Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/eb7835-d364-4e28-9a82-ed9231fbaed1/1/efFKxKLEka1d6cUQRNFkXrE803o.roa
File: efFKxKLEka1d6cUQRNFkXrE803o.roa (raw, json)
Hash identifier: SAOmrsvBGPGLKS8d2AvRaTV6QYbX+XlowgYN7uHcqHE=
Subject key identifier: 79:F1:4A:C4:A2:C4:91:AD:5D:E9:C5:10:44:D1:64:5E:B1:3C:D3:7A
Certificate issuer: /CN=1ae9db29aa9308e1751b03d0d6999bb868805886
Certificate serial: 018F100C0E6C1EAAB983AAFF4CC59DAADF3E
Authority key identifier: 1A:E9:DB:29:AA:93:08:E1:75:1B:03:D0:D6:99:9B:B8:68:80:58:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GunbKaqTCOF1GwPQ1pmbuGiAWIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/eb7835-d364-4e28-9a82-ed9231fbaed1/1/efFKxKLEka1d6cUQRNFkXrE803o.roa
Signing time: Wed 24 Apr 2024 12:19:36 +0000
ROA not before: Wed 24 Apr 2024 12:19:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199939
IP address blocks: 45.133.248.0/23 maxlen: 24
45.139.120.0/23 maxlen: 24
89.19.60.0/22 maxlen: 24
141.98.2.0/23 maxlen: 24
185.42.8.0/22 maxlen: 24
185.156.160.0/22 maxlen: 24
212.237.253.0/24 maxlen: 24
2a01:5860::/32 maxlen: 48
2a0d:bb40::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/eb7835-d364-4e28-9a82-ed9231fbaed1/1/GunbKaqTCOF1GwPQ1pmbuGiAWIY.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/eb7835-d364-4e28-9a82-ed9231fbaed1/1/GunbKaqTCOF1GwPQ1pmbuGiAWIY.mft
rsync://rpki.ripe.net/repository/DEFAULT/GunbKaqTCOF1GwPQ1pmbuGiAWIY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 00:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:10:0c:0e:6c:1e:aa:b9:83:aa:ff:4c:c5:9d:aa:df:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ae9db29aa9308e1751b03d0d6999bb868805886
Validity
Not Before: Apr 24 12:19:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79f14ac4a2c491ad5de9c51044d1645eb13cd37a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ca:6e:01:47:da:04:19:0d:38:24:7d:cc:83:
90:a3:8c:0d:b8:a5:b5:42:17:38:94:ec:58:f0:e8:
87:f2:57:88:ac:44:62:52:ea:9b:cf:15:05:64:a6:
84:43:9e:db:e4:2b:cb:4f:f8:26:41:c6:54:e0:9b:
b1:a3:e7:8d:58:d3:6e:e8:a3:09:24:21:23:57:5d:
fe:b9:a1:f0:9f:85:6a:8c:b0:ae:f8:71:b5:f2:e9:
98:82:6d:5c:70:37:21:0a:0d:3a:d0:c5:5b:d6:06:
33:4a:7f:95:b6:88:da:26:ed:29:73:29:39:20:31:
0a:a1:69:bb:7e:4b:c7:01:81:fa:65:d4:14:dd:21:
b0:27:d6:be:02:7e:41:f0:d3:53:bf:ec:ff:34:b1:
18:a1:d4:7a:9d:4a:26:f3:2e:e5:4c:94:95:a5:48:
ff:af:c7:1a:5d:7d:3a:68:a1:56:45:a1:e9:24:ec:
86:f0:fc:6b:f7:cf:41:92:ed:37:37:d8:1a:15:9b:
e8:be:10:5b:6c:f3:95:e5:f8:85:42:c3:ef:d7:09:
4e:dd:8d:2d:7b:10:1a:8e:99:9d:8e:79:29:c5:2a:
2a:8b:f2:c9:3e:fb:5a:5b:eb:f4:d7:6d:ab:95:6a:
99:6f:69:b9:7b:fe:d5:12:7b:55:87:19:96:9c:dc:
92:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:F1:4A:C4:A2:C4:91:AD:5D:E9:C5:10:44:D1:64:5E:B1:3C:D3:7A
X509v3 Authority Key Identifier:
keyid:1A:E9:DB:29:AA:93:08:E1:75:1B:03:D0:D6:99:9B:B8:68:80:58:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GunbKaqTCOF1GwPQ1pmbuGiAWIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/eb7835-d364-4e28-9a82-ed9231fbaed1/1/efFKxKLEka1d6cUQRNFkXrE803o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/eb7835-d364-4e28-9a82-ed9231fbaed1/1/GunbKaqTCOF1GwPQ1pmbuGiAWIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.133.248.0/23
