Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/52975f-feb2-433b-b2dc-c238ce4817db/1/EN8hnPAxOkNXZH4tAienJrEyVg4.roa
File: EN8hnPAxOkNXZH4tAienJrEyVg4.roa (raw, json)
Hash identifier: PrAIJthNCvJwaomDLQmYk+qHT9t2KNMGkiFzMVDMOL8=
Subject key identifier: 10:DF:21:9C:F0:31:3A:43:57:64:7E:2D:02:27:A7:26:B1:32:56:0E
Certificate issuer: /CN=ac5eadc0032850236fee756eb58fbf05e1316b5e
Certificate serial: 018E3D2A48B803B42586BDC93ED27D9D9B9B
Authority key identifier: AC:5E:AD:C0:03:28:50:23:6F:EE:75:6E:B5:8F:BF:05:E1:31:6B:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rF6twAMoUCNv7nVutY-_BeExa14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/52975f-feb2-433b-b2dc-c238ce4817db/1/EN8hnPAxOkNXZH4tAienJrEyVg4.roa
Signing time: Thu 14 Mar 2024 13:32:45 +0000
ROA not before: Thu 14 Mar 2024 13:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199938
IP address blocks: 185.41.104.0/22 maxlen: 24
194.39.187.0/24 maxlen: 24
194.39.215.0/24 maxlen: 24
194.40.244.0/24 maxlen: 24
194.41.1.0/24 maxlen: 24
2a01:55e0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/52975f-feb2-433b-b2dc-c238ce4817db/1/rF6twAMoUCNv7nVutY-_BeExa14.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/52975f-feb2-433b-b2dc-c238ce4817db/1/rF6twAMoUCNv7nVutY-_BeExa14.mft
rsync://rpki.ripe.net/repository/DEFAULT/rF6twAMoUCNv7nVutY-_BeExa14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:3d:2a:48:b8:03:b4:25:86:bd:c9:3e:d2:7d:9d:9b:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac5eadc0032850236fee756eb58fbf05e1316b5e
Validity
Not Before: Mar 14 13:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10df219cf0313a4357647e2d0227a726b132560e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:dd:39:65:ca:37:b3:30:d5:e6:27:8a:b8:7c:
bf:5d:e0:fd:f2:08:e3:a9:a1:7d:7f:56:6e:c5:fb:
ab:66:d2:ad:91:0f:b0:83:bc:04:5d:d1:26:32:2c:
2f:fb:e3:44:15:4a:40:98:c7:5c:66:cd:a3:5a:7d:
a7:ed:62:10:62:1e:83:ac:33:7c:e9:b9:84:d0:99:
e7:c0:c8:d2:18:e3:35:0d:92:27:98:1a:63:e8:8f:
ed:df:8f:de:63:34:90:41:13:e4:18:ad:b7:63:b4:
90:5a:85:9f:21:82:9e:7e:e9:89:1d:7e:17:c2:d7:
e5:fa:e1:a3:b5:dc:b1:f7:87:4c:0c:91:be:aa:8f:
63:ab:89:ea:4b:3f:a4:e2:28:0f:f0:55:2e:cf:8d:
48:e8:ef:21:2c:0e:90:ec:c7:ef:38:30:96:ad:25:
cd:01:c7:5d:27:96:d1:86:d2:9e:17:f5:fb:3c:ca:
c3:ae:1c:0a:b2:84:b3:75:4f:8c:b2:61:bc:07:e2:
50:16:41:a4:17:3b:b8:8f:98:bb:da:83:f5:77:83:
e8:f2:12:42:95:5c:8b:47:2b:48:43:a9:59:26:71:
4b:92:c1:5e:44:21:9c:56:16:e7:cc:a5:59:0d:e8:
3a:81:49:c4:15:aa:44:31:1c:0d:e6:ae:14:8c:e3:
e8:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:DF:21:9C:F0:31:3A:43:57:64:7E:2D:02:27:A7:26:B1:32:56:0E
X509v3 Authority Key Identifier:
keyid:AC:5E:AD:C0:03:28:50:23:6F:EE:75:6E:B5:8F:BF:05:E1:31:6B:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rF6twAMoUCNv7nVutY-_BeExa14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52975f-feb2-433b-b2dc-c238ce4817db/1/EN8hnPAxOkNXZH4tAienJrEyVg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/52975f-feb2-433b-b2dc-c238ce4817db/1/rF6twAMoUCNv7nVutY-_BeExa14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.104.0/22
