Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/ec1yDP1OacrYWbRPBPYdB0IKQ9U.roa
File: ec1yDP1OacrYWbRPBPYdB0IKQ9U.roa (raw, json)
Hash identifier: NWdmF6+DmnNG+7CDsQXZXSNfbTyAb9HyNpTTFxCyRxo=
Subject key identifier: 79:CD:72:0C:FD:4E:69:CA:D8:59:B4:4F:04:F6:1D:07:42:0A:43:D5
Certificate issuer: /CN=a0dae7678a396969e6340c9dcb65cde9e329554a
Certificate serial: 018CC9BBD3499DD0B1197D435BBC674F626A
Authority key identifier: A0:DA:E7:67:8A:39:69:69:E6:34:0C:9D:CB:65:CD:E9:E3:29:55:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oNrnZ4o5aWnmNAydy2XN6eMpVUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/ec1yDP1OacrYWbRPBPYdB0IKQ9U.roa
Signing time: Tue 02 Jan 2024 10:32:58 +0000
ROA not before: Tue 02 Jan 2024 10:32:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211664
IP address blocks: 185.226.242.0/24 maxlen: 24
185.226.241.0/24 maxlen: 24
91.232.23.0/24 maxlen: 24
91.232.22.0/24 maxlen: 24
2a12:84c0:2::/48 maxlen: 48
2a12:84c0:1::/48 maxlen: 48
2a0c:7680:1337::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/oNrnZ4o5aWnmNAydy2XN6eMpVUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/oNrnZ4o5aWnmNAydy2XN6eMpVUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/oNrnZ4o5aWnmNAydy2XN6eMpVUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 03:05:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:d3:49:9d:d0:b1:19:7d:43:5b:bc:67:4f:62:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0dae7678a396969e6340c9dcb65cde9e329554a
Validity
Not Before: Jan 2 10:32:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79cd720cfd4e69cad859b44f04f61d07420a43d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:05:13:07:20:a0:61:3c:08:be:8f:f4:d9:96:
b0:1c:49:6c:04:16:ac:72:72:26:88:09:3f:35:dc:
33:96:94:bb:7c:48:26:9d:2e:37:97:91:a1:38:76:
42:aa:9e:ff:dc:70:bd:58:76:56:67:74:c1:d3:74:
8a:2b:ca:51:51:89:38:99:c4:76:4f:27:34:3a:fd:
3b:46:37:a9:01:03:01:97:52:6b:63:21:e3:f2:a9:
d5:cf:17:8c:0a:18:20:a1:a6:1f:52:93:c9:aa:af:
a1:8a:a6:3f:d1:47:01:67:a2:5f:0c:2f:35:4b:66:
aa:8d:01:d7:39:5f:d5:f4:a8:fe:cf:20:4f:39:3a:
1d:5e:83:ff:6f:3c:73:72:3e:20:2e:72:1d:a2:1c:
ed:42:8c:df:fe:b4:ec:59:29:21:55:f1:42:ff:73:
d1:19:d9:ab:7a:2b:66:29:3a:28:64:11:fd:1b:05:
e7:a2:71:45:e9:27:a7:cf:84:6b:45:e5:c7:1e:9f:
32:0a:8e:48:36:3b:05:28:0d:85:06:39:9d:6b:64:
ff:67:eb:d1:d9:94:ec:3b:8d:77:bb:91:20:11:fc:
8f:2c:a3:45:c3:5f:fa:0e:91:37:51:7f:28:2f:4b:
73:d6:bc:cf:79:f4:e0:cc:81:2b:51:88:14:c7:ea:
70:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:CD:72:0C:FD:4E:69:CA:D8:59:B4:4F:04:F6:1D:07:42:0A:43:D5
X509v3 Authority Key Identifier:
keyid:A0:DA:E7:67:8A:39:69:69:E6:34:0C:9D:CB:65:CD:E9:E3:29:55:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oNrnZ4o5aWnmNAydy2XN6eMpVUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/ec1yDP1OacrYWbRPBPYdB0IKQ9U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/46358e-54f7-4f4b-a747-f735e3dafd53/1/oNrnZ4o5aWnmNAydy2XN6eMpVUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.232.22.0/23
