Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/869214-16d4-45e0-b87e-32e932d6fd0e/1/eKknhWsVeXxR8cETPzDENQoq_v8.roa
File: eKknhWsVeXxR8cETPzDENQoq_v8.roa (raw, json)
Hash identifier: 8m6jfqnzUgEeDH4UfMLOUlDDMEjCenwJMF/0WlOpDls=
Subject key identifier: 78:A9:27:85:6B:15:79:7C:51:F1:C1:13:3F:30:C4:35:0A:2A:FE:FF
Certificate issuer: /CN=b4f115424c181c67966ccc2467ede69d060ccf53
Certificate serial: 018CC6B799ECB6035CBBAD5D723CEFCBE196
Authority key identifier: B4:F1:15:42:4C:18:1C:67:96:6C:CC:24:67:ED:E6:9D:06:0C:CF:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tPEVQkwYHGeWbMwkZ-3mnQYMz1M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/869214-16d4-45e0-b87e-32e932d6fd0e/1/eKknhWsVeXxR8cETPzDENQoq_v8.roa
Signing time: Mon 01 Jan 2024 20:29:30 +0000
ROA not before: Mon 01 Jan 2024 20:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212552
IP address blocks: 185.202.113.0/24 maxlen: 24
195.248.240.0/24 maxlen: 24
195.248.243.0/24 maxlen: 24
195.248.242.0/24 maxlen: 24
195.248.241.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/869214-16d4-45e0-b87e-32e932d6fd0e/1/tPEVQkwYHGeWbMwkZ-3mnQYMz1M.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/869214-16d4-45e0-b87e-32e932d6fd0e/1/tPEVQkwYHGeWbMwkZ-3mnQYMz1M.mft
rsync://rpki.ripe.net/repository/DEFAULT/tPEVQkwYHGeWbMwkZ-3mnQYMz1M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:99:ec:b6:03:5c:bb:ad:5d:72:3c:ef:cb:e1:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4f115424c181c67966ccc2467ede69d060ccf53
Validity
Not Before: Jan 1 20:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78a927856b15797c51f1c1133f30c4350a2afeff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:f4:e3:89:30:3f:8c:19:39:d4:55:25:b7:2f:
8b:e2:52:c2:73:bf:c0:a2:6d:01:cd:31:14:c4:83:
06:cd:b3:3e:d5:7e:95:96:c7:ce:dd:e0:78:00:b4:
47:cb:d5:ea:9d:40:95:52:c7:c6:f3:30:16:a1:4f:
cb:4c:b0:a7:41:be:be:30:5d:8f:fe:9c:9f:e1:69:
a7:6c:fa:dd:a0:82:c8:55:a6:b9:c1:a0:09:64:0c:
4d:fd:fc:7e:3d:ad:85:58:45:bc:17:bd:47:e1:da:
5f:bb:2f:ff:7f:37:21:0d:06:81:d5:42:0e:f7:30:
9e:c9:21:3e:e2:ab:81:89:36:99:58:31:ad:82:6c:
80:ed:f4:10:26:2d:32:07:bf:11:d4:bc:1d:56:23:
a5:e5:2e:0b:38:b6:85:97:da:01:f8:3c:40:21:50:
bf:04:24:c4:d1:92:a7:d6:93:63:92:65:4d:5f:10:
39:a3:c0:fa:23:03:e4:6a:db:a6:a5:05:83:3a:f2:
b7:2d:0d:05:2f:d6:f1:c7:03:57:8d:92:e1:d5:ab:
aa:01:42:1a:27:dc:2f:e5:0d:f2:ed:4c:55:63:9b:
0f:2e:b7:34:e7:56:b7:84:23:93:6d:cb:81:fe:85:
0d:72:3b:f6:fd:cd:7e:79:99:c5:ab:34:ee:4d:f5:
4a:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:A9:27:85:6B:15:79:7C:51:F1:C1:13:3F:30:C4:35:0A:2A:FE:FF
X509v3 Authority Key Identifier:
