Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/cuKNxHUE4EJ5Z9KN3zD900kmHWU.roa
File: cuKNxHUE4EJ5Z9KN3zD900kmHWU.roa (raw, json)
Hash identifier: Eyt7VxrUyQbA3baIlclyGl69308segVjRBk4/QZ2Bc0=
Subject key identifier: 72:E2:8D:C4:75:04:E0:42:79:67:D2:8D:DF:30:FD:D3:49:26:1D:65
Certificate issuer: /CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Certificate serial: 01933A4C76E25EEB00F1976C28AF5216759C
Authority key identifier: E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/cuKNxHUE4EJ5Z9KN3zD900kmHWU.roa
Signing time: Sun 17 Nov 2024 13:25:09 +0000
ROA not before: Sun 17 Nov 2024 13:25:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202766
IP address blocks: 185.123.120.0/22 maxlen: 24
212.66.160.0/24 maxlen: 24
212.80.160.0/19 maxlen: 24
213.170.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.mft
rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3a:4c:76:e2:5e:eb:00:f1:97:6c:28:af:52:16:75:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8403b5e45cd58be5f6c5d33fa565ab49223e3db
Validity
Not Before: Nov 17 13:25:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=72e28dc47504e0427967d28ddf30fdd349261d65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:6b:cb:a1:aa:15:88:24:c2:eb:2d:fc:9b:ea:
3b:cf:0e:b6:6d:44:8b:47:e0:00:b5:b9:54:48:69:
c2:59:9f:3f:2e:39:d4:59:be:9a:6c:17:b8:a6:4f:
34:1c:cd:f3:92:77:8f:56:32:40:a9:0e:c1:be:a1:
fe:c6:06:64:64:b1:f6:2d:a0:6e:04:79:8c:5f:b7:
07:65:fb:02:2a:17:ad:3b:48:16:8b:2e:e8:48:da:
a4:b1:e8:db:e1:fd:da:1f:f4:74:d7:2b:76:1c:f3:
8f:b6:14:12:88:a3:7e:81:b2:a9:c4:f0:42:5f:6d:
8f:d6:7c:7a:26:26:64:01:26:c9:e2:c1:53:a9:ed:
6b:f9:a4:ba:6e:be:99:9d:e6:8a:af:51:04:f2:6c:
49:70:f8:ba:2d:2a:2d:01:8a:3f:18:9b:e1:2a:22:
02:92:93:20:11:c5:dc:38:ef:ba:a0:fc:d0:94:b8:
3f:b6:cd:e0:2a:f9:fc:33:f2:5c:6f:00:3b:0e:87:
96:97:5f:59:f5:94:b5:2f:4d:e0:35:ae:b1:e5:93:
6c:4d:6b:37:04:a7:1d:2d:bd:3d:bb:99:ae:2d:00:
0f:e5:a1:d7:c3:b0:98:f4:92:90:20:0e:5a:b7:0d:
de:9e:a6:f3:d4:8e:a3:f3:79:64:c3:99:c3:e6:37:
c5:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:E2:8D:C4:75:04:E0:42:79:67:D2:8D:DF:30:FD:D3:49:26:1D:65
X509v3 Authority Key Identifier:
keyid:E8:40:3B:5E:45:CD:58:BE:5F:6C:5D:33:FA:56:5A:B4:92:23:E3:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6EA7XkXNWL5fbF0z-lZatJIj49s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/cuKNxHUE4EJ5Z9KN3zD900kmHWU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/8976ed-da0a-49a5-a751-a871ecc212a6/1/6EA7XkXNWL5fbF0z-lZatJIj49s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.123.120.0/22
