Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/emL3GWrBD8sWeX_EPFnB6_KtQ5M.roa
File: emL3GWrBD8sWeX_EPFnB6_KtQ5M.roa (raw, json)
Hash identifier: awFVJeo/BpbbQnssKGQkDarzJ7bDHYntQtdoy9UlPFc=
Subject key identifier: 7A:62:F7:19:6A:C1:0F:CB:16:79:7F:C4:3C:59:C1:EB:F2:AD:43:93
Certificate issuer: /CN=76ef0a0ee8fa154d7ada438af1212269ce0acc41
Certificate serial: 018E0E8CD3FF4439381EC4E1247818399607
Authority key identifier: 76:EF:0A:0E:E8:FA:15:4D:7A:DA:43:8A:F1:21:22:69:CE:0A:CC:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/du8KDuj6FU162kOK8SEiac4KzEE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/emL3GWrBD8sWeX_EPFnB6_KtQ5M.roa
Signing time: Tue 05 Mar 2024 12:18:14 +0000
ROA not before: Tue 05 Mar 2024 12:18:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57494
IP address blocks: 109.71.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/du8KDuj6FU162kOK8SEiac4KzEE.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/du8KDuj6FU162kOK8SEiac4KzEE.mft
rsync://rpki.ripe.net/repository/DEFAULT/du8KDuj6FU162kOK8SEiac4KzEE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:0e:8c:d3:ff:44:39:38:1e:c4:e1:24:78:18:39:96:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76ef0a0ee8fa154d7ada438af1212269ce0acc41
Validity
Not Before: Mar 5 12:18:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a62f7196ac10fcb16797fc43c59c1ebf2ad4393
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:11:0b:06:29:ba:19:ef:4e:18:f8:7e:ff:e1:
18:b0:0b:e4:9c:59:f9:fa:02:b6:8a:06:1e:df:25:
7b:c8:b3:d1:ac:a1:eb:52:38:ef:08:22:16:29:da:
fa:47:c5:4f:78:59:d1:99:b2:80:3e:32:d0:61:33:
83:47:a4:d0:a4:60:de:e9:ff:93:28:c1:80:9e:1e:
ff:37:d2:52:4a:ba:7a:d8:36:f2:32:6f:d2:92:66:
49:87:76:2e:2d:7b:9c:51:d4:60:1c:50:5d:f1:ac:
f8:4b:7a:e6:12:2c:9a:8e:86:bf:a2:76:c7:63:a2:
8b:e5:2c:72:61:cf:7e:d4:5e:d8:cf:62:9a:01:24:
63:b4:98:a5:0b:a1:98:f2:16:51:50:bf:5d:a0:cf:
8f:6a:fa:b4:7c:60:aa:97:84:69:80:b3:2b:2f:08:
27:0e:6e:4c:29:63:6e:81:20:c9:18:cd:25:7f:a4:
63:63:d0:fa:06:c6:40:fc:33:fc:26:7b:cc:32:b2:
17:53:47:c1:95:ea:9e:49:3c:7f:da:53:c8:c2:c7:
91:7c:17:73:31:29:86:39:0c:8b:13:9b:a4:cd:30:
d0:3f:50:e3:09:e7:06:d1:82:e2:b2:34:85:b9:5f:
16:67:81:c1:7f:92:e3:3a:9c:ca:b6:f1:f5:20:ec:
c7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:62:F7:19:6A:C1:0F:CB:16:79:7F:C4:3C:59:C1:EB:F2:AD:43:93
X509v3 Authority Key Identifier:
keyid:76:EF:0A:0E:E8:FA:15:4D:7A:DA:43:8A:F1:21:22:69:CE:0A:CC:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/du8KDuj6FU162kOK8SEiac4KzEE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/emL3GWrBD8sWeX_EPFnB6_KtQ5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/1686c3-da70-4b54-ab2b-3be995d2bbda/1/du8KDuj6FU162kOK8SEiac4KzEE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.71.242.0/24
