Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f303d3-059b-4d57-b445-af1578a956ac/1/ER7s5eCO52fh7gUCkMgCN4WNmnU.roa
File: ER7s5eCO52fh7gUCkMgCN4WNmnU.roa (raw, json)
Hash identifier: iKiEsPKvPsPAeUFByFmT2Q3oJdi0ySm8zsptRY+5qXU=
Subject key identifier: 11:1E:EC:E5:E0:8E:E7:67:E1:EE:05:02:90:C8:02:37:85:8D:9A:75
Certificate issuer: /CN=56fef9dd9fb434875263a2ee3345b2b983de6561
Certificate serial: 018EACFC36EB6999D5C173E6641E02E1F901
Authority key identifier: 56:FE:F9:DD:9F:B4:34:87:52:63:A2:EE:33:45:B2:B9:83:DE:65:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vv753Z-0NIdSY6LuM0WyuYPeZWE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f303d3-059b-4d57-b445-af1578a956ac/1/ER7s5eCO52fh7gUCkMgCN4WNmnU.roa
Signing time: Fri 05 Apr 2024 06:39:54 +0000
ROA not before: Fri 05 Apr 2024 06:39:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48370
IP address blocks: 91.209.128.0/23 maxlen: 23
91.209.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/f303d3-059b-4d57-b445-af1578a956ac/1/Vv753Z-0NIdSY6LuM0WyuYPeZWE.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/f303d3-059b-4d57-b445-af1578a956ac/1/Vv753Z-0NIdSY6LuM0WyuYPeZWE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vv753Z-0NIdSY6LuM0WyuYPeZWE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ac:fc:36:eb:69:99:d5:c1:73:e6:64:1e:02:e1:f9:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56fef9dd9fb434875263a2ee3345b2b983de6561
Validity
Not Before: Apr 5 06:39:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=111eece5e08ee767e1ee050290c80237858d9a75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:dd:1d:92:76:f9:a4:22:75:4b:79:c7:ce:4a:
c4:d0:f1:b3:f9:ff:75:06:a1:cb:59:3b:b5:1e:fd:
52:94:3f:e5:f7:52:03:00:39:a3:22:d9:39:30:c3:
07:16:f8:cd:2c:6b:69:70:4b:75:81:43:d4:a1:64:
b8:82:20:cf:4f:40:90:24:f4:40:49:fb:f8:17:94:
3c:e6:9e:e9:55:29:eb:e0:f0:d7:0e:f0:04:b5:8a:
55:02:54:10:1b:17:0a:93:11:8c:1d:1d:2c:c4:2d:
65:d6:58:4a:44:aa:58:38:10:59:58:79:f2:a4:7d:
51:b8:77:93:62:53:45:04:8f:86:df:de:4b:b6:65:
28:05:cb:e0:d7:16:43:c1:ee:e6:97:63:fe:34:8d:
ac:f7:b0:fa:47:40:9a:c6:b3:7e:6c:42:23:69:c1:
f6:54:fd:a8:01:ed:12:fd:51:4c:72:c4:95:ce:11:
47:7d:47:25:ae:dd:2f:29:0d:7c:5c:cb:f9:21:04:
c1:cc:69:a0:32:31:56:bc:b4:4e:74:84:0f:31:38:
e2:64:6a:ec:04:de:15:6e:15:20:de:eb:e6:9a:54:
d0:82:84:96:22:90:12:05:73:52:d8:f3:53:3e:a0:
d7:e6:91:16:99:07:39:28:64:b1:0c:f2:e8:28:1f:
c1:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:1E:EC:E5:E0:8E:E7:67:E1:EE:05:02:90:C8:02:37:85:8D:9A:75
X509v3 Authority Key Identifier:
keyid:56:FE:F9:DD:9F:B4:34:87:52:63:A2:EE:33:45:B2:B9:83:DE:65:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vv753Z-0NIdSY6LuM0WyuYPeZWE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f303d3-059b-4d57-b445-af1578a956ac/1/ER7s5eCO52fh7gUCkMgCN4WNmnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f303d3-059b-4d57-b445-af1578a956ac/1/Vv753Z-0NIdSY6LuM0WyuYPeZWE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.128.0-91.209.130.255
