Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e2/b6c991-1fd4-487f-8778-d15e516dc45c/1/OxRvAqtvpYB92785RREIKA4HsQI.roa
File: OxRvAqtvpYB92785RREIKA4HsQI.roa (raw, json)
Hash identifier: 8Zp7Qu4ZTGEtBAdmpRtAWc/j63bqXDO6Hdvr+3eEx1I=
Subject key identifier: 3B:14:6F:02:AB:6F:A5:80:7D:DB:BF:39:45:11:08:28:0E:07:B1:02
Certificate issuer: /CN=111e0cbbe5d1c0a09465095e444fbc1c7932c683
Certificate serial: 018D35976901B5A2454E60F1D685AAB1A890
Authority key identifier: 11:1E:0C:BB:E5:D1:C0:A0:94:65:09:5E:44:4F:BC:1C:79:32:C6:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ER4Mu-XRwKCUZQleRE-8HHkyxoM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e2/b6c991-1fd4-487f-8778-d15e516dc45c/1/OxRvAqtvpYB92785RREIKA4HsQI.roa
Signing time: Tue 23 Jan 2024 09:12:11 +0000
ROA not before: Tue 23 Jan 2024 09:12:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203740
IP address blocks: 185.125.40.0/22 maxlen: 22
185.125.40.0/23 maxlen: 24
185.125.43.0/24 maxlen: 24
2a06:b7c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e2/b6c991-1fd4-487f-8778-d15e516dc45c/1/ER4Mu-XRwKCUZQleRE-8HHkyxoM.crl
rsync://rpki.ripe.net/repository/DEFAULT/e2/b6c991-1fd4-487f-8778-d15e516dc45c/1/ER4Mu-XRwKCUZQleRE-8HHkyxoM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ER4Mu-XRwKCUZQleRE-8HHkyxoM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:35:97:69:01:b5:a2:45:4e:60:f1:d6:85:aa:b1:a8:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=111e0cbbe5d1c0a09465095e444fbc1c7932c683
Validity
Not Before: Jan 23 09:12:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b146f02ab6fa5807ddbbf39451108280e07b102
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ce:ea:f2:0a:05:58:d2:ad:c0:10:83:d0:19:
55:19:66:82:85:d1:e4:81:1e:0e:d9:f4:1d:b2:e0:
5a:74:6d:d1:e9:b8:a3:b6:47:f9:49:e3:6f:d0:02:
04:fd:5c:54:7d:9e:a7:43:1e:87:d9:d4:d7:50:5c:
7f:49:66:5f:b8:26:21:da:a5:0b:6d:29:d3:84:24:
3d:1d:58:45:a8:c0:98:86:2d:3b:1a:f3:98:0d:eb:
1a:ff:71:9a:fa:3e:21:65:af:15:db:29:85:07:c9:
25:6a:b4:d8:09:99:5c:c2:47:b8:a8:d4:84:38:db:
5f:4e:42:15:2e:09:7a:b3:38:2a:95:23:b5:9b:b9:
24:64:f7:4d:46:fc:1a:bc:1a:a3:3d:6b:af:a8:97:
73:2a:92:27:42:d1:fd:71:f7:cc:37:ba:d1:90:fb:
b5:04:d2:af:03:8f:91:bc:65:b5:90:2b:06:d8:5c:
7c:93:2a:da:79:1c:53:66:ef:fd:ce:23:24:8e:25:
73:dd:36:73:8d:6f:89:1e:af:b2:55:ba:7b:24:ee:
9e:bc:d1:8d:63:7f:5f:f0:43:1b:41:1f:10:db:2c:
23:f7:f3:35:84:6f:a7:5e:70:e0:62:35:f7:73:f7:
9f:45:65:01:c8:5c:7a:45:16:ff:63:f2:7e:0b:91:
f1:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:14:6F:02:AB:6F:A5:80:7D:DB:BF:39:45:11:08:28:0E:07:B1:02
X509v3 Authority Key Identifier:
keyid:11:1E:0C:BB:E5:D1:C0:A0:94:65:09:5E:44:4F:BC:1C:79:32:C6:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ER4Mu-XRwKCUZQleRE-8HHkyxoM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/b6c991-1fd4-487f-8778-d15e516dc45c/1/OxRvAqtvpYB92785RREIKA4HsQI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e2/b6c991-1fd4-487f-8778-d15e516dc45c/1/ER4Mu-XRwKCUZQleRE-8HHkyxoM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.40.0/22
