Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/ge2coh4D34ab3VLG7Zx5_Z14Vok.roa
File: ge2coh4D34ab3VLG7Zx5_Z14Vok.roa (raw, json)
Hash identifier: YGKdXqL+ERRMvYsIhU0nhjN0K0NKpJSomNWh5UiJx+E=
Subject key identifier: 81:ED:9C:A2:1E:03:DF:86:9B:DD:52:C6:ED:9C:79:FD:9D:78:56:89
Certificate issuer: /CN=cfde85bbd478f5e842f4c4f8d85225d100e0f4df
Certificate serial: 018CC500FBB565C2A612B9038BA71C394B87
Authority key identifier: CF:DE:85:BB:D4:78:F5:E8:42:F4:C4:F8:D8:52:25:D1:00:E0:F4:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z96Fu9R49ehC9MT42FIl0QDg9N8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/ge2coh4D34ab3VLG7Zx5_Z14Vok.roa
Signing time: Mon 01 Jan 2024 12:30:25 +0000
ROA not before: Mon 01 Jan 2024 12:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 212.104.208.0/24 maxlen: 24
185.83.20.0/22 maxlen: 22
185.175.91.0/24 maxlen: 24
31.25.8.0/23 maxlen: 23
2a11:bd80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/z96Fu9R49ehC9MT42FIl0QDg9N8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/z96Fu9R49ehC9MT42FIl0QDg9N8.mft
rsync://rpki.ripe.net/repository/DEFAULT/z96Fu9R49ehC9MT42FIl0QDg9N8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:fb:b5:65:c2:a6:12:b9:03:8b:a7:1c:39:4b:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfde85bbd478f5e842f4c4f8d85225d100e0f4df
Validity
Not Before: Jan 1 12:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81ed9ca21e03df869bdd52c6ed9c79fd9d785689
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:7f:aa:6c:69:d2:47:35:ee:ff:ee:1b:39:6d:
ae:13:22:ed:2b:70:35:55:c7:d0:1a:2f:e8:d1:da:
55:6c:68:62:16:d8:0a:fd:ea:38:6f:d7:55:ae:35:
40:0e:13:21:0e:53:66:51:71:9a:e0:ed:0d:76:33:
01:8c:93:4f:35:cd:81:56:46:db:cf:11:e5:b2:aa:
3a:66:2d:9e:20:d3:67:8d:97:c3:35:c1:36:a9:6d:
34:0d:99:7d:85:2e:53:8e:04:ad:cf:b0:ee:8e:de:
3a:16:75:8d:08:07:c3:15:90:2e:51:42:b8:c1:da:
6c:86:30:15:54:b6:e4:38:34:45:06:35:8f:84:c8:
6b:89:be:fe:d4:cc:10:04:24:d4:a5:b5:bb:5d:9e:
12:2f:2e:d1:47:4e:80:ef:ed:65:72:ef:ad:f3:e2:
86:ac:4c:29:04:61:d5:ea:4a:59:ee:1d:36:23:d2:
39:2d:69:49:aa:7b:83:5e:dd:29:e1:f6:00:3c:50:
c1:68:c3:14:40:6d:10:21:e9:c8:ee:b3:63:d7:d3:
9e:9e:2a:73:48:35:a1:e3:f3:4c:10:f7:6b:01:80:
68:51:28:75:bd:bf:e4:1d:99:fa:3c:37:97:4c:e9:
8a:43:82:89:6c:98:66:b3:87:81:c3:10:ab:66:06:
9f:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:ED:9C:A2:1E:03:DF:86:9B:DD:52:C6:ED:9C:79:FD:9D:78:56:89
X509v3 Authority Key Identifier:
keyid:CF:DE:85:BB:D4:78:F5:E8:42:F4:C4:F8:D8:52:25:D1:00:E0:F4:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z96Fu9R49ehC9MT42FIl0QDg9N8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/ge2coh4D34ab3VLG7Zx5_Z14Vok.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/5e2619-d72b-410b-b9e8-f93d1f815b7d/1/z96Fu9R49ehC9MT42FIl0QDg9N8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.8.0/23
