Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ErEeqMBofU4pHJLlPovC2fVVDc0.roa
File: ErEeqMBofU4pHJLlPovC2fVVDc0.roa (raw, json)
Hash identifier: YWYLrHz2tquHO5xQ+jDhrKaH6Hnong7WyVfr4Gw798c=
Subject key identifier: 12:B1:1E:A8:C0:68:7D:4E:29:1C:92:E5:3E:8B:C2:D9:F5:55:0D:CD
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 018CC802E96583F659C2B54C5770A8245CAB
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ErEeqMBofU4pHJLlPovC2fVVDc0.roa
Signing time: Tue 02 Jan 2024 02:31:23 +0000
ROA not before: Tue 02 Jan 2024 02:31:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39651
IP address blocks: 193.234.87.0/24 maxlen: 24
193.180.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:e9:65:83:f6:59:c2:b5:4c:57:70:a8:24:5c:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Jan 2 02:31:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12b11ea8c0687d4e291c92e53e8bc2d9f5550dcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:b4:6e:b3:d7:f0:ab:de:63:f1:d3:b5:1e:d3:
73:21:c9:ed:77:95:52:87:1e:d0:c7:b6:0c:42:6a:
cc:94:6a:e7:e0:31:e5:b9:f8:09:4c:4f:f2:bd:63:
7b:ed:f6:02:3f:bd:1e:3b:34:bc:cd:04:f0:43:39:
e4:52:09:17:22:8d:21:1c:af:b3:3d:17:bc:6b:31:
a8:48:73:cf:a9:2d:55:77:a0:9a:a2:5b:7a:01:00:
c1:47:19:45:db:e4:e4:8c:38:f1:f0:f3:9e:7c:5e:
25:01:ce:17:bb:ac:20:50:92:2b:32:7f:44:8a:24:
1c:1a:db:ed:f7:1d:d0:e9:ef:71:b9:09:50:ab:c9:
a2:42:51:eb:89:78:9d:d5:bf:b5:fd:e7:c2:81:63:
84:61:ba:58:cc:0c:ae:e1:59:f7:7b:63:bd:d2:16:
0d:3f:31:e0:c7:24:07:88:67:3e:05:ae:55:b6:13:
29:db:4b:82:8d:9c:a8:92:c8:92:98:b5:0a:df:36:
c0:bb:79:c8:95:8a:fa:a2:9a:10:fb:69:63:26:07:
ed:6a:48:9d:56:fe:e5:c2:2f:2a:c9:44:c3:b0:1a:
e3:11:ad:7b:4e:38:7f:8f:bd:68:33:fb:ca:cb:61:
36:e3:af:d0:dc:0a:21:ec:fa:91:89:cd:d6:bf:38:
29:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:B1:1E:A8:C0:68:7D:4E:29:1C:92:E5:3E:8B:C2:D9:F5:55:0D:CD
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ErEeqMBofU4pHJLlPovC2fVVDc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.180.247.0/24
193.234.87.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:b0:bd:23:d1:16:9f:a3:ef:7f:46:2e:a6:07:4b:58:50:30:
39:bd:a8:77:15:db:6e:3f:a5:d2:25:49:99:4a:8f:18:6c:c9:
a2:55:f7:50:97:a8:c9:5d:f9:f3:55:26:80:2e:8e:9d:7a:cb:
c4:46:04:6a:74:d2:f5:bd:7a:57:13:a3:a6:68:a8:d3:e8:2b:
66:0d:57:97:a6:72:77:75:ed:99:92:42:da:eb:da:46:21:db:
fa:fd:24:b2:c9:94:bd:3a:b0:5a:68:e6:b1:de:d9:3a:c6:62:
14:25:ce:49:3a:a8:6f:b8:c5:b6:45:e3:07:8d:41:1a:7c:3c:
af:2d:d3:f3:ee:b3:31:c0:7d:1b:28:99:cc:de:7a:d0:95:a3:
79:a9:1d:dd:c8:80:54:b1:f5:6a:26:bc:e6:23:98:ee:ac:3f:
9f:5e:90:b7:b1:ac:33:af:61:25:3b:53:37:3b:3d:08:3b:d0:
14:7a:58:c8:a4:82:22:3d:f6:e7:63:aa:fd:e5:ed:1c:fb:a2:
5a:ce:bd:00:57:4b:79:22:cf:56:88:65:9d:d0:3e:3d:f7:a2:
89:c4:4e:c8:2f:c6:40:9d:e1:8e:46:c1:04:52:62:a0:58:20:
e2:59:5f:f1:65:80:cb:44:fe:0d:b2:da:b2:69:b1:b1:e6:56:
f8:f5:84:cb
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAullg/ZZwrVMV3CoJFyrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjQwMTAyMDIzMTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMmIxMWVhOGMwNjg3ZDRlMjkxYzkyZTUzZThiYzJkOWY1NTUwZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0rRus9fwq95j8dO1HtNzIcntd5VS
hx7Qx7YMQmrMlGrn4DHlufgJTE/yvWN77fYCP70eOzS8zQTwQznkUgkXIo0hHK+z
PRe8azGoSHPPqS1Vd6Caolt6AQDBRxlF2+TkjDjx8POefF4lAc4Xu6wgUJIrMn9E
iiQcGtvt9x3Q6e9xuQlQq8miQlHriXid1b+1/efCgWOEYbpYzAyu4Vn3e2O90hYN
PzHgxyQHiGc+Ba5VthMp20uCjZyoksiSmLUK3zbAu3nIlYr6opoQ+2ljJgftakid
Vv7lwi8qyUTDsBrjEa17Tjh/j71oM/vKy2E246/Q3Aoh7PqRic3Wvzgp5wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBKxHqjAaH1OKRyS5T6Lwtn1VQ3NMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvRXJFZXFNQm9mVTRwSEpMbFBvdkMyZlZWRGMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwbT3AwQA
wepXMA0GCSqGSIb3DQEBCwUAA4IBAQCssL0j0Rafo+9/Ri6mB0tYUDA5vah3Fdtu
P6XSJUmZSo8YbMmiVfdQl6jJXfnzVSaALo6desvERgRqdNL1vXpXE6OmaKjT6Ctm
DVeXpnJ3de2ZkkLa69pGIdv6/SSyyZS9OrBaaOax3tk6xmIUJc5JOqhvuMW2ReMH
jUEafDyvLdPz7rMxwH0bKJnM3nrQlaN5qR3dyIBUsfVqJrzmI5jurD+fXpC3sawz
r2ElO1M3Oz0IO9AUeljIpIIiPfbnY6r95e0c+6Jazr0AV0t5Is9WiGWd0D4996KJ
xE7IL8ZAneGORsEEUmKgWCDiWV/xZYDLRP4NstqyabGx5lb49YTL
-----END CERTIFICATE-----
Generated at Sat May 18 17:25:40 2024 by rpki-client on console-ams.rpki-client.org