Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/EGs21NLvOn61Ii3qUw4_MbChZCk.roa
File: EGs21NLvOn61Ii3qUw4_MbChZCk.roa (raw, json)
Hash identifier: q0cmvZQnPJF5Yrcdc2W6R6twIIHJ8z6kkhMEXLYPSBY=
Subject key identifier: 10:6B:36:D4:D2:EF:3A:7E:B5:22:2D:EA:53:0E:3F:31:B0:A1:64:29
Certificate issuer: /CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Certificate serial: 01915B81DC8723B9003A4DA6316EA7D9D2F0
Authority key identifier: CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/EGs21NLvOn61Ii3qUw4_MbChZCk.roa
Signing time: Fri 16 Aug 2024 14:05:22 +0000
ROA not before: Fri 16 Aug 2024 14:05:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30788
IP address blocks: 2a0f:4300::/29 maxlen: 29
2a11:1840::/29 maxlen: 29
2a11:2d80::/29 maxlen: 29
2a11:31c0::/29 maxlen: 29
2a11:3f00::/29 maxlen: 29
2a11:41c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.mft
rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 22 Sep 2024 01:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:5b:81:dc:87:23:b9:00:3a:4d:a6:31:6e:a7:d9:d2:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cddbefba8fe3c1f668c8444384fe4a3a9f4d87f1
Validity
Not Before: Aug 16 14:05:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=106b36d4d2ef3a7eb5222dea530e3f31b0a16429
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a2:a8:38:20:24:75:9c:7b:0e:44:29:12:e3:
f4:5a:2a:0f:ef:94:16:ed:9c:3d:a7:78:1a:74:19:
f8:74:83:14:e4:3b:12:4b:f0:7b:ed:f6:7a:40:34:
3a:3d:5d:7f:2d:e4:f4:40:0b:36:b4:57:42:66:ea:
b3:a9:71:27:78:4b:27:da:b6:0b:54:6e:f0:78:58:
2f:14:2e:97:90:5a:68:7d:48:f8:d6:aa:2e:3b:b2:
14:05:99:e1:85:ce:6f:26:7b:8d:be:b6:9b:5c:77:
7d:b6:36:98:aa:14:64:44:58:ab:95:97:1e:3c:73:
58:9e:26:58:d4:ce:ba:75:cd:d5:2b:0a:68:95:17:
6b:fc:3a:3d:a9:24:ed:90:54:ec:4a:ca:bb:1c:82:
e9:f9:88:f2:f7:1e:78:1f:61:d7:d4:31:ae:1b:70:
0a:17:87:7a:6d:c3:8d:14:ad:4a:48:a9:44:f2:a0:
8e:f3:ac:0c:6a:64:45:47:18:93:4c:9a:9e:3e:9a:
b7:a2:84:9c:68:79:9f:cd:9a:f0:36:93:4d:01:d5:
a0:eb:fe:18:12:1f:13:04:68:4d:b9:60:e3:30:15:
2b:94:62:d9:2a:e2:75:93:11:ed:d6:fb:22:09:28:
2a:c3:f0:5f:9a:5b:13:a9:91:60:5e:db:22:0b:c3:
3f:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:6B:36:D4:D2:EF:3A:7E:B5:22:2D:EA:53:0E:3F:31:B0:A1:64:29
X509v3 Authority Key Identifier:
keyid:CD:DB:EF:BA:8F:E3:C1:F6:68:C8:44:43:84:FE:4A:3A:9F:4D:87:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zdvvuo_jwfZoyERDhP5KOp9Nh_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/EGs21NLvOn61Ii3qUw4_MbChZCk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/4e52f1-13b2-45df-8a43-1a39e6a6de93/1/zdvvuo_jwfZoyERDhP5KOp9Nh_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0f:4300::/29
