Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/eEIl5A82hFjO2ZB87RkHTaOrbX8.roa
File: eEIl5A82hFjO2ZB87RkHTaOrbX8.roa (raw, json)
Hash identifier: 31Y9lHliwsFsUiHPqibmyMgXkjY7z+PhXrsZ4J4+aIE=
Subject key identifier: 78:42:25:E4:0F:36:84:58:CE:D9:90:7C:ED:19:07:4D:A3:AB:6D:7F
Certificate issuer: /CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Certificate serial: 018D209684186D31D169CCDCFA2014950365
Authority key identifier: FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/eEIl5A82hFjO2ZB87RkHTaOrbX8.roa
Signing time: Fri 19 Jan 2024 07:19:11 +0000
ROA not before: Fri 19 Jan 2024 07:19:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 188.208.196.0/23 maxlen: 23
188.214.194.0/24 maxlen: 24
2a06:f940::/48 maxlen: 48
2a06:f940:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/1-yqlrPybsP5rkR8eytPrVNRcs28.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/1-yqlrPybsP5rkR8eytPrVNRcs28.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 08 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:20:96:84:18:6d:31:d1:69:cc:dc:fa:20:14:95:03:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Validity
Not Before: Jan 19 07:19:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=784225e40f368458ced9907ced19074da3ab6d7f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d5:b5:f3:05:b0:a4:32:26:65:8d:a8:bf:a8:
0b:41:8f:86:b1:35:c4:3b:07:67:9e:53:1c:5b:c3:
bd:96:3a:e0:13:fa:65:ee:19:6e:e3:e5:95:d0:92:
e7:90:b4:52:b0:91:5e:65:b8:6e:a9:8c:95:58:35:
d5:14:89:fd:f0:9c:43:fe:72:24:91:11:41:8e:ef:
59:4d:ae:1c:42:ed:31:22:30:b8:9b:04:41:36:2f:
83:8f:f9:f0:86:b0:fa:19:0f:62:af:8c:ea:5b:7f:
22:86:c6:d1:e2:f4:0d:cd:88:8a:65:7d:e9:54:b6:
f1:3b:09:cc:69:b3:bd:33:36:41:8b:8f:6a:16:32:
5d:c4:cd:0d:92:0b:31:b1:29:94:cb:c8:54:0c:87:
d9:1f:44:c1:79:58:45:a2:6b:0a:8d:f0:00:77:3e:
be:eb:cb:0b:ae:bc:1d:00:80:58:6d:02:c7:f8:51:
44:84:0a:c2:00:3b:1e:d1:05:67:67:8a:5a:c6:2e:
d1:86:a7:46:8c:df:f7:51:f2:88:33:9c:a1:5d:4a:
63:73:f5:55:cf:da:6c:a6:ab:21:06:24:4e:18:cf:
49:f8:30:31:da:73:88:f7:89:38:ef:28:38:f5:57:
e1:7f:76:23:5d:91:98:82:11:82:b2:26:10:35:67:
cd:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:42:25:E4:0F:36:84:58:CE:D9:90:7C:ED:19:07:4D:A3:AB:6D:7F
X509v3 Authority Key Identifier:
keyid:FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/eEIl5A82hFjO2ZB87RkHTaOrbX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/1-yqlrPybsP5rkR8eytPrVNRcs28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.208.196.0/23
188.214.194.0/24
IPv6:
2a06:f940::/47
Signature Algorithm: sha256WithRSAEncryption
