Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/Eij8y1IKwqMqpPDkbVvP-oJ9My4.roa
File: Eij8y1IKwqMqpPDkbVvP-oJ9My4.roa (raw, json)
Hash identifier: XGevxSCdcDLwWHpBeMJfgjl1wXgUx/EYOeZ7iVJpIWg=
Subject key identifier: 12:28:FC:CB:52:0A:C2:A3:2A:A4:F0:E4:6D:5B:CF:FA:82:7D:33:2E
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 018CC94E4B7F33C2E9564F05407A47427F7C
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/Eij8y1IKwqMqpPDkbVvP-oJ9My4.roa
Signing time: Tue 02 Jan 2024 08:33:20 +0000
ROA not before: Tue 02 Jan 2024 08:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42473
IP address blocks: 152.53.69.0/24 maxlen: 24
152.53.75.0/24 maxlen: 24
152.53.78.0/24 maxlen: 24
152.53.0.0/16 maxlen: 24
152.53.9.0/24 maxlen: 24
152.53.24.0/24 maxlen: 24
152.53.30.0/24 maxlen: 24
152.53.62.0/24 maxlen: 24
152.53.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.mft
rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:4b:7f:33:c2:e9:56:4f:05:40:7a:47:42:7f:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Jan 2 08:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1228fccb520ac2a32aa4f0e46d5bcffa827d332e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:39:52:e7:40:ae:f1:af:36:70:d9:d9:8d:3f:
80:b7:e9:4f:80:0c:12:d5:77:10:ea:42:83:fe:00:
b2:2b:96:ee:28:1e:40:6b:83:1d:8b:21:0e:2c:62:
ef:90:99:ca:5a:ac:42:56:c0:9d:ac:10:49:5d:88:
50:c8:9b:c2:d5:36:ef:18:2b:2e:03:3d:c6:4e:ed:
12:92:9d:8f:52:47:92:ad:c3:97:79:1a:96:a5:aa:
75:e0:e9:8c:64:e7:34:af:c4:3d:b3:d9:a5:55:c7:
d3:22:d5:5c:b8:37:be:25:28:30:4a:08:6a:aa:38:
ad:3d:40:4a:e4:e2:c8:c6:e8:57:48:d7:93:40:d4:
77:e7:f6:e8:71:f4:84:2c:59:45:19:77:91:1a:e6:
44:f3:7e:5f:da:27:38:0b:61:22:e3:74:a0:77:7d:
23:80:50:2c:90:d9:d9:7e:fe:da:7e:df:51:9d:93:
26:6d:d8:c4:e2:3e:c5:c6:8e:30:19:22:89:8a:4e:
8e:dc:be:14:e6:57:be:85:64:41:a2:c5:cd:b0:4a:
11:11:96:ca:fc:8e:ff:f3:ee:d8:25:93:b6:af:e0:
22:ce:71:ad:c8:5a:29:7d:2a:d8:f0:81:e5:b0:45:
c0:40:af:36:23:af:46:01:0e:b8:1e:96:fa:8c:7b:
38:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:28:FC:CB:52:0A:C2:A3:2A:A4:F0:E4:6D:5B:CF:FA:82:7D:33:2E
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/Eij8y1IKwqMqpPDkbVvP-oJ9My4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
65:1e:81:90:1d:94:e1:c6:15:5f:92:15:ba:1c:32:90:3a:38:
5d:de:7f:e3:2a:bf:1a:50:1d:56:49:8e:94:b4:bf:5d:96:6b:
c7:c4:67:35:6e:1b:39:b3:59:b3:84:bd:2a:29:ce:ae:8a:45:
9a:67:cb:62:83:b1:0b:69:ec:e1:9e:e3:44:b8:96:ce:a0:a0:
a8:70:bb:36:35:e2:f7:41:9b:d8:e9:ab:9e:62:1b:8c:6b:fb:
f5:c9:64:0d:93:97:be:20:a6:75:3d:88:1f:6d:a2:7c:42:1d:
68:d8:02:92:73:dc:d9:29:d4:f2:30:d2:7a:a8:10:92:2c:83:
06:03:d3:e3:80:ff:d0:a1:49:0d:e2:45:32:07:0d:17:08:a1:
b9:4b:bd:95:e8:1d:62:8c:1e:ed:f9:e0:c0:e0:c5:16:fe:04:
4a:17:ba:2e:a4:90:e9:15:04:18:12:24:9f:f1:e2:9c:e9:cb:
73:4a:a1:45:84:ac:1f:09:42:78:db:35:51:0c:cc:b5:05:f2:
9c:24:0d:e7:70:81:1e:65:58:1f:64:71:69:3d:77:a4:be:0c:
8c:36:c1:01:b8:be:cb:ff:74:a6:49:f4:df:0b:57:c8:d7:11:
4e:89:48:fb:7c:80:9a:5a:f3:20:1f:11:92:3a:36:9c:e4:47:
cd:4b:63:38
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAYzJTkt/M8LpVk8FQHpHQn98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjQwMTAyMDgzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjI4ZmNjYjUyMGFjMmEzMmFhNGYwZTQ2ZDViY2ZmYTgyN2QzMzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgzlS50Cu8a82cNnZjT+At+lPgAwS
1XcQ6kKD/gCyK5buKB5Aa4MdiyEOLGLvkJnKWqxCVsCdrBBJXYhQyJvC1TbvGCsu
Az3GTu0Skp2PUkeSrcOXeRqWpap14OmMZOc0r8Q9s9mlVcfTItVcuDe+JSgwSghq
qjitPUBK5OLIxuhXSNeTQNR35/bocfSELFlFGXeRGuZE835f2ic4C2Ei43Sgd30j
gFAskNnZfv7aft9RnZMmbdjE4j7Fxo4wGSKJik6O3L4U5le+hWRBosXNsEoREZbK
/I7/8+7YJZO2r+AiznGtyFopfSrY8IHlsEXAQK82I69GAQ64Hpb6jHs4VQIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFBIo/MtSCsKjKqTw5G1bz/qCfTMuMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvRWlqOHkxSUt3cU1xcFBEa2JWdlAtb0o5TXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAGUegZAdlOHGFV+SFbocMpA6OF3ef+MqvxpQHVZJjpS0
v12Wa8fEZzVuGzmzWbOEvSopzq6KRZpny2KDsQtp7OGe40S4ls6goKhwuzY14vdB
m9jpq55iG4xr+/XJZA2Tl74gpnU9iB9tonxCHWjYApJz3Nkp1PIw0nqoEJIsgwYD
0+OA/9ChSQ3iRTIHDRcIoblLvZXoHWKMHu354MDgxRb+BEoXui6kkOkVBBgSJJ/x
4pzpy3NKoUWErB8JQnjbNVEMzLUF8pwkDedwgR5lWB9kcWk9d6S+DIw2wQG4vsv/
dKZJ9N8LV8jXEU6JSPt8gJpa8yAfEZI6NpzkR81LYzg=
-----END CERTIFICATE-----
Generated at Mon Apr 29 13:36:40 2024 by rpki-client on console-ams.rpki-client.org