Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/r_eHVtSaq3HNnDEhraPr85EomCw.roa
File: r_eHVtSaq3HNnDEhraPr85EomCw.roa (raw, json)
Hash identifier: YFpW2eaXoQRow6431VsPtA3GsXmV3Qenmr2aa6zbB4g=
Subject key identifier: AF:F7:87:56:D4:9A:AB:71:CD:9C:31:21:AD:A3:EB:F3:91:28:98:2C
Certificate issuer: /CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Certificate serial: 018DA94C8974614EA3A35BC9B5C2E69F539F
Authority key identifier: C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/r_eHVtSaq3HNnDEhraPr85EomCw.roa
Signing time: Wed 14 Feb 2024 20:26:21 +0000
ROA not before: Wed 14 Feb 2024 20:26:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 91.108.243.0/24 maxlen: 24
193.106.197.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 11:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a9:4c:89:74:61:4e:a3:a3:5b:c9:b5:c2:e6:9f:53:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2ee45426e12e50fe30e8ffc39e04485d8f73339
Validity
Not Before: Feb 14 20:26:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=aff78756d49aab71cd9c3121ada3ebf39128982c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:11:40:e1:cd:ce:02:0a:4a:be:da:07:68:9e:
85:37:2a:df:f6:56:fc:cd:41:5b:58:b5:74:b3:44:
a8:fb:41:d0:e7:94:c4:c2:eb:14:65:4a:69:dd:69:
59:dc:e7:33:0b:68:03:a0:55:62:da:0a:a1:3d:b5:
7c:88:bb:d5:4f:b3:f2:58:95:c6:53:1a:11:33:2f:
f6:9d:75:9a:17:4d:13:53:a9:74:ed:6c:e4:3d:ca:
9c:24:42:b2:d8:ec:34:c7:1c:8e:3e:20:b5:e4:12:
2e:62:4d:72:ff:16:15:4b:c6:65:03:2c:fd:ce:95:
1e:de:9e:61:50:e5:13:a6:45:ae:cd:9d:c7:e3:83:
f3:ee:dc:7a:99:3e:6f:30:d2:39:4a:6e:ce:83:6f:
cf:76:7e:d8:16:0f:7f:f3:7b:2b:f6:da:0f:d5:1e:
8f:0f:c8:18:f3:43:3c:c2:69:1c:b8:0a:ae:3a:83:
be:db:27:b4:94:da:3a:ea:1f:ee:36:f2:ad:93:52:
48:ed:f0:b1:1f:6a:6a:69:08:60:a6:b1:19:82:52:
1d:0f:44:b6:62:8f:71:fa:0f:e4:44:5f:be:d2:c2:
10:b0:2e:55:f2:2e:b3:38:30:bf:39:66:a7:b4:69:
15:1a:73:76:96:84:67:cd:9a:18:0c:bd:74:95:5d:
8e:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:F7:87:56:D4:9A:AB:71:CD:9C:31:21:AD:A3:EB:F3:91:28:98:2C
X509v3 Authority Key Identifier:
keyid:C2:EE:45:42:6E:12:E5:0F:E3:0E:8F:FC:39:E0:44:85:D8:F7:33:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/r_eHVtSaq3HNnDEhraPr85EomCw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/70aa32-9607-4db7-8f1e-da75430b16f6/1/wu5FQm4S5Q_jDo_8OeBEhdj3Mzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.243.0/24
