Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/kEphm1CWxvsMAb2r_lfEth-S7v8.roa
File: kEphm1CWxvsMAb2r_lfEth-S7v8.roa (raw, json)
Hash identifier: iJOt3NMhCw15oHIv/DO45Qd234s64oO128kwjcXoK2w=
Subject key identifier: 90:4A:61:9B:50:96:C6:FB:0C:01:BD:AB:FE:57:C4:B6:1F:92:EE:FF
Certificate issuer: /CN=33c342c06aacc359d39439ff58defa8ea1875748
Certificate serial: 018CC500BA0FD1EA9A76333DF71DDAA34D76
Authority key identifier: 33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/kEphm1CWxvsMAb2r_lfEth-S7v8.roa
Signing time: Mon 01 Jan 2024 12:30:08 +0000
ROA not before: Mon 01 Jan 2024 12:30:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50691
IP address blocks: 109.236.249.0/24 maxlen: 24
213.128.220.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.mft
rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:ba:0f:d1:ea:9a:76:33:3d:f7:1d:da:a3:4d:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33c342c06aacc359d39439ff58defa8ea1875748
Validity
Not Before: Jan 1 12:30:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=904a619b5096c6fb0c01bdabfe57c4b61f92eeff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:69:d6:07:07:42:4d:64:a8:89:f8:e9:3c:b0:
27:72:81:26:05:0f:56:34:4f:02:c7:ad:3d:fa:28:
1b:d3:46:b4:7b:54:65:00:b7:d6:e7:e1:eb:88:c1:
25:b8:11:9c:00:9b:48:94:6d:dc:ab:5e:8d:d0:f9:
80:a7:fd:2f:b5:b3:74:bb:2e:df:5e:19:ec:7d:33:
f9:eb:fc:81:a0:b3:f4:dc:92:31:01:c9:c9:8f:13:
29:78:01:d7:f8:f7:be:38:18:e7:cd:05:57:10:3f:
33:30:a3:5b:57:c6:2e:55:e2:dd:1d:a7:a8:45:17:
2b:9b:53:4a:c5:5e:9f:ba:18:33:59:aa:80:af:e5:
81:7e:b2:16:2f:81:92:71:fd:80:49:7e:f3:52:60:
5f:64:4e:25:21:ad:b6:c9:8e:df:f1:c5:f4:49:b1:
70:06:ec:57:4f:56:35:12:93:82:07:38:67:b8:c6:
f1:f3:44:93:c6:b4:ce:d1:3f:ed:cf:c4:1a:bd:14:
0a:37:e2:3a:17:47:b1:48:1a:6d:5d:0e:8b:61:88:
d0:d1:68:4d:05:9d:6c:a9:a3:93:35:31:31:32:65:
99:99:b9:74:ec:f5:8e:15:ac:b4:b7:4c:63:1f:dc:
37:f2:f1:e2:6a:23:3f:af:db:81:e4:ee:f4:2f:ef:
94:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:4A:61:9B:50:96:C6:FB:0C:01:BD:AB:FE:57:C4:B6:1F:92:EE:FF
X509v3 Authority Key Identifier:
keyid:33:C3:42:C0:6A:AC:C3:59:D3:94:39:FF:58:DE:FA:8E:A1:87:57:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M8NCwGqsw1nTlDn_WN76jqGHV0g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/kEphm1CWxvsMAb2r_lfEth-S7v8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/c55fdf-a68a-4aa0-b8c5-7f2333604997/1/M8NCwGqsw1nTlDn_WN76jqGHV0g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.236.249.0/24
