Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/ad46a5-f900-4ad1-b229-e18435e432dc/1/eDzZrZHcPOEx6jtaBjkixP4J7bY.roa
File: eDzZrZHcPOEx6jtaBjkixP4J7bY.roa (raw, json)
Hash identifier: /KTKMe0f18OY0pU5x5hYbZsxcdretNxZdSN6x+8VrRI=
Subject key identifier: 78:3C:D9:AD:91:DC:3C:E1:31:EA:3B:5A:06:39:22:C4:FE:09:ED:B6
Certificate issuer: /CN=eb091499adc769b0fba9fed3284543a7425c2351
Certificate serial: 018CC34905CCE48A230AE59BDD8C1D5E143A
Authority key identifier: EB:09:14:99:AD:C7:69:B0:FB:A9:FE:D3:28:45:43:A7:42:5C:23:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6wkUma3HabD7qf7TKEVDp0JcI1E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/ad46a5-f900-4ad1-b229-e18435e432dc/1/eDzZrZHcPOEx6jtaBjkixP4J7bY.roa
Signing time: Mon 01 Jan 2024 04:29:51 +0000
ROA not before: Mon 01 Jan 2024 04:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207727
IP address blocks: 194.165.35.0/24 maxlen: 24
194.165.38.0/24 maxlen: 24
194.165.58.0/24 maxlen: 24
194.165.56.0/24 maxlen: 24
2a10:2a80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/ad46a5-f900-4ad1-b229-e18435e432dc/1/6wkUma3HabD7qf7TKEVDp0JcI1E.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/ad46a5-f900-4ad1-b229-e18435e432dc/1/6wkUma3HabD7qf7TKEVDp0JcI1E.mft
rsync://rpki.ripe.net/repository/DEFAULT/6wkUma3HabD7qf7TKEVDp0JcI1E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 19 Jun 2024 07:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:05:cc:e4:8a:23:0a:e5:9b:dd:8c:1d:5e:14:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb091499adc769b0fba9fed3284543a7425c2351
Validity
Not Before: Jan 1 04:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=783cd9ad91dc3ce131ea3b5a063922c4fe09edb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fe:74:5a:63:69:71:30:5e:16:08:1b:a8:91:
32:4d:6e:4d:68:70:6c:a5:6a:19:e0:0e:c7:37:2c:
c4:db:14:74:89:03:35:b4:2b:09:e0:2f:24:14:1e:
b9:e3:0d:60:98:bd:07:d8:0d:72:02:51:c3:61:d1:
c6:32:6b:d9:3e:d3:60:9c:5c:73:4c:18:00:a5:2b:
dd:91:04:e5:04:19:19:a5:fc:e4:58:87:53:6d:54:
df:9c:c6:45:6e:49:1b:c7:df:58:fa:29:a1:90:5f:
bf:95:10:67:d8:dd:23:05:39:96:f8:66:c0:f2:bd:
d5:00:58:7c:ba:e2:02:51:5f:7a:6c:4e:1f:de:e7:
7a:66:b1:f6:6d:53:2a:e6:04:16:84:43:7e:27:30:
ea:7b:f6:db:9e:b5:37:19:af:eb:83:2a:5d:ac:4f:
bd:7b:f3:80:06:0b:0c:5a:bf:82:ab:26:12:29:b5:
2c:20:15:4e:fd:ec:6f:9a:e7:6f:99:0b:f8:4f:9d:
25:63:67:4c:82:58:62:29:3a:56:ac:5a:ed:ca:36:
b2:78:36:ec:a2:fe:7c:cc:ca:0a:db:ab:52:f4:5b:
97:5f:d3:26:cb:a4:34:57:66:d6:77:fc:4b:2a:e7:
cf:d6:d0:4f:34:96:80:1d:e3:63:49:0f:8d:46:13:
f1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:3C:D9:AD:91:DC:3C:E1:31:EA:3B:5A:06:39:22:C4:FE:09:ED:B6
X509v3 Authority Key Identifier:
keyid:EB:09:14:99:AD:C7:69:B0:FB:A9:FE:D3:28:45:43:A7:42:5C:23:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6wkUma3HabD7qf7TKEVDp0JcI1E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/ad46a5-f900-4ad1-b229-e18435e432dc/1/eDzZrZHcPOEx6jtaBjkixP4J7bY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/ad46a5-f900-4ad1-b229-e18435e432dc/1/6wkUma3HabD7qf7TKEVDp0JcI1E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.165.35.0/24
