Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/Em2SapYD_yKejxx-Rn4EKD3tZJk.roa
File: Em2SapYD_yKejxx-Rn4EKD3tZJk.roa (raw, json)
Hash identifier: ZxJzyV6fsGu1pvAx6hfiLoItmBsTYz7QGPwtm82l5EA=
Subject key identifier: 12:6D:92:6A:96:03:FF:22:9E:8F:1C:7E:46:7E:04:28:3D:ED:64:99
Certificate issuer: /CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Certificate serial: 018CC6B7C31F4AA8C0A009E43B218F9FF3CC
Authority key identifier: 88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/Em2SapYD_yKejxx-Rn4EKD3tZJk.roa
Signing time: Mon 01 Jan 2024 20:29:40 +0000
ROA not before: Mon 01 Jan 2024 20:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3215
IP address blocks: 143.196.112.0/21 maxlen: 21
143.196.120.0/22 maxlen: 22
143.196.64.0/19 maxlen: 19
143.196.191.0/24 maxlen: 24
143.196.96.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:c3:1f:4a:a8:c0:a0:09:e4:3b:21:8f:9f:f3:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=881bd1402924ec2a644e8f54e6994cb4ac8e24a6
Validity
Not Before: Jan 1 20:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=126d926a9603ff229e8f1c7e467e04283ded6499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b8:bb:b1:62:86:b6:1c:e9:b4:7d:74:30:0a:
30:f9:3a:29:58:83:d5:6a:dd:d6:86:ab:7d:34:a2:
fc:bf:46:d2:22:0d:99:5d:b3:14:c3:5d:ab:34:a7:
4f:fa:29:0c:c1:f3:80:3a:0f:3c:58:ce:e8:a5:17:
cb:5e:3b:a1:78:8e:d4:97:8e:ff:64:ef:22:38:0e:
4b:10:f9:d0:11:da:b3:48:df:80:11:70:5c:7e:f9:
57:bd:62:f1:23:57:66:44:c1:49:86:7a:80:34:69:
fd:5a:b3:61:a9:c8:e1:a7:9d:c0:63:d5:28:93:21:
12:90:d7:8a:50:ed:8e:25:13:b2:b9:9c:26:04:97:
3c:6e:79:3a:cc:4c:d9:48:c7:5d:94:23:0a:06:c0:
de:5a:61:d4:b6:a9:3e:d3:fc:62:9c:84:13:9a:95:
4c:77:d7:1f:c6:a5:64:56:92:34:7b:f3:27:3f:d5:
8d:08:c9:cc:03:d0:37:bb:ba:b2:b8:bc:d6:3d:76:
57:34:31:51:d7:77:86:a8:c9:9b:02:1e:37:80:60:
5a:f6:5d:96:83:c4:73:a6:42:07:dc:0a:87:58:af:
e4:0e:8a:15:89:31:11:19:df:14:a8:ec:19:b2:ec:
2c:b3:c5:5e:c7:b8:6f:74:d8:68:ee:0d:ed:dd:61:
42:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:6D:92:6A:96:03:FF:22:9E:8F:1C:7E:46:7E:04:28:3D:ED:64:99
X509v3 Authority Key Identifier:
keyid:88:1B:D1:40:29:24:EC:2A:64:4E:8F:54:E6:99:4C:B4:AC:8E:24:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBvRQCkk7CpkTo9U5plMtKyOJKY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/Em2SapYD_yKejxx-Rn4EKD3tZJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/dcd3b7-7cc0-4c49-bab3-7a0b145cf62b/1/iBvRQCkk7CpkTo9U5plMtKyOJKY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
143.196.64.0-143.196.123.255
143.196.191.0/24
