Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/yeQKcSzDF994P90xJEDRf3hiR1w.roa
File: yeQKcSzDF994P90xJEDRf3hiR1w.roa (raw, json)
Hash identifier: ipx1K0rO8kUW9PGGouf/x0Voao55ztR+BCHZtnHUiCI=
Subject key identifier: C9:E4:0A:71:2C:C3:17:DF:78:3F:DD:31:24:40:D1:7F:78:62:47:5C
Certificate issuer: /CN=18e1732f2c80e3ea4d7279d252b874a6164c35b4
Certificate serial: 01914CED3AAAE3F5779DF7D12682BD6D99AC
Authority key identifier: 18:E1:73:2F:2C:80:E3:EA:4D:72:79:D2:52:B8:74:A6:16:4C:35:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GOFzLyyA4-pNcnnSUrh0phZMNbQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/yeQKcSzDF994P90xJEDRf3hiR1w.roa
Signing time: Tue 13 Aug 2024 18:08:21 +0000
ROA not before: Tue 13 Aug 2024 18:08:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202984
IP address blocks: 45.139.236.0/24 maxlen: 24
45.139.237.0/24 maxlen: 24
45.139.238.0/24 maxlen: 24
45.139.239.0/24 maxlen: 24
185.211.244.0/24 maxlen: 24
185.211.245.0/24 maxlen: 24
185.211.246.0/24 maxlen: 24
185.211.247.0/24 maxlen: 24
2a0b:6cc0::/29 maxlen: 48
2a0b:6cc1:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/GOFzLyyA4-pNcnnSUrh0phZMNbQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/GOFzLyyA4-pNcnnSUrh0phZMNbQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/GOFzLyyA4-pNcnnSUrh0phZMNbQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 09:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:4c:ed:3a:aa:e3:f5:77:9d:f7:d1:26:82:bd:6d:99:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18e1732f2c80e3ea4d7279d252b874a6164c35b4
Validity
Not Before: Aug 13 18:08:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9e40a712cc317df783fdd312440d17f7862475c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:51:73:e6:0c:32:3a:16:f7:0c:1d:c9:fd:aa:
1b:bc:b7:55:f5:45:6b:11:39:41:48:c6:81:11:8a:
e2:4f:6f:45:d8:82:49:e4:af:e4:5f:96:93:6e:67:
a1:e3:53:56:17:25:bb:ae:a8:fa:2b:c3:c4:77:93:
af:d4:88:fe:3d:a4:ce:62:e3:38:d7:8e:94:d0:7d:
2e:95:0b:60:48:67:cd:61:2b:56:e3:ca:74:42:4c:
9b:42:af:6b:40:4a:fc:fa:09:00:54:d7:0c:99:05:
53:8d:3d:e7:cb:aa:32:69:79:d9:71:ac:94:22:34:
74:10:6a:c4:4b:cc:51:69:4e:a9:39:81:a8:7f:34:
39:f0:47:3f:ac:ff:b3:78:53:d3:4d:ae:28:47:af:
d8:28:db:2d:f7:7e:dd:a2:90:83:62:6e:33:9a:e8:
dc:02:24:60:0b:7b:11:67:ba:05:e3:6b:c9:0a:33:
24:b6:b7:5e:32:8c:e6:ad:a1:1b:b3:e2:35:42:b5:
e3:a5:bc:97:5b:ca:47:70:f2:bd:ba:b6:0d:91:dd:
b8:6b:08:6d:ae:f4:11:7b:2c:6b:b2:b8:d7:7c:66:
93:fd:46:9d:7c:f2:31:99:f6:cb:bb:30:99:a4:28:
40:66:ed:bb:bb:44:85:bf:f9:ca:9c:dd:2c:e3:57:
a0:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:E4:0A:71:2C:C3:17:DF:78:3F:DD:31:24:40:D1:7F:78:62:47:5C
X509v3 Authority Key Identifier:
