Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/eMxQvlxuXq-QhbM20BkbgN34KqU.roa
File: eMxQvlxuXq-QhbM20BkbgN34KqU.roa (raw, json)
Hash identifier: 3l8okw4ratySApflXEG/yN48vccU+2E4Qmh6Vm5wB2Y=
Subject key identifier: 78:CC:50:BE:5C:6E:5E:AF:90:85:B3:36:D0:19:1B:80:DD:F8:2A:A5
Certificate issuer: /CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Certificate serial: 0194274850EAFE21EEB7ABA17EF7B68E253C
Authority key identifier: D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/eMxQvlxuXq-QhbM20BkbgN34KqU.roa
Signing time: Thu 02 Jan 2025 13:50:38 +0000
ROA not before: Thu 02 Jan 2025 13:50:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400696
IP address blocks: 85.203.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.mft
rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 05:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:27:48:50:ea:fe:21:ee:b7:ab:a1:7e:f7:b6:8e:25:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d45bdf6eec08370ae1f67e83f99b5ac1fe26872c
Validity
Not Before: Jan 2 13:50:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=78cc50be5c6e5eaf9085b336d0191b80ddf82aa5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c8:3e:26:57:f8:e1:fd:9c:fa:19:88:cd:eb:
e6:7b:dc:b3:c1:43:7d:03:26:ae:d4:0d:d9:12:05:
e4:21:c8:61:19:01:c1:38:1a:61:26:72:5a:dd:77:
09:49:e2:32:f0:1a:1f:3a:fc:d1:07:e1:1e:83:d0:
bd:4d:9f:e7:b1:0b:37:dd:90:d6:05:e7:9f:00:c6:
b9:f9:5b:e2:b9:8d:44:bd:54:b7:2a:c4:1a:ad:dc:
c6:ad:8a:0e:f6:a2:d0:d8:b7:2f:41:1b:12:db:9a:
d0:5d:df:c8:93:52:6f:5d:84:aa:13:2f:13:a2:1f:
eb:6d:ae:7f:1f:b4:f0:ac:f6:29:26:de:59:2e:6b:
0c:7b:bd:71:c1:6d:67:5e:35:93:4b:8d:a1:69:60:
ad:e6:e4:ce:86:ec:0a:40:13:4e:bc:3b:61:d3:60:
1a:d2:9a:8e:c4:dc:61:00:f1:b8:77:b9:15:c9:6c:
af:ed:78:ac:e0:ac:37:b3:b7:d0:2f:07:00:d8:b4:
d9:e9:a4:c7:33:f0:d3:6d:46:8f:90:ad:f8:e3:17:
35:c0:29:ad:b5:c6:d9:00:65:87:0b:b0:ef:1d:85:
6e:15:1c:1c:54:9e:90:81:cb:9d:14:d9:18:0c:e5:
05:fb:b3:9e:77:fd:92:e8:83:34:cf:17:09:88:00:
f6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:CC:50:BE:5C:6E:5E:AF:90:85:B3:36:D0:19:1B:80:DD:F8:2A:A5
X509v3 Authority Key Identifier:
keyid:D4:5B:DF:6E:EC:08:37:0A:E1:F6:7E:83:F9:9B:5A:C1:FE:26:87:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1FvfbuwINwrh9n6D-Ztawf4mhyw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/eMxQvlxuXq-QhbM20BkbgN34KqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/e2dfff-8ba8-4bcf-ac31-98463859ecc1/1/1FvfbuwINwrh9n6D-Ztawf4mhyw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.203.19.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:ad:fc:3f:fa:38:f1:d3:93:ac:5f:72:2d:80:cc:53:5d:9c:
