Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/eaWSYlYtTHoUV2T6puoJwTY1yzo.roa
File: eaWSYlYtTHoUV2T6puoJwTY1yzo.roa (raw, json)
Hash identifier: 4EDnzhJ+sngEfgBNbpNFt8hpCgyj82szfd/D0pgviK8=
Subject key identifier: 79:A5:92:62:56:2D:4C:7A:14:57:64:FA:A6:EA:09:C1:36:35:CB:3A
Certificate issuer: /CN=76a75826e991225a429ff8a1e7ffdc80466420df
Certificate serial: 018CC80136552C424EDAC1630F6D92265958
Authority key identifier: 76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/eaWSYlYtTHoUV2T6puoJwTY1yzo.roa
Signing time: Tue 02 Jan 2024 02:29:31 +0000
ROA not before: Tue 02 Jan 2024 02:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16097
IP address blocks: 153.96.84.0/23 maxlen: 23
153.96.86.0/24 maxlen: 24
129.233.172.0/24 maxlen: 24
153.96.132.0/24 maxlen: 24
153.96.27.0/24 maxlen: 24
129.233.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.mft
rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:36:55:2c:42:4e:da:c1:63:0f:6d:92:26:59:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=76a75826e991225a429ff8a1e7ffdc80466420df
Validity
Not Before: Jan 2 02:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79a59262562d4c7a145764faa6ea09c13635cb3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:ff:b9:30:2e:a1:00:4d:8d:5b:a7:af:d5:cc:
dc:cf:3a:50:5e:ab:87:65:bc:4f:03:06:44:69:c8:
e6:2e:aa:aa:38:ec:8a:cf:83:eb:41:ce:0f:28:58:
a5:90:3e:7d:e9:8d:e9:e5:7c:ae:30:28:17:b1:e7:
0b:cd:b1:57:bd:7b:85:e4:d5:1b:46:da:af:22:e6:
d3:49:19:86:cc:37:ef:12:53:0f:d6:b3:a7:cc:ce:
43:74:11:39:4f:b5:26:88:0a:b5:6d:71:9d:ea:86:
10:d1:56:a2:7c:ac:50:31:5d:fc:7d:1a:03:0f:a9:
55:72:4d:04:4a:01:1f:43:1b:93:e0:a3:f3:3c:ab:
d9:1d:1b:6b:39:7b:a1:ad:2b:94:fb:be:65:fa:70:
63:b6:8d:41:29:07:71:27:4c:76:d6:70:39:31:77:
17:9e:dc:b7:98:5e:11:c1:49:44:1c:f0:f5:c5:e5:
86:bf:bc:ca:32:ed:b7:58:4c:5b:4e:b2:04:ee:fc:
ab:1a:98:97:89:28:e3:eb:d7:46:32:97:c4:06:10:
46:d2:cf:69:dc:0f:9d:62:d5:ac:b1:76:7c:85:c0:
75:97:e8:e9:a6:18:8d:a4:c2:63:b6:45:0b:0e:f4:
88:b2:67:e4:77:0e:c3:94:f4:d3:47:90:d7:8e:ca:
8f:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:A5:92:62:56:2D:4C:7A:14:57:64:FA:A6:EA:09:C1:36:35:CB:3A
X509v3 Authority Key Identifier:
keyid:76:A7:58:26:E9:91:22:5A:42:9F:F8:A1:E7:FF:DC:80:46:64:20:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dqdYJumRIlpCn_ih5__cgEZkIN8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/eaWSYlYtTHoUV2T6puoJwTY1yzo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/1d33ca-8d1c-49c0-be97-ad8fbeaa8dd9/1/dqdYJumRIlpCn_ih5__cgEZkIN8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
129.233.172.0/24