45.139.120.0/23
89.19.60.0/22
141.98.2.0/23
185.42.8.0/22
185.156.160.0/22
212.237.253.0/24
IPv6:
2a01:5860::/32
2a0d:bb40::/32
Signature Algorithm: sha256WithRSAEncryption
b9:42:9b:8a:37:c2:0e:54:e2:51:38:54:62:44:4b:fa:10:a8:
6d:21:dc:14:32:43:0f:7e:12:fc:3e:eb:c1:5f:0e:83:a0:03:
81:cd:87:39:94:19:c5:09:51:59:d2:f4:c5:7a:96:65:34:88:
1b:a7:ec:10:c4:7d:15:d3:45:c4:8a:02:9f:aa:3f:7d:a0:c5:
bc:0a:fc:a9:fd:24:a5:f5:a8:2a:8f:ee:6f:4d:0a:3f:a0:a8:
f0:f7:cd:0a:a2:0d:e5:a7:ca:2f:02:ec:20:99:75:23:ec:fd:
93:d8:47:0d:34:e3:06:01:4b:b5:79:fc:2d:02:5d:03:68:78:
db:99:2d:6c:88:2b:5f:d5:08:39:af:fe:41:06:5b:25:9e:9b:
aa:ad:c2:7c:d9:9f:ed:ae:8e:a1:ad:74:4c:15:fa:cc:b1:af:
19:2b:98:f9:0f:40:32:f5:54:27:48:2a:48:07:1e:90:46:0a:
28:f5:83:cb:83:05:00:a3:c5:25:d5:0b:f7:7e:e4:4c:29:69:
ce:b8:23:e2:91:1c:89:6e:cc:f6:9e:57:95:3f:7e:0b:13:3a:
3d:ea:58:cf:0c:74:a9:e1:1a:6c:a8:29:99:04:da:5b:a4:13:
ba:d3:52:93:e9:3a:e8:6c:c0:9e:82:60:c2:4e:b4:82:66:51:
79:12:6c:12
-----BEGIN CERTIFICATE-----
MIIFNzCCBB+gAwIBAgISAY8QDA5sHqq5g6r/TMWdqt8+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZTlkYjI5YWE5MzA4ZTE3NTFiMDNkMGQ2OTk5YmI4Njg4
MDU4ODYwHhcNMjQwNDI0MTIxOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWYxNGFjNGEyYzQ5MWFkNWRlOWM1MTA0NGQxNjQ1ZWIxM2NkMzdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMpuAUfaBBkNOCR9zIOQo4wNuKW1
Qhc4lOxY8OiH8leIrERiUuqbzxUFZKaEQ57b5CvLT/gmQcZU4Juxo+eNWNNu6KMJ
JCEjV13+uaHwn4VqjLCu+HG18umYgm1ccDchCg060MVb1gYzSn+VtojaJu0pcyk5
IDEKoWm7fkvHAYH6ZdQU3SGwJ9a+An5B8NNTv+z/NLEYodR6nUom8y7lTJSVpUj/
r8caXX06aKFWRaHpJOyG8Pxr989Bku03N9gaFZvovhBbbPOV5fiFQsPv1wlO3Y0t
exAajpmdjnkpxSoqi/LJPvtaW+v0122rlWqZb2m5e/7VEntVhxmWnNyS3wIDAQAB
o4ICQzCCAj8wHQYDVR0OBBYEFHnxSsSixJGtXenFEETRZF6xPNN6MB8GA1UdIwQY
MBaAFBrp2ymqkwjhdRsD0NaZm7hogFiGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3VuYkthcVRDT0YxR3dQUTFwbWJ1R2lBV0lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS9lYjc4MzUtZDM2NC00ZTI4LTlhODIt
ZWQ5MjMxZmJhZWQxLzEvZWZGS3hLTEVrYTFkNmNVUVJORmtYckU4MDNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS9lYjc4MzUtZDM2NC00ZTI4LTlhODItZWQ5MjMxZmJhZWQx
LzEvR3VuYkthcVRDT0YxR3dQUTFwbWJ1R2lBV0lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFkGCCsGAQUFBwEHAQH/BEowSDAwBAIAATAqAwQBLYX4AwQB
LYt4AwQCWRM8AwQBjWICAwQCuSoIAwQCuZygAwQA1O39MBQEAgACMA4DBQAqAVhg
AwUAKg27QDANBgkqhkiG9w0BAQsFAAOCAQEAuUKbijfCDlTiUThUYkRL+hCobSHc
FDJDD34S/D7rwV8Og6ADgc2HOZQZxQlRWdL0xXqWZTSIG6fsEMR9FdNFxIoCn6o/
faDFvAr8qf0kpfWoKo/ub00KP6Co8PfNCqIN5afKLwLsIJl1I+z9k9hHDTTjBgFL
tXn8LQJdA2h425ktbIgrX9UIOa/+QQZbJZ6bqq3CfNmf7a6Ooa10TBX6zLGvGSuY
+Q9AMvVUJ0gqSAcekEYKKPWDy4MFAKPFJdUL937kTClpzrgj4pEciW7M9p5XlT9+
CxM6PepYzwx0qeEabKgpmQTaW6QTutNSk+k66GzAnoJgwk60gmZReRJsEg==
-----END CERTIFICATE-----
Generated at Sat Jun 22 08:54:21 2024 by rpki-client on console-ams.rpki-client.org