0yztwnAaLEOFlPtsIV8r
QCSZzGfGS+/iMxzFI8cRNB2JBO0FKNYEKZyPAFiXV6wUp6mxQXxHxIPrJ8hXB8Nz
XUfnU4sQ0+92AruDcb4YMKzmcXPk59RrO99m3WbpHHv3UpurwimJxhqSIZExX6aa
anBXi1Tnht5PoAM8PAyhRO+XOVnJIFEKWB0zffyb9IbTyXTV8eFwGdPYAQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHkcfAjVXI5k4UXM5tANhVA5BdRUMB8GA1UdIwQY
MBaAFNLLXRga/qafOeFxElk75LAOWEtNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHN0ZEdCci1wcDg1NFhFU1dUdmtzQTVZUzAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9hYTllOTctNDAwMS00OGE0LWJmODAt
M2QyNTQ1OGIzOWVlLzEvZVJ4OENOVmNqbVRoUmN6bTBBMkZVRGtGMUZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9hYTllOTctNDAwMS00OGE0LWJmODAtM2QyNTQ1OGIzOWVl
LzEvMHN0ZEdCci1wcDg1NFhFU1dUdmtzQTVZUzAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBwaSGAwQA
waTRMA8EAgACMAkDBwAqD+CAAAAwDQYJKoZIhvcNAQELBQADggEBAKAZZxmtpLLO
R6dDgo49VPeCKczA3c+7K/rYbt9X0Fn9LbnE81J38hA8L47wUTT7TuOya6ZSWgbt
fHCyQBDetiR9D9RgyC0xYYZmooRnvqFCHCSqnvXYITYBW9Z6QYrUsQLycfbgOXd1
fOKKCDbbsLD5rD55yX0Ak4XGW7ogIQLpjpxHo//ChwlKXQQqtjIHy1GtPmRH9hBE
j3fLLWkQHq5KdOt9XPg55hmo4se3EaMIRBieXf1mhtW1dnoBZGWArfrmpmv+6rUD
gj+a+3W2/ByuN5piHzNl1BUeUl5QqLnbyEyzcBqaVI7AvnPJWbQj8p49mBOt8QZE
YsqytjpUZEE=
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:44:45 2024 by rpki-client on console-fra.rpki-client.org