185.226.241.0-185.226.242.255
IPv6:
2a0c:7680:1337::/48
2a12:84c0:1::-2a12:84c0:2:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
45:99:37:ab:f5:81:9e:8f:ee:92:0c:98:95:96:68:a8:4e:79:
9c:45:a2:23:6c:cb:fe:50:43:7a:d0:0d:6c:a8:f5:38:ee:3b:
70:17:f0:06:42:4d:e7:e1:4d:15:f9:d6:88:43:11:63:4c:02:
1d:a9:91:16:f1:d7:92:55:54:b1:94:f9:f7:19:74:cc:57:5c:
7d:d2:ac:b0:93:38:a7:cb:ee:87:48:e1:75:8f:76:33:d4:77:
c3:2e:af:fe:38:94:bb:2e:96:bd:10:43:95:c8:dc:8a:31:27:
40:37:30:4c:c6:87:35:44:5b:25:37:7f:26:e4:1c:85:9e:37:
08:fd:04:ad:55:22:10:e9:47:22:97:ba:95:23:ff:09:26:ed:
46:a7:0c:cd:90:9e:bd:9d:06:06:fc:3a:62:b6:07:0e:91:ee:
78:8b:d2:1a:14:40:b0:92:ca:8c:ff:7d:8c:46:c0:74:73:be:
36:5d:e9:86:a9:e3:53:df:f5:b7:15:b4:77:54:85:b9:a3:5a:
c4:86:43:39:df:52:99:10:31:7c:3e:0e:08:a4:ae:3c:61:2f:
e2:4b:91:49:a6:aa:72:8c:60:34:c0:67:ae:cb:89:b1:04:75:
06:9c:64:8a:e6:ab:22:63:26:db:3a:ff:00:04:df:bc:f3:fe:
da:9d:2a:b3
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzJu9NJndCxGX1DW7xnT2JqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZGFlNzY3OGEzOTY5NjllNjM0MGM5ZGNiNjVjZGU5ZTMy
OTU1NGEwHhcNMjQwMTAyMTAzMjU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWNkNzIwY2ZkNGU2OWNhZDg1OWI0NGYwNGY2MWQwNzQyMGE0M2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmQUTByCgYTwIvo/02ZawHElsBBas
cnImiAk/NdwzlpS7fEgmnS43l5GhOHZCqp7/3HC9WHZWZ3TB03SKK8pRUYk4mcR2
Tyc0Ov07RjepAQMBl1JrYyHj8qnVzxeMChggoaYfUpPJqq+hiqY/0UcBZ6JfDC81
S2aqjQHXOV/V9Kj+zyBPOTodXoP/bzxzcj4gLnIdohztQozf/rTsWSkhVfFC/3PR
GdmreitmKTooZBH9GwXnonFF6Senz4RrReXHHp8yCo5INjsFKA2FBjmda2T/Z+vR
2ZTsO413u5EgEfyPLKNFw1/6DpE3UX8oL0tz1rzPefTgzIErUYgUx+pwcwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHnNcgz9TmnK2Fm0TwT2HQdCCkPVMB8GA1UdIwQY
MBaAFKDa52eKOWlp5jQMnctlzenjKVVKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb05yblo0bzVhV25tTkF5ZHkyWE42ZU1wVlVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy80NjM1OGUtNTRmNy00ZjRiLWE3NDct
ZjczNWUzZGFmZDUzLzEvZWMxeURQMU9hY3JZV2JSUEJQWWRCMElLUTlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy80NjM1OGUtNTRmNy00ZjRiLWE3NDctZjczNWUzZGFmZDUz
LzEvb05yblo0bzVhV25tTkF5ZHkyWE42ZU1wVlVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAaBAIAATAUAwQBW+gWMAwD
BAC54vEDBAC54vIwIwQCAAIwHQMHACoMdoATNzASAwcAKhKEwAABAwcAKhKEwAAC
MA0GCSqGSIb3DQEBCwUAA4IBAQBFmTer9YGej+6SDJiVlmioTnmcRaIjbMv+UEN6
0A1sqPU47jtwF/AGQk3n4U0V+daIQxFjTAIdqZEW8deSVVSxlPn3GXTMV1x90qyw
kziny+6HSOF1j3Yz1HfDLq/+OJS7Lpa9EEOVyNyKMSdANzBMxoc1RFslN38m5ByF
njcI/QStVSIQ6Ucil7qVI/8JJu1GpwzNkJ69nQYG/DpitgcOke54i9IaFECwksqM
/32MRsB0c742XemGqeNT3/W3FbR3VIW5o1rEhkM531KZEDF8Pg4IpK48YS/iS5FJ
pqpyjGA0wGeuy4mxBHUGnGSK5qsiYybbOv8ABN+88/7anSqz
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:00:00 2024 by rpki-client on console-ams.rpki-client.org