Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/ERNsfNtYetPeabOLH785PpKZtaY.roa
File: ERNsfNtYetPeabOLH785PpKZtaY.roa (raw, json)
Hash identifier: U5Xvo/bHHXLr+vaUkEr47FG2DTL06s1MQDHSys4KkyE=
Subject key identifier: 11:13:6C:7C:DB:58:7A:D3:DE:69:B3:8B:1F:BF:39:3E:92:99:B5:A6
Certificate issuer: /CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Certificate serial: 019194794B08CD1CA2E0640201A0529F7FF2
Authority key identifier: 41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/ERNsfNtYetPeabOLH785PpKZtaY.roa
Signing time: Tue 27 Aug 2024 15:34:22 +0000
ROA not before: Tue 27 Aug 2024 15:34:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205516
IP address blocks: 5.35.80.0/24 maxlen: 24
5.35.81.0/24 maxlen: 24
89.169.36.0/23 maxlen: 24
90.156.252.0/23 maxlen: 24
91.218.140.0/24 maxlen: 24
91.218.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.mft
rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:94:79:4b:08:cd:1c:a2:e0:64:02:01:a0:52:9f:7f:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4173eeb8d02f5f64788b3fdc78d6bab8a55fd16a
Validity
Not Before: Aug 27 15:34:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11136c7cdb587ad3de69b38b1fbf393e9299b5a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:63:03:5c:a2:cc:42:1b:dc:41:aa:d1:45:ca:
e6:33:1f:ac:7e:da:eb:82:bb:a1:96:71:db:9f:48:
b0:79:c3:c5:b6:00:de:85:c3:39:2b:15:0f:4f:c7:
fe:fe:e8:69:6c:f9:b9:9c:c8:f1:54:b2:d1:78:cd:
10:b0:88:0e:84:dc:9a:fe:8d:b8:80:57:c9:4b:7d:
83:72:ed:dc:81:14:32:4c:95:81:40:cf:e0:4d:aa:
b0:5b:b5:68:05:04:92:b5:cf:cb:9b:48:ba:20:3b:
8f:dc:25:97:9e:38:05:f3:cc:71:85:64:3e:70:72:
35:47:ce:3e:d3:d4:25:79:02:bb:e4:e3:2f:f5:37:
a2:18:c2:1e:06:e5:10:c0:9c:1a:50:b9:f2:c4:31:
9c:c5:46:13:a8:ee:9c:01:bd:64:c5:45:74:19:8d:
aa:f6:9e:e3:7e:36:8e:a5:3d:15:ca:31:09:0e:3a:
9a:35:9e:e3:c3:22:e3:ae:87:b2:76:9d:3e:81:f1:
6f:15:c6:bf:f3:6c:44:b0:43:06:89:fb:32:d2:35:
c4:16:1e:06:8d:dc:b4:7c:2c:5a:80:61:9e:7b:1a:
2d:e3:38:9c:ef:c4:ee:8d:63:df:50:ba:da:09:e6:
36:1e:64:38:e3:b6:fd:b4:19:aa:74:16:de:f8:c6:
93:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:13:6C:7C:DB:58:7A:D3:DE:69:B3:8B:1F:BF:39:3E:92:99:B5:A6
X509v3 Authority Key Identifier:
keyid:41:73:EE:B8:D0:2F:5F:64:78:8B:3F:DC:78:D6:BA:B8:A5:5F:D1:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/ERNsfNtYetPeabOLH785PpKZtaY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/4892a9-3b37-4d39-9c2b-d83ed140d28d/1/QXPuuNAvX2R4iz_ceNa6uKVf0Wo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.80.0/23
