Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0a/41e287-50b4-46ef-82cc-ca3b7278dde2/1/eghDJvGTaI0OSTACCqQ_8W0lgVE.roa
File: eghDJvGTaI0OSTACCqQ_8W0lgVE.roa (raw, json)
Hash identifier: CJxRJv2uIKvGtZUOqazly6VS7g79QuH7fIjbUWPjWXo=
Subject key identifier: 7A:08:43:26:F1:93:68:8D:0E:49:30:02:0A:A4:3F:F1:6D:25:81:51
Certificate issuer: /CN=b69cb709934b99f689dd1e99d72c1b000fd872c5
Certificate serial: 018CC7270296119828D09B4748E60306EDFE
Authority key identifier: B6:9C:B7:09:93:4B:99:F6:89:DD:1E:99:D7:2C:1B:00:0F:D8:72:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tpy3CZNLmfaJ3R6Z1ywbAA_YcsU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0a/41e287-50b4-46ef-82cc-ca3b7278dde2/1/eghDJvGTaI0OSTACCqQ_8W0lgVE.roa
Signing time: Mon 01 Jan 2024 22:31:11 +0000
ROA not before: Mon 01 Jan 2024 22:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38926
IP address blocks: 195.114.114.0/23 maxlen: 24
193.169.64.0/23 maxlen: 24
5.44.160.0/21 maxlen: 24
185.105.68.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0a/41e287-50b4-46ef-82cc-ca3b7278dde2/1/tpy3CZNLmfaJ3R6Z1ywbAA_YcsU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0a/41e287-50b4-46ef-82cc-ca3b7278dde2/1/tpy3CZNLmfaJ3R6Z1ywbAA_YcsU.mft
rsync://rpki.ripe.net/repository/DEFAULT/tpy3CZNLmfaJ3R6Z1ywbAA_YcsU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:02:96:11:98:28:d0:9b:47:48:e6:03:06:ed:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b69cb709934b99f689dd1e99d72c1b000fd872c5
Validity
Not Before: Jan 1 22:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a084326f193688d0e4930020aa43ff16d258151
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:90:ad:52:aa:3a:95:ce:55:d1:80:23:48:27:
ba:48:de:9b:b6:5f:27:7e:b1:01:fc:e7:fa:3b:51:
f4:d6:2a:d3:ee:b0:50:12:dc:5b:a6:80:74:6c:59:
5b:33:5a:57:8c:56:de:c8:27:2d:e8:88:a9:a4:0d:
28:4a:3d:f5:5c:9b:43:1b:a5:ca:e3:a1:42:32:0e:
1b:0f:b2:91:9b:ef:c6:a0:5e:ac:99:2d:00:3f:de:
cb:a2:15:7e:2e:66:fc:f3:22:c0:33:37:f3:af:a3:
dc:b3:e0:ba:8e:dc:71:44:a3:e7:d7:10:94:12:16:
8f:44:b3:89:e3:52:24:43:09:80:50:f9:13:25:17:
54:be:75:20:3d:d7:fa:ef:1f:34:30:75:82:5e:fe:
e8:b9:8e:3e:20:64:ed:b4:4d:e8:43:00:d8:52:7c:
4d:65:a5:51:42:f0:a9:ad:25:de:1e:f7:d4:9c:f4:
92:0e:fc:ed:65:b4:90:3f:90:c0:86:a8:21:86:bb:
42:a6:f4:7b:4c:92:21:f4:39:99:dc:d6:e8:08:ee:
ef:78:41:1e:56:78:17:56:1d:7e:2e:02:46:4d:11:
8c:5e:14:b8:77:2e:d5:23:57:27:e7:b6:b8:86:2a:
c2:2c:aa:97:e6:b5:43:fc:ad:9e:11:8d:d0:03:6a:
c8:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:08:43:26:F1:93:68:8D:0E:49:30:02:0A:A4:3F:F1:6D:25:81:51
X509v3 Authority Key Identifier:
keyid:B6:9C:B7:09:93:4B:99:F6:89:DD:1E:99:D7:2C:1B:00:0F:D8:72:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tpy3CZNLmfaJ3R6Z1ywbAA_YcsU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/41e287-50b4-46ef-82cc-ca3b7278dde2/1/eghDJvGTaI0OSTACCqQ_8W0lgVE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0a/41e287-50b4-46ef-82cc-ca3b7278dde2/1/tpy3CZNLmfaJ3R6Z1ywbAA_YcsU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.160.0/21
