Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Y-g3M7H9TSec7MfHDCAfvUy3d80.roa
File: Y-g3M7H9TSec7MfHDCAfvUy3d80.roa (raw, json)
Hash identifier: H4rb0ebmtZzBVLYOXNFBydE8PdsTyIIbUfr55sgFxeY=
Subject key identifier: 63:E8:37:33:B1:FD:4D:27:9C:EC:C7:C7:0C:20:1F:BD:4C:B7:77:CD
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 018CC26D58DB5601EA6DA60CFF96B66B0D49
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Y-g3M7H9TSec7MfHDCAfvUy3d80.roa
Signing time: Mon 01 Jan 2024 00:29:55 +0000
ROA not before: Mon 01 Jan 2024 00:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48925
IP address blocks: 14.102.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:58:db:56:01:ea:6d:a6:0c:ff:96:b6:6b:0d:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Jan 1 00:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63e83733b1fd4d279cecc7c70c201fbd4cb777cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:86:75:a3:11:9c:ca:33:1d:52:1e:5a:09:6a:
27:75:35:02:04:d7:f3:36:b6:b6:b7:bc:38:bc:1f:
e4:c3:6f:84:b0:dd:0f:29:81:b4:4a:9f:91:58:23:
a3:0c:7b:7e:63:3d:b7:2e:34:2b:88:da:60:f9:a4:
8a:18:21:fb:79:41:79:17:8c:3b:ab:1b:1a:93:82:
16:fb:e2:9b:b9:17:86:18:61:8e:e4:6b:df:88:3a:
f1:cd:43:ca:1a:0e:26:72:f9:40:f7:1c:05:fa:4c:
49:75:a6:40:c5:71:c1:91:e7:69:4f:ff:30:a7:8b:
18:fb:9f:02:7b:fd:22:27:eb:91:e6:2e:77:ca:60:
18:00:d6:d3:3a:c6:b5:33:21:78:94:4f:fd:fe:c6:
cb:6d:10:9d:f8:67:40:f8:ba:ff:f7:30:8c:15:b9:
7d:0f:dd:4d:60:34:b2:5e:e3:ce:e7:fc:e6:45:68:
0b:7e:bd:e8:fd:46:fb:e9:db:28:b9:9a:cf:50:d4:
d4:33:ee:69:3a:38:c5:52:f0:8a:02:be:7e:a2:3c:
42:77:75:d2:d7:7d:73:50:37:2c:43:28:d8:c4:8e:
80:e6:38:09:7c:ec:dd:43:a8:f2:6d:19:55:4f:eb:
52:9e:54:62:e0:74:c6:c9:5f:58:39:96:9c:a8:34:
71:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:E8:37:33:B1:FD:4D:27:9C:EC:C7:C7:0C:20:1F:BD:4C:B7:77:CD
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/Y-g3M7H9TSec7MfHDCAfvUy3d80.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.233.0/24
Signature Algorithm: sha256WithRSAEncryption
22:09:2e:a3:2a:3c:52:1a:aa:21:91:78:d0:8c:21:05:11:4b:
d9:d5:f0:33:9c:0b:f3:96:ff:ef:c2:bb:8c:42:16:e9:d8:e6:
a2:3e:3d:e6:2b:fa:2d:70:b6:1c:d3:9d:4a:55:1b:d6:b1:b5:
ad:2e:8b:bb:ec:38:f0:a4:14:a2:55:0c:d4:4c:40:a3:83:c9:
19:c2:e3:94:cc:f5:bb:2f:31:b0:78:a6:1e:ba:37:81:6a:b7:
1a:02:d6:60:f1:9a:ca:e4:72:44:b7:bc:bc:cd:f9:9c:07:52:
6a:65:58:7a:c7:dc:a2:52:53:64:e3:05:7a:22:76:fe:d6:d7:
ed:92:e8:55:33:2c:f6:9b:f8:1a:b9:4c:15:5e:af:68:37:8e:
af:d3:2e:89:1f:87:dc:67:2f:26:aa:48:ab:31:a2:32:52:4c:
4e:95:fe:b2:f6:f0:a5:e3:ba:79:c0:2d:99:65:38:5d:c1:b2:
7d:52:99:66:a7:cf:f5:42:12:dc:d6:23:8a:50:8d:cb:7b:9b:
9c:12:dd:31:89:87:be:36:72:78:13:17:63:af:a4:26:18:0a:
3b:f1:91:89:6b:fc:a1:cb:ff:dc:56:0d:cf:ce:2f:e4:df:79:
ee:63:9f:0f:ef:2a:d0:f2:15:8b:e7:7c:e0:a0:6b:19:88:87:
fd:91:0e:17
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbVjbVgHqbaYM/5a2aw1JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQwMTAxMDAyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2U4MzczM2IxZmQ0ZDI3OWNlY2M3YzcwYzIwMWZiZDRjYjc3N2NkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArYZ1oxGcyjMdUh5aCWondTUCBNfz
Nra2t7w4vB/kw2+EsN0PKYG0Sp+RWCOjDHt+Yz23LjQriNpg+aSKGCH7eUF5F4w7
qxsak4IW++KbuReGGGGO5GvfiDrxzUPKGg4mcvlA9xwF+kxJdaZAxXHBkedpT/8w
p4sY+58Ce/0iJ+uR5i53ymAYANbTOsa1MyF4lE/9/sbLbRCd+GdA+Lr/9zCMFbl9
D91NYDSyXuPO5/zmRWgLfr3o/Ub76dsouZrPUNTUM+5pOjjFUvCKAr5+ojxCd3XS
131zUDcsQyjYxI6A5jgJfOzdQ6jybRlVT+tSnlRi4HTGyV9YOZacqDRxpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGPoNzOx/U0nnOzHxwwgH71Mt3fNMB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvWS1nM003SDlUU2VjN01mSERDQWZ2VXkzZDgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQADmbpMA0G
CSqGSIb3DQEBCwUAA4IBAQAiCS6jKjxSGqohkXjQjCEFEUvZ1fAznAvzlv/vwruM
Qhbp2OaiPj3mK/otcLYc051KVRvWsbWtLou77DjwpBSiVQzUTECjg8kZwuOUzPW7
LzGweKYeujeBarcaAtZg8ZrK5HJEt7y8zfmcB1JqZVh6x9yiUlNk4wV6Inb+1tft
kuhVMyz2m/gauUwVXq9oN46v0y6JH4fcZy8mqkirMaIyUkxOlf6y9vCl47p5wC2Z
ZThdwbJ9Uplmp8/1QhLc1iOKUI3Le5ucEt0xiYe+NnJ4Exdjr6QmGAo78ZGJa/yh
y//cVg3Pzi/k33nuY58P7yrQ8hWL53zgoGsZiIf9kQ4X
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:10:17 2024 by rpki-client on console-ams.rpki-client.org