212.66.160.0/24
212.80.160.0/19
213.170.32.0/19
Signature Algorithm: sha256WithRSAEncryption
97:36:05:33:c2:dc:9e:eb:c2:3d:90:52:fe:47:a3:d3:3a:4b:
21:78:e9:6c:6d:6e:71:c0:60:ab:fb:94:13:62:f0:2d:68:cf:
b4:de:f9:30:4d:72:b0:f5:5f:b2:2e:86:6e:8d:30:ad:6d:78:
31:27:7e:13:bc:f3:11:05:60:76:69:a7:6a:25:78:0c:b7:dd:
28:dd:d0:ff:d5:52:99:c0:65:c3:2c:ea:fe:be:01:57:76:a0:
53:df:28:f6:57:c4:88:eb:ef:73:34:99:e7:27:2c:0c:0e:ba:
02:ec:45:d6:58:dc:7e:c4:28:0c:85:30:55:c8:ce:e1:62:a8:
26:ad:bd:1c:d3:67:da:aa:6f:91:a0:0e:b8:c4:9a:da:ae:04:
dc:5e:db:bd:44:8e:f3:d6:40:9b:e0:be:3b:e4:c5:65:59:58:
9d:94:cc:a5:2a:8a:f9:6c:d4:03:ff:06:e4:23:6a:3a:1a:6e:
4a:75:14:bb:be:47:70:49:dc:77:3b:9b:10:37:6a:e4:86:87:
a7:dc:b6:b2:51:46:62:57:22:c1:fd:35:5e:f0:42:de:1c:ad:
64:d1:35:67:d6:78:49:29:1d:c7:ef:9d:e9:c5:0d:47:b2:f0:
75:98:20:e0:61:fb:8f:b1:fa:8a:94:ee:f1:b7:91:c1:92:15:
e9:9f:c8:c1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZM6THbiXusA8ZdsKK9SFnWcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NDAzYjVlNDVjZDU4YmU1ZjZjNWQzM2ZhNTY1YWI0OTIy
M2UzZGIwHhcNMjQxMTE3MTMyNTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MmUyOGRjNDc1MDRlMDQyNzk2N2QyOGRkZjMwZmRkMzQ5MjYxZDY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5GvLoaoViCTC6y38m+o7zw62bUSL
R+AAtblUSGnCWZ8/LjnUWb6abBe4pk80HM3zknePVjJAqQ7BvqH+xgZkZLH2LaBu
BHmMX7cHZfsCKhetO0gWiy7oSNqksejb4f3aH/R01yt2HPOPthQSiKN+gbKpxPBC
X22P1nx6JiZkASbJ4sFTqe1r+aS6br6ZneaKr1EE8mxJcPi6LSotAYo/GJvhKiIC
kpMgEcXcOO+6oPzQlLg/ts3gKvn8M/JcbwA7DoeWl19Z9ZS1L03gNa6x5ZNsTWs3
BKcdLb09u5muLQAP5aHXw7CY9JKQIA5atw3enqbz1I6j83lkw5nD5jfFuQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHLijcR1BOBCeWfSjd8w/dNJJh1lMB8GA1UdIwQY
MBaAFOhAO15FzVi+X2xdM/pWWrSSI+PbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEt
YTg3MWVjYzIxMmE2LzEvY3VLTnhIVUU0RUo1WjlLTjN6RDkwMGttSFdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy84OTc2ZWQtZGEwYS00OWE1LWE3NTEtYTg3MWVjYzIxMmE2
LzEvNkVBN1hrWE5XTDVmYkYwei1sWmF0SklqNDlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCuXt4AwQA
1EKgAwQF1FCgAwQF1aogMA0GCSqGSIb3DQEBCwUAA4IBAQCXNgUzwtye68I9kFL+
R6PTOksheOlsbW5xwGCr+5QTYvAtaM+03vkwTXKw9V+yLoZujTCtbXgxJ34TvPMR
BWB2aadqJXgMt90o3dD/1VKZwGXDLOr+vgFXdqBT3yj2V8SI6+9zNJnnJywMDroC
7EXWWNx+xCgMhTBVyM7hYqgmrb0c02faqm+RoA64xJrargTcXtu9RI7z1kCb4L47
5MVlWVidlMylKor5bNQD/wbkI2o6Gm5KdRS7vkdwSdx3O5sQN2rkhoen3LayUUZi
VyLB/TVe8ELeHK1k0TVn1nhJKR3H753pxQ1HsvB1mCDgYfuPsfqKlO7xt5HBkhXp
n8jB
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:29:12 2024 by rpki-client on console-ams.rpki-client.org