Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ELbRMj9dpYGXHBkS3x9fr4fVjNM.roa
File: ELbRMj9dpYGXHBkS3x9fr4fVjNM.roa (raw, json)
Hash identifier: pFN7vf4Bi+e7UowjcIQLdhSSW0ELN5XtTgINgLEACV8=
Subject key identifier: 10:B6:D1:32:3F:5D:A5:81:97:1C:19:12:DF:1F:5F:AF:87:D5:8C:D3
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 0194ACC125307972A01A842A194778D81EE3
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ELbRMj9dpYGXHBkS3x9fr4fVjNM.roa
Signing time: Tue 28 Jan 2025 11:52:06 +0000
ROA not before: Tue 28 Jan 2025 11:52:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41733
IP address blocks: 37.112.248.0/21 maxlen: 21
88.204.96.0/23 maxlen: 23
91.203.168.0/22 maxlen: 22
185.42.80.0/22 maxlen: 22
212.75.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 23:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:ac:c1:25:30:79:72:a0:1a:84:2a:19:47:78:d8:1e:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jan 28 11:52:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=10b6d1323f5da581971c1912df1f5faf87d58cd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:ca:da:d1:1c:1c:e5:ea:a8:04:49:50:ea:c4:
04:4d:b0:6b:d9:7e:89:73:87:08:fc:4a:1d:59:83:
0f:bd:8d:95:0a:f6:fc:4f:47:ea:35:ca:a1:2a:b2:
ec:a7:2d:13:93:f0:df:19:a5:57:29:af:67:33:7a:
a1:9a:f5:31:9b:06:9d:2e:de:4f:c4:f9:85:21:78:
5b:1b:19:18:d4:63:ce:fd:a2:81:2f:94:5e:09:0d:
f7:27:fd:04:d7:d6:14:16:76:06:b2:0d:43:af:53:
49:05:b5:a5:d4:9e:cd:a1:33:fe:ac:19:fe:9f:df:
a1:c4:fb:6e:d9:32:ff:68:eb:c9:83:d1:d7:8c:04:
55:c2:c5:95:6b:04:05:cd:cd:37:c2:4d:e2:e9:22:
5c:f5:54:24:fc:5e:f4:89:40:43:b6:fb:64:25:2f:
d1:23:e0:1c:0f:45:c0:87:8c:c0:72:75:c6:00:d9:
1f:3b:5c:14:12:6f:71:17:62:08:45:25:89:7a:1a:
4f:6b:f9:25:24:21:2d:10:22:9f:60:c8:7d:3e:9b:
b7:23:02:cd:5d:e2:b7:ea:5c:09:55:d7:6f:c5:99:
fb:92:fd:8b:ea:6a:87:71:88:a7:29:01:bf:8e:3d:
9c:92:65:b2:e7:92:d6:ac:14:d3:cf:85:c5:0b:7c:
13:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:B6:D1:32:3F:5D:A5:81:97:1C:19:12:DF:1F:5F:AF:87:D5:8C:D3
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ELbRMj9dpYGXHBkS3x9fr4fVjNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.112.248.0/21
88.204.96.0/23
91.203.168.0/22
185.42.80.0/22
212.75.224.0/19
Signature Algorithm: sha256WithRSAEncryption
0a:73:de:13:ad:72:18:3f:f7:d5:30:7d:1a:a8:0a:95:a9:10:
3c:df:ba:a2:a6:ca:35:0b:e4:46:f5:24:9b:38:79:97:25:ef:
eb:b0:4c:ed:93:03:c0:46:d9:5d:de:13:bb:12:40:64:29:fc:
62:d8:92:43:d0:b3:cc:9a:9e:9d:17:b5:d1:95:cd:5f:22:eb:
f4:6d:0f:d5:1e:32:e0:5a:4d:51:ba:23:78:60:f1:c7:38:63:
26:0c:ae:46:15:5f:8b:ce:9d:7d:bb:94:78:a8:56:ec:7d:5c:
97:89:3e:29:90:96:46:15:21:68:5d:e6:de:e0:ef:09:4c:6f:
14:63:41:77:ba:8c:69:22:9f:d8:b9:02:6f:4f:73:96:56:68:
4e:9f:56:04:de:63:b9:95:ec:41:01:cb:fe:80:5c:3c:1c:d4:
8d:b8:ec:e3:61:2b:a4:d7:e6:00:f6:0d:92:de:d9:15:c4:c3:
cb:88:73:12:3d:9c:aa:b5:d8:4f:61:1e:5b:97:18:a6:5d:49:
ce:9c:b4:5c:2a:b2:ec:87:3e:88:4c:0d:70:87:80:03:2a:ee:
dd:41:68:29:5f:7b:cd:6e:f3:45:86:30:62:1e:9e:68:5d:61:
9d:e8:3a:82:97:d8:03:08:ed:ec:88:85:38:08:85:41:25:00:
91:4e:6c:45
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZSswSUweXKgGoQqGUd42B7jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwMTI4MTE1MjA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGI2ZDEzMjNmNWRhNTgxOTcxYzE5MTJkZjFmNWZhZjg3ZDU4Y2QzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0sra0Rwc5eqoBElQ6sQETbBr2X6J
c4cI/EodWYMPvY2VCvb8T0fqNcqhKrLspy0Tk/DfGaVXKa9nM3qhmvUxmwadLt5P
xPmFIXhbGxkY1GPO/aKBL5ReCQ33J/0E19YUFnYGsg1Dr1NJBbWl1J7NoTP+rBn+
n9+hxPtu2TL/aOvJg9HXjARVwsWVawQFzc03wk3i6SJc9VQk/F70iUBDtvtkJS/R
I+AcD0XAh4zAcnXGANkfO1wUEm9xF2IIRSWJehpPa/klJCEtECKfYMh9Ppu3IwLN
XeK36lwJVddvxZn7kv2L6mqHcYinKQG/jj2ckmWy55LWrBTTz4XFC3wTCQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFBC20TI/XaWBlxwZEt8fX6+H1YzTMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvRUxiUk1qOWRwWUdYSEJrUzN4OWZyNGZWak5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDJXD4AwQB
WMxgAwQCW8uoAwQCuSpQAwQF1EvgMA0GCSqGSIb3DQEBCwUAA4IBAQAKc94TrXIY
P/fVMH0aqAqVqRA837qipso1C+RG9SSbOHmXJe/rsEztkwPARtld3hO7EkBkKfxi
2JJD0LPMmp6dF7XRlc1fIuv0bQ/VHjLgWk1RuiN4YPHHOGMmDK5GFV+Lzp19u5R4
qFbsfVyXiT4pkJZGFSFoXebe4O8JTG8UY0F3uoxpIp/YuQJvT3OWVmhOn1YE3mO5
lexBAcv+gFw8HNSNuOzjYSuk1+YA9g2S3tkVxMPLiHMSPZyqtdhPYR5blximXUnO
nLRcKrLshz6ITA1wh4ADKu7dQWgpX3vNbvNFhjBiHp5oXWGd6DqCl9gDCO3siIU4
CIVBJQCRTmxF
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:36:46 2025 by rpki-client