Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/ae5206-c843-4bd5-8860-71e95b04b3ec/1/eK5GtGLtjaw7ISgy5Up7rZ3ouAE.roa
File: eK5GtGLtjaw7ISgy5Up7rZ3ouAE.roa (raw, json)
Hash identifier: PH0pYZWAyIVlmvm7TwosaiXNCaZJhdfuRYifQVTFM4s=
Subject key identifier: 78:AE:46:B4:62:ED:8D:AC:3B:21:28:32:E5:4A:7B:AD:9D:E8:B8:01
Certificate issuer: /CN=a43b5322b8ea38a7a044dcb0671a75dba1043d7e
Certificate serial: 0191E122056B8481C24A19F6904BA5868BC4
Authority key identifier: A4:3B:53:22:B8:EA:38:A7:A0:44:DC:B0:67:1A:75:DB:A1:04:3D:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pDtTIrjqOKegRNywZxp126EEPX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/ae5206-c843-4bd5-8860-71e95b04b3ec/1/eK5GtGLtjaw7ISgy5Up7rZ3ouAE.roa
Signing time: Wed 11 Sep 2024 12:49:48 +0000
ROA not before: Wed 11 Sep 2024 12:49:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134094
IP address blocks: 185.190.16.0/24 maxlen: 24
185.190.17.0/24 maxlen: 24
185.190.18.0/24 maxlen: 24
185.190.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/ae5206-c843-4bd5-8860-71e95b04b3ec/1/pDtTIrjqOKegRNywZxp126EEPX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/ae5206-c843-4bd5-8860-71e95b04b3ec/1/pDtTIrjqOKegRNywZxp126EEPX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/pDtTIrjqOKegRNywZxp126EEPX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:e1:22:05:6b:84:81:c2:4a:19:f6:90:4b:a5:86:8b:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a43b5322b8ea38a7a044dcb0671a75dba1043d7e
Validity
Not Before: Sep 11 12:49:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78ae46b462ed8dac3b212832e54a7bad9de8b801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:4d:ec:ca:dc:d5:73:00:5c:87:6e:37:cd:3c:
60:bd:85:6a:7c:8c:e5:e0:52:3c:42:d9:02:33:da:
d0:d3:f3:f5:5b:d4:b1:ef:80:fd:f3:b8:b6:56:2d:
da:34:c8:75:c8:bd:b6:df:5f:7f:1b:62:5f:70:ed:
3c:8b:9d:0c:89:13:8c:03:b5:44:55:6c:3e:b6:ef:
72:70:4a:a2:07:7f:f7:9b:b8:dc:bf:c3:de:e2:58:
7e:02:6b:95:97:b5:43:9b:41:5b:dc:6c:ad:89:9f:
4f:ba:62:e5:fb:00:d7:bb:ea:d7:62:8f:69:e5:30:
4d:89:e8:3a:ee:f7:c3:08:60:14:60:61:1f:2c:f6:
53:89:fd:04:de:ed:b3:08:6e:b7:75:6d:3e:2e:64:
ec:f0:c8:41:97:d6:e2:a7:0b:5f:2b:54:b6:9c:58:
01:a8:f2:19:f3:87:f4:64:0d:dd:b5:9f:ae:94:95:
07:47:9a:bf:a2:de:35:5c:81:53:6d:43:93:9d:f7:
4e:8c:58:ff:41:eb:f9:44:9b:b5:33:e7:93:3a:e9:
12:de:7c:9e:84:68:1b:a3:dd:36:fa:7c:df:d7:d5:
57:f5:25:cf:72:9f:df:5d:af:5c:45:38:9d:ce:6e:
34:a9:42:55:3d:fe:67:c9:38:e4:16:9b:0e:26:f8:
93:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:AE:46:B4:62:ED:8D:AC:3B:21:28:32:E5:4A:7B:AD:9D:E8:B8:01
X509v3 Authority Key Identifier:
