Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/I5Y1bzYlj31qs4fjOXr8Mc8onUA.roa
File: I5Y1bzYlj31qs4fjOXr8Mc8onUA.roa (raw, json)
Hash identifier: e/aM+kxwdMeHsIRi4FX0Ng/QCXdoRggUp3d/q/UmYP8=
Subject key identifier: 23:96:35:6F:36:25:8F:7D:6A:B3:87:E3:39:7A:FC:31:CF:28:9D:40
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 018CC795840646B9B6B2C35D644FB448010A
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/I5Y1bzYlj31qs4fjOXr8Mc8onUA.roa
Signing time: Tue 02 Jan 2024 00:31:53 +0000
ROA not before: Tue 02 Jan 2024 00:31:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13186
IP address blocks: 212.80.160.0/19 maxlen: 24
213.170.32.0/19 maxlen: 24
185.123.120.0/22 maxlen: 24
212.66.160.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.mft
rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:84:06:46:b9:b6:b2:c3:5d:64:4f:b4:48:01:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Jan 2 00:31:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2396356f36258f7d6ab387e3397afc31cf289d40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:84:57:66:4c:0e:1d:bf:44:5e:98:52:9b:2e:
8c:17:f2:65:13:ab:5d:99:05:c6:a1:8c:58:04:28:
30:ef:0c:f9:c3:fd:7c:c8:57:f6:19:0f:05:bd:66:
93:c9:0a:66:cf:18:41:e0:58:5d:ed:52:ec:90:9b:
52:65:bb:e2:f9:ff:cc:68:3f:06:19:c7:00:94:4e:
19:33:e2:32:5d:e4:2f:bb:6c:7e:9d:48:f2:ee:55:
f8:d9:b5:70:ad:93:ad:85:e6:f3:43:02:45:b0:18:
de:0b:03:8c:12:99:32:c1:10:a5:8a:c2:bc:d5:ad:
d8:9b:66:ee:33:f1:8d:35:9a:73:fc:97:69:1c:e9:
4f:43:6c:18:82:00:83:dc:35:a1:31:33:56:73:3f:
08:cb:0f:b5:ac:08:00:10:9d:c2:b3:bb:04:27:d2:
5c:ba:18:62:06:d9:ee:a1:d0:d8:22:ee:f7:62:c1:
3a:c0:41:de:48:98:09:23:8f:00:55:60:a6:88:c5:
c8:1f:c4:93:db:26:9c:f7:1c:95:ca:88:05:08:40:
7a:e3:db:fd:f6:95:c8:49:f7:69:70:77:84:d8:d3:
a7:d5:83:a6:2e:24:61:13:43:39:9e:d9:1f:6a:38:
cb:00:55:67:2f:03:af:f6:85:e3:ba:ca:db:2b:c3:
a6:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:96:35:6F:36:25:8F:7D:6A:B3:87:E3:39:7A:FC:31:CF:28:9D:40
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/I5Y1bzYlj31qs4fjOXr8Mc8onUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.120.0/22
212.66.160.0/24
212.80.160.0/19
213.170.32.0/19
Signature Algorithm: sha256WithRSAEncryption
71:e0:6c:92:65:a1:09:c4:9a:09:7c:03:b8:57:16:7b:5b:1d:
f9:0e:c7:50:10:ed:1f:b5:e8:e7:6d:73:06:1f:13:c9:ad:f1:
b6:3c:b3:13:f6:51:93:e8:d7:70:72:42:fa:3c:89:42:27:b2:
f1:50:2e:9a:71:98:a7:a0:c6:3b:08:97:20:60:46:2e:c2:46:
c0:65:dc:3d:db:2e:dc:b0:f4:39:af:6b:2c:10:42:e4:c9:be:
ef:65:b3:ef:1c:1e:8d:eb:90:dd:6e:37:7e:fa:16:33:a8:02:
7e:b7:aa:22:2b:0a:e9:de:22:df:7b:9f:d3:02:ed:58:a8:68:
fd:69:db:4b:c7:18:bd:47:7d:c2:6e:5c:70:d1:a9:3a:9d:a9:
2a:f9:f0:ea:54:53:cb:3d:6b:52:95:ca:92:2b:57:4c:94:eb:
8d:42:32:8d:97:48:38:9d:f0:f3:cb:9c:65:d2:a7:68:8c:28:
30:87:fb:2c:35:4f:6c:dd:8d:84:1e:9e:e1:17:4f:bd:2a:fa:
98:6e:74:b8:6e:d0:c5:3c:d5:5d:97:0d:7c:53:ab:48:4d:3a:
cd:16:39:b2:31:1b:71:fe:84:0c:95:37:f1:49:b3:80:ab:af:
af:10:5e:bb:32:0f:69:25:36:57:f7:a0:9e:28:73:7f:29:5f:
07:39:5b:80
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHlYQGRrm2ssNdZE+0SAEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjQwMTAyMDAzMTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzk2MzU2ZjM2MjU4ZjdkNmFiMzg3ZTMzOTdhZmMzMWNmMjg5ZDQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo4RXZkwOHb9EXphSmy6MF/JlE6td
mQXGoYxYBCgw7wz5w/18yFf2GQ8FvWaTyQpmzxhB4Fhd7VLskJtSZbvi+f/MaD8G
GccAlE4ZM+IyXeQvu2x+nUjy7lX42bVwrZOthebzQwJFsBjeCwOMEpkywRClisK8
1a3Ym2buM/GNNZpz/JdpHOlPQ2wYggCD3DWhMTNWcz8Iyw+1rAgAEJ3Cs7sEJ9Jc
uhhiBtnuodDYIu73YsE6wEHeSJgJI48AVWCmiMXIH8ST2yac9xyVyogFCEB649v9
9pXISfdpcHeE2NOn1YOmLiRhE0M5ntkfajjLAFVnLwOv9oXjusrbK8OmeQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCOWNW82JY99arOH4zl6/DHPKJ1AMB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvSTVZMWJ6WWxqMzFxczRmak9YcjhNYzhvblVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEtYTg3MWVjYzIxMmE2
LzEvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuXt4AwQA
1EKgAwQF1FCgAwQF1aogMA0GCSqGSIb3DQEBCwUAA4IBAQBx4GySZaEJxJoJfAO4
VxZ7Wx35DsdQEO0ftejnbXMGHxPJrfG2PLMT9lGT6NdwckL6PIlCJ7LxUC6acZin
oMY7CJcgYEYuwkbAZdw92y7csPQ5r2ssEELkyb7vZbPvHB6N65Ddbjd++hYzqAJ+
t6oiKwrp3iLfe5/TAu1YqGj9adtLxxi9R33Cblxw0ak6nakq+fDqVFPLPWtSlcqS
K1dMlOuNQjKNl0g4nfDzy5xl0qdojCgwh/ssNU9s3Y2EHp7hF0+9KvqYbnS4btDF
PNVdlw18U6tITTrNFjmyMRtx/oQMlTfxSbOAq6+vEF67Mg9pJTZX96CeKHN/KV8H
OVuA
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:17:44 2024 by rpki-client on console-ams.rpki-client.org