IPv6:
2a06:b7c0::/29
Signature Algorithm: sha256WithRSAEncryption
02:13:7b:8e:00:71:fd:e0:f1:93:8d:ec:b0:3f:9c:c9:33:71:
80:ca:3b:d4:fe:0b:f8:e2:6d:a6:81:1b:ce:50:9a:a5:e2:8f:
ae:76:62:55:7d:21:81:24:26:14:35:ff:da:21:28:7e:9e:ca:
01:c1:62:ee:c8:da:7a:35:ed:d3:fe:03:28:67:8e:e0:f9:b0:
a6:6e:1c:c6:23:5f:04:19:32:a5:77:49:6c:93:98:dd:33:15:
54:79:50:94:ec:13:94:fd:3d:d6:db:28:09:fb:3b:ae:49:da:
d4:66:c4:a7:45:d8:81:dc:26:44:73:d7:34:49:ea:b3:30:70:
d7:e2:c8:dc:3c:af:dd:19:b1:78:3a:17:57:dd:ca:4e:7e:a2:
87:72:2b:ca:f2:fb:f6:4f:a4:d8:72:79:84:ca:02:a2:9c:f5:
08:06:02:b1:a5:fa:c8:b4:62:82:46:03:18:05:5a:5e:0e:71:
68:d0:76:fc:35:db:29:11:31:4b:a5:13:01:89:56:5f:89:5c:
30:f6:b1:24:c6:62:eb:c5:e0:12:57:4c:10:04:7c:64:7c:a3:
74:9c:93:31:a9:66:2a:8f:fb:8a:99:cc:46:27:d1:ac:93:1b:
77:a1:66:5f:f5:d7:14:50:35:cb:1c:84:6f:d5:cf:8b:ea:d5:
6f:c3:47:7d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY01l2kBtaJFTmDx1oWqsaiQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExMWUwY2JiZTVkMWMwYTA5NDY1MDk1ZTQ0NGZiYzFjNzkz
MmM2ODMwHhcNMjQwMTIzMDkxMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjE0NmYwMmFiNmZhNTgwN2RkYmJmMzk0NTExMDgyODBlMDdiMTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArM7q8goFWNKtwBCD0BlVGWaChdHk
gR4O2fQdsuBadG3R6bijtkf5SeNv0AIE/VxUfZ6nQx6H2dTXUFx/SWZfuCYh2qUL
bSnThCQ9HVhFqMCYhi07GvOYDesa/3Ga+j4hZa8V2ymFB8klarTYCZlcwke4qNSE
ONtfTkIVLgl6szgqlSO1m7kkZPdNRvwavBqjPWuvqJdzKpInQtH9cffMN7rRkPu1
BNKvA4+RvGW1kCsG2Fx8kyraeRxTZu/9ziMkjiVz3TZzjW+JHq+yVbp7JO6evNGN
Y39f8EMbQR8Q2ywj9/M1hG+nXnDgYjX3c/efRWUByFx6RRb/Y/J+C5Hx2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDsUbwKrb6WAfdu/OUURCCgOB7ECMB8GA1UdIwQY
MBaAFBEeDLvl0cCglGUJXkRPvBx5MsaDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVI0TXUtWFJ3S0NVWlFsZVJFLThISGt5eG9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMi9iNmM5OTEtMWZkNC00ODdmLTg3Nzgt
ZDE1ZTUxNmRjNDVjLzEvT3hSdkFxdHZwWUI5Mjc4NVJSRUlLQTRIc1FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMi9iNmM5OTEtMWZkNC00ODdmLTg3NzgtZDE1ZTUxNmRjNDVj
LzEvRVI0TXUtWFJ3S0NVWlFsZVJFLThISGt5eG9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuX0oMA0E
AgACMAcDBQMqBrfAMA0GCSqGSIb3DQEBCwUAA4IBAQACE3uOAHH94PGTjeywP5zJ
M3GAyjvU/gv44m2mgRvOUJql4o+udmJVfSGBJCYUNf/aISh+nsoBwWLuyNp6Ne3T
/gMoZ47g+bCmbhzGI18EGTKld0lsk5jdMxVUeVCU7BOU/T3W2ygJ+zuuSdrUZsSn
RdiB3CZEc9c0SeqzMHDX4sjcPK/dGbF4OhdX3cpOfqKHcivK8vv2T6TYcnmEygKi
nPUIBgKxpfrItGKCRgMYBVpeDnFo0Hb8NdspETFLpRMBiVZfiVww9rEkxmLrxeAS
V0wQBHxkfKN0nJMxqWYqj/uKmcxGJ9Gskxt3oWZf9dcUUDXLHIRv1c+L6tVvw0d9
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:51:45 2024 by rpki-client on console-ams.rpki-client.org