Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/4U-UJNYBwHGS1W5TqiLqTxAuR84.roa
File: 4U-UJNYBwHGS1W5TqiLqTxAuR84.roa (raw, json)
Hash identifier: t18u8j5369+0s0M3TeUF33eOjJj5ZXJyaPnUlCc1LGs=
Subject key identifier: E1:4F:94:24:D6:01:C0:71:92:D5:6E:53:AA:22:EA:4F:10:2E:47:CE
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0192B952FE9E96D683E86824BF321A3D79EE
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/4U-UJNYBwHGS1W5TqiLqTxAuR84.roa
Signing time: Wed 23 Oct 2024 12:21:16 +0000
ROA not before: Wed 23 Oct 2024 12:21:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 14.102.234.0/24 maxlen: 24
77.111.96.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b9:52:fe:9e:96:d6:83:e8:68:24:bf:32:1a:3d:79:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Oct 23 12:21:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e14f9424d601c07192d56e53aa22ea4f102e47ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:8f:24:4f:04:be:41:d5:65:59:4e:6c:90:16:
c9:d7:11:58:1f:e2:62:4c:1c:a3:13:31:a2:d8:e8:
7f:70:ec:7a:96:42:5b:6d:cf:f5:05:e1:aa:88:60:
09:32:ab:48:f1:a6:0f:a8:9d:81:ea:83:53:b9:91:
68:e2:64:e9:e1:ab:8a:9a:f2:df:f9:03:0a:0b:69:
ec:2b:ab:76:e7:6f:23:a1:23:0e:3b:8d:03:bc:fe:
87:4b:4e:5c:7b:ad:dc:2e:a6:5a:d4:60:ec:4f:ce:
ef:bb:82:ae:02:b6:c4:94:97:af:ba:d0:c8:1f:69:
12:2c:75:1c:40:77:04:df:38:70:3d:f4:16:09:fe:
b8:5c:e2:f5:4a:eb:1a:90:a1:e2:52:7f:50:2e:7c:
bc:40:80:76:c4:1c:3e:54:9c:72:5e:91:86:0b:e2:
e6:6d:fb:62:86:a4:f5:c2:2e:45:67:c6:ef:08:d3:
44:35:e4:51:ab:bc:90:51:9e:b7:2c:cc:d1:f8:80:
d5:ec:8e:2b:aa:da:26:aa:98:02:48:2a:79:ff:3e:
a7:6a:59:81:45:dc:97:97:c9:57:80:f6:4f:02:e8:
49:da:a2:7a:0f:d2:39:3a:69:24:0a:73:c7:b8:2b:
28:4e:6d:a5:e3:01:7e:47:23:3e:27:c4:5f:75:45:
81:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:4F:94:24:D6:01:C0:71:92:D5:6E:53:AA:22:EA:4F:10:2E:47:CE
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/4U-UJNYBwHGS1W5TqiLqTxAuR84.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.234.0/24
77.111.96.0/22
Signature Algorithm: sha256WithRSAEncryption
d7:36:c4:5a:02:b7:85:18:34:5e:af:dd:2c:9b:22:22:55:61:
68:08:e3:9c:f0:a8:69:b8:63:f2:46:ef:35:82:a6:86:fa:17:
53:2e:64:11:86:1b:c4:47:8b:97:4f:5e:e5:4e:1c:d8:72:8d:
46:4c:05:07:d5:2f:78:5f:08:48:61:51:57:a0:28:64:39:9c:
13:bc:72:05:37:b8:7d:67:e8:9d:bc:a9:d7:ac:e2:03:0f:89:
e4:2c:2a:82:a2:61:ea:e4:a2:99:00:be:bb:4d:55:89:90:78:
7a:6f:1d:69:46:56:53:4e:3c:56:23:23:91:79:e2:26:bc:61:
4a:30:5e:20:76:8c:3a:8a:17:34:a4:3f:03:c7:29:b8:0c:fa:
8f:66:03:a8:3d:60:40:08:c7:29:0e:e2:f2:ba:61:ab:e6:ca:
6d:2d:87:2c:71:08:30:b2:c9:c6:27:28:f1:15:2a:6e:22:88:
0c:cf:86:30:71:55:7b:6c:be:76:db:52:af:9e:ad:fe:30:f7:
15:08:f1:2c:50:fe:65:60:25:54:81:b3:60:fd:53:95:92:ff:
be:de:d0:c9:cd:53:ec:34:33:87:5e:10:d5:b0:46:7f:f8:ad:
c0:a9:aa:c9:a5:be:2c:93:4d:bb:a5:e4:69:df:e5:b2:63:4c:
12:e9:2b:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZK5Uv6eltaD6GgkvzIaPXnuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQxMDIzMTIyMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTRmOTQyNGQ2MDFjMDcxOTJkNTZlNTNhYTIyZWE0ZjEwMmU0N2NlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3I8kTwS+QdVlWU5skBbJ1xFYH+Ji
TByjEzGi2Oh/cOx6lkJbbc/1BeGqiGAJMqtI8aYPqJ2B6oNTuZFo4mTp4auKmvLf
+QMKC2nsK6t2528joSMOO40DvP6HS05ce63cLqZa1GDsT87vu4KuArbElJevutDI
H2kSLHUcQHcE3zhwPfQWCf64XOL1SusakKHiUn9QLny8QIB2xBw+VJxyXpGGC+Lm
bftihqT1wi5FZ8bvCNNENeRRq7yQUZ63LMzR+IDV7I4rqtomqpgCSCp5/z6nalmB
RdyXl8lXgPZPAuhJ2qJ6D9I5OmkkCnPHuCsoTm2l4wF+RyM+J8RfdUWBGQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFOFPlCTWAcBxktVuU6oi6k8QLkfOMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvNFUtVUpOWUJ3SEdTMVc1VHFpTHFUeEF1Ujg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQADmbqAwQC
TW9gMA0GCSqGSIb3DQEBCwUAA4IBAQDXNsRaAreFGDRer90smyIiVWFoCOOc8Khp
uGPyRu81gqaG+hdTLmQRhhvER4uXT17lThzYco1GTAUH1S94XwhIYVFXoChkOZwT
vHIFN7h9Z+idvKnXrOIDD4nkLCqComHq5KKZAL67TVWJkHh6bx1pRlZTTjxWIyOR
eeImvGFKMF4gdow6ihc0pD8Dxym4DPqPZgOoPWBACMcpDuLyumGr5sptLYcscQgw
ssnGJyjxFSpuIogMz4YwcVV7bL5221Kvnq3+MPcVCPEsUP5lYCVUgbNg/VOVkv++
3tDJzVPsNDOHXhDVsEZ/+K3AqarJpb4sk027peRp3+WyY0wS6SuB
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:33:43 2024 by rpki-client on console-ams.rpki-client.org