194.165.38.0/24
194.165.56.0/24
194.165.58.0/24
IPv6:
2a10:2a80::/29
Signature Algorithm: sha256WithRSAEncryption
32:4d:38:c4:05:e0:ea:a5:57:74:52:38:e1:cd:18:92:bb:63:
0c:ed:c3:0c:c2:45:e4:a2:d7:12:7b:4e:80:2b:88:35:f6:b4:
de:f6:ad:19:bf:a4:8f:24:42:f6:fb:34:ef:f6:bb:9b:38:6b:
b4:f4:e8:d1:85:81:f4:80:12:bf:4f:ff:68:cd:fc:23:88:5a:
0e:27:7a:73:c5:91:b0:84:31:42:f1:62:dd:07:9c:ac:c3:00:
e6:77:fd:21:c5:ec:dd:6e:a6:e8:77:ca:af:36:5b:c8:1e:a7:
07:1a:71:55:20:b1:93:a8:66:7f:99:00:c9:53:c6:64:54:06:
ed:93:4a:b2:02:00:23:7f:f7:0f:86:b0:ff:c9:7b:54:78:72:
9d:78:a3:b6:c7:de:1e:c9:21:28:b4:b4:aa:cd:dc:05:04:c3:
6d:6b:3e:25:d6:04:26:20:05:b9:5d:95:22:2a:d4:2a:1c:6e:
40:1a:b0:4e:84:14:a3:9d:3e:8b:26:d8:0b:4d:b2:c3:a0:50:
f1:9e:b6:4d:98:df:38:a9:49:a3:7a:e9:2a:2c:5e:7f:0b:33:
40:8d:3c:62:29:86:31:09:d2:24:04:4b:99:ce:64:91:66:7a:
a1:66:ab:c8:7a:8c:30:75:fd:3a:b4:cb:48:77:33:37:90:72:
ab:aa:af:8a
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDSQXM5IojCuWb3YwdXhQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMDkxNDk5YWRjNzY5YjBmYmE5ZmVkMzI4NDU0M2E3NDI1
YzIzNTEwHhcNMjQwMTAxMDQyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODNjZDlhZDkxZGMzY2UxMzFlYTNiNWEwNjM5MjJjNGZlMDllZGI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApP50WmNpcTBeFggbqJEyTW5NaHBs
pWoZ4A7HNyzE2xR0iQM1tCsJ4C8kFB654w1gmL0H2A1yAlHDYdHGMmvZPtNgnFxz
TBgApSvdkQTlBBkZpfzkWIdTbVTfnMZFbkkbx99Y+imhkF+/lRBn2N0jBTmW+GbA
8r3VAFh8uuICUV96bE4f3ud6ZrH2bVMq5gQWhEN+JzDqe/bbnrU3Ga/rgypdrE+9
e/OABgsMWr+CqyYSKbUsIBVO/exvmudvmQv4T50lY2dMglhiKTpWrFrtyjayeDbs
ov58zMoK26tS9FuXX9Mmy6Q0V2bWd/xLKufP1tBPNJaAHeNjSQ+NRhPxxwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHg82a2R3DzhMeo7WgY5IsT+Ce22MB8GA1UdIwQY
MBaAFOsJFJmtx2mw+6n+0yhFQ6dCXCNRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNndrVW1hM0hhYkQ3cWY3VEtFVkRwMEpjSTFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS9hZDQ2YTUtZjkwMC00YWQxLWIyMjkt
ZTE4NDM1ZTQzMmRjLzEvZUR6WnJaSGNQT0V4Nmp0YUJqa2l4UDRKN2JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS9hZDQ2YTUtZjkwMC00YWQxLWIyMjktZTE4NDM1ZTQzMmRj
LzEvNndrVW1hM0hhYkQ3cWY3VEtFVkRwMEpjSTFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwqUjAwQA
wqUmAwQAwqU4AwQAwqU6MA0EAgACMAcDBQMqECqAMA0GCSqGSIb3DQEBCwUAA4IB
AQAyTTjEBeDqpVd0UjjhzRiSu2MM7cMMwkXkotcSe06AK4g19rTe9q0Zv6SPJEL2
+zTv9rubOGu09OjRhYH0gBK/T/9ozfwjiFoOJ3pzxZGwhDFC8WLdB5yswwDmd/0h
xezdbqbod8qvNlvIHqcHGnFVILGTqGZ/mQDJU8ZkVAbtk0qyAgAjf/cPhrD/yXtU
eHKdeKO2x94eySEotLSqzdwFBMNtaz4l1gQmIAW5XZUiKtQqHG5AGrBOhBSjnT6L
JtgLTbLDoFDxnrZNmN84qUmjeukqLF5/CzNAjTxiKYYxCdIkBEuZzmSRZnqhZqvI
eowwdf06tMtIdzM3kHKrqq+K
-----END CERTIFICATE-----
Generated at Tue Jun 18 11:06:19 2024 by rpki-client on console-ams.rpki-client.org