Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/EBWFT3MB-2Xoxm7s-cJ1ZJa4jZA.roa
File: EBWFT3MB-2Xoxm7s-cJ1ZJa4jZA.roa (raw, json)
Hash identifier: LC35+s8HFbeeWD/FhX9dR0h6DPT6SkgZpMLRrHHSrD0=
Subject key identifier: 10:15:85:4F:73:01:FB:65:E8:C6:6E:EC:F9:C2:75:64:96:B8:8D:90
Certificate issuer: /CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
Certificate serial: 018CC500294F943A09B430EBC0847FC39D5B
Authority key identifier: 56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/EBWFT3MB-2Xoxm7s-cJ1ZJa4jZA.roa
Signing time: Mon 01 Jan 2024 12:29:31 +0000
ROA not before: Mon 01 Jan 2024 12:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60674
IP address blocks: 91.216.40.0/24 maxlen: 24
2a11:e480::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:29:4f:94:3a:09:b4:30:eb:c0:84:7f:c3:9d:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=56afcd8fb40aae1d243c2a8ce2541a69987eed13
Validity
Not Before: Jan 1 12:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1015854f7301fb65e8c66eecf9c2756496b88d90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:86:7a:57:5a:f5:13:f4:f4:01:6e:b4:91:48:
85:c3:b0:3b:fc:55:8e:a4:f2:4a:11:6a:98:70:67:
b7:22:da:aa:8f:4c:ec:2b:9c:22:3c:45:8f:e0:19:
57:08:59:8d:50:11:d8:d4:76:a3:68:cf:1c:e4:a5:
81:99:eb:1a:1e:07:84:6a:ad:11:1b:a6:5b:22:b7:
a0:51:ce:7e:27:25:e0:a7:69:ab:c6:4d:a1:16:65:
49:02:99:da:36:b3:67:b2:82:2f:a4:0a:bf:28:b9:
df:8b:e7:9f:ad:15:b6:1a:47:25:9b:08:67:00:f2:
72:15:a8:61:3c:d6:f6:96:fc:82:fa:74:98:b1:db:
f9:1d:e5:4a:03:dc:a4:12:58:d9:aa:bb:47:8c:b0:
fc:f4:d8:8e:4a:a9:84:c0:04:4e:50:39:72:1d:b2:
c0:76:a9:f7:c2:f5:09:9b:e5:d6:f3:6b:cf:43:57:
6e:14:ef:56:37:5c:b7:c9:e2:5b:70:01:0e:26:d2:
15:17:c2:07:49:3a:cd:ef:01:5c:ae:f8:28:63:95:
17:b9:9f:0f:14:6e:b2:39:ea:90:de:16:c4:1d:15:
d0:1f:59:ac:70:99:cf:7f:df:33:7f:7a:56:50:26:
1b:61:59:7d:7b:3a:08:55:47:3d:f5:8f:fa:47:c8:
7e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:15:85:4F:73:01:FB:65:E8:C6:6E:EC:F9:C2:75:64:96:B8:8D:90
X509v3 Authority Key Identifier:
keyid:56:AF:CD:8F:B4:0A:AE:1D:24:3C:2A:8C:E2:54:1A:69:98:7E:ED:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/EBWFT3MB-2Xoxm7s-cJ1ZJa4jZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/4c2637-3bbb-4a53-a216-237be773007a/1/Vq_Nj7QKrh0kPCqM4lQaaZh-7RM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.40.0/24
IPv6:
2a11:e480::/32
Signature Algorithm: sha256WithRSAEncryption
57:87:f4:a0:a6:9b:2c:9f:62:9f:12:57:09:09:f9:54:d6:bc:
