Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/hwZkn_6dmJyO4voGI_RQEkxdjTk.roa
File: hwZkn_6dmJyO4voGI_RQEkxdjTk.roa (raw, json)
Hash identifier: 17cnovxrJa76+SpqtbH4US4+Dpg9AjrEuedCSjnb1WU=
Subject key identifier: 87:06:64:9F:FE:9D:98:9C:8E:E2:FA:06:23:F4:50:12:4C:5D:8D:39
Certificate issuer: /CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Certificate serial: 0192534A92151B648F67F4F3604C65A50010
Authority key identifier: EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/hwZkn_6dmJyO4voGI_RQEkxdjTk.roa
Signing time: Thu 03 Oct 2024 16:50:48 +0000
ROA not before: Thu 03 Oct 2024 16:50:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 14.102.231.0/24 maxlen: 24
85.208.10.0/24 maxlen: 24
194.36.32.0/24 maxlen: 24
194.36.33.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.mft
rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:53:4a:92:15:1b:64:8f:67:f4:f3:60:4c:65:a5:00:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee1c3472c25acd347364b7d6312618aa3530cb63
Validity
Not Before: Oct 3 16:50:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8706649ffe9d989c8ee2fa0623f450124c5d8d39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:c0:80:20:bd:4f:68:d5:2a:42:cc:ef:b9:b2:
5c:c4:e8:90:82:f4:e4:bb:2f:16:27:1d:3c:c1:07:
60:59:05:14:89:1b:99:76:76:29:2e:89:08:33:34:
ea:e3:da:6e:c7:90:16:4e:41:b8:3f:87:47:15:a9:
4e:36:e5:4d:88:0a:b6:68:4a:c1:1b:96:1d:01:7c:
35:77:ae:c3:f8:33:55:d1:ea:a3:10:d5:1c:9e:ce:
a6:d7:9d:cd:7b:23:d3:0b:98:e5:60:0f:6b:c6:78:
22:54:2c:fb:63:86:05:66:5c:e5:66:e4:bc:5f:45:
97:87:6f:ef:cd:2e:ce:71:a9:3f:cf:98:12:15:b5:
34:56:0a:aa:7e:dd:91:cc:fa:d3:bd:46:d9:8b:82:
11:3c:49:44:8b:2f:43:92:02:19:0d:fc:b8:77:b0:
a2:14:6a:f6:85:ef:7f:71:9f:f9:7d:79:cb:cd:53:
9d:51:d4:08:4d:f9:f6:77:80:41:d5:f6:ad:2c:a1:
d3:32:e3:ac:9a:12:76:8d:5a:12:5a:45:36:66:39:
f2:de:99:6f:9b:3c:2b:69:9f:bd:ef:b9:c1:29:b8:
f3:33:cb:ed:30:e9:ff:67:7d:31:91:d3:b4:72:16:
a7:71:9a:1c:a3:4c:f8:59:9e:b1:35:6f:d6:95:56:
02:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:06:64:9F:FE:9D:98:9C:8E:E2:FA:06:23:F4:50:12:4C:5D:8D:39
X509v3 Authority Key Identifier:
keyid:EE:1C:34:72:C2:5A:CD:34:73:64:B7:D6:31:26:18:AA:35:30:CB:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7hw0csJazTRzZLfWMSYYqjUwy2M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/hwZkn_6dmJyO4voGI_RQEkxdjTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/1ff44f-51d6-4545-ad36-b4b8db20b1fb/1/7hw0csJazTRzZLfWMSYYqjUwy2M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
