Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/eaSQ6r2xgrexA0fiKG7K_UjwdyM.roa
File: eaSQ6r2xgrexA0fiKG7K_UjwdyM.roa (raw, json)
Hash identifier: lfybgzLTCa2f1eeBBprCDPwqqJV0sBaBoAd1f9FDWJU=
Subject key identifier: 79:A4:90:EA:BD:B1:82:B7:B1:03:47:E2:28:6E:CA:FD:48:F0:77:23
Certificate issuer: /CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Certificate serial: 018CC2DB4AF7A21C35A51DD92D2E5126548C
Authority key identifier: 5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/eaSQ6r2xgrexA0fiKG7K_UjwdyM.roa
Signing time: Mon 01 Jan 2024 02:30:00 +0000
ROA not before: Mon 01 Jan 2024 02:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50611
IP address blocks: 185.95.96.0/23 maxlen: 24
185.95.98.0/23 maxlen: 24
2a00:1c3e:96::/47 maxlen: 48
2a00:1c3e:98::/47 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 16:02:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:4a:f7:a2:1c:35:a5:1d:d9:2d:2e:51:26:54:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee004befa553ddb35564fb7762b05eb222ecf93
Validity
Not Before: Jan 1 02:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79a490eabdb182b7b10347e2286ecafd48f07723
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0d:3c:00:38:c3:b8:8d:bc:09:ec:f8:c4:34:
0c:59:ae:f4:55:4b:24:8a:18:76:e2:ef:9b:02:91:
a1:d7:ee:57:54:78:d7:a9:15:b1:4d:20:96:7f:60:
eb:67:ed:4f:cd:9a:c6:ce:45:0f:b0:08:fe:2f:b6:
3d:f3:10:b1:51:3f:c1:3e:12:35:78:a6:2e:e5:b3:
51:47:f9:57:66:17:62:33:fb:5a:89:b9:79:5b:c5:
b5:f3:f5:de:b8:22:02:5d:9b:96:88:77:d5:57:f3:
a0:fb:39:44:1d:b7:b4:43:15:d5:dc:b1:3c:2a:04:
87:b7:35:17:5c:ba:32:6a:95:c3:fb:ac:a4:fb:c4:
0f:2c:9c:a9:7b:82:6e:30:6d:49:21:82:6f:20:bc:
f3:bf:bb:0a:4a:f6:8a:b6:cf:e1:8c:18:30:e2:67:
22:18:b8:f1:0b:f5:d7:eb:ae:ad:37:5b:08:11:5c:
80:32:a1:4a:7a:96:f2:02:c2:4d:a5:f0:0b:12:df:
df:9e:0a:87:e0:f0:1c:94:6a:f1:1c:10:5f:1b:b8:
62:e8:43:06:b7:d4:69:35:69:54:32:c5:1b:b6:42:
54:95:1c:0f:cc:3d:17:ff:80:9a:8f:74:4d:d0:27:
f8:fa:9d:8b:c0:69:b5:3d:99:07:bc:03:73:70:35:
b7:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:A4:90:EA:BD:B1:82:B7:B1:03:47:E2:28:6E:CA:FD:48:F0:77:23
X509v3 Authority Key Identifier:
keyid:5E:E0:04:BE:FA:55:3D:DB:35:56:4F:B7:76:2B:05:EB:22:2E:CF:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuAEvvpVPds1Vk-3disF6yIuz5M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/eaSQ6r2xgrexA0fiKG7K_UjwdyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/3c35ea-7c9a-48e2-b3b2-e228aab45014/1/XuAEvvpVPds1Vk-3disF6yIuz5M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.95.96.0/22
