Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/3aba7e-1d50-472f-8db7-6912192134e9/1/epMu42nOX-pkAiuoe-K-_UAI__0.roa
File: epMu42nOX-pkAiuoe-K-_UAI__0.roa (raw, json)
Hash identifier: 09rGg/80ZI8SOZawnFq+h+rIZlEcc7ENxMeET0KSqAo=
Subject key identifier: 7A:93:2E:E3:69:CE:5F:EA:64:02:2B:A8:7B:E2:BE:FD:40:08:FF:FD
Certificate issuer: /CN=752b0d72bf0743bf2cdc78ba1f53e9a988f9af1e
Certificate serial: 018CC34949306EC140D0B1BEACEE7884C346
Authority key identifier: 75:2B:0D:72:BF:07:43:BF:2C:DC:78:BA:1F:53:E9:A9:88:F9:AF:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dSsNcr8HQ78s3Hi6H1PpqYj5rx4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/3aba7e-1d50-472f-8db7-6912192134e9/1/epMu42nOX-pkAiuoe-K-_UAI__0.roa
Signing time: Mon 01 Jan 2024 04:30:09 +0000
ROA not before: Mon 01 Jan 2024 04:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48708
IP address blocks: 185.202.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/3aba7e-1d50-472f-8db7-6912192134e9/1/dSsNcr8HQ78s3Hi6H1PpqYj5rx4.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/3aba7e-1d50-472f-8db7-6912192134e9/1/dSsNcr8HQ78s3Hi6H1PpqYj5rx4.mft
rsync://rpki.ripe.net/repository/DEFAULT/dSsNcr8HQ78s3Hi6H1PpqYj5rx4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:49:30:6e:c1:40:d0:b1:be:ac:ee:78:84:c3:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=752b0d72bf0743bf2cdc78ba1f53e9a988f9af1e
Validity
Not Before: Jan 1 04:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a932ee369ce5fea64022ba87be2befd4008fffd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f1:c7:be:60:3b:06:ff:d6:44:f9:d4:39:1d:
33:34:7c:b0:65:10:74:ee:35:a8:de:5f:a1:eb:72:
7a:48:b3:2c:f4:ae:4c:ef:33:10:6f:f3:1a:dc:96:
9c:7e:6f:87:dc:0d:81:b2:c9:16:92:19:01:c8:1f:
93:c1:2e:fd:61:86:b5:40:54:19:4e:00:16:12:30:
25:50:14:04:85:05:73:a8:d7:16:9b:c6:90:10:b7:
d8:99:51:e7:10:e6:e4:60:2d:26:5e:c0:69:33:7f:
13:81:01:68:f1:00:8d:12:c2:43:98:45:34:fa:fc:
34:37:ac:ef:78:8c:8d:36:4d:ff:4b:50:3a:14:b6:
04:8a:07:40:e9:be:ee:7d:35:20:69:6b:4c:a7:e9:
a7:7d:e4:b9:d3:7d:8e:ab:f3:c1:c3:ef:52:2e:11:
8c:03:e9:73:7e:65:65:a4:81:79:5d:8d:af:b0:38:
9c:5b:12:f9:7f:ed:66:3c:b7:10:c0:48:d3:7e:37:
cc:96:d6:cc:3d:a4:ab:d4:18:d2:b8:c1:3f:d3:b1:
f3:34:54:32:9f:f1:5a:a6:60:80:35:69:9d:72:e0:
2d:30:58:cc:24:45:a8:7f:16:da:9d:5b:d7:0d:bc:
30:cb:62:be:41:8d:3a:b6:91:13:b7:96:56:c4:cd:
87:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:93:2E:E3:69:CE:5F:EA:64:02:2B:A8:7B:E2:BE:FD:40:08:FF:FD
X509v3 Authority Key Identifier:
keyid:75:2B:0D:72:BF:07:43:BF:2C:DC:78:BA:1F:53:E9:A9:88:F9:AF:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dSsNcr8HQ78s3Hi6H1PpqYj5rx4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/3aba7e-1d50-472f-8db7-6912192134e9/1/epMu42nOX-pkAiuoe-K-_UAI__0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/3aba7e-1d50-472f-8db7-6912192134e9/1/dSsNcr8HQ78s3Hi6H1PpqYj5rx4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.202.79.0/24
