Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/EroMs8AZgHBRlbJuf136uxGI9t0.roa
File: EroMs8AZgHBRlbJuf136uxGI9t0.roa (raw, json)
Hash identifier: OKoQuncyBINBvBr64otCtHbvGE+0c1Blu3HVhyzNKh0=
Subject key identifier: 12:BA:0C:B3:C0:19:80:70:51:95:B2:6E:7F:5D:FA:BB:11:88:F6:DD
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018CCA2A54FCD5EAFEA1456EF99870BD7A82
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/EroMs8AZgHBRlbJuf136uxGI9t0.roa
Signing time: Tue 02 Jan 2024 12:33:41 +0000
ROA not before: Tue 02 Jan 2024 12:33:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206499
IP address blocks: 185.133.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:54:fc:d5:ea:fe:a1:45:6e:f9:98:70:bd:7a:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Jan 2 12:33:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12ba0cb3c01980705195b26e7f5dfabb1188f6dd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:77:29:bb:07:e4:d8:14:e7:23:2b:e2:ba:0d:
8c:5b:99:b5:1f:3d:39:bb:a3:3b:5f:58:03:90:81:
d3:92:b3:4e:a3:49:a4:bb:dd:ff:d4:e0:09:24:11:
8a:e6:5f:fa:0d:c5:ad:4d:e6:43:92:86:77:14:27:
d8:81:2e:fe:95:93:db:6f:9a:2f:18:26:b5:52:66:
2c:1a:2a:9b:8b:d3:5a:92:2c:0a:e2:4b:98:3f:03:
2a:d1:3c:ab:a1:b5:b4:93:1b:0d:1a:b8:2c:a4:36:
ed:12:f4:94:43:0c:20:a0:b8:2b:1a:21:14:c3:be:
41:09:90:7c:ee:07:d8:da:f2:fb:d5:06:a6:e9:50:
e8:11:3c:40:a1:43:ac:23:ac:66:02:a5:be:e6:4e:
17:57:49:cc:8e:af:fa:75:26:37:e0:ed:f1:eb:06:
64:d1:3e:17:ce:cb:76:77:f3:92:3d:26:0a:d1:9f:
0f:77:6e:e7:c8:14:2c:1d:55:80:04:14:dc:5a:ff:
da:20:aa:19:55:38:31:01:1e:cb:5c:5c:2f:29:cb:
72:95:4b:93:55:80:8a:f4:83:f8:87:4f:b6:6a:a8:
4e:55:0a:9d:0d:b3:b8:65:cb:30:40:cb:09:65:4c:
e0:03:0a:eb:27:4a:43:c5:95:6f:07:ce:ea:bd:ab:
b7:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:BA:0C:B3:C0:19:80:70:51:95:B2:6E:7F:5D:FA:BB:11:88:F6:DD
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/EroMs8AZgHBRlbJuf136uxGI9t0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.133.208.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:51:d0:f5:c4:4a:24:87:d8:37:fd:82:78:8d:77:e9:73:36:
db:9e:99:b7:b9:b9:a3:0f:4e:8e:24:22:aa:ec:9f:c7:c3:fc:
69:9a:37:fc:a1:59:5e:8a:65:b0:09:ff:30:19:44:64:66:02:
e0:21:42:01:3e:c6:e5:0e:b9:83:85:16:1c:24:6c:99:f2:f6:
5f:cc:41:77:49:14:a9:95:39:76:d3:aa:8f:c4:7e:69:e7:0e:
ee:6e:20:40:8a:f7:8b:43:fb:e8:59:c2:24:20:1f:0b:d2:f1:
c3:1a:c5:c9:99:0b:c4:4a:5b:e8:39:86:78:f4:91:0f:51:6e:
39:a4:38:4a:b1:35:04:5f:19:1e:6c:21:97:e8:c8:e4:69:49:
4e:96:62:2b:ca:de:d6:31:af:de:a4:3e:80:e3:8d:f3:40:58:
24:08:a3:f6:25:4f:17:af:ea:47:d5:dc:d3:a5:4e:81:70:77:
08:cd:e6:ea:62:e0:d4:57:d8:47:a0:27:c9:dc:cb:25:87:e1:
44:41:57:f8:f2:14:a8:bb:13:64:b1:86:1b:a3:1e:99:7d:5d:
67:20:7c:3f:84:78:e0:4f:3c:1f:10:db:ca:e6:41:82:3c:f6:
e4:9d:b4:94:5c:21:b6:58:de:ea:3c:69:0e:f0:4a:a4:7a:bb:
b0:7f:40:51
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKlT81er+oUVu+ZhwvXqCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjQwMTAyMTIzMzQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmJhMGNiM2MwMTk4MDcwNTE5NWIyNmU3ZjVkZmFiYjExODhmNmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgHcpuwfk2BTnIyviug2MW5m1Hz05
u6M7X1gDkIHTkrNOo0mku93/1OAJJBGK5l/6DcWtTeZDkoZ3FCfYgS7+lZPbb5ov
GCa1UmYsGiqbi9NakiwK4kuYPwMq0TyrobW0kxsNGrgspDbtEvSUQwwgoLgrGiEU
w75BCZB87gfY2vL71Qam6VDoETxAoUOsI6xmAqW+5k4XV0nMjq/6dSY34O3x6wZk
0T4Xzst2d/OSPSYK0Z8Pd27nyBQsHVWABBTcWv/aIKoZVTgxAR7LXFwvKctylUuT
VYCK9IP4h0+2aqhOVQqdDbO4ZcswQMsJZUzgAwrrJ0pDxZVvB87qvau3oQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBK6DLPAGYBwUZWybn9d+rsRiPbdMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvRXJvTXM4QVpnSEJSbGJKdWYxMzZ1eEdJOXQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuYXQMA0G
CSqGSIb3DQEBCwUAA4IBAQBcUdD1xEokh9g3/YJ4jXfpczbbnpm3ubmjD06OJCKq
7J/Hw/xpmjf8oVleimWwCf8wGURkZgLgIUIBPsblDrmDhRYcJGyZ8vZfzEF3SRSp
lTl206qPxH5p5w7ubiBAiveLQ/voWcIkIB8L0vHDGsXJmQvESlvoOYZ49JEPUW45
pDhKsTUEXxkebCGX6MjkaUlOlmIryt7WMa/epD6A443zQFgkCKP2JU8Xr+pH1dzT
pU6BcHcIzebqYuDUV9hHoCfJ3Mslh+FEQVf48hSouxNksYYbox6ZfV1nIHw/hHjg
TzwfENvK5kGCPPbknbSUXCG2WN7qPGkO8Eqkeruwf0BR
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:46:28 2024 by rpki-client on console-fra.rpki-client.org