Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/efCOFmsfSLRoNKt0dEfRzs6eu6o.roa
File: efCOFmsfSLRoNKt0dEfRzs6eu6o.roa (raw, json)
Hash identifier: 1mPlWhqIukcjMep3y+IWnUquE2flzs5hd9dWYCBq5Gw=
Subject key identifier: 79:F0:8E:16:6B:1F:48:B4:68:34:AB:74:74:47:D1:CE:CE:9E:BB:AA
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 018DE4C6298ABF30162045F3AAE2E0723700
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/efCOFmsfSLRoNKt0dEfRzs6eu6o.roa
Signing time: Mon 26 Feb 2024 09:36:48 +0000
ROA not before: Mon 26 Feb 2024 09:36:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56630
IP address blocks: 213.183.54.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
2a03:f80:7::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
2a03:f80:359::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:e4:c6:29:8a:bf:30:16:20:45:f3:aa:e2:e0:72:37:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Feb 26 09:36:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79f08e166b1f48b46834ab747447d1cece9ebbaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:12:71:25:89:08:5f:c9:ce:59:ac:88:ae:04:
b9:22:6b:da:ad:d8:39:f6:55:13:74:fb:54:ce:02:
62:34:52:96:ae:1e:9d:01:88:1e:92:24:63:49:cc:
a2:00:1f:f0:bf:6c:24:32:f2:b3:eb:3f:01:57:83:
51:de:52:7e:f0:ca:63:f7:a1:ec:d0:b9:31:65:dd:
8d:63:1c:73:72:75:96:c1:01:d4:f7:6c:55:11:9a:
83:86:bc:47:f1:1e:16:0b:11:19:cf:fb:da:5f:40:
da:51:f7:16:e3:3a:8c:41:47:82:83:61:98:1f:6b:
45:10:62:0b:b9:2e:3a:cd:ca:ff:4b:11:c0:de:0a:
79:47:9b:95:1c:d6:db:66:4f:c3:7e:c2:7a:f5:0f:
f7:55:ea:7e:9a:ee:13:16:00:4f:94:7d:75:5e:b6:
3d:85:2f:6f:46:98:38:e7:10:fe:84:d7:3f:a6:e7:
23:16:ba:ba:81:1f:af:64:cb:ce:9c:55:7a:d6:43:
4b:2f:69:7c:38:1e:df:89:3d:38:c9:e0:36:8d:a9:
69:6b:e1:f7:61:1c:57:2a:7c:15:ec:41:06:7e:fe:
00:b2:01:70:10:9d:11:0f:2e:86:ac:84:c4:a0:56:
9e:c3:88:67:36:e3:54:8f:34:48:77:d7:06:45:90:
be:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:F0:8E:16:6B:1F:48:B4:68:34:AB:74:74:47:D1:CE:CE:9E:BB:AA
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/efCOFmsfSLRoNKt0dEfRzs6eu6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.183.54.0/24
213.183.56.0/23
IPv6:
2a03:f80:7::/48
2a03:f80:70::/48
2a03:f80:359::/48
2a03:f80:370::/47
2a03:f80:3991::/48
Signature Algorithm: sha256WithRSAEncryption
38:cd:36:91:67:8b:8f:33:c6:50:43:1d:d5:21:af:81:c1:30:
85:93:11:20:bb:8b:32:8c:8c:44:07:c9:66:77:b5:1c:17:03:
b1:c2:c9:05:18:7d:c2:a3:ed:87:3b:df:ca:99:c0:7e:64:27:
51:3b:d7:4b:27:fc:3c:dd:fb:95:d4:47:9e:cb:03:a6:a9:90:
a3:29:ac:90:6d:5c:4e:b8:4c:e0:2a:77:52:2b:34:fb:9e:69:
22:44:43:cf:af:af:c6:91:66:fb:c0:80:38:24:b6:aa:cc:9c:
33:0d:db:2e:e0:53:a4:30:a9:62:65:73:44:d6:e4:cc:8c:26:
c3:6b:f3:df:8b:3b:87:4e:61:08:73:4d:1e:05:6b:12:d7:a9:
49:00:91:1a:40:53:29:7c:05:f4:88:90:89:1d:2c:8f:66:5c:
3b:41:0a:45:e1:b6:06:65:f6:9b:4c:da:b4:33:8b:94:35:12:
a6:f2:4a:81:df:b0:93:98:08:0c:60:5d:85:51:b0:54:4f:66:
85:b3:4a:37:ed:4d:d3:a8:ba:cd:08:bd:52:51:48:b5:1d:1a:
61:2c:81:2b:74:f6:3d:c6:25:1c:01:85:a5:9a:10:f4:48:c0:
05:27:b4:17:d8:5f:f1:99:ec:da:7b:f7:9d:17:11:8a:a7:02:
bf:a9:d6:80
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAY3kximKvzAWIEXzquLgcjcAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQwMjI2MDkzNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWYwOGUxNjZiMWY0OGI0NjgzNGFiNzQ3NDQ3ZDFjZWNlOWViYmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkxJxJYkIX8nOWayIrgS5Imvardg5
9lUTdPtUzgJiNFKWrh6dAYgekiRjScyiAB/wv2wkMvKz6z8BV4NR3lJ+8Mpj96Hs
0LkxZd2NYxxzcnWWwQHU92xVEZqDhrxH8R4WCxEZz/vaX0DaUfcW4zqMQUeCg2GY
H2tFEGILuS46zcr/SxHA3gp5R5uVHNbbZk/DfsJ69Q/3Vep+mu4TFgBPlH11XrY9
hS9vRpg45xD+hNc/pucjFrq6gR+vZMvOnFV61kNLL2l8OB7fiT04yeA2jalpa+H3
YRxXKnwV7EEGfv4AsgFwEJ0RDy6GrITEoFaew4hnNuNUjzRId9cGRZC+kQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFHnwjhZrH0i0aDSrdHRH0c7OnruqMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvZWZDT0Ztc2ZTTFJvTkt0MGRFZlJ6czZldTZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTASBAIAATAMAwQA1bc2AwQB
1bc4MDMEAgACMC0DBwAqAw+AAAcDBwAqAw+AAHADBwAqAw+AA1kDBwEqAw+AA3AD
BwAqAw+AOZEwDQYJKoZIhvcNAQELBQADggEBADjNNpFni48zxlBDHdUhr4HBMIWT
ESC7izKMjEQHyWZ3tRwXA7HCyQUYfcKj7Yc738qZwH5kJ1E710sn/Dzd+5XUR57L
A6apkKMprJBtXE64TOAqd1IrNPueaSJEQ8+vr8aRZvvAgDgktqrMnDMN2y7gU6Qw
qWJlc0TW5MyMJsNr89+LO4dOYQhzTR4FaxLXqUkAkRpAUyl8BfSIkIkdLI9mXDtB
CkXhtgZl9ptM2rQzi5Q1EqbySoHfsJOYCAxgXYVRsFRPZoWzSjftTdOous0IvVJR
SLUdGmEsgSt09j3GJRwBhaWaEPRIwAUntBfYX/GZ7Np7950XEYqnAr+p1oA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:17:47 2024 by rpki-client on console-ams.rpki-client.org