IPv6:
2a00:1c3e:96::-2a00:1c3e:99:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
67:0d:14:9b:97:a2:ee:1a:c3:dc:b3:42:d3:d8:b4:b9:99:bd:
30:20:62:44:0a:9b:76:a5:6e:15:09:5a:b1:29:73:41:07:b2:
ec:1c:6a:9f:e6:69:0b:47:1b:fd:0a:c7:31:46:01:f6:15:25:
e8:b3:c1:dd:90:70:57:bd:54:fe:50:97:72:55:62:e7:cb:b2:
84:63:ae:86:a0:73:7a:d2:3c:b6:1d:29:0e:fa:66:fa:bb:92:
75:57:6e:d9:d6:7b:28:f3:b1:44:a2:c2:cf:a3:48:67:d5:af:
8c:27:fa:be:8e:4d:f8:d9:33:97:0a:74:f3:2d:a4:33:de:a6:
e2:96:9c:6d:f1:99:ed:87:cb:8f:54:41:4c:a3:b4:9c:a5:b4:
d7:c5:87:25:b3:e0:d1:be:8a:6e:11:dc:07:8f:e7:c5:2e:d8:
29:1a:0a:88:0d:95:3d:a1:45:df:b5:17:b4:73:09:bd:16:d1:
e7:9f:12:05:39:63:ee:62:18:9a:1f:56:b6:5c:f9:f8:be:ab:
47:51:1d:7f:9c:b6:04:27:67:bf:23:69:e8:37:55:35:14:f8:
4f:2a:89:25:4a:3c:a0:c3:a6:cf:ea:36:2f:76:6b:fd:f7:10:
05:31:31:4d:98:68:91:32:eb:46:b8:75:b0:69:25:6d:61:f6:
72:f2:10:fb
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzC20r3ohw1pR3ZLS5RJlSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTAwNGJlZmE1NTNkZGIzNTU2NGZiNzc2MmIwNWViMjIy
ZWNmOTMwHhcNMjQwMTAxMDIzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWE0OTBlYWJkYjE4MmI3YjEwMzQ3ZTIyODZlY2FmZDQ4ZjA3NzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlw08ADjDuI28Cez4xDQMWa70VUsk
ihh24u+bApGh1+5XVHjXqRWxTSCWf2DrZ+1PzZrGzkUPsAj+L7Y98xCxUT/BPhI1
eKYu5bNRR/lXZhdiM/taibl5W8W18/XeuCICXZuWiHfVV/Og+zlEHbe0QxXV3LE8
KgSHtzUXXLoyapXD+6yk+8QPLJype4JuMG1JIYJvILzzv7sKSvaKts/hjBgw4mci
GLjxC/XX666tN1sIEVyAMqFKepbyAsJNpfALEt/fngqH4PAclGrxHBBfG7hi6EMG
t9RpNWlUMsUbtkJUlRwPzD0X/4Caj3RN0Cf4+p2LwGm1PZkHvANzcDW3eQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHmkkOq9sYK3sQNH4ihuyv1I8HcjMB8GA1UdIwQY
MBaAFF7gBL76VT3bNVZPt3YrBesiLs+TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjIt
ZTIyOGFhYjQ1MDE0LzEvZWFTUTZyMnhncmV4QTBmaUtHN0tfVWp3ZHlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi8zYzM1ZWEtN2M5YS00OGUyLWIzYjItZTIyOGFhYjQ1MDE0
LzEvWHVBRXZ2cFZQZHMxVmstM2Rpc0Y2eUl1ejVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAMBAIAATAGAwQCuV9gMBoE
AgACMBQwEgMHASoAHD4AlgMHASoAHD4AmDANBgkqhkiG9w0BAQsFAAOCAQEAZw0U
m5ei7hrD3LNC09i0uZm9MCBiRAqbdqVuFQlasSlzQQey7Bxqn+ZpC0cb/QrHMUYB
9hUl6LPB3ZBwV71U/lCXclVi58uyhGOuhqBzetI8th0pDvpm+ruSdVdu2dZ7KPOx
RKLCz6NIZ9WvjCf6vo5N+Nkzlwp08y2kM96m4pacbfGZ7YfLj1RBTKO0nKW018WH
JbPg0b6KbhHcB4/nxS7YKRoKiA2VPaFF37UXtHMJvRbR558SBTlj7mIYmh9Wtlz5
+L6rR1Edf5y2BCdnvyNp6DdVNRT4TyqJJUo8oMOmz+o2L3Zr/fcQBTExTZhokTLr
Rrh1sGklbWH2cvIQ+w==
-----END CERTIFICATE-----
Generated at Mon Jul 1 22:53:39 2024 by rpki-client on console-fra.rpki-client.org