185.105.68.0/22
193.169.64.0/23
195.114.114.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:f9:6a:e9:75:fb:19:05:28:f3:8c:07:69:d3:90:71:86:b3:
ae:89:f3:3f:b7:cb:ec:16:74:88:a2:a3:11:17:dd:61:9b:a0:
59:16:de:4c:22:83:46:e2:85:80:05:04:54:80:c2:4c:65:55:
81:be:56:6a:f3:85:07:68:a1:cb:15:0e:ad:d3:fd:08:63:cf:
59:55:e9:c8:60:25:99:f5:49:fe:5c:3d:59:65:1d:e6:1c:31:
ba:fb:c4:e4:01:dc:4d:28:0e:f6:14:e7:cc:dd:37:87:67:4b:
f0:0b:67:bd:8f:21:b3:90:4f:20:87:34:3d:e2:7d:86:65:20:
0f:c1:10:e5:08:c5:cd:87:87:2f:3b:0e:85:6d:5a:92:52:c2:
67:e1:b3:1a:98:0c:e5:25:d4:ab:22:cb:05:34:67:28:c6:99:
ef:41:a4:dc:b1:01:88:12:a2:63:2d:a8:c9:95:dc:1c:e2:b4:
90:08:68:a6:bb:9e:b5:c7:32:df:0b:8f:9f:0b:53:1c:3f:e1:
10:14:23:52:de:07:e1:ff:f6:4c:c4:cc:b3:f2:a7:d6:59:40:
38:56:57:21:a2:2e:74:6a:40:f5:4e:f0:b9:eb:92:07:28:40:
56:1d:33:db:a8:49:56:30:bf:d2:8e:16:dc:ad:0f:af:4c:f0:
2d:04:db:43
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzHJwKWEZgo0JtHSOYDBu3+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2OWNiNzA5OTM0Yjk5ZjY4OWRkMWU5OWQ3MmMxYjAwMGZk
ODcyYzUwHhcNMjQwMTAxMjIzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTA4NDMyNmYxOTM2ODhkMGU0OTMwMDIwYWE0M2ZmMTZkMjU4MTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh5CtUqo6lc5V0YAjSCe6SN6btl8n
frEB/Of6O1H01irT7rBQEtxbpoB0bFlbM1pXjFbeyCct6IippA0oSj31XJtDG6XK
46FCMg4bD7KRm+/GoF6smS0AP97LohV+Lmb88yLAMzfzr6Pcs+C6jtxxRKPn1xCU
EhaPRLOJ41IkQwmAUPkTJRdUvnUgPdf67x80MHWCXv7ouY4+IGTttE3oQwDYUnxN
ZaVRQvCprSXeHvfUnPSSDvztZbSQP5DAhqghhrtCpvR7TJIh9DmZ3NboCO7veEEe
VngXVh1+LgJGTRGMXhS4dy7VI1cn57a4hirCLKqX5rVD/K2eEY3QA2rIywIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHoIQybxk2iNDkkwAgqkP/FtJYFRMB8GA1UdIwQY
MBaAFLactwmTS5n2id0emdcsGwAP2HLFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHB5M0NaTkxtZmFKM1I2WjF5d2JBQV9ZY3NVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYS80MWUyODctNTBiNC00NmVmLTgyY2Mt
Y2EzYjcyNzhkZGUyLzEvZWdoREp2R1RhSTBPU1RBQ0NxUV84VzBsZ1ZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYS80MWUyODctNTBiNC00NmVmLTgyY2MtY2EzYjcyNzhkZGUy
LzEvdHB5M0NaTkxtZmFKM1I2WjF5d2JBQV9ZY3NVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDBSygAwQC
uWlEAwQBwalAAwQBw3JyMA0GCSqGSIb3DQEBCwUAA4IBAQCk+WrpdfsZBSjzjAdp
05BxhrOuifM/t8vsFnSIoqMRF91hm6BZFt5MIoNG4oWABQRUgMJMZVWBvlZq84UH
aKHLFQ6t0/0IY89ZVenIYCWZ9Un+XD1ZZR3mHDG6+8TkAdxNKA72FOfM3TeHZ0vw
C2e9jyGzkE8ghzQ94n2GZSAPwRDlCMXNh4cvOw6FbVqSUsJn4bMamAzlJdSrIssF
NGcoxpnvQaTcsQGIEqJjLajJldwc4rSQCGimu561xzLfC4+fC1McP+EQFCNS3gfh
//ZMxMyz8qfWWUA4Vlchoi50akD1TvC565IHKEBWHTPbqElWML/SjhbcrQ+vTPAt
BNtD
-----END CERTIFICATE-----
Generated at Tue Nov 26 06:35:35 2024 by rpki-client on console-fra.rpki-client.org