Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/eOUtE0EhM6fZ9aC--qi9tC-6-Zs.roa
File: eOUtE0EhM6fZ9aC--qi9tC-6-Zs.roa (raw, json)
Hash identifier: S9ihQRwK3T8oYDoj9kyl+7k3L1/A/oC45HJDXKYXdbw=
Subject key identifier: 78:E5:2D:13:41:21:33:A7:D9:F5:A0:BE:FA:A8:BD:B4:2F:BA:F9:9B
Certificate issuer: /CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Certificate serial: 018ECB8712127C3FE88E9D789167ED428FB2
Authority key identifier: 99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/eOUtE0EhM6fZ9aC--qi9tC-6-Zs.roa
Signing time: Thu 11 Apr 2024 05:00:10 +0000
ROA not before: Thu 11 Apr 2024 05:00:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152586
IP address blocks: 185.149.24.0/22 maxlen: 24
185.172.38.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cb:87:12:12:7c:3f:e8:8e:9d:78:91:67:ed:42:8f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=99ce569a14c2db3772f23187ce68e6541ec0048e
Validity
Not Before: Apr 11 05:00:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78e52d13412133a7d9f5a0befaa8bdb42fbaf99b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:e3:61:28:80:91:ed:dc:22:97:96:fe:6b:1c:
a3:9c:a1:b6:41:6a:d4:8e:3c:1f:00:f3:17:2a:81:
29:34:ee:81:78:86:21:f4:77:91:f8:21:ee:c2:68:
ee:0b:1c:93:1e:57:c8:97:ed:a4:4c:90:3d:ec:03:
f7:e4:4b:3d:5f:64:e1:e0:1b:31:e1:a4:91:7c:67:
b6:fe:f2:e3:27:df:41:63:6b:89:08:92:6f:5c:a9:
d4:15:20:75:4f:6a:e7:20:36:50:28:3c:7f:f7:2a:
a5:aa:38:33:54:41:b1:b4:94:87:5f:95:36:8c:15:
64:e6:10:9c:89:50:2e:93:53:a1:57:c3:3a:ee:75:
0f:2c:9e:25:b8:76:49:60:2e:a4:c3:1c:89:95:ad:
d7:b0:e4:d2:c8:46:68:e5:7e:68:1a:16:c4:2b:59:
60:ca:dc:98:41:44:1f:12:de:fb:28:4e:80:e3:4a:
26:d4:ac:18:3e:b4:6f:1f:5c:d0:b1:26:be:4c:4d:
65:66:08:0a:c4:19:7d:fe:a2:ef:c8:cb:35:44:30:
c5:95:93:91:c2:05:ca:c6:c3:b9:bb:8c:e2:6c:2e:
39:8c:dc:db:30:55:1a:f6:4c:f1:f3:f4:9a:20:eb:
3d:ba:7b:f9:33:a5:e5:af:47:8a:18:c4:48:27:3e:
46:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:E5:2D:13:41:21:33:A7:D9:F5:A0:BE:FA:A8:BD:B4:2F:BA:F9:9B
X509v3 Authority Key Identifier:
keyid:99:CE:56:9A:14:C2:DB:37:72:F2:31:87:CE:68:E6:54:1E:C0:04:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mc5WmhTC2zdy8jGHzmjmVB7ABI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/eOUtE0EhM6fZ9aC--qi9tC-6-Zs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/cc6e99-6e5f-401b-912d-1095544c6c50/1/mc5WmhTC2zdy8jGHzmjmVB7ABI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.24.0/22
185.172.38.0/23