keyid:A4:3B:53:22:B8:EA:38:A7:A0:44:DC:B0:67:1A:75:DB:A1:04:3D:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pDtTIrjqOKegRNywZxp126EEPX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/ae5206-c843-4bd5-8860-71e95b04b3ec/1/eK5GtGLtjaw7ISgy5Up7rZ3ouAE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/ae5206-c843-4bd5-8860-71e95b04b3ec/1/pDtTIrjqOKegRNywZxp126EEPX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.16.0/22
Signature Algorithm: sha256WithRSAEncryption
93:6a:c8:2f:17:86:3d:75:ec:aa:81:6d:3c:94:50:ab:75:be:
de:9b:d3:92:f0:35:95:fd:63:76:8d:51:cd:ef:41:07:1b:1f:
e2:58:f0:94:dd:71:21:a4:dc:39:25:df:b0:fd:68:56:41:12:
34:5e:5e:8b:82:71:0d:17:7d:31:e6:7d:05:21:d1:b4:3f:d0:
83:5e:de:25:55:87:11:15:f8:29:b5:81:3a:7e:96:b5:69:56:
88:77:eb:96:bb:38:ac:56:ff:2b:0d:c1:6d:4e:4b:64:57:90:
67:e5:c4:7a:de:eb:25:28:fb:41:a5:27:76:96:32:56:8c:0b:
b2:ef:91:3c:1b:e5:a8:e5:85:5f:56:6f:6d:7c:3f:3c:46:33:
06:61:38:e0:de:71:90:51:e2:59:03:d6:be:73:ea:7e:74:41:
99:e8:16:9c:a3:a1:ac:d5:f0:75:aa:e2:40:3b:9b:75:03:c4:
c6:ee:75:9a:4c:bd:95:45:87:70:80:07:41:2f:45:0b:d0:41:
ff:30:09:6c:9d:3f:db:94:f4:db:78:08:8e:11:ab:f4:bb:87:
10:f5:4a:4d:c2:7c:92:7a:bc:31:f4:5d:0d:ac:09:7d:9a:46:
47:fd:8f:ee:cb:f4:8a:17:4b:fa:17:f0:bc:08:a3:7c:8a:83:
de:06:b7:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZHhIgVrhIHCShn2kEulhovEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0M2I1MzIyYjhlYTM4YTdhMDQ0ZGNiMDY3MWE3NWRiYTEw
NDNkN2UwHhcNMjQwOTExMTI0OTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGFlNDZiNDYyZWQ4ZGFjM2IyMTI4MzJlNTRhN2JhZDlkZThiODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmU3sytzVcwBch243zTxgvYVqfIzl
4FI8QtkCM9rQ0/P1W9Sx74D987i2Vi3aNMh1yL22319/G2JfcO08i50MiROMA7VE
VWw+tu9ycEqiB3/3m7jcv8Pe4lh+AmuVl7VDm0Fb3GytiZ9PumLl+wDXu+rXYo9p
5TBNieg67vfDCGAUYGEfLPZTif0E3u2zCG63dW0+LmTs8MhBl9bipwtfK1S2nFgB
qPIZ84f0ZA3dtZ+ulJUHR5q/ot41XIFTbUOTnfdOjFj/Qev5RJu1M+eTOukS3nye
hGgbo902+nzf19VX9SXPcp/fXa9cRTidzm40qUJVPf5nyTjkFpsOJviTDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHiuRrRi7Y2sOyEoMuVKe62d6LgBMB8GA1UdIwQY
MBaAFKQ7UyK46jinoETcsGcadduhBD1+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcER0VElyanFPS2VnUk55d1p4cDEyNkVFUFg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy9hZTUyMDYtYzg0My00YmQ1LTg4NjAt
NzFlOTViMDRiM2VjLzEvZUs1R3RHTHRqYXc3SVNneTVVcDdyWjNvdUFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy9hZTUyMDYtYzg0My00YmQ1LTg4NjAtNzFlOTViMDRiM2Vj
LzEvcER0VElyanFPS2VnUk55d1p4cDEyNkVFUFg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCub4QMA0G
CSqGSIb3DQEBCwUAA4IBAQCTasgvF4Y9deyqgW08lFCrdb7em9OS8DWV/WN2jVHN
70EHGx/iWPCU3XEhpNw5Jd+w/WhWQRI0Xl6LgnENF30x5n0FIdG0P9CDXt4lVYcR
FfgptYE6fpa1aVaId+uWuzisVv8rDcFtTktkV5Bn5cR63uslKPtBpSd2ljJWjAuy
75E8G+Wo5YVfVm9tfD88RjMGYTjg3nGQUeJZA9a+c+p+dEGZ6Baco6Gs1fB1quJA
O5t1A8TG7nWaTL2VRYdwgAdBL0UL0EH/MAlsnT/blPTbeAiOEav0u4cQ9UpNwnyS
erwx9F0NrAl9mkZH/Y/uy/SKF0v6F/C8CKN8ioPeBrfK
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:19:00 2024 by rpki-client on console-ams.rpki-client.org