Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/e15cf6-6f13-4d27-9166-b064660f704f/1/e2gbQG8-mDp2MtLx2yaPu2zdHgA.roa
File: e2gbQG8-mDp2MtLx2yaPu2zdHgA.roa (raw, json)
Hash identifier: OouLsnGR5CCSanQH3Pen/iN8z1v+BarFapsyT9/a8eA=
Subject key identifier: 7B:68:1B:40:6F:3E:98:3A:76:32:D2:F1:DB:26:8F:BB:6C:DD:1E:00
Certificate issuer: /CN=c88c53b477c3bfa70b61f427b47994c2d1783458
Certificate serial: 018CC9BC1DCAD1E0ECE6AFDEA4402B9A70F2
Authority key identifier: C8:8C:53:B4:77:C3:BF:A7:0B:61:F4:27:B4:79:94:C2:D1:78:34:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yIxTtHfDv6cLYfQntHmUwtF4NFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/e15cf6-6f13-4d27-9166-b064660f704f/1/e2gbQG8-mDp2MtLx2yaPu2zdHgA.roa
Signing time: Tue 02 Jan 2024 10:33:17 +0000
ROA not before: Tue 02 Jan 2024 10:33:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197369
IP address blocks: 188.240.4.0/22 maxlen: 22
46.16.40.0/21 maxlen: 21
46.16.45.0/24 maxlen: 24
46.16.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/e15cf6-6f13-4d27-9166-b064660f704f/1/yIxTtHfDv6cLYfQntHmUwtF4NFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/e15cf6-6f13-4d27-9166-b064660f704f/1/yIxTtHfDv6cLYfQntHmUwtF4NFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/yIxTtHfDv6cLYfQntHmUwtF4NFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:1d:ca:d1:e0:ec:e6:af:de:a4:40:2b:9a:70:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c88c53b477c3bfa70b61f427b47994c2d1783458
Validity
Not Before: Jan 2 10:33:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b681b406f3e983a7632d2f1db268fbb6cdd1e00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7f:be:97:78:c9:24:e8:3d:a7:4d:03:37:cd:
aa:b6:14:6f:a4:05:8b:57:f7:5a:e1:ad:7c:29:5e:
bf:79:30:3a:31:57:51:f7:d8:57:48:01:ec:43:9b:
9e:37:f9:1e:2f:d4:db:d6:c9:1c:b3:f8:2a:c8:8c:
44:a0:9d:df:d3:04:ac:58:7e:df:47:59:68:49:0d:
2d:ad:be:ad:03:7e:45:dd:1f:b6:6e:55:11:fd:ae:
73:75:cd:f3:8e:1e:a2:dd:ab:cc:cf:eb:e4:2c:c8:
f4:f6:71:d5:9d:0b:ce:b7:07:bb:2f:f3:fd:ba:85:
ae:39:d0:e1:a4:44:e1:ae:b0:5c:7c:e2:03:21:a2:
33:34:66:21:c3:28:2f:02:df:eb:97:f5:f1:c3:92:
b0:36:58:01:02:0d:37:57:9c:31:47:ba:5a:1d:93:
70:56:ab:32:a3:6c:b3:64:a9:e6:88:40:6f:e9:34:
2c:ad:a9:50:cf:1b:7c:9a:fc:ba:ee:34:eb:7b:ee:
e5:d0:ed:26:a7:5d:ef:33:ee:dc:a9:09:b6:35:b7:
0e:65:cf:e4:06:e6:76:61:a0:47:3d:3f:b8:18:d9:
a3:7b:fb:db:16:1d:1f:d4:88:f9:d6:bc:76:08:9a:
7f:39:db:77:33:4f:57:25:0e:9f:8d:92:df:04:e4:
7a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:68:1B:40:6F:3E:98:3A:76:32:D2:F1:DB:26:8F:BB:6C:DD:1E:00
X509v3 Authority Key Identifier:
keyid:C8:8C:53:B4:77:C3:BF:A7:0B:61:F4:27:B4:79:94:C2:D1:78:34:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yIxTtHfDv6cLYfQntHmUwtF4NFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/e15cf6-6f13-4d27-9166-b064660f704f/1/e2gbQG8-mDp2MtLx2yaPu2zdHgA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/e15cf6-6f13-4d27-9166-b064660f704f/1/yIxTtHfDv6cLYfQntHmUwtF4NFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.40.0/21