129.233.216.0/24
153.96.27.0/24
153.96.84.0-153.96.86.255
153.96.132.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:b9:8f:25:80:06:f1:71:5e:c5:10:3a:29:c9:37:4a:b8:1a:
8b:46:b4:e5:95:f0:f9:90:6f:dc:05:7f:a6:89:4a:39:54:f7:
d1:77:2b:98:85:7c:24:5a:42:2e:4f:ab:90:33:7c:f5:d3:02:
24:97:19:78:a4:bb:53:f8:8a:00:95:84:4d:dc:8a:14:8c:b5:
d1:3f:7c:92:2a:74:d5:7b:f3:d9:87:3c:7b:1c:01:b4:60:7e:
d2:77:0f:a1:44:d1:19:e3:a7:7c:3f:17:4c:2e:b9:5c:92:7f:
96:50:c4:3d:0d:03:7e:c5:7a:a4:36:b7:c4:5c:5b:8e:30:04:
58:db:02:08:51:32:ad:cb:90:3b:15:c3:7a:89:16:c7:03:72:
67:88:ee:db:18:b6:88:08:b3:a0:05:15:1f:3a:97:61:4a:75:
bc:e5:e4:f2:ba:03:75:13:18:1b:b4:98:84:de:c7:56:2a:5a:
4b:30:66:f5:f7:d2:de:f4:80:e6:0c:15:8f:5c:7d:4b:23:cb:
23:87:95:4c:e3:fe:b4:51:5d:13:92:b9:ba:9e:77:27:0c:80:
90:9e:c1:85:81:5e:c4:be:9d:6b:e4:8e:1e:28:aa:84:c4:c9:
73:58:56:ca:49:b6:fb:a9:b6:7b:3f:3f:8f:fa:bd:05:93:ad:
04:48:b3:28
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzIATZVLEJO2sFjD22SJllYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2YTc1ODI2ZTk5MTIyNWE0MjlmZjhhMWU3ZmZkYzgwNDY2
NDIwZGYwHhcNMjQwMTAyMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWE1OTI2MjU2MmQ0YzdhMTQ1NzY0ZmFhNmVhMDljMTM2MzVjYjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmv+5MC6hAE2NW6ev1czczzpQXquH
ZbxPAwZEacjmLqqqOOyKz4PrQc4PKFilkD596Y3p5XyuMCgXsecLzbFXvXuF5NUb
RtqvIubTSRmGzDfvElMP1rOnzM5DdBE5T7UmiAq1bXGd6oYQ0VaifKxQMV38fRoD
D6lVck0ESgEfQxuT4KPzPKvZHRtrOXuhrSuU+75l+nBjto1BKQdxJ0x21nA5MXcX
nty3mF4RwUlEHPD1xeWGv7zKMu23WExbTrIE7vyrGpiXiSjj69dGMpfEBhBG0s9p
3A+dYtWssXZ8hcB1l+jpphiNpMJjtkULDvSIsmfkdw7DlPTTR5DXjsqPPwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFHmlkmJWLUx6FFdk+qbqCcE2Ncs6MB8GA1UdIwQY
MBaAFHanWCbpkSJaQp/4oef/3IBGZCDfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTct
YWQ4ZmJlYWE4ZGQ5LzEvZWFXU1lsWXRUSG9VVjJUNnB1b0p3VFkxeXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8xZDMzY2EtOGQxYy00OWMwLWJlOTctYWQ4ZmJlYWE4ZGQ5
LzEvZHFkWUp1bVJJbHBDbl9paDVfX2NnRVprSU44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAgemsAwQA
genYAwQAmWAbMAwDBAKZYFQDBACZYFYDBACZYIQwDQYJKoZIhvcNAQELBQADggEB
AFq5jyWABvFxXsUQOinJN0q4GotGtOWV8PmQb9wFf6aJSjlU99F3K5iFfCRaQi5P
q5AzfPXTAiSXGXiku1P4igCVhE3cihSMtdE/fJIqdNV789mHPHscAbRgftJ3D6FE
0Rnjp3w/F0wuuVySf5ZQxD0NA37FeqQ2t8RcW44wBFjbAghRMq3LkDsVw3qJFscD
cmeI7tsYtogIs6AFFR86l2FKdbzl5PK6A3UTGBu0mITex1YqWkswZvX30t70gOYM
FY9cfUsjyyOHlUzj/rRRXROSubqedycMgJCewYWBXsS+nWvkjh4oqoTEyXNYVspJ
tvuptns/P4/6vQWTrQRIsyg=
-----END CERTIFICATE-----
Generated at Sun May 19 06:03:06 2024 by rpki-client on console-fra.rpki-client.org