Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EABwkT9Tu6eFO0_SMW1-Lyb-hTg.roa
File: EABwkT9Tu6eFO0_SMW1-Lyb-hTg.roa (raw, json)
Hash identifier: 96eslEffwqgywEtYYfCR8L1HMvT1QQKCC734HsnWQPQ=
Subject key identifier: 10:00:70:91:3F:53:BB:A7:85:3B:4F:D2:31:6D:7E:2F:26:FE:85:38
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCE12B45DAE2267DEC718E7B589AAA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EABwkT9Tu6eFO0_SMW1-Lyb-hTg.roa
Signing time: Tue 02 Jan 2024 06:29:27 +0000
ROA not before: Tue 02 Jan 2024 06:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43548
IP address blocks: 94.156.4.0/23 maxlen: 23
93.123.65.0/24 maxlen: 24
85.217.164.0/22 maxlen: 22
87.120.99.0/24 maxlen: 24
85.217.176.0/21 maxlen: 21
91.92.168.0/22 maxlen: 22
87.120.246.0/24 maxlen: 24
94.156.80.0/21 maxlen: 21
87.121.108.0/23 maxlen: 23
94.156.97.0/24 maxlen: 24
2a00:1728:2d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:e1:2b:45:da:e2:26:7d:ec:71:8e:7b:58:9a:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=100070913f53bba7853b4fd2316d7e2f26fe8538
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:4b:fc:5b:c4:19:d7:a9:fc:59:68:bc:1a:dc:
24:ee:0b:6e:e2:01:05:f0:a4:c3:a4:9b:53:85:18:
fd:6c:c6:b2:83:7f:27:3a:d5:a6:01:92:a3:45:5c:
57:36:a2:ec:dd:99:0a:5e:e5:24:b0:6f:d5:ed:82:
2b:91:1e:bb:e5:7d:d6:28:18:4b:c7:a4:e7:31:51:
52:c8:94:fd:b4:75:17:8b:20:3a:5e:d3:d1:19:86:
1f:9e:ef:73:ec:56:38:8a:b3:c6:09:2f:0f:19:41:
d1:cd:4f:c4:01:13:f2:d0:0e:8a:9b:4c:69:df:e5:
b4:7d:5f:6a:80:7c:fc:dd:aa:a7:89:d6:b1:4f:05:
95:29:d5:99:f7:19:29:42:f4:7c:54:94:5c:c9:d7:
60:ca:44:e2:67:a9:9f:b9:47:98:f2:9c:26:f7:27:
0e:77:39:3b:2a:18:7c:53:c3:38:d7:52:b5:7e:9e:
18:9a:11:96:12:b5:9c:0b:36:8a:68:a2:4e:2d:b2:
fe:cb:10:be:9b:6a:2e:45:ca:b2:d3:b6:5b:af:9f:
ff:b5:f1:33:cc:e7:3d:f4:ec:ca:43:bd:fa:9d:80:
82:f6:98:f2:9e:28:0e:21:e6:e2:a7:43:8c:18:66:
4b:09:01:a1:68:27:8b:12:06:39:c9:e5:88:57:03:
07:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:00:70:91:3F:53:BB:A7:85:3B:4F:D2:31:6D:7E:2F:26:FE:85:38
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/EABwkT9Tu6eFO0_SMW1-Lyb-hTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.217.164.0/22
85.217.176.0/21
87.120.99.0/24
87.120.246.0/24
87.121.108.0/23
91.92.168.0/22
93.123.65.0/24
94.156.4.0/23
