Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/emkW8o-6o7AWW5TmPRfVUynvM6M.roa
File: emkW8o-6o7AWW5TmPRfVUynvM6M.roa (raw, json)
Hash identifier: AhPdhXuwtX3QPB9/5IMoyBSBRQ6Dmxc58T+ULoc6G4Q=
Subject key identifier: 7A:69:16:F2:8F:BA:A3:B0:16:5B:94:E6:3D:17:D5:53:29:EF:33:A3
Certificate issuer: /CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Certificate serial: 0190DD05BC7894AA6530D71CDA096B440C9A
Authority key identifier: 85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/emkW8o-6o7AWW5TmPRfVUynvM6M.roa
Signing time: Tue 23 Jul 2024 00:37:38 +0000
ROA not before: Tue 23 Jul 2024 00:37:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9009
IP address blocks: 2.57.248.0/23 maxlen: 23
2.57.250.0/24 maxlen: 24
2.57.251.0/24 maxlen: 24
5.183.240.0/23 maxlen: 23
5.183.242.0/23 maxlen: 23
45.14.80.0/24 maxlen: 24
45.86.24.0/22 maxlen: 22
92.119.24.0/23 maxlen: 23
92.119.26.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.mft
rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:dd:05:bc:78:94:aa:65:30:d7:1c:da:09:6b:44:0c:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8533ef46116fd9d21bfb533e44bde517890c24dc
Validity
Not Before: Jul 23 00:37:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a6916f28fbaa3b0165b94e63d17d55329ef33a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:30:30:32:bc:b0:d9:9e:35:bd:ec:2d:42:54:
06:09:e7:b2:eb:6e:a3:bd:ff:06:28:bc:9b:34:41:
d4:bc:76:3c:c8:7c:49:16:e1:5c:a3:d6:f1:98:38:
88:42:ba:6f:f4:2b:e4:90:79:ad:a0:e2:3c:70:05:
5f:3d:d2:0b:cf:8f:48:ae:32:c0:b9:d6:ac:a8:e1:
db:92:0f:7b:29:c7:ac:73:36:6f:82:c2:48:49:50:
a8:a9:f3:5f:87:54:44:cb:47:a0:6c:88:1e:ca:b3:
b1:dd:70:aa:5a:44:41:b0:d7:05:ce:ab:0d:78:aa:
58:b7:37:5b:37:91:6c:88:5b:c0:7f:54:61:41:d9:
b2:a2:41:db:80:7f:f9:ae:c9:be:88:a8:99:b1:b7:
82:eb:05:d8:eb:9f:78:f3:d2:f5:24:4d:a3:be:75:
8d:87:fb:11:d9:97:67:ba:66:a1:b4:e6:60:d7:7a:
1a:0c:ae:67:b1:45:db:de:b3:43:f5:29:68:63:1b:
53:d1:d8:8d:60:d6:ab:dc:52:21:05:09:8e:56:9c:
1e:5b:ea:47:62:43:f3:27:43:65:ba:4b:ee:75:4e:
ef:5c:c6:33:37:c7:01:d0:28:6f:93:2d:70:4b:d7:
7c:f6:c1:39:60:ec:1c:9f:79:c2:5a:af:d9:22:37:
3b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:69:16:F2:8F:BA:A3:B0:16:5B:94:E6:3D:17:D5:53:29:EF:33:A3
X509v3 Authority Key Identifier:
keyid:85:33:EF:46:11:6F:D9:D2:1B:FB:53:3E:44:BD:E5:17:89:0C:24:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hTPvRhFv2dIb-1M-RL3lF4kMJNw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/emkW8o-6o7AWW5TmPRfVUynvM6M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/e0472a-3adf-43cd-bf30-73923daef114/1/hTPvRhFv2dIb-1M-RL3lF4kMJNw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.248.0/22
