Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/EIqKvuTxzGuHkQWVzMZGUf0RlHg.roa
File: EIqKvuTxzGuHkQWVzMZGUf0RlHg.roa (raw, json)
Hash identifier: TBVrUwC2taWWeOZUYvhw0FGGvUXzwjpPO82kRJiYk6M=
Subject key identifier: 10:8A:8A:BE:E4:F1:CC:6B:87:91:05:95:CC:C6:46:51:FD:11:94:78
Certificate issuer: /CN=9dd504860a7c924e721cbfaea5f49a72c8296c35
Certificate serial: 018CC3495D69CACBBDFF50BE78DE91D5A65C
Authority key identifier: 9D:D5:04:86:0A:7C:92:4E:72:1C:BF:AE:A5:F4:9A:72:C8:29:6C:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ndUEhgp8kk5yHL-upfSacsgpbDU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/EIqKvuTxzGuHkQWVzMZGUf0RlHg.roa
Signing time: Mon 01 Jan 2024 04:30:14 +0000
ROA not before: Mon 01 Jan 2024 04:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35319
IP address blocks: 91.204.121.0/24 maxlen: 24
91.204.122.0/24 maxlen: 24
193.19.240.0/24 maxlen: 24
193.19.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/ndUEhgp8kk5yHL-upfSacsgpbDU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/ndUEhgp8kk5yHL-upfSacsgpbDU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ndUEhgp8kk5yHL-upfSacsgpbDU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:5d:69:ca:cb:bd:ff:50:be:78:de:91:d5:a6:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9dd504860a7c924e721cbfaea5f49a72c8296c35
Validity
Not Before: Jan 1 04:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=108a8abee4f1cc6b87910595ccc64651fd119478
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:92:7c:4d:10:dc:04:86:20:d2:a1:3b:ac:7a:
4c:42:04:eb:5e:24:0e:bd:a0:ad:8f:db:fc:dc:86:
0e:3c:dc:f7:10:58:b4:9e:58:71:9a:a2:6e:8d:9d:
03:c5:a9:04:69:ba:6e:b4:4d:45:69:1b:57:a1:5a:
cc:56:4c:82:78:0c:7b:68:4c:3e:bd:9a:f8:1d:10:
9c:f7:71:fe:39:2a:7e:97:a4:dd:83:0b:62:c6:48:
b9:43:62:fa:ce:39:89:1c:de:25:2c:64:82:11:02:
21:09:0c:36:62:94:d7:9d:ac:8e:d5:b4:86:05:d8:
99:70:cf:1b:71:57:ce:2d:36:87:24:11:ee:02:ad:
39:21:31:c2:e4:c3:14:57:5e:66:23:2d:fa:60:cd:
d4:a4:0a:c9:7a:35:b0:cb:87:b7:b1:44:2a:b2:59:
92:64:bf:ec:83:f7:bc:11:fb:ca:43:81:42:b2:c8:
ac:35:e9:6d:06:d9:7d:fa:9e:c1:dc:f9:fd:1f:a7:
d2:c9:e9:3a:ce:0d:0c:9c:ac:a5:9a:94:cf:59:5c:
ce:ca:5d:f3:13:97:a7:ee:49:51:26:4e:7c:7a:72:
2b:a6:21:11:35:4e:f1:6c:d6:fe:54:da:5d:af:d0:
1d:bc:a5:7c:c1:ea:d9:4c:ef:21:ea:50:2e:57:f4:
e1:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:8A:8A:BE:E4:F1:CC:6B:87:91:05:95:CC:C6:46:51:FD:11:94:78
X509v3 Authority Key Identifier:
keyid:9D:D5:04:86:0A:7C:92:4E:72:1C:BF:AE:A5:F4:9A:72:C8:29:6C:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ndUEhgp8kk5yHL-upfSacsgpbDU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/EIqKvuTxzGuHkQWVzMZGUf0RlHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/496232-d18b-4554-9a43-432f5c1f41f7/1/ndUEhgp8kk5yHL-upfSacsgpbDU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.121.0-91.204.122.255