94.156.80.0/21
94.156.97.0/24
IPv6:
2a00:1728:2d::/48
Signature Algorithm: sha256WithRSAEncryption
b4:d9:b3:16:36:03:82:6d:29:60:8c:e1:5d:65:97:64:a0:71:
27:a2:29:a8:27:30:47:2f:94:42:cd:ba:a4:44:da:84:01:af:
e0:f6:49:94:fe:94:77:0f:0e:d0:93:9f:1c:cf:cf:40:eb:90:
5d:e6:5a:32:8d:c2:88:8c:64:17:25:a1:59:bb:89:84:db:3a:
bc:5a:48:46:0d:70:db:81:b7:dc:9b:20:37:af:01:8f:ec:11:
9d:54:a7:9b:3c:43:fc:62:b7:a6:ce:cf:f2:50:8e:23:27:17:
af:57:d3:f5:d4:4a:cd:a2:d2:aa:86:b6:19:32:88:95:3f:8f:
bf:22:d6:d4:7e:9e:0b:76:85:32:e6:ba:02:1f:43:fc:c4:c8:
45:ef:cf:5c:75:27:47:df:82:79:56:00:92:1d:07:3a:cd:14:
da:8d:77:23:12:85:50:f5:27:9e:3f:c7:e8:5b:e3:4a:e6:0b:
fb:ca:78:dd:29:d9:ae:b2:4c:b6:09:ff:13:c6:47:40:4c:87:
1a:e6:96:06:f3:c8:f4:75:c5:ed:47:bb:c8:75:fd:1d:fe:df:
f7:d9:e5:c0:71:df:a4:89:2b:a8:2a:71:7c:04:2f:b6:45:47:
2f:d5:73:03:94:75:aa:de:60:7d:85:09:dc:14:27:fd:ba:3e:
75:9f:86:cf
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYzI3OErRdriJn3scY57WJqqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDAwNzA5MTNmNTNiYmE3ODUzYjRmZDIzMTZkN2UyZjI2ZmU4NTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUv8W8QZ16n8WWi8Gtwk7gtu4gEF
8KTDpJtThRj9bMayg38nOtWmAZKjRVxXNqLs3ZkKXuUksG/V7YIrkR675X3WKBhL
x6TnMVFSyJT9tHUXiyA6XtPRGYYfnu9z7FY4irPGCS8PGUHRzU/EARPy0A6Km0xp
3+W0fV9qgHz83aqnidaxTwWVKdWZ9xkpQvR8VJRcyddgykTiZ6mfuUeY8pwm9ycO
dzk7Khh8U8M411K1fp4YmhGWErWcCzaKaKJOLbL+yxC+m2ouRcqy07Zbr5//tfEz
zOc99OzKQ736nYCC9pjynigOIebip0OMGGZLCQGhaCeLEgY5yeWIVwMHtQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFBAAcJE/U7unhTtP0jFtfi8m/oU4MB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRUFCd2tUOVR1NmVGTzBfU01XMS1MeWItaFRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBCBAIAATA8AwQCVdmkAwQD
VdmwAwQAV3hjAwQAV3j2AwQBV3lsAwQCW1yoAwQAXXtBAwQBXpwEAwQDXpxQAwQA
XpxhMA8EAgACMAkDBwAqABcoAC0wDQYJKoZIhvcNAQELBQADggEBALTZsxY2A4Jt
KWCM4V1ll2SgcSeiKagnMEcvlELNuqRE2oQBr+D2SZT+lHcPDtCTnxzPz0DrkF3m
WjKNwoiMZBcloVm7iYTbOrxaSEYNcNuBt9ybIDevAY/sEZ1Up5s8Q/xit6bOz/JQ
jiMnF69X0/XUSs2i0qqGthkyiJU/j78i1tR+ngt2hTLmugIfQ/zEyEXvz1x1J0ff
gnlWAJIdBzrNFNqNdyMShVD1J54/x+hb40rmC/vKeN0p2a6yTLYJ/xPGR0BMhxrm
lgbzyPR1xe1Hu8h1/R3+3/fZ5cBx36SJK6gqcXwEL7ZFRy/VcwOUdareYH2FCdwU
J/26PnWfhs8=
-----END CERTIFICATE-----
Generated at Sun Apr 28 10:04:19 2024 by rpki-client on console-ams.rpki-client.org