Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ereVtD9LWEMR6OefHhIBEdFRyEg.roa
File: ereVtD9LWEMR6OefHhIBEdFRyEg.roa (raw, json)
Hash identifier: nhVM+Ym36QV0Ses6yyprnpijJL0HTG2L7NB+CmYxsqQ=
Subject key identifier: 7A:B7:95:B4:3F:4B:58:43:11:E8:E7:9F:1E:12:01:11:D1:51:C8:48
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018E1C96FDF50D357BBCD13CF79E4BD2BF6F
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ereVtD9LWEMR6OefHhIBEdFRyEg.roa
Signing time: Fri 08 Mar 2024 05:44:01 +0000
ROA not before: Fri 08 Mar 2024 05:44:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 45.80.157.0/24 maxlen: 24
185.192.69.0/24 maxlen: 24
185.198.240.0/24 maxlen: 24
185.198.243.0/24 maxlen: 24
185.217.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 01:03:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:1c:96:fd:f5:0d:35:7b:bc:d1:3c:f7:9e:4b:d2:bf:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Mar 8 05:44:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ab795b43f4b584311e8e79f1e120111d151c848
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:7d:70:a7:ae:41:a9:e7:91:45:c6:8c:41:6d:
8b:75:b2:fe:2b:f3:ad:b6:08:0f:dd:28:53:86:83:
36:83:c6:bc:1f:2e:d2:fd:d4:2a:0b:1a:0e:fd:a3:
7f:27:e5:79:27:f7:97:c6:bd:c8:b7:63:98:74:03:
92:4c:e0:17:92:1f:26:16:28:75:13:06:a2:7f:f2:
dd:1f:ad:3d:1a:71:95:b7:2e:00:0f:29:9a:52:15:
4e:54:bc:45:9e:ae:08:99:3c:f1:3b:0c:86:68:e3:
1e:95:f3:22:67:11:cd:2a:8a:ed:14:37:c9:2a:d5:
38:f8:7d:2a:aa:4a:d3:d4:ec:ad:ec:5c:c6:f5:8c:
38:b7:76:c0:92:0b:ca:0f:58:66:f5:71:d8:39:ff:
55:87:91:6b:24:6b:13:3f:b4:f5:ce:00:44:f8:9d:
4b:ea:6a:af:af:54:8c:a8:ad:b2:69:c3:24:2d:bb:
b7:15:e4:ca:4e:7b:28:0b:7f:fb:ef:fd:bd:42:8e:
40:07:ea:ff:75:70:d5:c7:9f:78:6d:02:ea:61:1a:
8a:a3:c9:63:1c:70:77:f5:d5:7b:8c:8b:79:59:f6:
81:2d:fc:06:a8:4d:10:9a:dd:f8:8f:cc:6d:91:98:
9e:bb:a9:3d:23:13:1d:9f:77:af:9a:62:b6:b7:fa:
1d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:B7:95:B4:3F:4B:58:43:11:E8:E7:9F:1E:12:01:11:D1:51:C8:48
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/ereVtD9LWEMR6OefHhIBEdFRyEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.80.157.0/24
185.192.69.0/24
185.198.240.0/24
185.198.243.0/24
185.217.117.0/24
Signature Algorithm: sha256WithRSAEncryption
07:22:3e:7e:01:fd:98:1b:47:15:30:1c:84:e0:46:1e:5c:26:
fd:34:3d:91:82:e7:55:f0:49:7b:18:ab:97:4e:b2:a0:8d:d9:
f3:ac:d9:e1:54:8d:e5:89:ac:ca:dc:ad:4d:2e:90:be:84:f2:
05:88:b6:22:ef:a0:27:a8:1b:5d:ba:b6:58:f2:a2:b1:5e:ca:
97:83:17:1a:3f:5e:db:6e:23:a3:d4:df:c5:ea:f1:25:dc:3a:
40:54:1e:d4:e0:57:f6:5c:0f:7f:54:e9:a4:d0:52:49:20:56:
88:e5:aa:07:ab:e7:6d:50:66:ca:a9:31:35:fc:cb:cf:4b:ca:
34:46:bd:81:ae:9d:29:5b:03:17:2a:7b:39:77:a3:15:4a:3a:
f8:a2:23:8f:44:a1:9b:f7:c4:f5:7c:90:48:72:54:8c:c0:4c:
cc:af:7e:de:5b:52:10:13:d4:fb:53:e9:3b:93:2d:48:de:e4:
6f:02:5c:90:a4:02:ca:36:f1:9e:23:7c:95:f6:6a:b8:81:30:
2d:b2:8a:1d:f8:33:f7:46:86:a4:f4:c0:d9:f0:50:99:a3:99:
4c:a5:d4:74:e7:65:81:94:57:9b:f9:45:bc:67:bd:30:8c:ea:
22:de:26:0a:37:d4:e3:66:d0:f0:ff:f2:9f:20:80:d1:14:fc:
c9:9c:15:1f
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY4clv31DTV7vNE8955L0r9vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMzA4MDU0NDAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWI3OTViNDNmNGI1ODQzMTFlOGU3OWYxZTEyMDExMWQxNTFjODQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi31wp65BqeeRRcaMQW2LdbL+K/Ot
tggP3ShThoM2g8a8Hy7S/dQqCxoO/aN/J+V5J/eXxr3It2OYdAOSTOAXkh8mFih1
Ewaif/LdH609GnGVty4ADymaUhVOVLxFnq4ImTzxOwyGaOMelfMiZxHNKortFDfJ
KtU4+H0qqkrT1Oyt7FzG9Yw4t3bAkgvKD1hm9XHYOf9Vh5FrJGsTP7T1zgBE+J1L
6mqvr1SMqK2yacMkLbu3FeTKTnsoC3/77/29Qo5AB+r/dXDVx594bQLqYRqKo8lj
HHB39dV7jIt5WfaBLfwGqE0Qmt34j8xtkZieu6k9IxMdn3evmmK2t/odLwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHq3lbQ/S1hDEejnnx4SARHRUchIMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvZXJlVnREOUxXRU1SNk9lZkhoSUJFZEZSeUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALVCdAwQA
ucBFAwQAucbwAwQAucbzAwQAudl1MA0GCSqGSIb3DQEBCwUAA4IBAQAHIj5+Af2Y
G0cVMByE4EYeXCb9ND2RgudV8El7GKuXTrKgjdnzrNnhVI3liazK3K1NLpC+hPIF
iLYi76AnqBtdurZY8qKxXsqXgxcaP17bbiOj1N/F6vEl3DpAVB7U4Ff2XA9/VOmk
0FJJIFaI5aoHq+dtUGbKqTE1/MvPS8o0Rr2Brp0pWwMXKns5d6MVSjr4oiOPRKGb
98T1fJBIclSMwEzMr37eW1IQE9T7U+k7ky1I3uRvAlyQpALKNvGeI3yV9mq4gTAt
sood+DP3Roak9MDZ8FCZo5lMpdR052WBlFeb+UW8Z70wjOoi3iYKN9TjZtDw//Kf
IIDRFPzJnBUf
-----END CERTIFICATE-----
Generated at Mon May 6 07:49:05 2024 by rpki-client on console-fra.rpki-client.org