Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/eUumkvwZMIoQ7bC4unqWk005_cs.roa
File: eUumkvwZMIoQ7bC4unqWk005_cs.roa (raw, json)
Hash identifier: bc6Wyi7aRXhU3AiJklD7d9+BcehMtEaY1/gIK8Zm5GM=
Subject key identifier: 79:4B:A6:92:FC:19:30:8A:10:ED:B0:B8:BA:7A:96:93:4D:39:FD:CB
Certificate issuer: /CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
Certificate serial: 018CC725B9917B699057E3990EA793932F69
Authority key identifier: 40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/eUumkvwZMIoQ7bC4unqWk005_cs.roa
Signing time: Mon 01 Jan 2024 22:29:47 +0000
ROA not before: Mon 01 Jan 2024 22:29:47 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 394094
IP address blocks: 185.106.241.0/24 maxlen: 24
185.106.243.0/24 maxlen: 24
31.25.199.0/24 maxlen: 24
2a06:4101::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.mft
rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 11:16:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:b9:91:7b:69:90:57:e3:99:0e:a7:93:93:2f:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=407ce78f4ac3ba902a0c38dc01a0c5f2126519b0
Validity
Not Before: Jan 1 22:29:47 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=794ba692fc19308a10edb0b8ba7a96934d39fdcb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c8:4f:d5:cf:df:59:59:49:89:70:a1:86:d0:
7c:e5:ad:74:5c:8b:1b:00:eb:96:9a:62:e4:f2:96:
be:92:6a:3e:3b:be:0d:77:0e:bd:cd:33:43:4b:7f:
1b:c0:8c:87:c5:e8:93:f8:03:2e:73:43:96:87:72:
33:46:5e:36:5b:73:72:ba:37:7c:e7:d3:05:1c:63:
da:be:95:2f:d1:7b:85:26:97:3a:87:73:02:ca:6e:
91:57:0a:00:74:77:1c:2d:60:0a:f5:b5:d2:e9:2e:
3b:95:5d:3c:9e:b8:1d:28:27:10:12:77:8d:a2:69:
f3:63:90:d7:93:1c:2a:be:69:d8:b2:98:90:37:4a:
34:d3:e6:c2:d2:76:2c:97:85:46:1d:4e:d0:1b:12:
14:f4:d7:3b:b3:42:b6:e4:35:1e:87:2d:c6:99:a4:
c0:93:91:f7:20:7d:bf:a4:49:8d:3b:4e:da:f5:31:
03:42:58:cf:72:b0:0c:b9:44:1c:82:da:ef:6f:22:
6e:4e:fb:47:dd:72:dc:67:c9:26:1e:22:7f:af:b1:
10:a0:9b:77:05:e2:ef:34:1b:36:ba:9e:92:9e:53:
3e:b3:af:87:e5:8c:04:b0:f7:e2:79:ed:23:16:c3:
57:6a:c7:d8:fd:b6:f3:c5:cc:8d:d7:36:ac:a6:13:
46:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:4B:A6:92:FC:19:30:8A:10:ED:B0:B8:BA:7A:96:93:4D:39:FD:CB
X509v3 Authority Key Identifier:
keyid:40:7C:E7:8F:4A:C3:BA:90:2A:0C:38:DC:01:A0:C5:F2:12:65:19:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QHznj0rDupAqDDjcAaDF8hJlGbA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/eUumkvwZMIoQ7bC4unqWk005_cs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/a87ea8-c3b6-472d-a96c-a971a334faa4/1/QHznj0rDupAqDDjcAaDF8hJlGbA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.199.0/24