89.169.36.0/23
90.156.252.0/23
91.218.140.0/23
Signature Algorithm: sha256WithRSAEncryption
9f:31:9a:ad:1c:e0:18:91:e4:c2:a8:23:13:9f:7f:8c:df:45:
17:c2:3b:0a:2e:9f:5d:99:ea:60:60:01:72:a4:7c:b4:b1:be:
a3:5e:13:86:0c:44:35:25:ca:84:74:e9:4b:02:43:0a:0c:40:
ac:33:3c:94:7b:b0:53:4c:8a:12:74:71:9b:3d:c5:7a:87:1f:
4e:dc:01:46:69:06:4e:6e:f0:58:ee:bd:f2:5b:e5:8b:b1:34:
8b:f3:77:74:5d:1c:94:da:1c:42:87:14:2c:1f:49:1a:64:78:
f3:3f:93:a7:bb:95:c4:9d:a2:c9:c9:60:d9:0c:1b:65:34:e5:
76:a8:ca:04:0f:a4:a0:02:9c:99:e4:8c:88:f7:de:31:35:7a:
fe:bd:50:7d:b7:49:ab:f6:c5:be:ab:8b:b8:37:d4:41:e1:af:
e6:4c:50:8b:bb:04:a2:d4:bf:d2:2e:40:35:7a:98:84:e1:a1:
92:ce:f5:4b:ff:49:d8:b9:f8:15:88:58:66:cd:ef:41:fe:32:
73:7b:58:68:e4:f5:55:4e:a8:64:e7:23:81:a8:90:3c:71:93:
bf:3d:f7:d1:2d:65:55:25:78:4a:2b:29:13:42:cc:3c:66:51:
6a:66:95:1b:5a:d8:45:99:de:f9:7c:eb:37:7f:5d:02:ec:cd:
20:60:6d:96
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZGUeUsIzRyi4GQCAaBSn3/yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNzNlZWI4ZDAyZjVmNjQ3ODhiM2ZkYzc4ZDZiYWI4YTU1
ZmQxNmEwHhcNMjQwODI3MTUzNDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTEzNmM3Y2RiNTg3YWQzZGU2OWIzOGIxZmJmMzkzZTkyOTliNWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWMDXKLMQhvcQarRRcrmMx+sftrr
gruhlnHbn0iwecPFtgDehcM5KxUPT8f+/uhpbPm5nMjxVLLReM0QsIgOhNya/o24
gFfJS32Dcu3cgRQyTJWBQM/gTaqwW7VoBQSStc/Lm0i6IDuP3CWXnjgF88xxhWQ+
cHI1R84+09QleQK75OMv9TeiGMIeBuUQwJwaULnyxDGcxUYTqO6cAb1kxUV0GY2q
9p7jfjaOpT0VyjEJDjqaNZ7jwyLjroeydp0+gfFvFca/82xEsEMGifsy0jXEFh4G
jdy0fCxagGGeexot4zic78TujWPfULraCeY2HmQ447b9tBmqdBbe+MaTTwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBETbHzbWHrT3mmzix+/OT6SmbWmMB8GA1UdIwQY
MBaAFEFz7rjQL19keIs/3HjWurilX9FqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmIt
ZDgzZWQxNDBkMjhkLzEvRVJOc2ZOdFlldFBlYWJPTEg3ODVQcEtadGFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80ODkyYTktM2IzNy00ZDM5LTljMmItZDgzZWQxNDBkMjhk
LzEvUVhQdXVOQXZYMlI0aXpfY2VOYTZ1S1ZmMFdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBBSNQAwQB
WakkAwQBWpz8AwQBW9qMMA0GCSqGSIb3DQEBCwUAA4IBAQCfMZqtHOAYkeTCqCMT
n3+M30UXwjsKLp9dmepgYAFypHy0sb6jXhOGDEQ1JcqEdOlLAkMKDECsMzyUe7BT
TIoSdHGbPcV6hx9O3AFGaQZObvBY7r3yW+WLsTSL83d0XRyU2hxChxQsH0kaZHjz
P5Onu5XEnaLJyWDZDBtlNOV2qMoED6SgApyZ5IyI994xNXr+vVB9t0mr9sW+q4u4
N9RB4a/mTFCLuwSi1L/SLkA1epiE4aGSzvVL/0nYufgViFhmze9B/jJze1ho5PVV
Tqhk5yOBqJA8cZO/PffRLWVVJXhKKykTQsw8ZlFqZpUbWthFmd75fOs3f10C7M0g
YG2W
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:24:34 2024 by rpki-client on console-ams.rpki-client.org