14.102.231.0/24
85.208.10.0/24
194.36.32.0/23
Signature Algorithm: sha256WithRSAEncryption
81:f9:c2:7e:62:5b:37:30:af:97:47:fa:11:8b:34:28:f5:d3:
d8:f6:d5:7a:19:20:f5:21:89:fb:29:cc:66:0c:71:ef:a4:15:
6d:b8:16:80:aa:27:75:55:20:f7:4f:6b:6a:76:47:37:8d:d1:
93:62:2c:fe:1b:87:7c:11:1d:b4:79:50:6b:e8:36:f3:84:02:
92:53:0b:94:e6:ee:a3:1b:b2:58:5f:81:58:45:04:b7:52:a9:
27:61:dd:48:e8:d0:5c:5f:55:54:b7:55:47:27:90:52:9d:e5:
02:a0:c1:40:a6:2c:78:4f:2b:da:aa:47:66:2a:00:ce:69:be:
9c:1f:68:52:b3:ac:e6:81:8b:93:0b:d3:ce:de:68:53:6d:51:
b5:3f:1a:1e:dd:29:1c:7f:e5:69:ae:70:f4:a2:62:e7:23:20:
2b:4b:93:1b:6f:aa:09:6a:c5:fb:49:55:d9:6f:27:b2:d8:c4:
b5:1f:a0:81:34:e3:bc:7b:54:8b:11:35:f8:c7:2f:68:c8:40:
ab:4e:44:6a:42:c1:98:70:df:29:c9:74:61:f3:f4:4b:cc:53:
43:cc:42:6c:d1:f0:cb:69:20:7c:55:2b:33:45:85:1f:b5:41:
67:8f:5c:88:08:fa:d0:00:56:3c:fc:a0:42:2d:28:9d:ba:02:
09:aa:03:41
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZJTSpIVG2SPZ/TzYExlpQAQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlMWMzNDcyYzI1YWNkMzQ3MzY0YjdkNjMxMjYxOGFhMzUz
MGNiNjMwHhcNMjQxMDAzMTY1MDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzA2NjQ5ZmZlOWQ5ODljOGVlMmZhMDYyM2Y0NTAxMjRjNWQ4ZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8CAIL1PaNUqQszvubJcxOiQgvTk
uy8WJx08wQdgWQUUiRuZdnYpLokIMzTq49pux5AWTkG4P4dHFalONuVNiAq2aErB
G5YdAXw1d67D+DNV0eqjENUcns6m153NeyPTC5jlYA9rxngiVCz7Y4YFZlzlZuS8
X0WXh2/vzS7Ocak/z5gSFbU0Vgqqft2RzPrTvUbZi4IRPElEiy9DkgIZDfy4d7Ci
FGr2he9/cZ/5fXnLzVOdUdQITfn2d4BB1fatLKHTMuOsmhJ2jVoSWkU2Zjny3plv
mzwraZ+977nBKbjzM8vtMOn/Z30xkdO0chancZoco0z4WZ6xNW/WlVYC1wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFIcGZJ/+nZicjuL6BiP0UBJMXY05MB8GA1UdIwQY
MBaAFO4cNHLCWs00c2S31jEmGKo1MMtjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYt
YjRiOGRiMjBiMWZiLzEvaHdaa25fNmRtSnlPNHZvR0lfUlFFa3hkalRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi8xZmY0NGYtNTFkNi00NTQ1LWFkMzYtYjRiOGRiMjBiMWZi
LzEvN2h3MGNzSmF6VFJ6WkxmV01TWVlxalV3eTJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQADmbnAwQA
VdAKAwQBwiQgMA0GCSqGSIb3DQEBCwUAA4IBAQCB+cJ+Yls3MK+XR/oRizQo9dPY
9tV6GSD1IYn7KcxmDHHvpBVtuBaAqid1VSD3T2tqdkc3jdGTYiz+G4d8ER20eVBr
6DbzhAKSUwuU5u6jG7JYX4FYRQS3UqknYd1I6NBcX1VUt1VHJ5BSneUCoMFApix4
TyvaqkdmKgDOab6cH2hSs6zmgYuTC9PO3mhTbVG1Pxoe3Skcf+VprnD0omLnIyAr
S5Mbb6oJasX7SVXZbyey2MS1H6CBNOO8e1SLETX4xy9oyECrTkRqQsGYcN8pyXRh
8/RLzFNDzEJs0fDLaSB8VSszRYUftUFnj1yICPrQAFY8/KBCLSidugIJqgNB
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:00:13 2024 by rpki-client on console-fra.rpki-client.org