5.183.240.0/22
45.14.80.0/24
45.86.24.0/22
92.119.24.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:93:f2:df:ac:de:11:37:7c:4f:0c:e1:f8:ab:b0:fc:b1:30:
dc:26:55:05:c6:5c:72:ea:ce:03:62:c7:42:b5:9e:ea:3a:73:
6a:21:d6:c3:89:2d:c4:ab:81:46:a5:25:db:c7:99:75:78:2a:
13:71:4c:1f:32:26:8b:d2:4c:ff:3d:25:b3:98:84:3d:87:3d:
a2:2c:af:51:68:0c:f5:ec:76:3b:8a:9a:d9:ec:12:ab:f0:7f:
11:da:35:a0:98:a7:47:d4:23:0e:b0:e3:43:c1:ba:46:19:76:
f8:88:7c:f0:33:d9:e4:84:df:35:f0:ce:0a:6b:e7:b1:ff:85:
9c:cb:51:d7:23:ac:f3:a3:a0:02:a7:e8:64:31:6e:f3:70:f8:
b5:28:96:7d:9c:ab:3e:99:51:2e:eb:05:68:c8:3b:85:8d:f3:
6f:e4:31:38:f6:c8:84:37:70:3e:17:f8:2f:92:57:bf:74:8d:
d1:49:dc:f2:c2:7a:15:ce:b2:76:09:4f:2c:43:d5:00:10:92:
fd:4b:1d:c1:1e:4e:ef:7f:b2:b0:31:f8:cf:ec:10:2c:dd:0c:
6e:77:34:ce:d9:4f:b5:2b:ff:b4:3e:a1:3d:3e:47:e7:e8:3b:
0d:05:28:5b:1d:bf:0e:95:59:54:15:3d:cb:92:f6:a6:eb:72:
c2:48:b8:12
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZDdBbx4lKplMNcc2glrRAyaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1MzNlZjQ2MTE2ZmQ5ZDIxYmZiNTMzZTQ0YmRlNTE3ODkw
YzI0ZGMwHhcNMjQwNzIzMDAzNzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTY5MTZmMjhmYmFhM2IwMTY1Yjk0ZTYzZDE3ZDU1MzI5ZWYzM2EzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5TAwMryw2Z41vewtQlQGCeey626j
vf8GKLybNEHUvHY8yHxJFuFco9bxmDiIQrpv9CvkkHmtoOI8cAVfPdILz49IrjLA
udasqOHbkg97KcesczZvgsJISVCoqfNfh1REy0egbIgeyrOx3XCqWkRBsNcFzqsN
eKpYtzdbN5FsiFvAf1RhQdmyokHbgH/5rsm+iKiZsbeC6wXY659489L1JE2jvnWN
h/sR2ZdnumahtOZg13oaDK5nsUXb3rND9SloYxtT0diNYNar3FIhBQmOVpweW+pH
YkPzJ0NlukvudU7vXMYzN8cB0Chvky1wS9d89sE5YOwcn3nCWq/ZIjc71QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFHppFvKPuqOwFluU5j0X1VMp7zOjMB8GA1UdIwQY
MBaAFIUz70YRb9nSG/tTPkS95ReJDCTcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAt
NzM5MjNkYWVmMTE0LzEvZW1rVzhvLTZvN0FXVzVUbVBSZlZVeW52TTZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9lMDQ3MmEtM2FkZi00M2NkLWJmMzAtNzM5MjNkYWVmMTE0
LzEvaFRQdlJoRnYyZEliLTFNLVJMM2xGNGtNSk53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCAjn4AwQC
BbfwAwQALQ5QAwQCLVYYAwQCXHcYMA0GCSqGSIb3DQEBCwUAA4IBAQCyk/LfrN4R
N3xPDOH4q7D8sTDcJlUFxlxy6s4DYsdCtZ7qOnNqIdbDiS3Eq4FGpSXbx5l1eCoT
cUwfMiaL0kz/PSWzmIQ9hz2iLK9RaAz17HY7iprZ7BKr8H8R2jWgmKdH1CMOsOND
wbpGGXb4iHzwM9nkhN818M4Ka+ex/4Wcy1HXI6zzo6ACp+hkMW7zcPi1KJZ9nKs+
mVEu6wVoyDuFjfNv5DE49siEN3A+F/gvkle/dI3RSdzywnoVzrJ2CU8sQ9UAEJL9
Sx3BHk7vf7KwMfjP7BAs3QxudzTO2U+1K/+0PqE9Pkfn6DsNBShbHb8OlVlUFT3L
kvam63LCSLgS
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:25:55 2024 by rpki-client on console-fra.rpki-client.org