Signature Algorithm: sha256WithRSAEncryption
01:77:56:73:5a:f7:78:7e:85:46:10:71:05:dd:40:c0:3e:6e:
d6:21:44:08:82:bf:18:d0:b9:53:4a:57:ab:01:38:5c:98:e6:
fa:12:90:25:d9:be:56:1d:95:de:53:43:da:77:f0:81:10:35:
93:8b:4a:e9:10:7d:81:24:c5:5a:85:d2:ca:86:37:ce:fd:b6:
92:f3:76:df:9d:76:cd:96:0b:33:fd:2a:fb:d6:91:6a:b8:29:
44:0f:18:0f:cd:3a:22:26:e5:53:df:6c:b2:6e:43:65:27:98:
21:cd:cb:b4:98:df:92:5e:0c:02:4c:b9:c9:55:12:fc:b5:56:
f8:8c:7a:4e:0c:a3:97:81:0a:11:ac:fe:2a:79:fa:7e:b8:c9:
11:a9:ce:83:9d:d2:32:ce:18:06:83:d2:52:18:b1:cf:26:9f:
06:62:a3:0e:ac:3f:78:e6:4a:6e:25:ee:a2:59:4e:c4:29:00:
e0:46:82:88:3f:b7:dc:1c:75:e5:cb:19:1d:85:b7:9e:ce:2f:
25:2f:c6:f3:7c:55:90:13:8c:c7:79:78:8a:ce:ff:52:21:9e:
27:6e:33:28:0f:27:10:af:eb:99:9f:84:92:64:6c:32:36:c2:
b8:7c:95:48:48:7c:61:d8:1f:4d:61:f2:57:4b:bf:7c:77:aa:
36:ca:b6:97
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzGt8MfSqjAoAnkOyGPn/PMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MWJkMTQwMjkyNGVjMmE2NDRlOGY1NGU2OTk0Y2I0YWM4
ZTI0YTYwHhcNMjQwMTAxMjAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjZkOTI2YTk2MDNmZjIyOWU4ZjFjN2U0NjdlMDQyODNkZWQ2NDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7i7sWKGthzptH10MAow+TopWIPV
at3Whqt9NKL8v0bSIg2ZXbMUw12rNKdP+ikMwfOAOg88WM7opRfLXjuheI7Ul47/
ZO8iOA5LEPnQEdqzSN+AEXBcfvlXvWLxI1dmRMFJhnqANGn9WrNhqcjhp53AY9Uo
kyESkNeKUO2OJROyuZwmBJc8bnk6zEzZSMddlCMKBsDeWmHUtqk+0/xinIQTmpVM
d9cfxqVkVpI0e/MnP9WNCMnMA9A3u7qyuLzWPXZXNDFR13eGqMmbAh43gGBa9l2W
g8RzpkIH3AqHWK/kDooViTERGd8UqOwZsuwss8Vex7hvdNho7g3t3WFChQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFBJtkmqWA/8ino8cfkZ+BCg97WSZMB8GA1UdIwQY
MBaAFIgb0UApJOwqZE6PVOaZTLSsjiSmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJ2UlFDa2s3Q3BrVG85VTVwbE10S3lPSktZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy9kY2QzYjctN2NjMC00YzQ5LWJhYjMt
N2EwYjE0NWNmNjJiLzEvRW0yU2FwWURfeUtlanh4LVJuNEVLRDN0WkprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy9kY2QzYjctN2NjMC00YzQ5LWJhYjMtN2EwYjE0NWNmNjJi
LzEvaUJ2UlFDa2s3Q3BrVG85VTVwbE10S3lPSktZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAaPxEAD
BAKPxHgDBACPxL8wDQYJKoZIhvcNAQELBQADggEBAAF3VnNa93h+hUYQcQXdQMA+
btYhRAiCvxjQuVNKV6sBOFyY5voSkCXZvlYdld5TQ9p38IEQNZOLSukQfYEkxVqF
0sqGN879tpLzdt+dds2WCzP9KvvWkWq4KUQPGA/NOiIm5VPfbLJuQ2UnmCHNy7SY
35JeDAJMuclVEvy1VviMek4Mo5eBChGs/ip5+n64yRGpzoOd0jLOGAaD0lIYsc8m
nwZiow6sP3jmSm4l7qJZTsQpAOBGgog/t9wcdeXLGR2Ft57OLyUvxvN8VZATjMd5
eIrO/1IhniduMygPJxCv65mfhJJkbDI2wrh8lUhIfGHYH01h8ldLv3x3qjbKtpc=
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:06:02 2024 by rpki-client on console-fra.rpki-client.org