Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/EXiNu2cB9vgr4kJF3OkTMYDYBH8.roa
File: EXiNu2cB9vgr4kJF3OkTMYDYBH8.roa (raw, json)
Hash identifier: 9ktLg8uxfUa8OLDDcOWd3rcSG5BewY0UOtO7Xt4lsLY=
Subject key identifier: 11:78:8D:BB:67:01:F6:F8:2B:E2:42:45:DC:E9:13:31:80:D8:04:7F
Certificate issuer: /CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Certificate serial: 018CCA2A41E4F8442D8C6EC50F33E9EC193D
Authority key identifier: 49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/EXiNu2cB9vgr4kJF3OkTMYDYBH8.roa
Signing time: Tue 02 Jan 2024 12:33:36 +0000
ROA not before: Tue 02 Jan 2024 12:33:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 80.71.231.0/24 maxlen: 24
80.71.233.0/24 maxlen: 24
80.71.235.0/24 maxlen: 24
80.71.236.0/24 maxlen: 24
80.71.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.mft
rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:41:e4:f8:44:2d:8c:6e:c5:0f:33:e9:ec:19:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49e51694c4d46b4fcc02fae71e5db942a7108e47
Validity
Not Before: Jan 2 12:33:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11788dbb6701f6f82be24245dce9133180d8047f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:d0:99:71:f6:23:58:ef:53:cf:de:a4:b0:69:
fc:f0:c9:b4:aa:a1:bd:62:3d:58:45:ab:ac:87:44:
d9:4d:51:7c:2e:67:4f:80:41:84:5e:87:20:a3:83:
dc:80:5e:ab:d3:62:e2:99:c9:cf:af:39:b8:8d:8b:
3f:49:0b:c6:fc:11:f5:9e:af:55:38:02:b1:0b:12:
b4:45:f7:d7:9a:1e:ec:7b:4e:76:12:be:9e:5a:a0:
29:b8:fd:c3:8c:7a:92:a0:48:1e:4f:0f:c2:cf:3b:
c5:f8:11:e3:b3:7f:71:8c:79:c0:e8:26:a7:67:46:
fc:e5:6d:e7:84:a7:ff:0e:e4:54:97:d6:d5:b0:1f:
e5:56:36:d1:32:73:67:67:66:19:24:7a:53:dd:07:
92:0c:55:dd:18:2b:b8:26:f5:99:aa:c0:08:4c:41:
47:bd:03:da:f0:67:64:66:98:5c:a4:c0:bf:79:6f:
ce:58:28:7d:a0:1e:04:2d:50:82:a4:c7:8a:d0:23:
e3:88:18:2a:76:3f:70:1f:e0:54:c0:ad:d4:aa:eb:
87:74:5f:07:c6:a5:3e:02:26:5f:09:4f:7a:ad:c5:
e3:ab:35:91:ca:53:c8:43:fe:6b:ea:f4:a8:0a:9e:
5a:0e:4a:c4:e5:43:56:e8:e8:4f:91:b5:24:d8:53:
8b:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:78:8D:BB:67:01:F6:F8:2B:E2:42:45:DC:E9:13:31:80:D8:04:7F
X509v3 Authority Key Identifier:
keyid:49:E5:16:94:C4:D4:6B:4F:CC:02:FA:E7:1E:5D:B9:42:A7:10:8E:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SeUWlMTUa0_MAvrnHl25QqcQjkc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/EXiNu2cB9vgr4kJF3OkTMYDYBH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/9db525-1059-4c07-a5ad-19189b3c9c7d/1/SeUWlMTUa0_MAvrnHl25QqcQjkc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.71.231.0/24
