Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/geJaE37YZ0qVOjGML6_Dg7r_b4Q.roa
File: geJaE37YZ0qVOjGML6_Dg7r_b4Q.roa (raw, json)
Hash identifier: kn0vvxJWka7WL/5dRJuc3Fj6xxz9tzEx+Fv1wDfCwe4=
Subject key identifier: 81:E2:5A:13:7E:D8:67:4A:95:3A:31:8C:2F:AF:C3:83:BA:FF:6F:84
Certificate issuer: /CN=a3e2161d7f01fa6fd0842c211080633f3ed36ba5
Certificate serial: 018CC80140073060C9A66BA1BECCF8C103BE
Authority key identifier: A3:E2:16:1D:7F:01:FA:6F:D0:84:2C:21:10:80:63:3F:3E:D3:6B:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/geJaE37YZ0qVOjGML6_Dg7r_b4Q.roa
Signing time: Tue 02 Jan 2024 02:29:34 +0000
ROA not before: Tue 02 Jan 2024 02:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56643
IP address blocks: 185.131.48.0/24 maxlen: 24
185.131.49.0/24 maxlen: 24
185.131.50.0/24 maxlen: 24
185.131.51.0/24 maxlen: 24
185.241.136.0/24 maxlen: 24
185.241.137.0/24 maxlen: 24
185.241.138.0/24 maxlen: 24
185.241.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.mft
rsync://rpki.ripe.net/repository/DEFAULT/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 19:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:40:07:30:60:c9:a6:6b:a1:be:cc:f8:c1:03:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3e2161d7f01fa6fd0842c211080633f3ed36ba5
Validity
Not Before: Jan 2 02:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=81e25a137ed8674a953a318c2fafc383baff6f84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:55:57:66:f4:45:7a:fc:22:b5:5e:f4:52:bd:
3e:6d:98:c4:98:92:4b:3e:32:24:e9:61:c3:0e:d2:
de:3d:dc:f0:f5:38:82:c8:7f:78:58:f7:b0:6e:db:
f1:8b:b9:25:37:35:d6:02:6f:2c:b5:54:04:19:71:
4e:85:ed:5a:b2:53:4c:8f:e2:95:3a:38:11:79:89:
d3:13:9b:58:a4:66:d1:2f:5f:48:1a:70:eb:b9:91:
e3:df:36:aa:4c:3b:5d:c4:a4:da:c1:a7:b9:4c:c7:
fd:50:0a:66:55:61:81:56:58:46:71:4d:f1:9e:05:
71:0d:c1:69:4c:d5:79:e9:65:1a:9c:20:c7:71:a0:
dd:e6:3b:57:0e:4a:9b:5e:ab:9d:32:1f:54:d7:b1:
b5:dc:e8:96:69:5e:92:b9:b8:4b:18:b5:21:a4:ff:
48:09:27:1f:c7:a7:bc:48:af:11:7c:70:ae:2b:e4:
ef:51:18:6b:42:c3:d8:7e:03:62:5f:67:d8:81:7f:
c1:9d:48:6e:e0:ae:a3:b3:8e:81:75:34:0c:cb:37:
d2:7a:67:c9:09:92:d5:82:8f:7a:0a:75:a7:11:28:
30:85:38:12:e5:8d:84:49:62:11:f1:6c:c6:76:7f:
8f:53:ec:31:67:a6:80:bb:65:92:d0:3f:25:b9:38:
d8:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:E2:5A:13:7E:D8:67:4A:95:3A:31:8C:2F:AF:C3:83:BA:FF:6F:84
X509v3 Authority Key Identifier:
keyid:A3:E2:16:1D:7F:01:FA:6F:D0:84:2C:21:10:80:63:3F:3E:D3:6B:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/geJaE37YZ0qVOjGML6_Dg7r_b4Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/6a64ea-9f1e-4b43-bf2a-7e0340ec9667/1/o-IWHX8B-m_QhCwhEIBjPz7Ta6U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.131.48.0/22