194.39.187.0/24
194.39.215.0/24
194.40.244.0/24
194.41.1.0/24
IPv6:
2a01:55e0::/29
Signature Algorithm: sha256WithRSAEncryption
8d:aa:83:1c:9b:34:2f:14:eb:35:93:50:29:8d:d9:f3:2a:e9:
7c:99:cd:9c:23:af:e0:28:d1:f2:80:75:87:2e:5c:e7:65:c0:
31:da:9d:97:5f:3b:2c:b7:e2:56:45:2a:ac:e1:07:e8:cd:99:
22:20:8a:a2:03:9d:a3:ad:6b:b8:be:b2:79:a7:d4:79:bf:2f:
dd:8e:e3:f7:69:a4:aa:bd:44:45:3e:8d:ed:39:6b:bf:b9:70:
fa:90:02:8b:d4:14:6b:0f:8b:a7:ce:c9:3a:a1:e7:e7:26:db:
39:50:63:82:ab:0a:bf:7c:4a:e3:53:c5:8a:d6:90:2f:8c:e7:
db:32:c3:3f:05:75:b1:09:32:b3:34:62:ff:be:58:4e:56:50:
8d:b3:90:92:e6:fe:46:6a:9e:5f:34:a9:b8:48:c0:b0:0e:46:
e8:47:5d:50:28:9e:86:b6:99:85:20:5b:61:e8:f2:c6:ff:9c:
b8:d1:62:96:93:41:7f:c2:a1:e7:3b:47:ae:68:c9:37:e9:93:
6b:f9:41:ac:db:07:70:90:4c:09:6d:b3:41:f8:50:39:63:04:
d9:02:7f:d5:79:e3:1c:d7:20:1a:e3:38:7b:df:32:65:9b:45:
6a:13:28:d9:39:a1:09:f1:1c:2c:a4:e8:59:58:02:fd:1c:29:
7d:d3:6a:fe
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY49Kki4A7Qlhr3JPtJ9nZubMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjNWVhZGMwMDMyODUwMjM2ZmVlNzU2ZWI1OGZiZjA1ZTEz
MTZiNWUwHhcNMjQwMzE0MTMzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGRmMjE5Y2YwMzEzYTQzNTc2NDdlMmQwMjI3YTcyNmIxMzI1NjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAid05Zco3szDV5ieKuHy/XeD98gjj
qaF9f1ZuxfurZtKtkQ+wg7wEXdEmMiwv++NEFUpAmMdcZs2jWn2n7WIQYh6DrDN8
6bmE0JnnwMjSGOM1DZInmBpj6I/t34/eYzSQQRPkGK23Y7SQWoWfIYKefumJHX4X
wtfl+uGjtdyx94dMDJG+qo9jq4nqSz+k4igP8FUuz41I6O8hLA6Q7MfvODCWrSXN
AcddJ5bRhtKeF/X7PMrDrhwKsoSzdU+MsmG8B+JQFkGkFzu4j5i72oP1d4Po8hJC
lVyLRytIQ6lZJnFLksFeRCGcVhbnzKVZDeg6gUnEFapEMRwN5q4UjOPoWwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFBDfIZzwMTpDV2R+LQInpyaxMlYOMB8GA1UdIwQY
MBaAFKxercADKFAjb+51brWPvwXhMWteMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvckY2dHdBTW9VQ052N25WdXRZLV9CZUV4YTE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi81Mjk3NWYtZmViMi00MzNiLWIyZGMt
YzIzOGNlNDgxN2RiLzEvRU44aG5QQXhPa05YWkg0dEFpZW5KckV5Vmc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi81Mjk3NWYtZmViMi00MzNiLWIyZGMtYzIzOGNlNDgxN2Ri
LzEvckY2dHdBTW9VQ052N25WdXRZLV9CZUV4YTE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCuSloAwQA
wie7AwQAwifXAwQAwij0AwQAwikBMA0EAgACMAcDBQMqAVXgMA0GCSqGSIb3DQEB
CwUAA4IBAQCNqoMcmzQvFOs1k1ApjdnzKul8mc2cI6/gKNHygHWHLlznZcAx2p2X
Xzsst+JWRSqs4QfozZkiIIqiA52jrWu4vrJ5p9R5vy/djuP3aaSqvURFPo3tOWu/
uXD6kAKL1BRrD4unzsk6oefnJts5UGOCqwq/fErjU8WK1pAvjOfbMsM/BXWxCTKz
NGL/vlhOVlCNs5CS5v5Gap5fNKm4SMCwDkboR11QKJ6GtpmFIFth6PLG/5y40WKW
k0F/wqHnO0euaMk36ZNr+UGs2wdwkEwJbbNB+FA5YwTZAn/VeeMc1yAa4zh73zJl
m0VqEyjZOaEJ8RwspOhZWAL9HCl902r+
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:07 2024 by rpki-client on console-ams.rpki-client.org