188.240.4.0/22
Signature Algorithm: sha256WithRSAEncryption
c5:e0:13:50:1d:9d:8f:f6:d2:29:da:0a:20:7a:dc:69:af:8f:
57:48:ef:f4:77:b8:08:cb:95:cf:bc:d0:1e:ee:30:61:0b:f5:
7c:07:e1:c1:f7:95:f8:21:83:0e:75:33:d4:ae:4c:75:b8:86:
e3:ab:c3:e1:de:a5:b3:00:47:e5:f6:74:7b:c3:b8:c3:7d:1b:
55:11:82:64:8c:db:ee:28:c3:32:d7:44:5b:28:9b:8d:0c:8c:
18:1a:83:61:2e:79:e2:44:e5:09:40:33:6f:06:0f:02:0d:90:
3c:3c:b6:96:45:9c:5f:ce:99:90:93:37:6e:4b:a6:1a:a5:15:
35:af:2a:1d:3f:fd:c1:42:c4:cb:5f:5e:79:12:0c:d4:e5:f8:
57:22:bf:00:0e:b3:f6:8a:cd:68:09:2c:55:93:d7:1c:0b:21:
56:72:8f:0c:7b:59:1e:f6:d4:56:d0:f1:dc:f8:56:e8:04:03:
6b:39:d3:4b:26:5f:7c:e0:aa:38:83:5a:28:b2:32:7d:38:e1:
5f:ef:e1:35:9f:e5:cf:e6:8e:97:b1:b5:21:f3:89:65:d9:c1:
47:53:34:3b:c4:64:05:f5:6f:e9:8b:ad:b8:61:68:7e:f3:5c:
89:3a:f3:c5:ce:a3:3e:9f:04:bf:29:d5:be:95:29:ce:cf:cc:
a3:8d:5a:4e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJvB3K0eDs5q/epEArmnDyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4OGM1M2I0NzdjM2JmYTcwYjYxZjQyN2I0Nzk5NGMyZDE3
ODM0NTgwHhcNMjQwMTAyMTAzMzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjY4MWI0MDZmM2U5ODNhNzYzMmQyZjFkYjI2OGZiYjZjZGQxZTAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsX++l3jJJOg9p00DN82qthRvpAWL
V/da4a18KV6/eTA6MVdR99hXSAHsQ5ueN/keL9Tb1skcs/gqyIxEoJ3f0wSsWH7f
R1loSQ0trb6tA35F3R+2blUR/a5zdc3zjh6i3avMz+vkLMj09nHVnQvOtwe7L/P9
uoWuOdDhpEThrrBcfOIDIaIzNGYhwygvAt/rl/Xxw5KwNlgBAg03V5wxR7paHZNw
Vqsyo2yzZKnmiEBv6TQsralQzxt8mvy67jTre+7l0O0mp13vM+7cqQm2NbcOZc/k
BuZ2YaBHPT+4GNmje/vbFh0f1Ij51rx2CJp/Odt3M09XJQ6fjZLfBOR6tQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHtoG0BvPpg6djLS8dsmj7ts3R4AMB8GA1UdIwQY
MBaAFMiMU7R3w7+nC2H0J7R5lMLReDRYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUl4VHRIZkR2NmNMWWZRbnRIbVV3dEY0TkZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi9lMTVjZjYtNmYxMy00ZDI3LTkxNjYt
YjA2NDY2MGY3MDRmLzEvZTJnYlFHOC1tRHAyTXRMeDJ5YVB1MnpkSGdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi9lMTVjZjYtNmYxMy00ZDI3LTkxNjYtYjA2NDY2MGY3MDRm
LzEveUl4VHRIZkR2NmNMWWZRbnRIbVV3dEY0TkZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDLhAoAwQC
vPAEMA0GCSqGSIb3DQEBCwUAA4IBAQDF4BNQHZ2P9tIp2gogetxpr49XSO/0d7gI
y5XPvNAe7jBhC/V8B+HB95X4IYMOdTPUrkx1uIbjq8Ph3qWzAEfl9nR7w7jDfRtV
EYJkjNvuKMMy10RbKJuNDIwYGoNhLnniROUJQDNvBg8CDZA8PLaWRZxfzpmQkzdu
S6YapRU1ryodP/3BQsTLX155EgzU5fhXIr8ADrP2is1oCSxVk9ccCyFWco8Me1ke
9tRW0PHc+FboBANrOdNLJl984Ko4g1oosjJ9OOFf7+E1n+XP5o6XsbUh84ll2cFH
UzQ7xGQF9W/pi624YWh+81yJOvPFzqM+nwS/KdW+lSnOz8yjjVpO
-----END CERTIFICATE-----
Generated at Sat Jun 1 16:57:53 2024 by rpki-client on console-ams.rpki-client.org