Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/T3l0wDvZ-0rM9CHHw62aWFlvqJM.roa
File: T3l0wDvZ-0rM9CHHw62aWFlvqJM.roa (raw, json)
Hash identifier: zcZMyOR8yFqMhELpKXzRAaQbpf7HoRsk1iz7UT2r24s=
Subject key identifier: 4F:79:74:C0:3B:D9:FB:4A:CC:F4:21:C7:C3:AD:9A:58:59:6F:A8:93
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0192AFC3CA270A1E8B51FABBB9AB53E907FE
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/T3l0wDvZ-0rM9CHHw62aWFlvqJM.roa
Signing time: Mon 21 Oct 2024 15:48:16 +0000
ROA not before: Mon 21 Oct 2024 15:48:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23470
IP address blocks: 14.102.230.0/24 maxlen: 24
94.229.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:af:c3:ca:27:0a:1e:8b:51:fa:bb:b9:ab:53:e9:07:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Oct 21 15:48:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f7974c03bd9fb4accf421c7c3ad9a58596fa893
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:cb:86:c4:cb:6b:e6:e8:41:9a:34:31:ca:42:
7d:12:75:12:0f:8f:6e:32:a3:c4:d7:43:b7:62:9c:
df:a8:84:2e:96:99:53:7f:a3:32:cb:b8:1b:81:b9:
b3:d1:20:19:10:27:5f:fe:ce:d8:42:0b:59:8e:39:
e2:e0:2b:e5:af:d4:34:88:2c:71:61:94:38:a3:a7:
5c:a2:1c:ff:1e:a8:92:c4:be:24:39:a6:b6:64:d2:
3f:c6:06:d9:c0:c4:6b:7f:45:f5:17:10:ca:48:fa:
91:8f:9d:58:fa:95:59:a8:54:25:fd:04:5e:94:53:
d9:7e:38:65:39:66:e9:92:e4:87:a6:67:a1:48:99:
ed:06:b5:d7:14:1b:f6:f7:24:e2:66:80:e3:90:48:
4e:1b:7a:f5:67:7e:7b:be:1d:8d:1b:bb:b7:f5:05:
0c:89:cb:5f:78:2b:e5:2f:4a:9f:00:0d:d6:c7:5b:
d0:8a:e7:4a:d3:5e:88:e8:a0:ac:e9:92:d4:3b:b6:
ff:09:f2:c6:9d:06:95:d1:17:05:96:bb:75:0c:67:
4a:89:48:f4:bf:89:71:36:ca:23:9e:4c:07:4a:f6:
9b:18:a0:1a:7a:ea:11:2b:28:78:11:a2:aa:d5:8d:
9a:d4:58:01:87:ba:76:e4:aa:9e:47:9e:90:c1:10:
08:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:79:74:C0:3B:D9:FB:4A:CC:F4:21:C7:C3:AD:9A:58:59:6F:A8:93
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/T3l0wDvZ-0rM9CHHw62aWFlvqJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.230.0/24
94.229.208.0/24
Signature Algorithm: sha256WithRSAEncryption
18:7b:ad:4b:a1:c9:40:0f:98:6e:5d:1d:b9:2d:03:65:08:8b:
ba:68:bd:db:3a:cb:d0:49:bc:c4:25:e5:33:3f:b4:f9:24:0b:
4d:72:6a:27:13:48:cf:4f:fd:b0:b1:cb:9e:2a:53:c1:79:79:
a9:50:72:b3:72:47:2a:8c:b5:47:f5:24:7f:c4:fb:b1:49:e7:
b0:59:1f:58:f3:c5:4a:1e:d7:90:bf:61:a2:9e:80:d0:ba:38:
76:2f:71:19:bf:a7:ca:bf:14:3c:57:f8:7d:5d:7f:2b:34:1c:
1f:bd:b4:12:00:61:90:32:09:74:7e:af:08:28:e3:a2:ba:2f:
d9:ae:ac:8a:86:d8:59:41:bc:e9:69:cd:89:b3:f1:09:d4:3b:
9f:3e:75:16:b8:56:1d:3d:c0:f7:09:2a:bb:7e:51:49:4b:d5:
49:13:65:13:fd:30:3f:bd:60:12:24:ac:08:49:ff:fc:45:19:
dc:4d:e1:f6:a0:a0:c1:a8:b8:b6:06:6f:3a:df:14:e1:ea:8b:
41:3f:41:06:11:69:03:c4:b4:c9:0e:46:49:e2:8b:6c:66:e5:
08:da:8f:8a:e0:d8:f9:d6:7a:b9:a0:6f:3c:c4:f2:10:b5:ea:
a0:fc:97:e9:85:f1:26:4b:af:f8:dd:8a:50:de:6f:5a:a3:45:
4b:22:da:91
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKvw8onCh6LUfq7uatT6Qf+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQxMDIxMTU0ODE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Zjc5NzRjMDNiZDlmYjRhY2NmNDIxYzdjM2FkOWE1ODU5NmZhODkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsuGxMtr5uhBmjQxykJ9EnUSD49u
MqPE10O3YpzfqIQulplTf6Myy7gbgbmz0SAZECdf/s7YQgtZjjni4Cvlr9Q0iCxx
YZQ4o6dcohz/HqiSxL4kOaa2ZNI/xgbZwMRrf0X1FxDKSPqRj51Y+pVZqFQl/QRe
lFPZfjhlOWbpkuSHpmehSJntBrXXFBv29yTiZoDjkEhOG3r1Z357vh2NG7u39QUM
ictfeCvlL0qfAA3Wx1vQiudK016I6KCs6ZLUO7b/CfLGnQaV0RcFlrt1DGdKiUj0
v4lxNsojnkwHSvabGKAaeuoRKyh4EaKq1Y2a1FgBh7p25KqeR56QwRAIBQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE95dMA72ftKzPQhx8OtmlhZb6iTMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvVDNsMHdEdlotMHJNOUNISHc2MmFXRmx2cUpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQADmbmAwQA
XuXQMA0GCSqGSIb3DQEBCwUAA4IBAQAYe61LoclAD5huXR25LQNlCIu6aL3bOsvQ
SbzEJeUzP7T5JAtNcmonE0jPT/2wscueKlPBeXmpUHKzckcqjLVH9SR/xPuxSeew
WR9Y88VKHteQv2GinoDQujh2L3EZv6fKvxQ8V/h9XX8rNBwfvbQSAGGQMgl0fq8I
KOOiui/ZrqyKhthZQbzpac2Js/EJ1DufPnUWuFYdPcD3CSq7flFJS9VJE2UT/TA/
vWASJKwISf/8RRncTeH2oKDBqLi2Bm863xTh6otBP0EGEWkDxLTJDkZJ4otsZuUI
2o+K4Nj51nq5oG88xPIQteqg/JfphfEmS6/43YpQ3m9ao0VLItqR
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:10:29 2024 by rpki-client on console-ams.rpki-client.org