Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/6EgY-EeWCDJoaITajWJgDE0zMSE.roa
File: 6EgY-EeWCDJoaITajWJgDE0zMSE.roa (raw, json)
Hash identifier: HOQx1ZeM5ecNQn5yAaiDEspQTcjOKrs9FBdUxXQuUpA=
Subject key identifier: E8:48:18:F8:47:96:08:32:68:68:84:DA:8D:62:60:0C:4D:33:31:21
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 01934759396485BE107A5F61960F42D64DB8
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/6EgY-EeWCDJoaITajWJgDE0zMSE.roa
Signing time: Wed 20 Nov 2024 02:14:09 +0000
ROA not before: Wed 20 Nov 2024 02:14:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23352
IP address blocks: 198.38.85.0/24 maxlen: 24
198.38.86.0/24 maxlen: 24
198.38.87.0/24 maxlen: 24
198.38.88.0/24 maxlen: 24
198.38.89.0/24 maxlen: 24
198.38.90.0/24 maxlen: 24
198.38.91.0/24 maxlen: 24
198.38.92.0/24 maxlen: 24
198.38.93.0/24 maxlen: 24
198.38.94.0/24 maxlen: 24
198.38.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:47:59:39:64:85:be:10:7a:5f:61:96:0f:42:d6:4d:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Nov 20 02:14:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e84818f847960832686884da8d62600c4d333121
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:51:d4:70:0f:83:33:8c:49:ac:e2:c1:2a:c4:
6a:cf:9c:5f:5c:40:39:e0:fd:6e:19:19:a8:78:65:
3e:49:c3:13:e7:66:09:2c:39:48:f3:33:4a:43:11:
bd:d1:da:85:12:5c:59:e1:b1:d6:78:79:01:85:f0:
10:15:a4:31:00:fb:b0:18:4f:c6:7e:c0:24:77:01:
84:43:8f:74:b9:bb:74:02:b5:46:c5:97:87:ef:12:
53:f7:63:65:ce:9e:13:b6:8a:7b:f0:50:b4:41:86:
84:f1:b6:43:04:c5:1e:3b:cd:6e:75:8f:31:b1:ea:
b2:89:d0:a1:9c:6b:0a:24:b5:38:ad:1d:d6:0e:1f:
09:4c:2b:1a:41:49:1f:83:81:c4:54:53:f1:96:2c:
d6:9f:08:8b:b5:35:00:cc:85:aa:2b:b7:a7:96:64:
ad:2f:b4:6c:f3:4a:3d:d6:69:b5:90:e8:14:1f:a0:
cf:be:1e:7c:a0:ce:3d:4a:21:67:c6:6b:17:91:1d:
1c:56:fa:d2:47:de:cc:85:cf:d5:a1:90:5e:91:85:
7f:6a:54:df:19:ff:5c:2a:38:72:83:da:e2:5c:ba:
5c:8c:26:e3:4c:20:78:bc:ae:80:fc:66:29:4f:16:
d1:df:a9:81:d1:da:bf:f9:c9:65:c9:5a:a2:43:65:
7f:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:48:18:F8:47:96:08:32:68:68:84:DA:8D:62:60:0C:4D:33:31:21
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/6EgY-EeWCDJoaITajWJgDE0zMSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
198.38.85.0-198.38.95.255
Signature Algorithm: sha256WithRSAEncryption
4c:b7:47:d9:8b:cf:4d:38:27:14:d5:8c:91:64:d6:1d:6c:4c:
b4:71:a6:11:f5:8c:79:37:01:cc:3a:82:7c:11:aa:5c:ea:da:
59:89:34:36:17:f5:ff:75:bd:43:31:68:bd:27:9f:55:0a:b2:
d3:74:69:b5:f5:d7:3a:78:c0:5a:64:1d:db:ab:1f:9d:66:98:
8b:96:41:93:03:07:31:78:c6:b7:02:bf:2a:3a:f7:01:b4:3f:
e3:21:3a:34:4b:55:9d:b6:ea:77:14:6f:98:19:c3:b2:a3:2d:
de:16:ed:e5:00:69:e4:d3:2b:33:a3:62:05:76:82:60:ee:fd:
df:0e:e4:6e:ef:1f:f7:59:f4:f0:96:4b:5d:5e:83:39:4c:84:
a4:ee:bd:66:2a:85:ee:62:74:e6:a5:02:96:55:a2:a1:e4:43:
11:1a:4d:db:41:2e:60:57:df:a1:a2:b5:26:e9:10:ff:61:85:
ed:44:39:c6:b6:a3:35:dd:99:98:01:d4:67:f2:38:eb:b4:bd:
ff:13:78:53:c3:87:e3:a1:d5:cc:40:28:34:d7:71:94:65:66:
86:38:13:e4:57:8a:f3:46:79:08:5f:a4:06:9f:97:4b:b2:3e:
5a:79:b0:2e:e4:18:9d:41:37:74:7e:b0:8c:cc:c3:9a:ef:c7:
2f:14:a4:b5
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZNHWTlkhb4Qel9hlg9C1k24MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQxMTIwMDIxNDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlODQ4MThmODQ3OTYwODMyNjg2ODg0ZGE4ZDYyNjAwYzRkMzMzMTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVHUcA+DM4xJrOLBKsRqz5xfXEA5
4P1uGRmoeGU+ScMT52YJLDlI8zNKQxG90dqFElxZ4bHWeHkBhfAQFaQxAPuwGE/G
fsAkdwGEQ490ubt0ArVGxZeH7xJT92Nlzp4Ttop78FC0QYaE8bZDBMUeO81udY8x
seqyidChnGsKJLU4rR3WDh8JTCsaQUkfg4HEVFPxlizWnwiLtTUAzIWqK7enlmSt
L7Rs80o91mm1kOgUH6DPvh58oM49SiFnxmsXkR0cVvrSR97Mhc/VoZBekYV/alTf
Gf9cKjhyg9riXLpcjCbjTCB4vK6A/GYpTxbR36mB0dq/+cllyVqiQ2V/7wIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFOhIGPhHlggyaGiE2o1iYAxNMzEhMB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvNkVnWS1FZVdDREpvYUlUYWpXSmdERTB6TVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADGJlUD
BAXGJkAwDQYJKoZIhvcNAQELBQADggEBAEy3R9mLz004JxTVjJFk1h1sTLRxphH1
jHk3Acw6gnwRqlzq2lmJNDYX9f91vUMxaL0nn1UKstN0abX11zp4wFpkHdurH51m
mIuWQZMDBzF4xrcCvyo69wG0P+MhOjRLVZ226ncUb5gZw7KjLd4W7eUAaeTTKzOj
YgV2gmDu/d8O5G7vH/dZ9PCWS11egzlMhKTuvWYqhe5idOalApZVoqHkQxEaTdtB
LmBX36GitSbpEP9hhe1EOca2ozXdmZgB1GfyOOu0vf8TeFPDh+Oh1cxAKDTXcZRl
ZoY4E+RXivNGeQhfpAafl0uyPlp5sC7kGJ1BN3R+sIzMw5rvxy8UpLU=
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:46:37 2024 by rpki-client on console-ams.rpki-client.org