Signature Algorithm: sha256WithRSAEncryption
28:02:50:1d:14:31:75:c4:0a:a1:04:6d:b4:6b:06:f7:8f:bb:
1a:6a:57:f4:d0:5c:da:ab:9b:72:ef:23:93:a1:90:7b:c4:c7:
83:c3:5f:21:78:9b:9a:4c:d7:83:35:46:15:42:5e:2b:47:48:
e6:c1:2c:03:e5:c4:1d:2f:7b:9b:2f:fb:f2:66:18:39:7d:57:
19:f4:af:6a:32:c5:28:52:74:7a:1c:70:3b:66:9a:52:7a:a6:
71:33:69:04:18:4d:9a:72:62:fd:db:77:60:6a:54:d0:c9:0c:
be:97:44:5e:bf:dc:c0:0d:33:bb:03:33:ae:45:f3:0d:2f:87:
a8:2f:6b:68:12:cc:03:0d:b7:7a:71:2e:16:69:c7:d5:16:a2:
03:f2:bb:ef:7d:4d:8a:45:d2:43:e6:c7:ca:42:aa:63:5c:bf:
d7:6f:82:44:9e:dd:59:76:9b:a8:40:a0:44:4e:81:6c:77:ff:
ec:23:d4:33:6d:16:3c:0a:6c:81:9f:ff:2e:9f:f7:33:bb:8a:
fc:f0:b9:c1:1e:95:0b:20:41:0d:01:d1:d4:d0:18:c2:70:e2:
9a:eb:cb:f1:b9:52:e1:53:08:bc:5b:0a:cf:c7:41:fd:4d:32:
8a:87:30:e3:4c:09:66:50:f8:77:2d:91:8c:48:62:17:64:f0:
ef:e8:58:6f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7LhxISfD/ojp14kWftQo+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5Y2U1NjlhMTRjMmRiMzc3MmYyMzE4N2NlNjhlNjU0MWVj
MDA0OGUwHhcNMjQwNDExMDUwMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGU1MmQxMzQxMjEzM2E3ZDlmNWEwYmVmYWE4YmRiNDJmYmFmOTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAveNhKICR7dwil5b+axyjnKG2QWrU
jjwfAPMXKoEpNO6BeIYh9HeR+CHuwmjuCxyTHlfIl+2kTJA97AP35Es9X2Th4Bsx
4aSRfGe2/vLjJ99BY2uJCJJvXKnUFSB1T2rnIDZQKDx/9yqlqjgzVEGxtJSHX5U2
jBVk5hCciVAuk1OhV8M67nUPLJ4luHZJYC6kwxyJla3XsOTSyEZo5X5oGhbEK1lg
ytyYQUQfEt77KE6A40om1KwYPrRvH1zQsSa+TE1lZggKxBl9/qLvyMs1RDDFlZOR
wgXKxsO5u4zibC45jNzbMFUa9kzx8/SaIOs9unv5M6Xlr0eKGMRIJz5GoQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHjlLRNBITOn2fWgvvqovbQvuvmbMB8GA1UdIwQY
MBaAFJnOVpoUwts3cvIxh85o5lQewASOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQt
MTA5NTU0NGM2YzUwLzEvZU9VdEUwRWhNNmZaOWFDLS1xaTl0Qy02LVpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jYzZlOTktNmU1Zi00MDFiLTkxMmQtMTA5NTU0NGM2YzUw
LzEvbWM1V21oVEMyemR5OGpHSHptam1WQjdBQkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuZUYAwQB
uawmMA0GCSqGSIb3DQEBCwUAA4IBAQAoAlAdFDF1xAqhBG20awb3j7saalf00Fza
q5ty7yOToZB7xMeDw18heJuaTNeDNUYVQl4rR0jmwSwD5cQdL3ubL/vyZhg5fVcZ
9K9qMsUoUnR6HHA7ZppSeqZxM2kEGE2acmL923dgalTQyQy+l0Rev9zADTO7AzOu
RfMNL4eoL2toEswDDbd6cS4WacfVFqID8rvvfU2KRdJD5sfKQqpjXL/Xb4JEnt1Z
dpuoQKBEToFsd//sI9QzbRY8CmyBn/8un/czu4r88LnBHpULIEENAdHU0BjCcOKa
68vxuVLhUwi8WwrPx0H9TTKKhzDjTAlmUPh3LZGMSGIXZPDv6Fhv
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:58:24 2024 by rpki-client on console-ams.rpki-client.org