80.71.233.0/24
80.71.235.0-80.71.236.255
80.71.238.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:60:ae:52:d1:bf:da:6b:12:aa:9d:ac:9e:73:fe:b9:ab:f5:
b6:47:6d:75:bd:0b:35:0a:c0:32:5c:a4:d4:28:b3:ba:1b:15:
85:de:6b:e1:9b:4e:33:ac:88:3a:f7:dc:fa:91:f7:72:b2:db:
3f:3f:7e:b8:fd:ed:a8:82:7f:3c:b1:8d:f9:f6:7e:8b:64:c3:
b7:90:f3:47:7e:0c:49:9d:5d:72:a5:7b:c1:95:d4:fa:14:ac:
48:e0:68:69:83:93:50:4e:a3:b9:26:09:71:74:b4:80:d2:2a:
2b:4f:84:e1:78:cb:72:07:83:72:7b:07:77:c8:e0:3e:19:e3:
e6:7a:fd:84:37:44:7b:cc:ea:46:b5:93:41:0a:b0:8e:ed:9c:
82:e1:e7:94:da:2a:4f:91:eb:4d:6f:b5:d8:ca:56:c2:f6:13:
06:7c:11:b1:2f:7c:7c:fa:e9:fa:c5:81:e9:40:28:90:d1:b0:
db:01:88:63:cf:b3:96:0c:81:50:bf:63:da:33:59:c6:4a:1e:
89:26:46:44:26:63:a7:c1:89:a9:67:ea:ea:e0:40:e0:50:c3:
8e:ec:43:94:61:a5:84:97:e1:a9:59:9f:8d:aa:06:f4:05:b7:
c0:8b:f0:69:ff:a7:9c:47:0d:c9:18:b5:21:24:62:a3:c8:f1:
c0:84:1d:3c
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzKKkHk+EQtjG7FDzPp7Bk9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZTUxNjk0YzRkNDZiNGZjYzAyZmFlNzFlNWRiOTQyYTcx
MDhlNDcwHhcNMjQwMTAyMTIzMzM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTc4OGRiYjY3MDFmNmY4MmJlMjQyNDVkY2U5MTMzMTgwZDgwNDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp9CZcfYjWO9Tz96ksGn88Mm0qqG9
Yj1YRaush0TZTVF8LmdPgEGEXocgo4PcgF6r02LimcnPrzm4jYs/SQvG/BH1nq9V
OAKxCxK0RffXmh7se052Er6eWqApuP3DjHqSoEgeTw/CzzvF+BHjs39xjHnA6Can
Z0b85W3nhKf/DuRUl9bVsB/lVjbRMnNnZ2YZJHpT3QeSDFXdGCu4JvWZqsAITEFH
vQPa8GdkZphcpMC/eW/OWCh9oB4ELVCCpMeK0CPjiBgqdj9wH+BUwK3UquuHdF8H
xqU+AiZfCU96rcXjqzWRylPIQ/5r6vSoCp5aDkrE5UNW6OhPkbUk2FOLFwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFBF4jbtnAfb4K+JCRdzpEzGA2AR/MB8GA1UdIwQY
MBaAFEnlFpTE1GtPzAL65x5duUKnEI5HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQt
MTkxODliM2M5YzdkLzEvRVhpTnUyY0I5dmdyNGtKRjNPa1RNWURZQkg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni85ZGI1MjUtMTA1OS00YzA3LWE1YWQtMTkxODliM2M5Yzdk
LzEvU2VVV2xNVFVhMF9NQXZybkhsMjVRcWNRamtjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAUEfnAwQA
UEfpMAwDBABQR+sDBABQR+wDBABQR+4wDQYJKoZIhvcNAQELBQADggEBAKdgrlLR
v9prEqqdrJ5z/rmr9bZHbXW9CzUKwDJcpNQos7obFYXea+GbTjOsiDr33PqR93Ky
2z8/frj97aiCfzyxjfn2fotkw7eQ80d+DEmdXXKle8GV1PoUrEjgaGmDk1BOo7km
CXF0tIDSKitPhOF4y3IHg3J7B3fI4D4Z4+Z6/YQ3RHvM6ka1k0EKsI7tnILh55Ta
Kk+R601vtdjKVsL2EwZ8EbEvfHz66frFgelAKJDRsNsBiGPPs5YMgVC/Y9ozWcZK
HokmRkQmY6fBialn6urgQOBQw47sQ5RhpYSX4alZn42qBvQFt8CL8Gn/p5xHDckY
tSEkYqPI8cCEHTw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:30:00 2024 by rpki-client on console-ams.rpki-client.org