Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/E0diW6coHt66wvrJT4E71gCh3Yk.roa
File: E0diW6coHt66wvrJT4E71gCh3Yk.roa (raw, json)
Hash identifier: 6+TjNpZQbFeq8cdjuSDG2Hvr8aS/qIugom95xp2/YfI=
Subject key identifier: 13:47:62:5B:A7:28:1E:DE:BA:C2:FA:C9:4F:81:3B:D6:00:A1:DD:89
Certificate issuer: /CN=ead799026094d60516b527d842b6166805668e9e
Certificate serial: 018CCA2BC827E9BF0B81064FDC235594BC3C
Authority key identifier: EA:D7:99:02:60:94:D6:05:16:B5:27:D8:42:B6:16:68:05:66:8E:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6teZAmCU1gUWtSfYQrYWaAVmjp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/E0diW6coHt66wvrJT4E71gCh3Yk.roa
Signing time: Tue 02 Jan 2024 12:35:16 +0000
ROA not before: Tue 02 Jan 2024 12:35:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 22562
IP address blocks: 159.101.240.0/22 maxlen: 22
159.101.128.0/21 maxlen: 21
159.101.236.0/22 maxlen: 22
159.101.252.0/23 maxlen: 23
159.101.254.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/6teZAmCU1gUWtSfYQrYWaAVmjp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/6teZAmCU1gUWtSfYQrYWaAVmjp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/6teZAmCU1gUWtSfYQrYWaAVmjp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:c8:27:e9:bf:0b:81:06:4f:dc:23:55:94:bc:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ead799026094d60516b527d842b6166805668e9e
Validity
Not Before: Jan 2 12:35:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1347625ba7281edebac2fac94f813bd600a1dd89
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3b:c8:8f:2c:8c:44:39:dd:f5:ac:ea:be:3c:
df:d4:7f:a7:3a:02:49:93:9b:a4:52:bf:f3:88:e0:
eb:e6:57:d1:fe:6f:bc:68:b3:f7:14:c0:c1:79:f0:
84:03:57:04:39:b4:37:d6:4b:89:f9:3e:a0:a3:dc:
8a:96:0f:39:6f:83:e6:29:8d:64:60:b7:f9:b5:ef:
ea:4c:cb:17:9b:9b:b4:e9:11:71:8e:ae:7b:96:0d:
20:39:a5:66:e3:da:55:6d:bb:4f:5b:b0:3c:35:3a:
22:9e:b3:c6:8d:30:d4:48:44:46:22:32:53:3b:e1:
f4:d4:dd:8a:dd:60:19:24:a0:69:ed:9a:de:21:b4:
b9:71:a8:13:7d:70:01:ce:66:46:aa:3a:01:56:ef:
85:35:81:b7:40:98:c6:36:1d:a3:a3:a3:f6:bb:48:
b3:78:a8:8f:82:da:c2:64:eb:f0:52:8e:1f:e1:bf:
14:54:44:99:a6:45:07:eb:fa:9d:56:af:7e:ef:f3:
13:4a:2f:d2:67:f2:96:53:5d:49:a6:2d:95:09:eb:
75:08:6d:06:2b:f1:a6:75:e6:d6:ba:b6:05:8f:5c:
30:ed:89:d6:37:20:92:8f:1e:df:c8:12:fb:fe:8d:
a7:33:5a:22:69:91:31:80:ba:c8:86:51:84:a5:ae:
a2:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:47:62:5B:A7:28:1E:DE:BA:C2:FA:C9:4F:81:3B:D6:00:A1:DD:89
X509v3 Authority Key Identifier:
keyid:EA:D7:99:02:60:94:D6:05:16:B5:27:D8:42:B6:16:68:05:66:8E:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6teZAmCU1gUWtSfYQrYWaAVmjp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/E0diW6coHt66wvrJT4E71gCh3Yk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/19870f-866c-4420-ad08-30c9e202e995/1/6teZAmCU1gUWtSfYQrYWaAVmjp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.101.128.0/21
