Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/EM5A6yRkcYXeeng_jifEbMJbF3A.roa
File: EM5A6yRkcYXeeng_jifEbMJbF3A.roa (raw, json)
Hash identifier: F9Y4tZvqUsb0yv+QQuh+2yUBu31+r9QubcdB2icihqo=
Subject key identifier: 10:CE:40:EB:24:64:71:85:DE:7A:78:3F:8E:27:C4:6C:C2:5B:17:70
Certificate issuer: /CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Certificate serial: 018EAE3CA7D7E5311A57DD21E21D90411363
Authority key identifier: 4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/EM5A6yRkcYXeeng_jifEbMJbF3A.roa
Signing time: Fri 05 Apr 2024 12:29:54 +0000
ROA not before: Fri 05 Apr 2024 12:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215787
IP address blocks: 194.156.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ae:3c:a7:d7:e5:31:1a:57:dd:21:e2:1d:90:41:13:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f8aea2f025f495beacee7ce5a8820519dda1370
Validity
Not Before: Apr 5 12:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10ce40eb24647185de7a783f8e27c46cc25b1770
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:aa:73:b1:95:23:28:92:a0:dc:78:44:fc:01:
eb:db:5e:79:9f:d7:87:43:59:d2:31:cf:6d:6c:1d:
89:b3:16:da:a9:20:f4:df:16:a1:39:8d:2d:e5:4a:
0e:98:65:8f:28:c6:bf:05:49:62:06:50:ed:3f:13:
08:44:14:f3:62:bb:5f:f4:f4:04:51:28:c9:9b:aa:
a1:e8:92:3c:98:63:03:bc:f1:7d:e9:86:88:79:7f:
50:08:ae:bc:72:f4:c7:2b:c0:42:10:04:5c:50:5d:
1a:27:82:9c:12:2f:1f:76:dd:d8:75:5b:da:91:1b:
f1:96:84:54:60:7a:d0:0a:0c:81:83:84:54:80:48:
9b:74:72:0b:75:59:8e:1c:34:d3:3e:b2:30:19:10:
7f:04:78:da:83:6d:4d:ec:a3:98:a2:c3:64:11:16:
c1:f9:85:78:fa:8a:4f:3e:73:60:8c:2a:31:f1:ba:
62:b1:98:44:6a:9b:77:fa:cd:6a:fe:21:91:b9:f1:
1d:cc:b9:f4:f3:24:37:90:aa:a5:84:29:fe:5d:bd:
98:f9:3a:16:0a:bf:aa:94:59:f3:17:cc:e2:34:c8:
c1:59:36:76:63:21:b1:b1:8b:7d:85:d0:b5:de:41:
e4:82:ed:97:fe:63:d3:ef:eb:71:04:46:a4:ca:e3:
aa:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:CE:40:EB:24:64:71:85:DE:7A:78:3F:8E:27:C4:6C:C2:5B:17:70
X509v3 Authority Key Identifier:
keyid:4F:8A:EA:2F:02:5F:49:5B:EA:CE:E7:CE:5A:88:20:51:9D:DA:13:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T4rqLwJfSVvqzufOWoggUZ3aE3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/EM5A6yRkcYXeeng_jifEbMJbF3A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/eb70a3-17e1-4d86-8b9e-6080952f0e04/1/T4rqLwJfSVvqzufOWoggUZ3aE3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.156.79.0/24
Signature Algorithm: sha256WithRSAEncryption
