Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/eblZ0WW7ug7wXPrVNfn1cY-yJqo.roa
File: eblZ0WW7ug7wXPrVNfn1cY-yJqo.roa (raw, json)
Hash identifier: dWuYQEsmPoTIIHBB+8IQJCQEq6RYlXM1i/XQFnjBtZE=
Subject key identifier: 79:B9:59:D1:65:BB:BA:0E:F0:5C:FA:D5:35:F9:F5:71:8F:B2:26:AA
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 018FD9BC00C11AA918406C01D0664CF21A90
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/eblZ0WW7ug7wXPrVNfn1cY-yJqo.roa
Signing time: Sun 02 Jun 2024 16:15:27 +0000
ROA not before: Sun 02 Jun 2024 16:15:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 95.82.8.0/21 maxlen: 24
95.82.16.0/20 maxlen: 24
109.111.52.0/22 maxlen: 24
109.111.60.0/22 maxlen: 22
176.221.20.0/23 maxlen: 24
176.221.22.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.mft
rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Sep 2024 14:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:d9:bc:00:c1:1a:a9:18:40:6c:01:d0:66:4c:f2:1a:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jun 2 16:15:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79b959d165bbba0ef05cfad535f9f5718fb226aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:6c:4e:31:e8:f8:78:85:92:d0:81:58:93:3b:
b9:20:a2:ce:02:6c:ae:43:8b:6d:94:14:50:42:ab:
97:30:dc:49:29:fd:dd:6e:3e:22:93:5e:f4:62:cc:
c3:bd:f5:1f:89:8e:88:1d:be:98:cb:7d:5c:e3:7a:
88:08:e1:0c:94:fe:8c:40:a1:34:bf:d4:67:00:c1:
db:37:cf:e5:0e:53:ba:8a:30:5c:17:e3:d7:ca:4d:
14:14:1d:84:cb:58:64:de:0d:a7:a4:30:6c:3c:cb:
fc:ee:ba:02:94:88:68:b3:aa:cf:a4:0e:c4:1a:cc:
bc:99:e0:db:f9:67:89:27:ec:27:27:01:2b:53:f3:
4b:65:2a:6e:58:cf:c6:43:20:4a:98:bb:2d:c0:c4:
ea:af:0a:f7:89:3c:c9:13:51:3f:34:16:66:36:0a:
25:23:7b:ec:57:7a:52:45:3c:f6:ea:a5:df:7d:95:
1c:4b:c5:a8:f2:4e:74:aa:73:9f:e5:62:41:b0:35:
c8:12:58:32:1d:84:31:e8:f8:31:e7:dd:7f:82:2c:
ce:8e:06:f2:e1:84:fe:a6:6b:41:99:a8:93:6d:fb:
cf:f5:fb:62:46:b3:9e:e4:f4:02:8b:ac:7b:d4:45:
44:ac:71:bd:5c:7b:1b:f0:db:ee:c7:c2:ad:e8:79:
65:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:B9:59:D1:65:BB:BA:0E:F0:5C:FA:D5:35:F9:F5:71:8F:B2:26:AA
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/eblZ0WW7ug7wXPrVNfn1cY-yJqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.82.8.0-95.82.31.255
109.111.52.0/22
109.111.60.0/22
176.221.20.0/22
Signature Algorithm: sha256WithRSAEncryption
02:2c:77:be:3d:9a:e8:14:7a:4b:7d:ad:a9:32:d0:88:a9:da:
d7:2a:f0:b3:5c:48:2f:c5:6e:67:8a:d5:4b:34:64:b6:cd:77:
91:3d:d3:00:60:22:0d:59:d1:85:32:80:43:67:8a:03:be:42:
42:93:a0:11:e2:1f:d8:fe:6b:0f:bf:63:0b:d8:3c:1e:e8:38:
04:82:78:35:cd:b1:4e:e9:d4:e3:a9:cd:c2:bc:32:db:93:49:
19:8b:51:ce:eb:91:69:3e:23:ce:fc:5f:6b:ff:10:e2:e4:8e:
0b:23:dd:ae:8a:cd:1d:70:d2:22:8c:2e:61:07:c3:81:3c:88:
d6:ab:18:60:24:b8:e3:c6:8d:34:fd:ea:50:36:40:74:2f:ba:
78:c3:bb:c0:01:02:a9:2f:65:6c:4c:5e:ac:7f:54:dc:44:38:
55:70:9f:db:a3:c8:36:71:c1:4b:02:be:4d:7c:5b:74:c9:5b:
79:e2:f8:59:4e:01:18:11:c8:20:9b:c4:ed:ea:c3:07:a7:38:
ad:6b:f6:db:c2:ac:68:32:d3:2e:86:b1:99:68:52:92:15:5b:
78:e0:e1:bc:e9:a0:45:09:31:31:4b:dc:63:4b:0f:db:9e:0a:
b1:c4:0f:ea:a8:86:66:67:97:25:76:14:c0:d8:42:43:36:03:
52:85:8b:b2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAY/ZvADBGqkYQGwB0GZM8hqQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwNjAyMTYxNTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWI5NTlkMTY1YmJiYTBlZjA1Y2ZhZDUzNWY5ZjU3MThmYjIyNmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv2xOMej4eIWS0IFYkzu5IKLOAmyu
Q4ttlBRQQquXMNxJKf3dbj4ik170YszDvfUfiY6IHb6Yy31c43qICOEMlP6MQKE0
v9RnAMHbN8/lDlO6ijBcF+PXyk0UFB2Ey1hk3g2npDBsPMv87roClIhos6rPpA7E
Gsy8meDb+WeJJ+wnJwErU/NLZSpuWM/GQyBKmLstwMTqrwr3iTzJE1E/NBZmNgol
I3vsV3pSRTz26qXffZUcS8Wo8k50qnOf5WJBsDXIElgyHYQx6Pgx591/gizOjgby
4YT+pmtBmaiTbfvP9ftiRrOe5PQCi6x71EVErHG9XHsb8Nvux8Kt6HllJwIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFHm5WdFlu7oO8Fz61TX59XGPsiaqMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvZWJsWjBXVzd1Zzd3WFByVk5mbjFjWS15SnFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBANfUggD
BAVfUgADBAJtbzQDBAJtbzwDBAKw3RQwDQYJKoZIhvcNAQELBQADggEBAAIsd749
mugUekt9raky0Iip2tcq8LNcSC/FbmeK1Us0ZLbNd5E90wBgIg1Z0YUygENnigO+
QkKToBHiH9j+aw+/YwvYPB7oOASCeDXNsU7p1OOpzcK8MtuTSRmLUc7rkWk+I878
X2v/EOLkjgsj3a6KzR1w0iKMLmEHw4E8iNarGGAkuOPGjTT96lA2QHQvunjDu8AB
AqkvZWxMXqx/VNxEOFVwn9ujyDZxwUsCvk18W3TJW3ni+FlOARgRyCCbxO3qwwen
OK1r9tvCrGgy0y6GsZloUpIVW3jg4bzpoEUJMTFL3GNLD9ueCrHED+qohmZnlyV2
FMDYQkM2A1KFi7I=
-----END CERTIFICATE-----
Generated at Sat Sep 7 22:49:41 2024 by rpki-client on console-ams.rpki-client.org