159.101.236.0-159.101.243.255
159.101.252.0/22
Signature Algorithm: sha256WithRSAEncryption
30:2c:08:23:73:f1:61:81:2b:e5:b9:0a:6d:21:c4:c6:42:06:
80:c6:c6:90:4a:00:50:c6:1d:d2:25:9a:93:da:73:7d:fe:5e:
50:bf:cd:58:6e:38:d6:19:46:bb:fe:8c:18:b2:c7:02:7b:4a:
8e:0e:d4:76:13:6a:d4:22:81:c4:7e:a8:1c:e8:70:d9:a5:0d:
a5:41:da:fc:ae:b0:4f:a9:f8:83:a5:44:53:50:76:6e:62:75:
e7:bb:2f:31:a3:38:56:38:0d:47:0e:73:13:e8:d1:79:6b:d0:
6f:57:a3:d3:10:59:65:27:7d:db:b1:55:53:65:c3:cc:1c:e9:
fa:47:e1:e0:65:08:3e:4b:f7:10:a5:dc:89:25:67:26:47:2c:
73:8c:ae:1d:5e:51:03:bf:54:64:8f:75:bd:b6:ed:87:74:11:
87:d3:1d:d7:51:24:4e:e3:b3:4b:1c:7a:f1:83:48:82:41:6b:
f4:c5:f3:f9:62:ab:4f:9e:a4:05:1f:ed:62:aa:6d:ff:f6:35:
27:a4:be:96:37:2e:f3:65:5a:db:45:45:23:a8:a0:2f:ab:a0:
31:99:22:7b:35:c7:e2:8e:a1:12:97:05:fc:8a:2c:34:2e:ab:
d4:c3:d8:45:7c:62:3a:83:a8:a0:1a:61:43:42:1c:f8:53:a2:
3e:0a:c8:f5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzKK8gn6b8LgQZP3CNVlLw8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhZDc5OTAyNjA5NGQ2MDUxNmI1MjdkODQyYjYxNjY4MDU2
NjhlOWUwHhcNMjQwMTAyMTIzNTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzQ3NjI1YmE3MjgxZWRlYmFjMmZhYzk0ZjgxM2JkNjAwYTFkZDg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzvIjyyMRDnd9azqvjzf1H+nOgJJ
k5ukUr/ziODr5lfR/m+8aLP3FMDBefCEA1cEObQ31kuJ+T6go9yKlg85b4PmKY1k
YLf5te/qTMsXm5u06RFxjq57lg0gOaVm49pVbbtPW7A8NToinrPGjTDUSERGIjJT
O+H01N2K3WAZJKBp7ZreIbS5cagTfXABzmZGqjoBVu+FNYG3QJjGNh2jo6P2u0iz
eKiPgtrCZOvwUo4f4b8UVESZpkUH6/qdVq9+7/MTSi/SZ/KWU11Jpi2VCet1CG0G
K/GmdebWurYFj1ww7YnWNyCSjx7fyBL7/o2nM1oiaZExgLrIhlGEpa6ilwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBNHYlunKB7eusL6yU+BO9YAod2JMB8GA1UdIwQY
MBaAFOrXmQJglNYFFrUn2EK2FmgFZo6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnRlWkFtQ1UxZ1VXdFNmWVFyWVdhQVZtanA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy8xOTg3MGYtODY2Yy00NDIwLWFkMDgt
MzBjOWUyMDJlOTk1LzEvRTBkaVc2Y29IdDY2d3ZySlQ0RTcxZ0NoM1lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy8xOTg3MGYtODY2Yy00NDIwLWFkMDgtMzBjOWUyMDJlOTk1
LzEvNnRlWkFtQ1UxZ1VXdFNmWVFyWVdhQVZtanA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDn2WAMAwD
BAKfZewDBAKfZfADBAKfZfwwDQYJKoZIhvcNAQELBQADggEBADAsCCNz8WGBK+W5
Cm0hxMZCBoDGxpBKAFDGHdIlmpPac33+XlC/zVhuONYZRrv+jBiyxwJ7So4O1HYT
atQigcR+qBzocNmlDaVB2vyusE+p+IOlRFNQdm5idee7LzGjOFY4DUcOcxPo0Xlr
0G9Xo9MQWWUnfduxVVNlw8wc6fpH4eBlCD5L9xCl3IklZyZHLHOMrh1eUQO/VGSP
db227Yd0EYfTHddRJE7js0scevGDSIJBa/TF8/liq0+epAUf7WKqbf/2NSekvpY3
LvNlWttFRSOooC+roDGZIns1x+KOoRKXBfyKLDQuq9TD2EV8YjqDqKAaYUNCHPhT
oj4KyPU=
-----END CERTIFICATE-----
Generated at Wed Jun 26 04:00:52 2024 by rpki-client on console-fra.rpki-client.org