Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/5z5iWrGucC75_3CUTuzwB4zS3J0.roa
File: 5z5iWrGucC75_3CUTuzwB4zS3J0.roa (raw, json)
Hash identifier: Sz6G5EXvJhdFkQfDp3T4VQ9Y/lw97Xip72b2cw3yIyo=
Subject key identifier: E7:3E:62:5A:B1:AE:70:2E:F9:FF:70:94:4E:EC:F0:07:8C:D2:DC:9D
Certificate issuer: /CN=795013346c8d8f23e0128d306997980237db2374
Certificate serial: 018CC425476536BA77B2DA7204367E2A64C3
Authority key identifier: 79:50:13:34:6C:8D:8F:23:E0:12:8D:30:69:97:98:02:37:DB:23:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/eVATNGyNjyPgEo0waZeYAjfbI3Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/5z5iWrGucC75_3CUTuzwB4zS3J0.roa
Signing time: Mon 01 Jan 2024 08:30:26 +0000
ROA not before: Mon 01 Jan 2024 08:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34066
IP address blocks: 78.158.48.0/20 maxlen: 24
185.158.56.0/22 maxlen: 24
193.104.103.0/24 maxlen: 24
193.104.131.0/24 maxlen: 24
77.240.48.0/20 maxlen: 24
2a03:7600::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/eVATNGyNjyPgEo0waZeYAjfbI3Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/eVATNGyNjyPgEo0waZeYAjfbI3Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/eVATNGyNjyPgEo0waZeYAjfbI3Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:02:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:47:65:36:ba:77:b2:da:72:04:36:7e:2a:64:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=795013346c8d8f23e0128d306997980237db2374
Validity
Not Before: Jan 1 08:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e73e625ab1ae702ef9ff70944eecf0078cd2dc9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:59:1f:59:f5:d8:b0:fc:6a:dd:ca:29:d8:67:
d1:fc:1c:e4:e7:21:49:7e:08:d2:8e:d2:be:7c:9b:
20:54:f8:59:5c:26:4c:ad:62:c5:1a:b8:27:da:2c:
08:65:9c:ac:01:fd:43:c4:9d:fd:76:46:39:31:ff:
2e:55:34:0b:f5:40:57:92:7d:0c:8b:27:55:7f:7a:
71:18:21:7e:4a:01:b8:c0:c0:82:6e:2a:27:08:73:
9f:1a:1d:e7:6c:b1:6d:1d:76:ad:91:68:7e:1f:05:
83:95:6d:2d:ea:ed:b0:c8:e6:b3:e4:d3:96:d1:c7:
03:86:12:cb:bd:c0:08:9d:2f:4f:b9:14:d0:26:c0:
ec:79:b5:2b:c2:ef:7f:99:c1:be:b5:f9:42:e0:3c:
d9:e0:55:ac:91:3a:d9:56:ad:b1:bc:26:0e:52:49:
b9:25:97:a8:ca:61:8e:40:79:68:85:07:df:ee:8a:
37:4b:1d:95:aa:ff:bc:95:14:47:41:03:9c:34:0f:
15:83:93:e5:06:9d:fe:b6:8d:7c:cc:c3:e1:36:98:
d0:66:5c:5f:01:b5:05:fd:53:26:56:a9:e2:33:7b:
27:e6:3e:02:d6:61:9c:58:d8:f2:b0:76:f8:cd:b1:
f7:b0:a8:57:99:32:88:77:c9:9b:10:da:f6:d2:a7:
55:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:3E:62:5A:B1:AE:70:2E:F9:FF:70:94:4E:EC:F0:07:8C:D2:DC:9D
X509v3 Authority Key Identifier:
keyid:79:50:13:34:6C:8D:8F:23:E0:12:8D:30:69:97:98:02:37:DB:23:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/eVATNGyNjyPgEo0waZeYAjfbI3Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/5z5iWrGucC75_3CUTuzwB4zS3J0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/82c01e-b8cd-44ad-8aa7-8e98ea6ca8ee/1/eVATNGyNjyPgEo0waZeYAjfbI3Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.240.48.0/20
