Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/Ec9reM2nUGASOFcJnvgSSYfpHdU.roa
File: Ec9reM2nUGASOFcJnvgSSYfpHdU.roa (raw, json)
Hash identifier: E+fzwblQi9lt/nfsRh06Nk/N5PbL02/A3YmlOwy0DtM=
Subject key identifier: 11:CF:6B:78:CD:A7:50:60:12:38:57:09:9E:F8:12:49:87:E9:1D:D5
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 018CC5DCB4590548F4F82B9DFC722F530DC8
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/Ec9reM2nUGASOFcJnvgSSYfpHdU.roa
Signing time: Mon 01 Jan 2024 16:30:24 +0000
ROA not before: Mon 01 Jan 2024 16:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201748
IP address blocks: 95.39.17.0/24 maxlen: 24
5.40.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:b4:59:05:48:f4:f8:2b:9d:fc:72:2f:53:0d:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Jan 1 16:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11cf6b78cda75060123857099ef8124987e91dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:00:0e:e9:00:12:5d:72:11:71:b2:5e:4c:fc:
fb:93:64:73:66:39:e3:39:b8:74:dc:e0:6c:c9:23:
b1:77:95:71:db:e2:d2:a4:b5:ca:4e:ca:af:f5:83:
98:ae:d5:86:b2:41:36:e6:d0:7c:90:83:c3:1f:86:
2d:ef:1c:9a:8c:d7:10:00:f6:fd:44:29:34:6f:78:
26:45:f2:d8:82:fc:4a:b0:ab:58:29:92:62:de:5b:
0d:35:b4:b1:5c:fa:a3:f6:3d:29:a8:3a:17:c3:2a:
34:d6:c9:27:e7:a7:24:17:a4:ee:f3:ac:e0:07:46:
32:f0:80:2e:fe:c5:65:3b:a0:0a:bb:c9:88:98:57:
17:70:db:7f:19:34:5a:1d:a7:30:dd:e7:21:08:0d:
dc:c7:ba:96:e5:b7:84:61:0c:d0:93:49:5c:f7:20:
7a:81:39:3a:57:2e:8f:ce:d1:75:b9:93:71:2b:ab:
a4:5f:90:de:b9:16:85:a5:32:77:35:e6:0c:23:60:
c6:7b:8d:95:9f:1c:ae:69:45:e6:d7:0d:f8:be:74:
26:78:31:1b:f1:37:da:5c:d9:1d:81:dd:16:e1:02:
48:2a:f5:70:5b:c8:c6:ea:b7:59:72:5e:57:99:1a:
cc:fe:4b:04:81:05:0a:13:fe:e2:f3:cf:a0:4f:93:
8f:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:CF:6B:78:CD:A7:50:60:12:38:57:09:9E:F8:12:49:87:E9:1D:D5
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/Ec9reM2nUGASOFcJnvgSSYfpHdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.40.158.0/24
95.39.17.0/24
Signature Algorithm: sha256WithRSAEncryption
18:7c:ed:86:6a:d3:29:27:46:91:ba:65:bf:b9:e9:3c:8b:2c:
58:05:9c:b5:60:40:17:72:72:37:70:93:c0:fb:13:a5:7e:59:
30:f7:f7:b6:b3:5c:a7:77:2c:97:df:29:0f:03:e2:6f:36:83:
97:90:55:5f:f8:ae:b5:e6:9d:1f:c5:d8:32:9b:e4:7b:82:dc:
fb:fb:18:45:94:5f:54:7d:11:d2:e6:cb:39:dc:df:61:f0:b8:
32:4a:0d:83:5a:88:61:c2:fb:82:75:2d:cc:24:77:43:c0:d1:
61:8e:d0:e2:67:33:b7:94:52:d2:ab:32:0b:26:b6:a0:3b:17:
63:9a:dd:f9:4e:9e:34:07:14:05:7c:e0:ed:d6:b3:df:15:ee:
74:1e:3f:69:fc:0d:e6:29:30:79:00:bf:93:85:02:ae:9f:60:
28:e2:7d:c2:5f:53:51:9f:bd:12:35:06:1b:fe:ce:3b:2e:99:
28:fd:d3:ee:ba:f4:3a:e0:da:66:58:af:c8:d9:12:17:47:d2:
e9:c9:fd:cb:2d:77:63:d5:69:8f:6f:2e:98:ce:2e:ca:4a:a5:
70:5a:8b:9b:8b:9d:a5:d5:99:1e:da:f0:04:67:5a:e1:c7:36:
fc:b5:0b:5a:f7:c8:f3:35:42:a9:27:e6:ca:84:0d:6f:c0:2c:
6a:3c:f7:08
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3LRZBUj0+Cud/HIvUw3IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjQwMTAxMTYzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWNmNmI3OGNkYTc1MDYwMTIzODU3MDk5ZWY4MTI0OTg3ZTkxZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngAO6QASXXIRcbJeTPz7k2RzZjnj
Obh03OBsySOxd5Vx2+LSpLXKTsqv9YOYrtWGskE25tB8kIPDH4Yt7xyajNcQAPb9
RCk0b3gmRfLYgvxKsKtYKZJi3lsNNbSxXPqj9j0pqDoXwyo01skn56ckF6Tu86zg
B0Yy8IAu/sVlO6AKu8mImFcXcNt/GTRaHacw3echCA3cx7qW5beEYQzQk0lc9yB6
gTk6Vy6PztF1uZNxK6ukX5DeuRaFpTJ3NeYMI2DGe42VnxyuaUXm1w34vnQmeDEb
8TfaXNkdgd0W4QJIKvVwW8jG6rdZcl5XmRrM/ksEgQUKE/7i88+gT5OPywIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBHPa3jNp1BgEjhXCZ74EkmH6R3VMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvRWM5cmVNMm5VR0FTT0ZjSm52Z1NTWWZwSGRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABSieAwQA
XycRMA0GCSqGSIb3DQEBCwUAA4IBAQAYfO2GatMpJ0aRumW/uek8iyxYBZy1YEAX
cnI3cJPA+xOlflkw9/e2s1yndyyX3ykPA+JvNoOXkFVf+K615p0fxdgym+R7gtz7
+xhFlF9UfRHS5ss53N9h8LgySg2DWohhwvuCdS3MJHdDwNFhjtDiZzO3lFLSqzIL
JragOxdjmt35Tp40BxQFfODt1rPfFe50Hj9p/A3mKTB5AL+ThQKun2Ao4n3CX1NR
n70SNQYb/s47Lpko/dPuuvQ64NpmWK/I2RIXR9Lpyf3LLXdj1WmPby6Yzi7KSqVw
Woubi52l1Zke2vAEZ1rhxzb8tQta98jzNUKpJ+bKhA1vwCxqPPcI
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:31:23 2024 by rpki-client on console-ams.rpki-client.org