213.128.220.0/22
Signature Algorithm: sha256WithRSAEncryption
7e:32:a6:21:68:cb:4d:42:05:a9:2e:10:9b:64:f4:b0:6e:d4:
c8:52:fe:6a:44:18:45:fb:f4:5b:ad:3e:f5:4f:f8:a5:70:cb:
28:c6:60:79:b0:69:63:e5:a6:7e:b5:bf:5b:4e:64:32:9c:35:
97:7e:75:b9:20:71:86:01:42:21:f7:5c:23:a7:0c:07:d9:8d:
e3:b7:38:6a:04:17:9a:ab:f9:d1:a9:21:9f:ae:47:92:74:e9:
56:a2:db:ec:75:c5:2d:b4:dd:62:30:d1:cd:60:5d:5d:6e:67:
c4:0a:b9:fe:3f:66:f3:04:b8:dd:1a:52:39:58:35:5c:29:75:
88:ba:31:2b:d2:c0:f5:39:18:67:91:78:0f:6a:e6:68:35:91:
a9:f9:56:6e:fb:9e:49:0c:b7:b8:10:e9:50:0c:16:c8:34:de:
b9:79:c4:54:5f:9d:6e:6b:4c:9e:1e:51:a4:1a:25:f3:05:63:
34:44:bd:f7:5e:38:ab:9b:e8:c4:39:d2:ef:79:28:3a:bd:86:
04:af:a1:46:e4:37:c6:23:84:fa:06:52:07:3a:33:ec:f0:48:
cf:d7:ee:b3:69:e8:0f:0c:09:e9:75:b4:9a:c0:fb:37:b3:54:
85:5f:77:ee:0d:ec:b9:6e:49:2e:21:8e:28:2f:53:09:1c:35:
fa:90:2e:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFALoP0eqadjM99x3ao012MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYzM0MmMwNmFhY2MzNTlkMzk0MzlmZjU4ZGVmYThlYTE4
NzU3NDgwHhcNMjQwMTAxMTIzMDA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDRhNjE5YjUwOTZjNmZiMGMwMWJkYWJmZTU3YzRiNjFmOTJlZWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvWnWBwdCTWSoifjpPLAncoEmBQ9W
NE8Cx609+igb00a0e1RlALfW5+HriMEluBGcAJtIlG3cq16N0PmAp/0vtbN0uy7f
XhnsfTP56/yBoLP03JIxAcnJjxMpeAHX+Pe+OBjnzQVXED8zMKNbV8YuVeLdHaeo
RRcrm1NKxV6fuhgzWaqAr+WBfrIWL4GScf2ASX7zUmBfZE4lIa22yY7f8cX0SbFw
BuxXT1Y1EpOCBzhnuMbx80STxrTO0T/tz8QavRQKN+I6F0exSBptXQ6LYYjQ0WhN
BZ1sqaOTNTExMmWZmbl07PWOFay0t0xjH9w38vHiaiM/r9uB5O70L++UbwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJBKYZtQlsb7DAG9q/5XxLYfku7/MB8GA1UdIwQY
MBaAFDPDQsBqrMNZ05Q5/1je+o6hh1dIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUt
N2YyMzMzNjA0OTk3LzEva0VwaG0xQ1d4dnNNQWIycl9sZkV0aC1TN3Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9jNTVmZGYtYTY4YS00YWEwLWI4YzUtN2YyMzMzNjA0OTk3
LzEvTThOQ3dHcXN3MW5UbERuX1dONzZqcUdIVjBnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbez5AwQC
1YDcMA0GCSqGSIb3DQEBCwUAA4IBAQB+MqYhaMtNQgWpLhCbZPSwbtTIUv5qRBhF
+/RbrT71T/ilcMsoxmB5sGlj5aZ+tb9bTmQynDWXfnW5IHGGAUIh91wjpwwH2Y3j
tzhqBBeaq/nRqSGfrkeSdOlWotvsdcUttN1iMNHNYF1dbmfECrn+P2bzBLjdGlI5
WDVcKXWIujEr0sD1ORhnkXgPauZoNZGp+VZu+55JDLe4EOlQDBbINN65ecRUX51u
a0yeHlGkGiXzBWM0RL33Xjirm+jEOdLveSg6vYYEr6FG5DfGI4T6BlIHOjPs8EjP
1+6zaegPDAnpdbSawPs3s1SFX3fuDey5bkkuIY4oL1MJHDX6kC6G
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:17:50 2024 by rpki-client on console-fra.rpki-client.org