78.158.48.0/20
185.158.56.0/22
193.104.103.0/24
193.104.131.0/24
IPv6:
2a03:7600::/32
Signature Algorithm: sha256WithRSAEncryption
4e:09:6f:c9:41:d2:cd:ed:05:74:8a:e8:a6:12:4b:cf:83:a3:
25:fd:99:d4:06:b6:70:2c:c6:c4:1d:65:82:65:9f:12:82:fc:
25:d7:72:26:21:1d:21:93:d2:78:9c:2a:31:07:03:41:32:6a:
17:25:d4:56:11:50:ef:9f:51:76:e2:c3:94:bf:84:f9:73:c3:
3d:7b:fd:11:ce:01:33:79:bb:42:d5:76:bc:30:ed:cc:bd:ae:
d6:72:cb:1f:3e:8f:b5:a4:be:2f:98:6d:92:4b:75:18:e3:41:
b0:84:6c:44:c1:a4:42:ea:9f:c1:91:88:ff:87:67:93:aa:a9:
fd:33:45:90:03:39:4b:06:bb:5f:96:a1:f0:5b:b1:4b:ce:10:
d7:e0:41:9c:33:1c:99:8c:da:bd:9d:e1:a9:82:07:52:5b:a8:
93:4b:1c:b2:49:62:13:09:f7:89:74:e7:14:fb:27:2e:10:28:
a6:b2:44:cf:7a:12:c8:a8:db:2e:2f:e1:50:d8:4b:c8:ee:d0:
ee:39:6d:91:3c:f4:72:10:74:aa:ac:1b:6f:5c:98:9b:08:db:
4f:9c:72:a4:60:25:5d:c9:c5:6a:ef:00:f3:b2:cc:25:9d:35:
f1:58:84:65:05:50:74:33:8d:fc:64:65:86:8b:fa:18:b2:b6:
42:e6:6a:ea
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzEJUdlNrp3stpyBDZ+KmTDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5NTAxMzM0NmM4ZDhmMjNlMDEyOGQzMDY5OTc5ODAyMzdk
YjIzNzQwHhcNMjQwMTAxMDgzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzNlNjI1YWIxYWU3MDJlZjlmZjcwOTQ0ZWVjZjAwNzhjZDJkYzlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1kfWfXYsPxq3cop2GfR/Bzk5yFJ
fgjSjtK+fJsgVPhZXCZMrWLFGrgn2iwIZZysAf1DxJ39dkY5Mf8uVTQL9UBXkn0M
iydVf3pxGCF+SgG4wMCCbionCHOfGh3nbLFtHXatkWh+HwWDlW0t6u2wyOaz5NOW
0ccDhhLLvcAInS9PuRTQJsDsebUrwu9/mcG+tflC4DzZ4FWskTrZVq2xvCYOUkm5
JZeoymGOQHlohQff7oo3Sx2Vqv+8lRRHQQOcNA8Vg5PlBp3+to18zMPhNpjQZlxf
AbUF/VMmVqniM3sn5j4C1mGcWNjysHb4zbH3sKhXmTKId8mbENr20qdV/wIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFOc+YlqxrnAu+f9wlE7s8AeM0tydMB8GA1UdIwQY
MBaAFHlQEzRsjY8j4BKNMGmXmAI32yN0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZVZBVE5HeU5qeVBnRW8wd2FaZVlBamZiSTNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84MmMwMWUtYjhjZC00NGFkLThhYTct
OGU5OGVhNmNhOGVlLzEvNXo1aVdyR3VjQzc1XzNDVVR1endCNHpTM0owLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84MmMwMWUtYjhjZC00NGFkLThhYTctOGU5OGVhNmNhOGVl
LzEvZVZBVE5HeU5qeVBnRW8wd2FaZVlBamZiSTNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQETfAwAwQE
Tp4wAwQCuZ44AwQAwWhnAwQAwWiDMA0EAgACMAcDBQAqA3YAMA0GCSqGSIb3DQEB
CwUAA4IBAQBOCW/JQdLN7QV0iuimEkvPg6Ml/ZnUBrZwLMbEHWWCZZ8Sgvwl13Im
IR0hk9J4nCoxBwNBMmoXJdRWEVDvn1F24sOUv4T5c8M9e/0RzgEzebtC1Xa8MO3M
va7WcssfPo+1pL4vmG2SS3UY40GwhGxEwaRC6p/BkYj/h2eTqqn9M0WQAzlLBrtf
lqHwW7FLzhDX4EGcMxyZjNq9neGpggdSW6iTSxyySWITCfeJdOcU+ycuECimskTP
ehLIqNsuL+FQ2EvI7tDuOW2RPPRyEHSqrBtvXJibCNtPnHKkYCVdycVq7wDzsswl
nTXxWIRlBVB0M438ZGWGi/oYsrZC5mrq
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:05:40 2024 by rpki-client on console-fra.rpki-client.org