185.106.241.0/24
185.106.243.0/24
IPv6:
2a06:4101::/32
Signature Algorithm: sha256WithRSAEncryption
90:54:b3:95:52:05:fc:5b:69:55:bc:1f:0b:5e:c9:de:05:e5:
2d:2c:be:71:99:b9:9c:1e:04:ba:84:77:25:37:62:09:54:3a:
52:c5:dd:98:74:d3:07:85:9b:d7:d8:cc:0b:49:54:e5:64:bf:
d2:1f:d8:d4:ae:14:a1:92:87:75:ce:c9:cd:f8:6e:bc:04:95:
a7:42:d2:3b:7e:91:2f:01:bc:66:ea:3c:3e:1b:53:83:e0:4a:
9d:d2:5d:4b:1c:2f:55:98:d8:78:b6:9b:dc:c6:30:52:36:fc:
65:e2:6e:ef:12:49:c6:a0:21:96:16:71:f7:3e:28:17:5d:95:
3c:d8:a0:a2:89:ce:0b:be:2d:13:f3:c7:42:0a:05:40:94:0d:
ed:b4:46:de:7b:80:9b:e9:6e:4d:3c:d4:98:2e:12:e0:fe:b9:
9d:08:28:21:97:01:fe:2f:4d:08:80:a4:e6:fa:fe:bf:aa:0d:
62:18:cd:7f:a7:48:32:fd:03:af:ca:1f:04:f9:dc:f4:93:9e:
5a:77:cb:e2:86:38:aa:1d:8b:30:1b:68:49:de:9f:85:6e:8c:
a1:1c:0a:b3:2c:6e:a2:a0:10:02:58:bd:c1:c6:7b:7d:e9:e2:
10:3d:28:4c:1d:c3:b3:9b:75:21:0f:f7:57:ff:42:d2:57:2f:
9d:b6:70:72
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHJbmRe2mQV+OZDqeTky9pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwN2NlNzhmNGFjM2JhOTAyYTBjMzhkYzAxYTBjNWYyMTI2
NTE5YjAwHhcNMjQwMTAxMjIyOTQ3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTRiYTY5MmZjMTkzMDhhMTBlZGIwYjhiYTdhOTY5MzRkMzlmZGNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApchP1c/fWVlJiXChhtB85a10XIsb
AOuWmmLk8pa+kmo+O74Ndw69zTNDS38bwIyHxeiT+AMuc0OWh3IzRl42W3Nyujd8
59MFHGPavpUv0XuFJpc6h3MCym6RVwoAdHccLWAK9bXS6S47lV08nrgdKCcQEneN
omnzY5DXkxwqvmnYspiQN0o00+bC0nYsl4VGHU7QGxIU9Nc7s0K25DUehy3GmaTA
k5H3IH2/pEmNO07a9TEDQljPcrAMuUQcgtrvbyJuTvtH3XLcZ8kmHiJ/r7EQoJt3
BeLvNBs2up6SnlM+s6+H5YwEsPfiee0jFsNXasfY/bbzxcyN1zasphNGBwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHlLppL8GTCKEO2wuLp6lpNNOf3LMB8GA1UdIwQY
MBaAFEB8549Kw7qQKgw43AGgxfISZRmwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMt
YTk3MWEzMzRmYWE0LzEvZVV1bWt2d1pNSW9RN2JDNHVucVdrMDA1X2NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS9hODdlYTgtYzNiNi00NzJkLWE5NmMtYTk3MWEzMzRmYWE0
LzEvUUh6bmowckR1cEFxRERqY0FhREY4aEpsR2JBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAHxnHAwQA
uWrxAwQAuWrzMA0EAgACMAcDBQAqBkEBMA0GCSqGSIb3DQEBCwUAA4IBAQCQVLOV
UgX8W2lVvB8LXsneBeUtLL5xmbmcHgS6hHclN2IJVDpSxd2YdNMHhZvX2MwLSVTl
ZL/SH9jUrhShkod1zsnN+G68BJWnQtI7fpEvAbxm6jw+G1OD4Eqd0l1LHC9VmNh4
tpvcxjBSNvxl4m7vEknGoCGWFnH3PigXXZU82KCiic4Lvi0T88dCCgVAlA3ttEbe
e4Cb6W5NPNSYLhLg/rmdCCghlwH+L00IgKTm+v6/qg1iGM1/p0gy/QOvyh8E+dz0
k55ad8vihjiqHYswG2hJ3p+FboyhHAqzLG6ioBACWL3Bxnt96eIQPShMHcOzm3Uh
D/dX/0LSVy+dtnBy
-----END CERTIFICATE-----
Generated at Sat Jun 15 16:59:06 2024 by rpki-client on console-fra.rpki-client.org