2a11:1840::/29
2a11:2d80::/29
2a11:31c0::/29
2a11:3f00::/29
2a11:41c0::/29
Signature Algorithm: sha256WithRSAEncryption
13:25:55:0f:7c:72:9f:3a:c8:3f:9b:9f:67:5f:79:9f:8f:e1:
ab:07:3f:73:b8:4b:4b:73:a1:ab:d4:c6:98:a7:59:f2:ad:7c:
65:02:7a:8b:e4:c4:e5:2a:c7:35:59:08:64:f0:da:63:73:e3:
e5:fa:b0:bb:c8:81:15:88:99:2c:c0:14:cc:03:9b:62:7c:07:
4a:39:a0:67:9c:84:88:4a:9a:33:d9:95:9a:95:ae:e4:ba:62:
72:55:9d:0f:2f:b8:c6:9b:cc:c4:3c:0e:d0:80:3e:62:3c:45:
0a:6b:32:7c:11:19:dc:ea:c8:e4:68:9e:9f:e8:e3:4d:3a:36:
c6:65:9b:00:46:b1:2d:df:26:1b:3c:8e:45:e5:58:99:6e:e5:
b7:62:5d:41:d3:1a:12:ae:56:35:36:3e:e8:43:f1:25:3a:9a:
97:a8:dc:a4:23:82:13:7f:41:18:97:66:30:e4:81:7e:cc:51:
f7:fa:b3:92:5f:a1:6a:24:26:46:ca:a9:6a:c7:43:d3:29:04:
f4:8d:57:83:5b:59:8a:ac:f7:1b:f2:0c:06:83:bc:3b:30:2d:
5b:6d:d7:97:10:c2:d9:56:60:c3:e3:de:ff:19:d2:86:3d:ee:
bd:d3:f0:c2:37:88:f6:fc:3d:23:c5:18:c5:3b:05:4f:1b:5a:
63:b3:c8:e9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZFbgdyHI7kAOk2mMW6n2dLwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkZGJlZmJhOGZlM2MxZjY2OGM4NDQ0Mzg0ZmU0YTNhOWY0
ZDg3ZjEwHhcNMjQwODE2MTQwNTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDZiMzZkNGQyZWYzYTdlYjUyMjJkZWE1MzBlM2YzMWIwYTE2NDI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6KoOCAkdZx7DkQpEuP0WioP75QW
7Zw9p3gadBn4dIMU5DsSS/B77fZ6QDQ6PV1/LeT0QAs2tFdCZuqzqXEneEsn2rYL
VG7weFgvFC6XkFpofUj41qouO7IUBZnhhc5vJnuNvrabXHd9tjaYqhRkRFirlZce
PHNYniZY1M66dc3VKwpolRdr/Do9qSTtkFTsSsq7HILp+Yjy9x54H2HX1DGuG3AK
F4d6bcONFK1KSKlE8qCO86wMamRFRxiTTJqePpq3ooScaHmfzZrwNpNNAdWg6/4Y
Eh8TBGhNuWDjMBUrlGLZKuJ1kxHt1vsiCSgqw/BfmlsTqZFgXtsiC8M/aQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBBrNtTS7zp+tSIt6lMOPzGwoWQpMB8GA1UdIwQY
MBaAFM3b77qP48H2aMhEQ4T+SjqfTYfxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMt
MWEzOWU2YTZkZTkzLzEvRUdzMjFOTHZPbjYxSWkzcVV3NF9NYkNoWkNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC80ZTUyZjEtMTNiMi00NWRmLThhNDMtMWEzOWU2YTZkZTkz
LzEvemR2dnVvX2p3ZlpveUVSRGhQNUtPcDlOaF9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUDKg9DAAMF
AyoRGEADBQMqES2AAwUDKhExwAMFAyoRPwADBQMqEUHAMA0GCSqGSIb3DQEBCwUA
A4IBAQATJVUPfHKfOsg/m59nX3mfj+GrBz9zuEtLc6Gr1MaYp1nyrXxlAnqL5MTl
Ksc1WQhk8Npjc+Pl+rC7yIEViJkswBTMA5tifAdKOaBnnISISpoz2ZWala7kumJy
VZ0PL7jGm8zEPA7QgD5iPEUKazJ8ERnc6sjkaJ6f6ONNOjbGZZsARrEt3yYbPI5F
5ViZbuW3Yl1B0xoSrlY1Nj7oQ/ElOpqXqNykI4ITf0EYl2Yw5IF+zFH3+rOSX6Fq
JCZGyqlqx0PTKQT0jVeDW1mKrPcb8gwGg7w7MC1bbdeXEMLZVmDD497/GdKGPe69
0/DCN4j2/D0jxRjFOwVPG1pjs8jp
-----END CERTIFICATE-----
Generated at Sat Sep 21 07:39:06 2024 by rpki-client on console-fra.rpki-client.org