Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/EHCo1-bgNQq4xgcH1nNH7iEJa2A.roa
File: EHCo1-bgNQq4xgcH1nNH7iEJa2A.roa (raw, json)
Hash identifier: R9NbWQ9URFa+bsEh1V7AhbETyA/9ti0fGkx6tlugig4=
Subject key identifier: 10:70:A8:D7:E6:E0:35:0A:B8:C6:07:07:D6:73:47:EE:21:09:6B:60
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 019198955EF36B7974AA8F88618877BF51B8
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/EHCo1-bgNQq4xgcH1nNH7iEJa2A.roa
Signing time: Wed 28 Aug 2024 10:43:31 +0000
ROA not before: Wed 28 Aug 2024 10:43:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8443
IP address blocks: 91.147.36.0/22 maxlen: 22
93.177.0.0/18 maxlen: 18
95.159.128.0/18 maxlen: 18
95.159.174.0/23 maxlen: 23
95.159.182.0/23 maxlen: 23
195.72.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:98:95:5e:f3:6b:79:74:aa:8f:88:61:88:77:bf:51:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Aug 28 10:43:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1070a8d7e6e0350ab8c60707d67347ee21096b60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ef:7c:1d:2e:6c:6b:e8:8f:d6:ee:c6:d1:4e:
b6:1a:38:83:cd:f0:38:16:56:1e:c1:59:3a:17:30:
38:14:5e:46:37:0f:0e:0a:b9:a8:a8:50:ea:bb:f9:
16:d2:fd:c3:02:5d:57:fc:d3:fb:38:67:f7:f7:9b:
02:7f:80:a3:39:d3:e1:64:d3:6f:23:bd:7a:c8:78:
8e:ce:4c:09:26:78:5c:7e:4b:fd:56:7e:f1:34:e6:
d5:fd:3f:40:0f:54:83:c3:1d:c3:96:f7:36:69:1b:
c6:7a:69:eb:c3:01:b6:49:62:55:95:18:46:34:6c:
f9:d8:f0:3f:d8:93:c6:a6:6f:6b:1a:94:e9:92:db:
fc:80:2c:14:d3:86:44:57:27:da:65:96:b6:cd:04:
99:0a:72:50:34:e3:2e:e8:35:a2:24:3f:34:30:16:
66:62:d5:17:6d:58:b9:45:18:a7:93:32:4c:31:4a:
f7:d1:54:f1:20:46:5b:65:ca:9b:42:fe:48:c2:6e:
e5:75:1d:ce:e5:a9:c4:98:e9:43:1a:fb:3e:b2:bd:
64:35:c2:3e:59:a9:e3:e7:a3:64:12:ae:09:fe:01:
05:b0:37:86:24:cb:2b:31:4a:c9:b0:78:6a:66:9f:
e1:40:ce:ed:9a:65:e6:22:50:62:fb:2d:c6:63:e2:
83:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:70:A8:D7:E6:E0:35:0A:B8:C6:07:07:D6:73:47:EE:21:09:6B:60
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/EHCo1-bgNQq4xgcH1nNH7iEJa2A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.147.36.0/22
93.177.0.0/18
95.159.128.0/18
195.72.224.0/19
Signature Algorithm: sha256WithRSAEncryption
53:67:61:68:bc:ec:cd:40:b4:63:93:40:51:93:0b:32:78:ce:
da:42:9d:34:9b:44:fa:08:2e:ea:ff:4a:85:c0:71:1c:d6:34:
91:98:ba:74:2b:15:71:68:ab:84:e9:4e:f6:de:45:55:19:a6:
57:7d:bc:91:4d:37:fc:96:8b:d5:09:ba:3c:c1:e7:ea:4a:8e:
82:7a:78:0b:34:0e:19:49:78:84:7b:c2:2a:ed:8d:46:1b:ba:
19:d4:09:90:fd:35:c6:fc:fc:1b:19:62:4b:5c:e1:35:1a:9d:
dd:19:14:66:1a:f8:07:96:c6:71:fa:f3:95:ef:43:47:0e:2b:
2c:a4:0a:fb:5d:19:48:ad:8c:03:6d:31:7c:ed:25:38:df:d3:
27:c8:0d:d1:56:79:38:34:c6:29:df:6b:63:f3:0e:72:5b:ce:
d6:3a:15:ca:7c:4b:e5:91:8d:de:f0:a3:4d:9d:6a:14:de:d3:
40:1e:0c:4c:75:81:d2:cf:05:98:3b:a2:34:b3:71:cf:ea:1b:
a4:7b:53:bc:84:65:49:cb:b2:05:fb:cd:95:57:96:90:32:b7:
66:19:c6:83:7c:c1:03:88:73:b4:91:3f:81:bc:46:05:e1:b3:
21:9b:b5:c0:2f:a8:39:6b:ea:2f:d8:3d:3d:9d:4e:7f:c2:16:
95:b9:a5:f5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZGYlV7za3l0qo+IYYh3v1G4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwODI4MTA0MzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDcwYThkN2U2ZTAzNTBhYjhjNjA3MDdkNjczNDdlZTIxMDk2YjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAte98HS5sa+iP1u7G0U62GjiDzfA4
FlYewVk6FzA4FF5GNw8OCrmoqFDqu/kW0v3DAl1X/NP7OGf395sCf4CjOdPhZNNv
I716yHiOzkwJJnhcfkv9Vn7xNObV/T9AD1SDwx3Dlvc2aRvGemnrwwG2SWJVlRhG
NGz52PA/2JPGpm9rGpTpktv8gCwU04ZEVyfaZZa2zQSZCnJQNOMu6DWiJD80MBZm
YtUXbVi5RRinkzJMMUr30VTxIEZbZcqbQv5Iwm7ldR3O5anEmOlDGvs+sr1kNcI+
Wanj56NkEq4J/gEFsDeGJMsrMUrJsHhqZp/hQM7tmmXmIlBi+y3GY+KD+QIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBBwqNfm4DUKuMYHB9ZzR+4hCWtgMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvRUhDbzEtYmdOUXE0eGdjSDFuTkg3aUVKYTJBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW5MkAwQG
XbEAAwQGX5+AAwQFw0jgMA0GCSqGSIb3DQEBCwUAA4IBAQBTZ2FovOzNQLRjk0BR
kwsyeM7aQp00m0T6CC7q/0qFwHEc1jSRmLp0KxVxaKuE6U723kVVGaZXfbyRTTf8
lovVCbo8wefqSo6CengLNA4ZSXiEe8Iq7Y1GG7oZ1AmQ/TXG/PwbGWJLXOE1Gp3d
GRRmGvgHlsZx+vOV70NHDisspAr7XRlIrYwDbTF87SU439MnyA3RVnk4NMYp32tj
8w5yW87WOhXKfEvlkY3e8KNNnWoU3tNAHgxMdYHSzwWYO6I0s3HP6huke1O8hGVJ
y7IF+82VV5aQMrdmGcaDfMEDiHO0kT+BvEYF4bMhm7XAL6g5a+ov2D09nU5/whaV
uaX1
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:27:56 2024 by rpki-client on console-ams.rpki-client.org