Signature Algorithm: sha256WithRSAEncryption
06:12:98:d3:07:63:5a:d5:7c:8c:3c:88:ba:95:10:7e:a9:96:
2a:d6:95:00:78:18:d7:60:0c:68:15:ac:1c:82:cb:c8:87:8a:
0d:85:6f:dd:f3:ca:c4:d0:35:6c:8a:a8:17:e4:fa:9c:76:02:
9c:cd:61:20:b0:d2:9b:83:77:b1:9c:6d:12:43:f9:7a:1d:84:
87:f4:8c:c7:1d:44:b0:a6:94:a9:d5:79:a3:66:b9:fc:fa:d2:
43:70:b5:a1:c4:b6:69:35:7c:73:5c:f4:0e:65:b9:d0:cc:f2:
93:70:bf:b1:97:90:01:8f:f2:db:1b:c2:71:4a:73:df:38:7a:
4a:9c:26:ce:c7:0b:b6:20:ee:2d:13:98:f9:72:48:db:14:b8:
0a:98:ea:4e:ed:47:51:e1:ea:5d:20:2c:c2:be:9b:1c:4c:57:
2c:e6:fc:df:f8:6a:bc:3c:44:9d:f8:70:95:28:9b:55:23:bf:
87:86:b5:10:fd:70:47:ca:c1:b0:1e:e7:de:d7:5b:a4:9d:b1:
a0:a3:dc:93:6a:d4:8e:31:65:26:28:cd:a1:34:41:83:d3:99:
79:1d:c4:85:4a:a5:e9:33:10:03:0e:42:55:ab:43:4d:2e:9b:
e9:e4:a2:d9:e4:66:72:60:8f:b6:47:de:49:6e:13:3e:43:dd:
5d:7d:68:a2
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAY6s/DbraZnVwXPmZB4C4fkBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2ZmVmOWRkOWZiNDM0ODc1MjYzYTJlZTMzNDViMmI5ODNk
ZTY1NjEwHhcNMjQwNDA1MDYzOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTFlZWNlNWUwOGVlNzY3ZTFlZTA1MDI5MGM4MDIzNzg1OGQ5YTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApN0dknb5pCJ1S3nHzkrE0PGz+f91
BqHLWTu1Hv1SlD/l91IDADmjItk5MMMHFvjNLGtpcEt1gUPUoWS4giDPT0CQJPRA
Sfv4F5Q85p7pVSnr4PDXDvAEtYpVAlQQGxcKkxGMHR0sxC1l1lhKRKpYOBBZWHny
pH1RuHeTYlNFBI+G395LtmUoBcvg1xZDwe7ml2P+NI2s97D6R0CaxrN+bEIjacH2
VP2oAe0S/VFMcsSVzhFHfUclrt0vKQ18XMv5IQTBzGmgMjFWvLROdIQPMTjiZGrs
BN4VbhUg3uvmmlTQgoSWIpASBXNS2PNTPqDX5pEWmQc5KGSxDPLoKB/BmwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFBEe7OXgjudn4e4FApDIAjeFjZp1MB8GA1UdIwQY
MBaAFFb++d2ftDSHUmOi7jNFsrmD3mVhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnY3NTNaLTBOSWRTWTZMdU0wV3l1WVBlWldFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mMzAzZDMtMDU5Yi00ZDU3LWI0NDUt
YWYxNTc4YTk1NmFjLzEvRVI3czVlQ081MmZoN2dVQ2tNZ0NONFdObW5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mMzAzZDMtMDU5Yi00ZDU3LWI0NDUtYWYxNTc4YTk1NmFj
LzEvVnY3NTNaLTBOSWRTWTZMdU0wV3l1WVBlWldFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAdb0YAD
BABb0YIwDQYJKoZIhvcNAQELBQADggEBAAYSmNMHY1rVfIw8iLqVEH6plirWlQB4
GNdgDGgVrByCy8iHig2Fb93zysTQNWyKqBfk+px2ApzNYSCw0puDd7GcbRJD+Xod
hIf0jMcdRLCmlKnVeaNmufz60kNwtaHEtmk1fHNc9A5ludDM8pNwv7GXkAGP8tsb
wnFKc984ekqcJs7HC7Yg7i0TmPlySNsUuAqY6k7tR1Hh6l0gLMK+mxxMVyzm/N/4
arw8RJ34cJUom1Ujv4eGtRD9cEfKwbAe597XW6SdsaCj3JNq1I4xZSYozaE0QYPT
mXkdxIVKpekzEAMOQlWrQ00um+nkotnkZnJgj7ZH3kluEz5D3V19aKI=
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:28:18 2024 by rpki-client on console-fra.rpki-client.org