d7:81:06:41:1d:46:7a:6a:f7:84:0b:ac:2b:2e:c9:ce:82:c4:
42:f2:04:ab:72:e6:fd:63:45:63:78:c7:41:6b:24:91:b2:19:
f3:a1:26:1e:3b:31:68:cc:1a:48:eb:60:fa:c4:bd:b0:ed:c6:
76:95:71:5e:d6:4b:8f:4e:69:c2:fd:bc:6e:91:47:0e:3d:64:
58:eb:da:8d:bf:d6:0e:e0:fe:34:b9:4e:32:68:aa:64:10:fa:
75:9b:ec:8d:5d:57:60:f0:76:a1:0f:eb:05:3e:f1:a5:87:da:
a2:49:64:ef:21:23:97:5a:f4:af:50:16:6d:99:01:44:79:d2:
e1:b3:ce:43:bc:e5:5d:a3:e6:e9:26:a4:c3:79:64:6a:1e:13:
62:41:0f:3a:ea:84:a8:58:fc:b7:9b:69:12:12:19:27:77:52:
7e:0f:95:3a:94:27:5a:34:be:c6:02:e6:97:db:07:ed:12:1e:
23:10:0c:c1:f3:67:bb:4d:b7:1a:63:aa:50:84:af:9b:40:ed:
0a:c5:20:69:2b:b2:0b:2a:62:b3:cf:2c:68:97:05:cf:f2:d3:
bb:97:9a:7d:ec:ea:e7:22:f3:8e:67:91:97:c5:19:dd:bb:6d:
c2:9e:dc:15
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZQnSFDq/iHut6uhfve2jiU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NWJkZjZlZWMwODM3MGFlMWY2N2U4M2Y5OWI1YWMxZmUy
Njg3MmMwHhcNMjUwMTAyMTM1MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGNjNTBiZTVjNmU1ZWFmOTA4NWIzMzZkMDE5MWI4MGRkZjgyYWE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMg+Jlf44f2c+hmIzevme9yzwUN9
Ayau1A3ZEgXkIchhGQHBOBphJnJa3XcJSeIy8BofOvzRB+Eeg9C9TZ/nsQs33ZDW
BeefAMa5+VviuY1EvVS3KsQardzGrYoO9qLQ2LcvQRsS25rQXd/Ik1JvXYSqEy8T
oh/rba5/H7TwrPYpJt5ZLmsMe71xwW1nXjWTS42haWCt5uTOhuwKQBNOvDth02Aa
0pqOxNxhAPG4d7kVyWyv7Xis4Kw3s7fQLwcA2LTZ6aTHM/DTbUaPkK344xc1wCmt
tcbZAGWHC7DvHYVuFRwcVJ6QgcudFNkYDOUF+7Oed/2S6IM0zxcJiAD2qQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHjMUL5cbl6vkIWzNtAZG4Dd+CqlMB8GA1UdIwQY
MBaAFNRb327sCDcK4fZ+g/mbWsH+JocsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEt
OTg0NjM4NTllY2MxLzEvZU14UXZseHVYcS1RaGJNMjBCa2JnTjM0S3FVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS9lMmRmZmYtOGJhOC00YmNmLWFjMzEtOTg0NjM4NTllY2Mx
LzEvMUZ2ZmJ1d0lOd3JoOW42RC1adGF3ZjRtaHl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcsTMA0G
CSqGSIb3DQEBCwUAA4IBAQCirfw/+jjx05OsX3ItgMxTXZzXgQZBHUZ6aveEC6wr
LsnOgsRC8gSrcub9Y0VjeMdBaySRshnzoSYeOzFozBpI62D6xL2w7cZ2lXFe1kuP
TmnC/bxukUcOPWRY69qNv9YO4P40uU4yaKpkEPp1m+yNXVdg8HahD+sFPvGlh9qi
SWTvISOXWvSvUBZtmQFEedLhs85DvOVdo+bpJqTDeWRqHhNiQQ866oSoWPy3m2kS
Ehknd1J+D5U6lCdaNL7GAuaX2wftEh4jEAzB82e7TbcaY6pQhK+bQO0KxSBpK7IL
KmKzzyxolwXP8tO7l5p97OrnIvOOZ5GXxRndu23CntwV
-----END CERTIFICATE-----
Generated at Wed Feb 5 14:10:31 2025 by rpki-client