keyid:18:E1:73:2F:2C:80:E3:EA:4D:72:79:D2:52:B8:74:A6:16:4C:35:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GOFzLyyA4-pNcnnSUrh0phZMNbQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/yeQKcSzDF994P90xJEDRf3hiR1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/ace18f-ed7c-479f-855d-e409260015ef/1/GOFzLyyA4-pNcnnSUrh0phZMNbQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.139.236.0/22
185.211.244.0/22
IPv6:
2a0b:6cc0::/29
Signature Algorithm: sha256WithRSAEncryption
68:67:12:c7:1d:af:d2:cb:01:93:87:71:a8:27:85:ef:cd:8d:
e3:31:f1:4a:8e:60:11:f3:60:eb:bc:d0:71:58:8b:af:7c:a9:
a9:38:05:d1:ef:de:19:52:c3:e9:31:d2:20:ef:b9:da:d6:90:
db:a2:00:25:ef:25:17:ef:fe:7f:89:57:93:7a:c2:c8:91:a2:
dd:6b:f1:e2:17:bb:c0:4a:e1:d4:88:89:d7:94:98:5d:7f:e1:
04:e5:aa:57:bf:55:3d:f6:bc:6e:48:51:81:4f:91:76:99:55:
11:74:9f:51:5a:c5:de:fb:23:49:fd:c5:19:bd:ff:7e:2c:71:
03:1a:dc:df:0c:47:25:45:79:a5:ca:28:a1:0d:b0:e9:31:d6:
c0:da:82:1d:16:fc:8e:7c:95:c3:f6:84:2b:64:96:0d:28:62:
27:16:a2:c9:f0:71:52:95:39:ae:98:93:c7:b0:2a:61:e0:5a:
33:82:e6:65:ee:ea:3c:99:9c:2b:e1:3c:a3:45:e8:48:99:79:
ae:2a:cd:ab:17:00:eb:de:b9:c8:8a:c6:f8:5d:27:20:f9:bd:
7b:74:00:d0:c7:19:67:18:a9:da:b6:54:12:fa:4d:97:d4:4e:
77:1a:98:7b:d0:a9:de:53:26:35:36:19:68:56:05:2d:ff:cf:
40:26:12:54
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZFM7Tqq4/V3nffRJoK9bZmsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZTE3MzJmMmM4MGUzZWE0ZDcyNzlkMjUyYjg3NGE2MTY0
YzM1YjQwHhcNMjQwODEzMTgwODIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWU0MGE3MTJjYzMxN2RmNzgzZmRkMzEyNDQwZDE3Zjc4NjI0NzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulFz5gwyOhb3DB3J/aobvLdV9UVr
ETlBSMaBEYriT29F2IJJ5K/kX5aTbmeh41NWFyW7rqj6K8PEd5Ov1Ij+PaTOYuM4
146U0H0ulQtgSGfNYStW48p0QkybQq9rQEr8+gkAVNcMmQVTjT3ny6oyaXnZcayU
IjR0EGrES8xRaU6pOYGofzQ58Ec/rP+zeFPTTa4oR6/YKNst937dopCDYm4zmujc
AiRgC3sRZ7oF42vJCjMktrdeMozmraEbs+I1QrXjpbyXW8pHcPK9urYNkd24awht
rvQReyxrsrjXfGaT/UadfPIxmfbLuzCZpChAZu27u0SFv/nKnN0s41eguQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFMnkCnEswxffeD/dMSRA0X94YkdcMB8GA1UdIwQY
MBaAFBjhcy8sgOPqTXJ50lK4dKYWTDW0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR09Gekx5eUE0LXBOY25uU1VyaDBwaFpNTmJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9hY2UxOGYtZWQ3Yy00NzlmLTg1NWQt
ZTQwOTI2MDAxNWVmLzEveWVRS2NTekRGOTk0UDkweEpFRFJmM2hpUjF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9hY2UxOGYtZWQ3Yy00NzlmLTg1NWQtZTQwOTI2MDAxNWVm
LzEvR09Gekx5eUE0LXBOY25uU1VyaDBwaFpNTmJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLYvsAwQC
udP0MA0EAgACMAcDBQMqC2zAMA0GCSqGSIb3DQEBCwUAA4IBAQBoZxLHHa/SywGT
h3GoJ4XvzY3jMfFKjmAR82DrvNBxWIuvfKmpOAXR794ZUsPpMdIg77na1pDbogAl
7yUX7/5/iVeTesLIkaLda/HiF7vASuHUiInXlJhdf+EE5apXv1U99rxuSFGBT5F2
mVURdJ9RWsXe+yNJ/cUZvf9+LHEDGtzfDEclRXmlyiihDbDpMdbA2oIdFvyOfJXD
9oQrZJYNKGInFqLJ8HFSlTmumJPHsCph4FozguZl7uo8mZwr4TyjRehImXmuKs2r
FwDr3rnIisb4XScg+b17dADQxxlnGKnatlQS+k2X1E53Gph70KneUyY1NhloVgUt
/89AJhJU
-----END CERTIFICATE-----
Generated at Tue Nov 26 13:29:03 2024 by rpki-client on console-fra.rpki-client.org