Signature Algorithm: sha256WithRSAEncryption
58:65:e6:38:47:8d:6f:e8:9a:be:4e:aa:aa:3a:9c:cd:b1:1f:
54:21:9c:dc:29:ca:b7:79:de:18:ed:e2:5c:b5:8a:16:9e:11:
8f:dc:0c:d9:e4:01:7f:3a:8d:71:b8:9d:13:95:2f:6a:6a:c2:
28:13:79:4d:cc:98:fb:6c:67:1b:8e:62:48:5a:4e:0c:2f:93:
7e:ea:e9:8a:90:38:a6:59:de:2e:71:5b:64:81:9d:92:d0:68:
45:f7:cf:42:2b:f3:6f:8e:31:69:cd:ac:ab:c8:d0:97:e8:db:
6c:60:a8:4f:12:20:5f:65:3c:c9:a6:11:83:df:89:cd:1a:ca:
f6:58:51:fc:f0:57:19:9e:54:3c:d9:02:d5:72:4d:0a:a6:fa:
55:81:61:96:16:87:02:8e:c6:7a:69:04:b4:8e:fa:42:99:16:
68:f3:1e:aa:43:95:b8:7e:31:c2:e5:c6:51:3a:f3:da:27:a2:
d6:51:5b:94:04:d5:55:02:d5:6a:d9:dd:44:e5:14:38:36:08:
56:51:12:e4:ea:b6:9c:bd:e1:4e:9c:22:dc:55:67:59:45:69:
34:53:fc:49:d6:9e:e2:0c:9d:59:95:aa:58:86:60:f5:c2:d8:
59:9b:a1:e0:53:98:b3:f3:e9:e4:92:fb:4b:99:c5:8a:64:72:
aa:13:a7:a0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY4OjNP/RDk4HsThJHgYOZYHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2ZWYwYTBlZThmYTE1NGQ3YWRhNDM4YWYxMjEyMjY5Y2Uw
YWNjNDEwHhcNMjQwMzA1MTIxODE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTYyZjcxOTZhYzEwZmNiMTY3OTdmYzQzYzU5YzFlYmYyYWQ0MzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnRELBim6Ge9OGPh+/+EYsAvknFn5
+gK2igYe3yV7yLPRrKHrUjjvCCIWKdr6R8VPeFnRmbKAPjLQYTODR6TQpGDe6f+T
KMGAnh7/N9JSSrp62DbyMm/SkmZJh3YuLXucUdRgHFBd8az4S3rmEiyajoa/onbH
Y6KL5SxyYc9+1F7Yz2KaASRjtJilC6GY8hZRUL9doM+Pavq0fGCql4RpgLMrLwgn
Dm5MKWNugSDJGM0lf6RjY9D6BsZA/DP8JnvMMrIXU0fBleqeSTx/2lPIwseRfBdz
MSmGOQyLE5ukzTDQP1DjCecG0YLisjSFuV8WZ4HBf5LjOpzKtvH1IOzHNQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHpi9xlqwQ/LFnl/xDxZwevyrUOTMB8GA1UdIwQY
MBaAFHbvCg7o+hVNetpDivEhImnOCsxBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHU4S0R1ajZGVTE2MmtPSzhTRWlhYzRLekVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS8xNjg2YzMtZGE3MC00YjU0LWFiMmIt
M2JlOTk1ZDJiYmRhLzEvZW1MM0dXckJEOHNXZVhfRVBGbkI2X0t0UTVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS8xNjg2YzMtZGE3MC00YjU0LWFiMmItM2JlOTk1ZDJiYmRh
LzEvZHU4S0R1ajZGVTE2MmtPSzhTRWlhYzRLekVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAbUfyMA0G
CSqGSIb3DQEBCwUAA4IBAQBYZeY4R41v6Jq+TqqqOpzNsR9UIZzcKcq3ed4Y7eJc
tYoWnhGP3AzZ5AF/Oo1xuJ0TlS9qasIoE3lNzJj7bGcbjmJIWk4ML5N+6umKkDim
Wd4ucVtkgZ2S0GhF989CK/NvjjFpzayryNCX6NtsYKhPEiBfZTzJphGD34nNGsr2
WFH88FcZnlQ82QLVck0KpvpVgWGWFocCjsZ6aQS0jvpCmRZo8x6qQ5W4fjHC5cZR
OvPaJ6LWUVuUBNVVAtVq2d1E5RQ4NghWURLk6racveFOnCLcVWdZRWk0U/xJ1p7i
DJ1ZlapYhmD1wthZm6HgU5iz8+nkkvtLmcWKZHKqE6eg
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:16:22 2024 by rpki-client on console-fra.rpki-client.org