Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/eSE017sK5Yopx05RtQOnJWltMIw.roa
File: eSE017sK5Yopx05RtQOnJWltMIw.roa (raw, json)
Hash identifier: 6vgMT5BFz1Xr0r967OA3QEF28+qxAI+/K9XZv0V2I1E=
Subject key identifier: 79:21:34:D7:BB:0A:E5:8A:29:C7:4E:51:B5:03:A7:25:69:6D:30:8C
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 018EBE2DBDBF539D0CD4449B62A719D89F20
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/eSE017sK5Yopx05RtQOnJWltMIw.roa
Signing time: Mon 08 Apr 2024 14:47:32 +0000
ROA not before: Mon 08 Apr 2024 14:47:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57809
IP address blocks: 91.206.156.0/23 maxlen: 24
91.229.230.0/23 maxlen: 24
185.90.96.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 08:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:be:2d:bd:bf:53:9d:0c:d4:44:9b:62:a7:19:d8:9f:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Apr 8 14:47:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=792134d7bb0ae58a29c74e51b503a725696d308c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:42:28:e0:69:40:88:79:dc:16:93:ad:9c:b5:
9a:c3:28:9f:43:2b:53:9b:c3:80:ea:8e:c1:de:49:
8c:27:cc:d0:d0:4b:70:c0:17:e3:b2:ca:23:74:47:
d4:4d:dc:09:40:cb:0f:5a:a5:f5:79:12:ba:6d:72:
b3:54:4e:34:c1:58:4c:32:c2:12:dd:0d:5f:ed:b2:
0c:c5:49:bc:ad:f1:6d:90:44:09:81:4f:05:dd:4b:
9c:d0:1f:02:cd:d7:ad:4d:24:e9:ed:3e:84:7e:0b:
51:9b:1b:36:14:40:49:a7:58:f9:e1:92:df:e4:a1:
11:d1:ed:1b:2b:5d:9d:11:e6:87:7a:76:e2:d1:dc:
09:8b:4a:6e:a6:4b:9f:54:d8:f9:4c:a2:29:39:d5:
1a:6c:9f:20:89:f0:0b:77:38:a0:57:9f:87:df:b5:
cb:49:3b:70:a6:f7:0b:52:7b:e7:71:6d:3b:7e:06:
8a:41:28:90:8f:7d:20:87:3f:b4:85:24:71:e5:92:
b3:c8:43:ea:5f:bf:ac:68:d3:a4:73:92:82:30:29:
1f:d1:3a:a2:4c:2d:5b:ad:ae:65:a2:9a:40:a6:2e:
ec:fa:5f:52:f1:3d:f6:5d:e4:d9:23:07:49:44:0f:
25:cc:56:ab:9a:0f:8b:1d:20:27:87:72:05:9c:3e:
7a:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:21:34:D7:BB:0A:E5:8A:29:C7:4E:51:B5:03:A7:25:69:6D:30:8C
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/eSE017sK5Yopx05RtQOnJWltMIw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.156.0/23
91.229.230.0/23
185.90.96.0/22
Signature Algorithm: sha256WithRSAEncryption
12:e9:85:8d:54:02:71:55:30:75:fa:3e:09:1a:82:56:00:55:
21:a7:83:39:1a:e6:2e:47:ee:15:30:d7:6b:15:c6:b0:80:f1:
c5:2b:06:79:a5:54:7b:12:19:c8:1a:86:5e:ad:2e:49:df:6f:
90:8b:30:8c:6c:8a:19:88:39:ca:07:d0:db:55:a0:49:35:16:
3c:ad:5d:56:1e:21:8c:18:03:3e:a8:2a:d6:e5:86:b0:85:58:
7f:24:ff:02:e0:d6:7b:b4:55:6b:05:4a:3a:c5:80:6b:e8:1c:
b3:a8:5b:4a:33:47:21:b5:38:dc:08:79:18:72:ec:3f:98:44:
5b:32:ee:55:e1:2f:74:97:78:8d:b5:48:90:ba:cd:78:8d:7a:
3b:15:53:e7:18:4d:47:26:85:39:03:b4:9b:d1:9a:94:60:7b:
0e:6b:d2:59:8e:c6:4b:64:57:7e:79:07:fe:f3:f0:88:75:e5:
1e:2e:27:73:e4:d1:43:4d:a7:b3:c9:01:29:0d:34:96:28:a3:
83:24:20:fb:c9:89:15:13:92:ac:4a:73:df:19:b2:30:f3:df:
42:5c:bb:38:f9:e5:9e:84:43:0e:9e:94:20:42:df:45:24:f1:
8a:2e:46:1d:55:9d:d8:4a:bb:79:d3:54:e2:13:c2:53:62:fc:
6e:95:1f:b3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY6+Lb2/U50M1ESbYqcZ2J8gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjQwNDA4MTQ0NzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTIxMzRkN2JiMGFlNThhMjljNzRlNTFiNTAzYTcyNTY5NmQzMDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz0Io4GlAiHncFpOtnLWawyifQytT
m8OA6o7B3kmMJ8zQ0EtwwBfjssojdEfUTdwJQMsPWqX1eRK6bXKzVE40wVhMMsIS
3Q1f7bIMxUm8rfFtkEQJgU8F3Uuc0B8CzdetTSTp7T6EfgtRmxs2FEBJp1j54ZLf
5KER0e0bK12dEeaHenbi0dwJi0pupkufVNj5TKIpOdUabJ8gifALdzigV5+H37XL
STtwpvcLUnvncW07fgaKQSiQj30ghz+0hSRx5ZKzyEPqX7+saNOkc5KCMCkf0Tqi
TC1bra5loppApi7s+l9S8T32XeTZIwdJRA8lzFarmg+LHSAnh3IFnD56NwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFHkhNNe7CuWKKcdOUbUDpyVpbTCMMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvZVNFMDE3c0s1WW9weDA1UnRRT25KV2x0TUl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBW86cAwQB
W+XmAwQCuVpgMA0GCSqGSIb3DQEBCwUAA4IBAQAS6YWNVAJxVTB1+j4JGoJWAFUh
p4M5GuYuR+4VMNdrFcawgPHFKwZ5pVR7EhnIGoZerS5J32+QizCMbIoZiDnKB9Db
VaBJNRY8rV1WHiGMGAM+qCrW5YawhVh/JP8C4NZ7tFVrBUo6xYBr6ByzqFtKM0ch
tTjcCHkYcuw/mERbMu5V4S90l3iNtUiQus14jXo7FVPnGE1HJoU5A7Sb0ZqUYHsO
a9JZjsZLZFd+eQf+8/CIdeUeLidz5NFDTaezyQEpDTSWKKODJCD7yYkVE5KsSnPf
GbIw899CXLs4+eWehEMOnpQgQt9FJPGKLkYdVZ3YSrt501TiE8JTYvxulR+z
-----END CERTIFICATE-----
Generated at Sat Jun 8 11:17:51 2024 by rpki-client on console-ams.rpki-client.org