193.19.240.0/24
193.19.242.0/24
Signature Algorithm: sha256WithRSAEncryption
10:d1:c5:79:44:bf:5b:81:33:b7:33:0c:78:cf:89:bf:bc:a6:
6c:3a:5d:75:eb:19:b8:c4:a8:18:b1:22:32:88:95:7f:3e:1f:
1f:7a:46:37:cb:34:0f:d8:30:fe:eb:7e:bc:9c:f9:e3:8a:ad:
0e:cf:f4:9d:89:23:8b:41:52:0c:48:6a:68:cf:a6:7c:22:29:
82:1b:18:e1:f3:7b:ab:97:2f:c3:7d:6b:4d:a0:b9:12:40:3b:
da:65:80:4f:10:d2:01:0e:cb:2a:e8:b6:f2:65:d3:2a:0f:02:
88:6f:67:93:b7:f2:49:9b:1a:ab:4a:79:b1:d4:03:6f:82:02:
4f:4d:4f:4d:ef:d1:a3:f8:2e:8d:62:6e:3d:57:92:6e:18:23:
4b:e4:80:55:0d:7f:7c:68:a4:eb:88:10:ac:f7:8b:f6:ec:23:
e0:e1:cd:fe:49:28:28:7d:36:cb:f4:bb:5f:7e:e2:d3:cc:24:
b9:1c:82:24:70:bf:c5:1a:a5:69:1d:d1:68:bd:35:d5:dd:3d:
f9:e4:8b:47:6b:7b:d0:b0:54:1a:17:80:a0:e1:68:77:4e:1c:
3c:f2:cc:f9:cd:5d:d3:ad:31:69:75:e1:bb:56:d6:2a:a4:fc:
8e:1e:4b:d2:79:18:70:f6:04:6b:9e:f4:6d:15:4b:78:ba:36:
02:0c:30:17
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzDSV1pysu9/1C+eN6R1aZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkZDUwNDg2MGE3YzkyNGU3MjFjYmZhZWE1ZjQ5YTcyYzgy
OTZjMzUwHhcNMjQwMTAxMDQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDhhOGFiZWU0ZjFjYzZiODc5MTA1OTVjY2M2NDY1MWZkMTE5NDc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZJ8TRDcBIYg0qE7rHpMQgTrXiQO
vaCtj9v83IYOPNz3EFi0nlhxmqJujZ0DxakEabputE1FaRtXoVrMVkyCeAx7aEw+
vZr4HRCc93H+OSp+l6Tdgwtixki5Q2L6zjmJHN4lLGSCEQIhCQw2YpTXnayO1bSG
BdiZcM8bcVfOLTaHJBHuAq05ITHC5MMUV15mIy36YM3UpArJejWwy4e3sUQqslmS
ZL/sg/e8EfvKQ4FCssisNeltBtl9+p7B3Pn9H6fSyek6zg0MnKylmpTPWVzOyl3z
E5en7klRJk58enIrpiERNU7xbNb+VNpdr9AdvKV8werZTO8h6lAuV/ThzQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFBCKir7k8cxrh5EFlczGRlH9EZR4MB8GA1UdIwQY
MBaAFJ3VBIYKfJJOchy/rqX0mnLIKWw1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmRVRWhncDhrazV5SEwtdXBmU2Fjc2dwYkRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80OTYyMzItZDE4Yi00NTU0LTlhNDMt
NDMyZjVjMWY0MWY3LzEvRUlxS3Z1VHh6R3VIa1FXVnpNWkdVZjBSbEhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80OTYyMzItZDE4Yi00NTU0LTlhNDMtNDMyZjVjMWY0MWY3
LzEvbmRVRWhncDhrazV5SEwtdXBmU2Fjc2dwYkRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABbzHkD
BABbzHoDBADBE/ADBADBE/IwDQYJKoZIhvcNAQELBQADggEBABDRxXlEv1uBM7cz
DHjPib+8pmw6XXXrGbjEqBixIjKIlX8+Hx96RjfLNA/YMP7rfryc+eOKrQ7P9J2J
I4tBUgxIamjPpnwiKYIbGOHze6uXL8N9a02guRJAO9plgE8Q0gEOyyrotvJl0yoP
AohvZ5O38kmbGqtKebHUA2+CAk9NT03v0aP4Lo1ibj1Xkm4YI0vkgFUNf3xopOuI
EKz3i/bsI+Dhzf5JKCh9Nsv0u19+4tPMJLkcgiRwv8UapWkd0Wi9NdXdPfnki0dr
e9CwVBoXgKDhaHdOHDzyzPnNXdOtMWl14btW1iqk/I4eS9J5GHD2BGue9G0VS3i6
NgIMMBc=
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:06:41 2024 by rpki-client on console-fra.rpki-client.org