keyid:B4:F1:15:42:4C:18:1C:67:96:6C:CC:24:67:ED:E6:9D:06:0C:CF:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tPEVQkwYHGeWbMwkZ-3mnQYMz1M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/869214-16d4-45e0-b87e-32e932d6fd0e/1/eKknhWsVeXxR8cETPzDENQoq_v8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/869214-16d4-45e0-b87e-32e932d6fd0e/1/tPEVQkwYHGeWbMwkZ-3mnQYMz1M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.113.0/24
195.248.240.0/22
Signature Algorithm: sha256WithRSAEncryption
94:d2:a4:2c:f1:a4:6f:d5:46:a2:64:9c:e5:bb:96:7e:05:1d:
88:fa:f5:02:00:04:9f:62:f8:85:c9:b6:cd:53:d8:bf:b6:86:
3b:11:c3:c6:56:c9:95:28:11:3c:6e:5c:1c:1f:f0:19:be:da:
56:65:3e:ac:72:d4:11:66:13:18:c1:94:b0:4d:cd:70:76:1f:
8a:d4:de:99:08:06:64:7f:65:6d:31:2f:ee:df:07:d6:fd:66:
e4:3f:17:6f:6c:56:8c:70:3a:01:ae:dc:00:cc:a6:a6:cf:c7:
10:ce:a6:6b:39:79:18:2f:f2:d6:aa:40:b4:27:94:37:8e:4f:
da:62:a7:8b:67:98:3c:57:19:7c:54:2d:8f:8d:45:15:a2:d5:
f4:28:ec:72:54:19:55:5a:3d:fd:7b:b8:c3:59:0e:3c:e1:ce:
68:fb:2b:df:c3:3c:a5:95:62:1a:fe:98:2d:30:ba:b3:51:d5:
bf:d7:af:1c:36:32:e0:58:3c:dc:a5:44:56:5f:80:b9:49:2e:
c9:41:a0:c3:d1:56:5d:81:41:9c:53:9d:39:4a:a5:8e:76:5f:
9e:68:a6:1e:31:56:8c:73:a5:10:86:99:6d:43:ed:22:3b:87:
16:13:26:38:19:07:46:f3:63:f1:90:21:18:2b:0d:a5:12:f3:
cb:a7:d9:09
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGt5nstgNcu61dcjzvy+GWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ZjExNTQyNGMxODFjNjc5NjZjY2MyNDY3ZWRlNjlkMDYw
Y2NmNTMwHhcNMjQwMTAxMjAyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGE5Mjc4NTZiMTU3OTdjNTFmMWMxMTMzZjMwYzQzNTBhMmFmZWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2fTjiTA/jBk51FUlty+L4lLCc7/A
om0BzTEUxIMGzbM+1X6VlsfO3eB4ALRHy9XqnUCVUsfG8zAWoU/LTLCnQb6+MF2P
/pyf4WmnbPrdoILIVaa5waAJZAxN/fx+Pa2FWEW8F71H4dpfuy//fzchDQaB1UIO
9zCeySE+4quBiTaZWDGtgmyA7fQQJi0yB78R1LwdViOl5S4LOLaFl9oB+DxAIVC/
BCTE0ZKn1pNjkmVNXxA5o8D6IwPkatumpQWDOvK3LQ0FL9bxxwNXjZLh1auqAUIa
J9wv5Q3y7UxVY5sPLrc051a3hCOTbcuB/oUNcjv2/c1+eZnFqzTuTfVKnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHipJ4VrFXl8UfHBEz8wxDUKKv7/MB8GA1UdIwQY
MBaAFLTxFUJMGBxnlmzMJGft5p0GDM9TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFBFVlFrd1lIR2VXYk13a1otM21uUVlNejFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS84NjkyMTQtMTZkNC00NWUwLWI4N2Ut
MzJlOTMyZDZmZDBlLzEvZUtrbmhXc1ZlWHhSOGNFVFB6REVOUW9xX3Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS84NjkyMTQtMTZkNC00NWUwLWI4N2UtMzJlOTMyZDZmZDBl
LzEvdFBFVlFrd1lIR2VXYk13a1otM21uUVlNejFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAucpxAwQC
w/jwMA0GCSqGSIb3DQEBCwUAA4IBAQCU0qQs8aRv1UaiZJzlu5Z+BR2I+vUCAASf
YviFybbNU9i/toY7EcPGVsmVKBE8blwcH/AZvtpWZT6sctQRZhMYwZSwTc1wdh+K
1N6ZCAZkf2VtMS/u3wfW/WbkPxdvbFaMcDoBrtwAzKamz8cQzqZrOXkYL/LWqkC0
J5Q3jk/aYqeLZ5g8Vxl8VC2PjUUVotX0KOxyVBlVWj39e7jDWQ484c5o+yvfwzyl
lWIa/pgtMLqzUdW/168cNjLgWDzcpURWX4C5SS7JQaDD0VZdgUGcU505SqWOdl+e
aKYeMVaMc6UQhpltQ+0iO4cWEyY4GQdG82PxkCEYKw2lEvPLp9kJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:52:01 2024 by rpki-client on console-fra.rpki-client.org