193.106.197.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:97:31:fa:db:24:3c:2a:ca:78:19:e0:c0:6d:2f:d1:c3:85:
59:70:2f:3c:f1:2a:e8:c5:56:97:66:9f:da:cb:5e:b5:fe:11:
56:63:97:b4:98:59:31:93:e4:09:e7:d4:e3:34:ea:28:38:b3:
0e:1d:1d:e2:7d:33:66:4a:8b:7a:cb:b1:ec:f5:ea:55:fa:ca:
ab:a5:bc:b4:50:d1:20:94:e6:de:12:6c:87:f1:1d:fe:03:bd:
d9:16:c0:b8:d1:69:ea:e2:5d:9d:5c:2a:5e:23:c3:d3:a5:2e:
41:cf:f9:40:e8:b2:87:4c:8f:8e:67:74:0c:ea:90:1a:24:d1:
15:12:57:9d:1b:b6:14:6b:d9:f2:b4:d9:44:f7:97:d4:de:11:
19:42:7a:87:45:cb:5b:fd:47:7c:f6:1d:3b:48:6c:20:3a:1e:
0d:1b:12:53:57:22:8d:ae:93:e0:4e:be:05:81:66:a0:53:24:
e2:1d:03:d4:df:06:53:ee:f7:da:f0:b6:c6:d8:c7:19:fc:4b:
63:3f:40:b7:25:bd:07:ee:61:71:5f:9f:98:8b:e4:a7:bc:c2:
70:bc:ad:3d:c8:24:7b:72:db:cd:54:4b:99:83:77:4c:57:57:
db:0f:a7:22:d4:69:65:cf:b1:8b:08:32:9a:93:22:d7:bc:c2:
3b:e4:87:c2
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY2pTIl0YU6jo1vJtcLmn1OfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyZWU0NTQyNmUxMmU1MGZlMzBlOGZmYzM5ZTA0NDg1ZDhm
NzMzMzkwHhcNMjQwMjE0MjAyNjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZmY3ODc1NmQ0OWFhYjcxY2Q5YzMxMjFhZGEzZWJmMzkxMjg5ODJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthFA4c3OAgpKvtoHaJ6FNyrf9lb8
zUFbWLV0s0So+0HQ55TEwusUZUpp3WlZ3OczC2gDoFVi2gqhPbV8iLvVT7PyWJXG
UxoRMy/2nXWaF00TU6l07WzkPcqcJEKy2Ow0xxyOPiC15BIuYk1y/xYVS8ZlAyz9
zpUe3p5hUOUTpkWuzZ3H44Pz7tx6mT5vMNI5Sm7Og2/Pdn7YFg9/83sr9toP1R6P
D8gY80M8wmkcuAquOoO+2ye0lNo66h/uNvKtk1JI7fCxH2pqaQhgprEZglIdD0S2
Yo9x+g/kRF++0sIQsC5V8i6zODC/OWantGkVGnN2loRnzZoYDL10lV2OLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFK/3h1bUmqtxzZwxIa2j6/ORKJgsMB8GA1UdIwQY
MBaAFMLuRUJuEuUP4w6P/DngRIXY9zM5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUt
ZGE3NTQzMGIxNmY2LzEvcl9lSFZ0U2FxM0hObkRFaHJhUHI4NUVvbUN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83MGFhMzItOTYwNy00ZGI3LThmMWUtZGE3NTQzMGIxNmY2
LzEvd3U1RlFtNFM1UV9qRG9fOE9lQkVoZGozTXprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW2zzAwQA
wWrFMA0GCSqGSIb3DQEBCwUAA4IBAQCllzH62yQ8Ksp4GeDAbS/Rw4VZcC888Sro
xVaXZp/ay161/hFWY5e0mFkxk+QJ59TjNOooOLMOHR3ifTNmSot6y7Hs9epV+sqr
pby0UNEglObeEmyH8R3+A73ZFsC40Wnq4l2dXCpeI8PTpS5Bz/lA6LKHTI+OZ3QM
6pAaJNEVEledG7YUa9nytNlE95fU3hEZQnqHRctb/Ud89h07SGwgOh4NGxJTVyKN
rpPgTr4FgWagUyTiHQPU3wZT7vfa8LbG2McZ/EtjP0C3Jb0H7mFxX5+Yi+SnvMJw
vK09yCR7ctvNVEuZg3dMV1fbD6ci1Gllz7GLCDKakyLXvMI75IfC
-----END CERTIFICATE-----
Generated at Mon May 6 16:24:29 2024 by rpki-client on console-ams.rpki-client.org