1a:b1:6e:4e:37:38:fa:c9:ce:a4:ed:32:90:3f:00:3a:9f:04:
db:7c:79:1d:01:96:a6:9d:40:8a:7d:a9:5e:84:41:8a:f2:77:
60:08:b0:b0:e7:7d:ee:77:d1:2c:57:a8:2f:83:77:98:4e:9d:
05:00:c0:b2:db:37:21:8f:02:e7:0d:97:d2:bf:42:c5:89:40:
6d:71:df:bd:27:ac:87:eb:09:d9:d6:31:73:ac:ae:8e:01:17:
1f:bd:aa:8f:08:4b:59:18:55:7e:5a:f2:dd:b9:6e:d2:90:42:
41:c3:f4:6a:2e:1a:60:76:9b:cb:4d:50:3e:ee:cb:05:3c:53:
69:67:46:42:0d:1a:e6:3c:7f:93:63:9a:23:60:61:ae:f3:21:
43:ca:be:17:3c:e3:39:29:49:ee:ba:28:88:23:e7:9b:37:19:
e2:a8:7c:bd:38:b9:7e:70:0a:42:91:3a:e8:17:99:18:41:aa:
a7:b2:61:bd:88:fa:f5:f8:bf:09:92:6e:13:75:c8:96:64:df:
67:01:09:76:a4:fd:8f:c3:99:b2:fd:4c:86:fd:e5:fc:8b:76:
35:fe:bf:99:97:4e:f6:34:25:6d:3b:02:f9:2e:f4:15:05:7a:
be:24:23:e3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAClPlDoJtDDrwIR/w51bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2YWZjZDhmYjQwYWFlMWQyNDNjMmE4Y2UyNTQxYTY5OTg3
ZWVkMTMwHhcNMjQwMTAxMTIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDE1ODU0ZjczMDFmYjY1ZThjNjZlZWNmOWMyNzU2NDk2Yjg4ZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIZ6V1r1E/T0AW60kUiFw7A7/FWO
pPJKEWqYcGe3Itqqj0zsK5wiPEWP4BlXCFmNUBHY1HajaM8c5KWBmesaHgeEaq0R
G6ZbIregUc5+JyXgp2mrxk2hFmVJApnaNrNnsoIvpAq/KLnfi+efrRW2Gkclmwhn
APJyFahhPNb2lvyC+nSYsdv5HeVKA9ykEljZqrtHjLD89NiOSqmEwAROUDlyHbLA
dqn3wvUJm+XW82vPQ1duFO9WN1y3yeJbcAEOJtIVF8IHSTrN7wFcrvgoY5UXuZ8P
FG6yOeqQ3hbEHRXQH1mscJnPf98zf3pWUCYbYVl9ezoIVUc99Y/6R8h+aQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBAVhU9zAftl6MZu7PnCdWSWuI2QMB8GA1UdIwQY
MBaAFFavzY+0Cq4dJDwqjOJUGmmYfu0TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnFfTmo3UUtyaDBrUENxTTRsUWFhWmgtN1JNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS80YzI2MzctM2JiYi00YTUzLWEyMTYt
MjM3YmU3NzMwMDdhLzEvRUJXRlQzTUItMlhveG03cy1jSjFaSmE0alpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS80YzI2MzctM2JiYi00YTUzLWEyMTYtMjM3YmU3NzMwMDdh
LzEvVnFfTmo3UUtyaDBrUENxTTRsUWFhWmgtN1JNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAW9goMA0E
AgACMAcDBQAqEeSAMA0GCSqGSIb3DQEBCwUAA4IBAQBXh/Sgppssn2KfElcJCflU
1rwasW5ONzj6yc6k7TKQPwA6nwTbfHkdAZamnUCKfalehEGK8ndgCLCw533ud9Es
V6gvg3eYTp0FAMCy2zchjwLnDZfSv0LFiUBtcd+9J6yH6wnZ1jFzrK6OARcfvaqP
CEtZGFV+WvLduW7SkEJBw/RqLhpgdpvLTVA+7ssFPFNpZ0ZCDRrmPH+TY5ojYGGu
8yFDyr4XPOM5KUnuuiiII+ebNxniqHy9OLl+cApCkTroF5kYQaqnsmG9iPr1+L8J
km4TdciWZN9nAQl2pP2Pw5my/UyG/eX8i3Y1/r+Zl072NCVtOwL5LvQVBXq+JCPj
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:50:00 2024 by rpki-client on console-fra.rpki-client.org