Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/mjXWaAf_lye4EqzIOKn8uSjzV0E.roa
File: mjXWaAf_lye4EqzIOKn8uSjzV0E.roa (raw, json)
Hash identifier: T5OUwDOXSt+dbKfSHtpQ+L2fcMZ7kdZqUfwSkv4VISw=
Subject key identifier: 9A:35:D6:68:07:FF:97:27:B8:12:AC:C8:38:A9:FC:B9:28:F3:57:41
Certificate issuer: /CN=e11aa92850ebfe648ad3d89add8e736ec3675a11
Certificate serial: 018CC5009A9D609FE56C97B29874BF5A25B1
Authority key identifier: E1:1A:A9:28:50:EB:FE:64:8A:D3:D8:9A:DD:8E:73:6E:C3:67:5A:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4RqpKFDr_mSK09ia3Y5zbsNnWhE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/mjXWaAf_lye4EqzIOKn8uSjzV0E.roa
Signing time: Mon 01 Jan 2024 12:30:00 +0000
ROA not before: Mon 01 Jan 2024 12:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8075
IP address blocks: 194.180.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/4RqpKFDr_mSK09ia3Y5zbsNnWhE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/4RqpKFDr_mSK09ia3Y5zbsNnWhE.mft
rsync://rpki.ripe.net/repository/DEFAULT/4RqpKFDr_mSK09ia3Y5zbsNnWhE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 19:23:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:9a:9d:60:9f:e5:6c:97:b2:98:74:bf:5a:25:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e11aa92850ebfe648ad3d89add8e736ec3675a11
Validity
Not Before: Jan 1 12:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9a35d66807ff9727b812acc838a9fcb928f35741
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:d6:09:28:74:52:84:47:84:5b:db:1f:69:05:
04:b1:01:7e:a6:12:0f:f0:3e:69:ca:a0:07:0a:80:
13:6b:11:02:0d:28:98:5f:d1:bf:40:1c:d7:71:8f:
16:cc:a0:ac:00:a7:a7:cc:28:66:30:93:a4:93:7e:
ab:e3:39:13:37:54:eb:d5:90:4b:27:02:29:0b:1f:
6d:74:e4:c4:72:79:eb:33:b9:5c:7c:22:de:f8:1d:
a7:2d:f6:e8:d3:5f:8c:75:10:dc:69:87:7e:10:51:
22:2e:aa:aa:81:97:32:1c:a1:1e:db:fe:4a:68:be:
49:6f:a6:c3:79:05:54:43:ff:75:e2:2a:51:70:3e:
98:02:bc:01:50:10:e8:9f:cc:d8:23:0d:92:a9:4c:
72:ae:9d:36:eb:f4:ca:e3:7c:80:61:ef:b1:48:0e:
12:20:cf:e1:fa:c6:56:84:d0:39:e3:62:9c:fa:18:
e1:e7:50:8c:ef:61:3c:cc:0b:42:28:c8:d2:38:2f:
62:a4:b1:60:45:ae:6e:02:8e:25:c2:00:f0:47:2f:
78:be:4f:b0:78:77:4c:9c:a2:ec:ee:5f:9c:74:73:
83:e0:3b:fc:13:fe:4f:fd:ae:f6:f3:51:e8:c3:a5:
70:05:68:54:16:e0:09:02:33:b7:a0:e2:b0:d9:79:
bd:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:35:D6:68:07:FF:97:27:B8:12:AC:C8:38:A9:FC:B9:28:F3:57:41
X509v3 Authority Key Identifier:
keyid:E1:1A:A9:28:50:EB:FE:64:8A:D3:D8:9A:DD:8E:73:6E:C3:67:5A:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4RqpKFDr_mSK09ia3Y5zbsNnWhE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/mjXWaAf_lye4EqzIOKn8uSjzV0E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/2ebba5-7a0d-4333-b911-0f88d16e1afe/1/4RqpKFDr_mSK09ia3Y5zbsNnWhE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.180.131.0/24