18:22:83:ab:4f:ec:81:df:83:d4:6d:c0:c1:cb:55:5c:90:d9:
51:ed:09:83:35:52:43:b5:77:12:92:32:fe:90:8b:b2:eb:05:
a3:0e:07:33:9c:09:c6:c3:33:10:4c:ad:ca:9e:c2:3a:b1:20:
f1:e8:87:08:22:dc:33:e8:68:e0:4f:ff:2b:22:0d:21:06:39:
1d:8e:35:e4:fc:4d:c1:3e:9f:a2:ea:a5:54:a4:fa:72:1e:cf:
e9:05:15:a1:51:6f:a5:c4:97:0d:60:0e:b1:54:82:8b:04:3d:
44:b0:60:19:06:ff:bd:21:91:35:07:ff:5d:d2:84:60:ed:05:
0b:72:de:ec:7b:0a:c8:8d:08:8d:10:55:92:22:54:d8:b1:f7:
41:b3:2c:df:c3:34:b6:06:55:98:8f:7f:b6:ea:1e:0d:e2:90:
c2:8c:c0:87:f7:f4:ef:e2:e6:ed:92:c9:7f:11:86:28:06:5e:
e9:8b:91:04:e9:92:db:a2:d8:9b:fe:e7:e5:66:8f:26:0a:0a:
33:db:39:2e:d2:da:8b:3d:36:ec:c2:c2:94:92:d5:80:08:69:
18:d7:b7:c7:ef:64:71:82:c3:f6:24:26:7a:db:21:e6:1d:30:
4a:22:16:0e:ce:3e:1a:0f:f5:44:26:46:b6:0a:74:06:e6:6d:
f7:50:47:b8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAY0gloQYbTHRaczc+iAUlQNlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMmFhNWFjZmM5YmIwZmU2YjkxMWYxZWNhZDNlYjU0ZDQ1
Y2IzNmYwHhcNMjQwMTE5MDcxOTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODQyMjVlNDBmMzY4NDU4Y2VkOTkwN2NlZDE5MDc0ZGEzYWI2ZDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtW18wWwpDImZY2ov6gLQY+GsTXE
OwdnnlMcW8O9ljrgE/pl7hlu4+WV0JLnkLRSsJFeZbhuqYyVWDXVFIn98JxD/nIk
kRFBju9ZTa4cQu0xIjC4mwRBNi+Dj/nwhrD6GQ9ir4zqW38ihsbR4vQNzYiKZX3p
VLbxOwnMabO9MzZBi49qFjJdxM0NkgsxsSmUy8hUDIfZH0TBeVhFomsKjfAAdz6+
68sLrrwdAIBYbQLH+FFEhArCADse0QVnZ4paxi7RhqdGjN/3UfKIM5yhXUpjc/VV
z9pspqshBiROGM9J+DAx2nOI94k47yg49Vfhf3YjXZGYghGCsiYQNWfNjwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFHhCJeQPNoRYztmQfO0ZB02jq21/MB8GA1UdIwQY
MBaAFPsqpaz8m7D+a5EfHsrT61TUXLNvMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS15cWxyUHlic1A1cmtSOGV5dFByVk5SY3MyOC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2
LWVlMDU3Y2Y5YzE2MS8xL2VFSWw1QTgyaEZqTzJaQjg3UmtIVGFPcmJYOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2LWVlMDU3Y2Y5YzE2
MS8xLzEteXFsclB5YnNQNXJrUjhleXRQclZOUmNzMjguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNgYIKwYBBQUHAQcBAf8EJzAlMBIEAgABMAwDBAG80MQD
BAC81sIwDwQCAAIwCQMHASoG+UAAADANBgkqhkiG9w0BAQsFAAOCAQEAGCKDq0/s
gd+D1G3AwctVXJDZUe0JgzVSQ7V3EpIy/pCLsusFow4HM5wJxsMzEEytyp7COrEg
8eiHCCLcM+ho4E//KyINIQY5HY415PxNwT6fouqlVKT6ch7P6QUVoVFvpcSXDWAO
sVSCiwQ9RLBgGQb/vSGRNQf/XdKEYO0FC3Le7HsKyI0IjRBVkiJU2LH3QbMs38M0
tgZVmI9/tuoeDeKQwozAh/f07+Lm7ZLJfxGGKAZe6YuRBOmS26LYm/7n5WaPJgoK
M9s5LtLaiz027MLClJLVgAhpGNe3x+9kcYLD9iQmetsh5h0wSiIWDs4+Gg/1RCZG
tgp0BuZt91BHuA==
-----END CERTIFICATE-----
Generated at Tue May 7 12:58:28 2024 by rpki-client on console-ams.rpki-client.org