Signature Algorithm: sha256WithRSAEncryption
87:a7:fe:ea:7c:2b:27:05:f6:5c:47:32:2a:d3:ea:b3:f9:a3:
30:83:2b:7f:da:3e:fd:5c:c1:91:a4:58:2b:2f:79:00:f8:ca:
44:98:f6:64:21:a2:c5:e1:b2:b7:2c:27:5b:19:4d:64:d4:8c:
b8:5e:ed:cb:c3:4f:ac:2b:47:28:70:b0:ed:c7:0d:30:ec:19:
45:e5:b6:d9:60:a6:fd:c0:a2:c7:eb:ae:74:5e:f4:c3:97:1a:
8a:d4:37:0a:fc:33:86:12:04:fa:7f:ed:38:e3:65:81:0e:9d:
02:e3:4e:43:da:e3:e2:92:e0:fb:cd:91:e9:56:96:bf:1f:97:
dd:f3:0c:e6:48:85:f3:54:e0:7a:88:b1:4b:9c:69:80:3e:6a:
47:3a:0a:c8:f1:dc:36:c8:65:da:33:42:c1:e4:24:f6:ef:b2:
9f:50:c0:82:57:ee:27:ae:b3:47:ba:5a:6f:26:fd:74:06:61:
f1:52:7f:50:f3:4f:11:7e:37:08:61:ea:88:ae:c4:f6:31:8c:
be:72:11:c2:11:a9:3c:9b:c1:96:37:8e:25:4b:a1:35:fd:6e:
55:32:cb:01:65:de:57:75:3a:08:96:ee:0e:c6:c1:74:37:37:
f7:41:77:ee:fa:68:78:00:e8:15:2e:ea:42:b6:f1:d2:bb:93:
81:92:24:d8
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSUkwbsFA0LG+rO54hMNGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MmIwZDcyYmYwNzQzYmYyY2RjNzhiYTFmNTNlOWE5ODhm
OWFmMWUwHhcNMjQwMTAxMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTkzMmVlMzY5Y2U1ZmVhNjQwMjJiYTg3YmUyYmVmZDQwMDhmZmZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvHHvmA7Bv/WRPnUOR0zNHywZRB0
7jWo3l+h63J6SLMs9K5M7zMQb/Ma3Jacfm+H3A2BsskWkhkByB+TwS79YYa1QFQZ
TgAWEjAlUBQEhQVzqNcWm8aQELfYmVHnEObkYC0mXsBpM38TgQFo8QCNEsJDmEU0
+vw0N6zveIyNNk3/S1A6FLYEigdA6b7ufTUgaWtMp+mnfeS5032Oq/PBw+9SLhGM
A+lzfmVlpIF5XY2vsDicWxL5f+1mPLcQwEjTfjfMltbMPaSr1BjSuME/07HzNFQy
n/FapmCANWmdcuAtMFjMJEWofxbanVvXDbwwy2K+QY06tpETt5ZWxM2HEQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHqTLuNpzl/qZAIrqHvivv1ACP/9MB8GA1UdIwQY
MBaAFHUrDXK/B0O/LNx4uh9T6amI+a8eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFNzTmNyOEhRNzhzM0hpNkgxUHBxWWo1cng0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8zYWJhN2UtMWQ1MC00NzJmLThkYjct
NjkxMjE5MjEzNGU5LzEvZXBNdTQybk9YLXBrQWl1b2UtSy1fVUFJX18wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8zYWJhN2UtMWQ1MC00NzJmLThkYjctNjkxMjE5MjEzNGU5
LzEvZFNzTmNyOEhRNzhzM0hpNkgxUHBxWWo1cng0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucpPMA0G
CSqGSIb3DQEBCwUAA4IBAQCHp/7qfCsnBfZcRzIq0+qz+aMwgyt/2j79XMGRpFgr
L3kA+MpEmPZkIaLF4bK3LCdbGU1k1Iy4Xu3Lw0+sK0cocLDtxw0w7BlF5bbZYKb9
wKLH6650XvTDlxqK1DcK/DOGEgT6f+0442WBDp0C405D2uPikuD7zZHpVpa/H5fd
8wzmSIXzVOB6iLFLnGmAPmpHOgrI8dw2yGXaM0LB5CT277KfUMCCV+4nrrNHulpv
Jv10BmHxUn9Q808RfjcIYeqIrsT2MYy+chHCEak8m8GWN44lS6E1/W5VMssBZd5X
dToIlu4OxsF0Nzf3QXfu+mh4AOgVLupCtvHSu5OBkiTY
-----END CERTIFICATE-----
Generated at Thu Jun 20 10:59:20 2024 by rpki-client on console-ams.rpki-client.org