Signature Algorithm: sha256WithRSAEncryption
89:0b:1e:8d:49:af:48:88:c8:ae:b5:d8:35:fa:f2:0f:61:81:
1b:ea:af:fc:70:a6:04:a0:93:d9:81:dc:c5:e4:a1:2c:70:f7:
e2:bb:88:5b:5f:f5:6a:c6:6b:d0:b3:2a:17:b2:d5:ae:33:5c:
1f:b9:bc:ab:7e:7f:ca:be:16:3c:c6:a0:5e:59:94:64:d7:28:
c3:cb:b1:1a:41:58:ad:54:1f:02:34:cb:40:91:d8:d0:99:fb:
d2:de:11:3f:f2:11:e1:05:42:5d:b0:52:4c:6b:ae:a2:6f:f8:
d8:a6:82:ec:05:a5:f2:ca:13:0e:ed:01:b0:13:9f:9e:52:ac:
eb:3f:9a:4e:be:48:cf:57:e1:4c:ea:a4:70:e5:74:76:41:fb:
2f:f9:7f:b9:62:a6:e1:ad:a2:4a:df:55:c1:1a:c1:7f:3e:79:
23:f4:6e:5c:fa:bf:4b:dd:14:56:6f:8f:67:1f:89:5c:8f:d7:
ea:ed:05:18:70:fc:d5:b1:76:c3:62:7e:67:5b:c6:a0:cc:82:
af:77:c8:d6:26:d4:63:30:79:e8:5d:c9:95:80:3c:8d:f0:3a:
1d:d2:8c:9e:1c:a1:e2:70:5e:58:21:fa:fe:48:29:73:99:1d:
f2:bc:d2:0c:d3:fa:80:2e:39:36:b1:b0:eb:5c:61:fd:14:14:
2e:8b:4a:d5
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAJqdYJ/lbJeymHS/WiWxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxMWFhOTI4NTBlYmZlNjQ4YWQzZDg5YWRkOGU3MzZlYzM2
NzVhMTEwHhcNMjQwMTAxMTIzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTM1ZDY2ODA3ZmY5NzI3YjgxMmFjYzgzOGE5ZmNiOTI4ZjM1NzQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjtYJKHRShEeEW9sfaQUEsQF+phIP
8D5pyqAHCoATaxECDSiYX9G/QBzXcY8WzKCsAKenzChmMJOkk36r4zkTN1Tr1ZBL
JwIpCx9tdOTEcnnrM7lcfCLe+B2nLfbo01+MdRDcaYd+EFEiLqqqgZcyHKEe2/5K
aL5Jb6bDeQVUQ/914ipRcD6YArwBUBDon8zYIw2SqUxyrp026/TK43yAYe+xSA4S
IM/h+sZWhNA542Kc+hjh51CM72E8zAtCKMjSOC9ipLFgRa5uAo4lwgDwRy94vk+w
eHdMnKLs7l+cdHOD4Dv8E/5P/a7281How6VwBWhUFuAJAjO3oOKw2Xm9jQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJo11mgH/5cnuBKsyDip/Lko81dBMB8GA1UdIwQY
MBaAFOEaqShQ6/5kitPYmt2Oc27DZ1oRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFJxcEtGRHJfbVNLMDlpYTNZNXpic05uV2hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8yZWJiYTUtN2EwZC00MzMzLWI5MTEt
MGY4OGQxNmUxYWZlLzEvbWpYV2FBZl9seWU0RXF6SU9Lbjh1U2p6VjBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8yZWJiYTUtN2EwZC00MzMzLWI5MTEtMGY4OGQxNmUxYWZl
LzEvNFJxcEtGRHJfbVNLMDlpYTNZNXpic05uV2hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwrSDMA0G
CSqGSIb3DQEBCwUAA4IBAQCJCx6NSa9IiMiutdg1+vIPYYEb6q/8cKYEoJPZgdzF
5KEscPfiu4hbX/VqxmvQsyoXstWuM1wfubyrfn/KvhY8xqBeWZRk1yjDy7EaQVit
VB8CNMtAkdjQmfvS3hE/8hHhBUJdsFJMa66ib/jYpoLsBaXyyhMO7QGwE5+eUqzr
P5pOvkjPV+FM6qRw5XR2Qfsv+X+5YqbhraJK31XBGsF/Pnkj9G5c+r9L3RRWb49n
H4lcj9fq7QUYcPzVsXbDYn5nW8agzIKvd8jWJtRjMHnoXcmVgDyN8Dod0oyeHKHi
cF5YIfr+SClzmR3yvNIM0/qALjk2sbDrXGH9FBQui0rV
-----END CERTIFICATE-----
Generated at Fri May 17 01:11:12 2024 by rpki-client on console-fra.rpki-client.org