60:02:94:a7:18:fa:1c:71:fc:5a:6f:fd:88:cc:8b:04:c3:a5:
82:c4:23:51:00:9d:14:bf:2a:85:8a:42:30:67:54:8c:5e:a1:
6c:94:47:15:10:ef:48:15:fb:0b:b6:4c:61:08:f6:71:05:2c:
9e:11:07:e3:c1:73:5e:73:d2:fa:c2:d3:ec:b9:c6:fc:7b:09:
db:37:be:72:53:51:84:2a:a6:26:26:1d:e1:19:74:bd:3a:a8:
00:46:2c:8b:7f:e0:b4:e1:6c:a0:c8:69:18:d4:fa:9d:b8:89:
76:b1:e4:d9:38:62:61:0a:91:6d:38:ba:38:34:6d:bb:0e:a5:
e6:06:3c:08:75:6e:86:dc:66:22:a6:3e:2f:30:d6:35:d3:b8:
b4:cc:e4:3c:77:a4:8f:b1:69:0e:b3:5d:21:e2:cc:44:3c:d0:
84:58:be:1a:f5:bd:49:ae:87:46:8c:9f:80:95:a7:3b:3a:76:
c7:b0:e6:9f:b0:37:25:ed:60:67:95:dc:a6:3e:69:6c:a9:01:
ec:38:6b:ad:c5:46:0c:3f:16:41:61:96:5b:fd:65:31:f4:5d:
0e:6f:a2:b8:86:c9:42:56:6c:af:e7:9e:c9:63:23:35:ed:ee:
31:cc:17:9f:23:2f:fa:bf:f6:b2:f0:55:d8:0f:f0:07:21:20:
93:87:87:80
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6uPKfX5TEaV90h4h2QQRNjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOGFlYTJmMDI1ZjQ5NWJlYWNlZTdjZTVhODgyMDUxOWRk
YTEzNzAwHhcNMjQwNDA1MTIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGNlNDBlYjI0NjQ3MTg1ZGU3YTc4M2Y4ZTI3YzQ2Y2MyNWIxNzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6pzsZUjKJKg3HhE/AHr2155n9eH
Q1nSMc9tbB2JsxbaqSD03xahOY0t5UoOmGWPKMa/BUliBlDtPxMIRBTzYrtf9PQE
USjJm6qh6JI8mGMDvPF96YaIeX9QCK68cvTHK8BCEARcUF0aJ4KcEi8fdt3YdVva
kRvxloRUYHrQCgyBg4RUgEibdHILdVmOHDTTPrIwGRB/BHjag21N7KOYosNkERbB
+YV4+opPPnNgjCox8bpisZhEapt3+s1q/iGRufEdzLn08yQ3kKqlhCn+Xb2Y+ToW
Cr+qlFnzF8ziNMjBWTZ2YyGxsYt9hdC13kHkgu2X/mPT7+txBEakyuOqbwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBDOQOskZHGF3np4P44nxGzCWxdwMB8GA1UdIwQY
MBaAFE+K6i8CX0lb6s7nzlqIIFGd2hNwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUt
NjA4MDk1MmYwZTA0LzEvRU01QTZ5UmtjWVhlZW5nX2ppZkViTUpiRjNBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9lYjcwYTMtMTdlMS00ZDg2LThiOWUtNjA4MDk1MmYwZTA0
LzEvVDRycUx3SmZTVnZxenVmT1dvZ2dVWjNhRTNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwpxPMA0G
CSqGSIb3DQEBCwUAA4IBAQBgApSnGPoccfxab/2IzIsEw6WCxCNRAJ0UvyqFikIw
Z1SMXqFslEcVEO9IFfsLtkxhCPZxBSyeEQfjwXNec9L6wtPsucb8ewnbN75yU1GE
KqYmJh3hGXS9OqgARiyLf+C04WygyGkY1PqduIl2seTZOGJhCpFtOLo4NG27DqXm
BjwIdW6G3GYipj4vMNY107i0zOQ8d6SPsWkOs10h4sxEPNCEWL4a9b1JrodGjJ+A
lac7OnbHsOafsDcl7WBnldymPmlsqQHsOGutxUYMPxZBYZZb/WUx9F0Ob6K4hslC
Vmyv557JYyM17e4xzBefIy/6v/ay8FXYD/AHISCTh4eA
-----END CERTIFICATE-----
Generated at Mon Apr 29 14:12:04 2024 by rpki-client on console-ams.rpki-client.org