185.83.20.0/22
185.175.91.0/24
212.104.208.0/24
IPv6:
2a11:bd80::/32
Signature Algorithm: sha256WithRSAEncryption
01:b9:1a:5a:c1:22:fc:f7:54:f7:7b:b8:32:5b:00:e0:be:14:
e9:ca:70:a9:38:fa:0b:73:71:98:3b:46:51:f3:2e:86:31:00:
ac:b4:58:d8:5c:6e:1a:0a:e5:5f:c7:23:92:d7:81:2b:62:d9:
7b:7c:92:60:02:ab:4d:73:ee:51:77:83:f9:dc:1d:54:18:cb:
90:14:a0:c5:08:df:5e:6f:24:4d:67:2a:b2:21:17:3a:94:05:
fd:47:35:e9:f8:04:c1:ea:46:48:e9:a0:5e:92:ad:5b:ab:35:
32:0e:a1:2f:58:19:02:cb:fd:2f:11:85:92:2f:36:c1:50:67:
af:0d:69:a7:c4:30:34:f7:14:27:c8:b9:cb:1c:45:89:2a:dd:
25:cf:c5:01:9b:dd:e8:a1:be:6b:74:55:94:f9:4a:59:84:fd:
1c:6d:f6:c7:09:01:b6:bc:68:4d:2e:dc:3d:0e:57:66:ce:26:
4a:7a:5b:7a:52:94:f4:e2:2e:66:6e:3e:fc:bb:50:ab:9f:e1:
20:54:56:68:08:10:a0:60:06:c4:4d:bb:86:52:b3:76:88:26:
e3:c9:ea:54:13:95:62:28:9c:d2:63:2f:10:25:7e:3f:8b:30:
0e:61:61:e9:79:ed:f4:03:88:ba:82:58:78:e2:44:52:8a:37:
41:9a:fb:86
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFAPu1ZcKmErkDi6ccOUuHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZGU4NWJiZDQ3OGY1ZTg0MmY0YzRmOGQ4NTIyNWQxMDBl
MGY0ZGYwHhcNMjQwMTAxMTIzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWVkOWNhMjFlMDNkZjg2OWJkZDUyYzZlZDljNzlmZDlkNzg1Njg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlX+qbGnSRzXu/+4bOW2uEyLtK3A1
VcfQGi/o0dpVbGhiFtgK/eo4b9dVrjVADhMhDlNmUXGa4O0NdjMBjJNPNc2BVkbb
zxHlsqo6Zi2eINNnjZfDNcE2qW00DZl9hS5TjgStz7Dujt46FnWNCAfDFZAuUUK4
wdpshjAVVLbkODRFBjWPhMhrib7+1MwQBCTUpbW7XZ4SLy7RR06A7+1lcu+t8+KG
rEwpBGHV6kpZ7h02I9I5LWlJqnuDXt0p4fYAPFDBaMMUQG0QIenI7rNj19Oenipz
SDWh4/NMEPdrAYBoUSh1vb/kHZn6PDeXTOmKQ4KJbJhms4eBwxCrZgafLwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFIHtnKIeA9+Gm91Sxu2cef2deFaJMB8GA1UdIwQY
MBaAFM/ehbvUePXoQvTE+NhSJdEA4PTfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejk2RnU5UjQ5ZWhDOU1UNDJGSWwwUURnOU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy81ZTI2MTktZDcyYi00MTBiLWI5ZTgt
ZjkzZDFmODE1YjdkLzEvZ2UyY29oNEQzNGFiM1ZMRzdaeDVfWjE0Vm9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy81ZTI2MTktZDcyYi00MTBiLWI5ZTgtZjkzZDFmODE1Yjdk
LzEvejk2RnU5UjQ5ZWhDOU1UNDJGSWwwUURnOU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBHxkIAwQC
uVMUAwQAua9bAwQA1GjQMA0EAgACMAcDBQAqEb2AMA0GCSqGSIb3DQEBCwUAA4IB
AQABuRpawSL891T3e7gyWwDgvhTpynCpOPoLc3GYO0ZR8y6GMQCstFjYXG4aCuVf
xyOS14ErYtl7fJJgAqtNc+5Rd4P53B1UGMuQFKDFCN9ebyRNZyqyIRc6lAX9RzXp
+ATB6kZI6aBekq1bqzUyDqEvWBkCy/0vEYWSLzbBUGevDWmnxDA09xQnyLnLHEWJ
Kt0lz8UBm93oob5rdFWU+UpZhP0cbfbHCQG2vGhNLtw9DldmziZKelt6UpT04i5m
bj78u1Crn+EgVFZoCBCgYAbETbuGUrN2iCbjyepUE5ViKJzSYy8QJX4/izAOYWHp
ee30A4i6glh44kRSijdBmvuG
-----END CERTIFICATE-----
Generated at Thu May 2 02:11:05 2024 by rpki-client on console-ams.rpki-client.org