185.241.136.0/22
Signature Algorithm: sha256WithRSAEncryption
6f:56:25:5c:fc:0f:26:0b:52:09:29:1b:b6:b5:9a:30:fb:d9:
1e:ab:ce:c5:82:65:74:6a:ab:d6:7d:4f:15:84:7f:30:f3:33:
62:60:72:76:f9:38:c4:9c:ea:c8:54:8e:44:78:16:22:02:41:
6f:7c:f4:a8:f0:c2:e5:b6:4d:0a:cf:db:d5:d5:7e:89:5d:79:
37:0b:18:23:e6:ad:0f:64:b8:cd:fd:37:bc:cc:da:d2:3a:34:
cc:2e:c3:e8:9f:9d:18:dc:c4:7e:d3:30:df:0d:15:7e:02:cf:
f0:d5:25:4f:56:d4:38:44:e6:95:db:8c:25:85:1d:79:79:fc:
90:0f:80:93:e8:7f:53:4f:82:e5:b8:7f:99:97:c7:90:ec:f5:
d4:77:37:46:28:61:8c:8a:08:a3:b5:7d:a7:8e:36:40:87:43:
f9:8d:3f:43:8a:29:77:17:c8:30:9c:e6:eb:da:bc:f0:95:cc:
18:23:4c:13:a2:b8:1a:9d:1e:bd:04:e4:88:98:d2:ca:21:58:
3a:61:28:f0:63:9b:20:ac:60:68:ed:00:06:e2:78:6a:4f:e6:
a4:01:72:df:6f:0f:a1:c7:95:bf:97:bb:cd:8b:1d:43:35:f4:
0a:9f:95:61:df:c0:70:5e:7a:3b:97:8e:bf:98:00:d7:42:bf:
dd:44:c7:0f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzIAUAHMGDJpmuhvsz4wQO+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZTIxNjFkN2YwMWZhNmZkMDg0MmMyMTEwODA2MzNmM2Vk
MzZiYTUwHhcNMjQwMTAyMDIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MWUyNWExMzdlZDg2NzRhOTUzYTMxOGMyZmFmYzM4M2JhZmY2Zjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgVVXZvRFevwitV70Ur0+bZjEmJJL
PjIk6WHDDtLePdzw9TiCyH94WPewbtvxi7klNzXWAm8stVQEGXFOhe1aslNMj+KV
OjgReYnTE5tYpGbRL19IGnDruZHj3zaqTDtdxKTawae5TMf9UApmVWGBVlhGcU3x
ngVxDcFpTNV56WUanCDHcaDd5jtXDkqbXqudMh9U17G13OiWaV6SubhLGLUhpP9I
CScfx6e8SK8RfHCuK+TvURhrQsPYfgNiX2fYgX/BnUhu4K6js46BdTQMyzfSemfJ
CZLVgo96CnWnESgwhTgS5Y2ESWIR8WzGdn+PU+wxZ6aAu2WS0D8luTjYDwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFIHiWhN+2GdKlToxjC+vw4O6/2+EMB8GA1UdIwQY
MBaAFKPiFh1/Afpv0IQsIRCAYz8+02ulMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvby1JV0hYOEItbV9RaEN3aEVJQmpQejdUYTZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi82YTY0ZWEtOWYxZS00YjQzLWJmMmEt
N2UwMzQwZWM5NjY3LzEvZ2VKYUUzN1laMHFWT2pHTUw2X0RnN3JfYjRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi82YTY0ZWEtOWYxZS00YjQzLWJmMmEtN2UwMzQwZWM5NjY3
LzEvby1JV0hYOEItbV9RaEN3aEVJQmpQejdUYTZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuYMwAwQC
ufGIMA0GCSqGSIb3DQEBCwUAA4IBAQBvViVc/A8mC1IJKRu2tZow+9keq87FgmV0
aqvWfU8VhH8w8zNiYHJ2+TjEnOrIVI5EeBYiAkFvfPSo8MLltk0Kz9vV1X6JXXk3
Cxgj5q0PZLjN/Te8zNrSOjTMLsPon50Y3MR+0zDfDRV+As/w1SVPVtQ4ROaV24wl
hR15efyQD4CT6H9TT4LluH+Zl8eQ7PXUdzdGKGGMigijtX2njjZAh0P5jT9Diil3
F8gwnObr2rzwlcwYI0wTorganR69BOSImNLKIVg6YSjwY5sgrGBo7QAG4nhqT+ak
AXLfbw+hx5W/l7vNix1DNfQKn5Vh38BwXno7l46/mADXQr/dRMcP
-----END CERTIFICATE-----
Generated at Mon Jun 3 00:32:46 2024 by rpki-client on console-ams.rpki-client.org