Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/ePZ7Yuu3-_aTMfNEBfmL4fdhXII.roa
File: ePZ7Yuu3-_aTMfNEBfmL4fdhXII.roa (raw, json)
Hash identifier: ho6FnqARFfeawc2fVl+6U/A9evk5Ck/9UluGTSWRaEw=
Subject key identifier: 78:F6:7B:62:EB:B7:FB:F6:93:31:F3:44:05:F9:8B:E1:F7:61:5C:82
Certificate issuer: /CN=4c54ecce6cbc9c54929eaa4b22b337b0fd9b36bf
Certificate serial: 01941F8C840627B160AB016005F049831F76
Authority key identifier: 4C:54:EC:CE:6C:BC:9C:54:92:9E:AA:4B:22:B3:37:B0:FD:9B:36:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TFTszmy8nFSSnqpLIrM3sP2bNr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/ePZ7Yuu3-_aTMfNEBfmL4fdhXII.roa
Signing time: Wed 01 Jan 2025 01:48:10 +0000
ROA not before: Wed 01 Jan 2025 01:48:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33941
IP address blocks: 83.136.120.0/21 maxlen: 21
195.82.96.0/24 maxlen: 24
195.82.107.0/24 maxlen: 24
212.85.248.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/TFTszmy8nFSSnqpLIrM3sP2bNr8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/TFTszmy8nFSSnqpLIrM3sP2bNr8.mft
rsync://rpki.ripe.net/repository/DEFAULT/TFTszmy8nFSSnqpLIrM3sP2bNr8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 13:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:84:06:27:b1:60:ab:01:60:05:f0:49:83:1f:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c54ecce6cbc9c54929eaa4b22b337b0fd9b36bf
Validity
Not Before: Jan 1 01:48:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=78f67b62ebb7fbf69331f34405f98be1f7615c82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:31:b6:24:f4:e6:96:a2:7f:aa:61:fe:91:c2:
b8:95:68:55:9a:80:1a:21:bd:55:9a:fe:15:5e:5e:
54:b0:5e:93:a2:f6:df:8b:b9:6e:56:32:28:92:a7:
dd:5f:38:e0:07:58:16:83:87:b8:1d:f8:6f:c6:70:
aa:0d:c4:a5:61:e0:e1:a3:3a:f6:19:6f:f3:c8:39:
fb:3e:f7:91:f3:0e:0e:3f:fe:c7:6c:35:c9:52:9a:
8a:e4:49:8e:a4:24:ee:04:42:ef:ef:e0:38:ea:c7:
6a:ab:07:84:3a:f8:8a:8f:08:12:4b:7f:28:ef:1d:
c8:27:f5:4c:5e:a5:db:ed:62:ab:59:7d:27:fc:b5:
cb:a4:90:b2:c4:fc:b9:28:f8:cc:86:b1:c3:6f:5d:
de:a6:7b:5b:f2:e6:f6:26:63:f8:d7:1d:4a:4d:f5:
42:f1:15:0b:ca:e0:21:0e:00:73:69:13:d8:af:04:
22:db:68:60:22:5c:e5:aa:ea:77:e4:a0:75:a2:bb:
fa:9c:49:b2:7b:d2:f5:65:d6:51:a5:f6:46:a0:70:
66:4f:aa:86:b8:6e:d6:fc:21:52:ab:fc:14:05:1e:
bf:eb:25:05:2c:a0:d8:4b:4e:31:aa:1e:56:2c:65:
d4:ab:17:d4:68:d2:dd:bd:cf:1f:71:2a:2c:74:77:
01:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:F6:7B:62:EB:B7:FB:F6:93:31:F3:44:05:F9:8B:E1:F7:61:5C:82
X509v3 Authority Key Identifier:
keyid:4C:54:EC:CE:6C:BC:9C:54:92:9E:AA:4B:22:B3:37:B0:FD:9B:36:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TFTszmy8nFSSnqpLIrM3sP2bNr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/ePZ7Yuu3-_aTMfNEBfmL4fdhXII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/02c5ec-7c6f-4ae2-9897-3059c89b72ea/1/TFTszmy8nFSSnqpLIrM3sP2bNr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.120.0/21
195.82.96.0/24
195.82.107.0/24
212.85.248.0/22
Signature Algorithm: sha256WithRSAEncryption
37:82:e9:fa:01:e4:d7:df:b6:42:b1:84:a0:1b:12:d8:ab:1c:
31:f2:9a:8b:b4:a6:bc:f9:79:06:84:6a:45:03:85:76:0d:7d:
75:f6:de:79:87:e2:f2:9c:35:21:b4:9e:cd:ef:2f:af:cb:13:
df:79:fc:d0:67:9f:24:a4:ae:5f:f6:8b:5f:f2:d7:60:70:2e:
43:a8:fa:61:7f:93:b8:1d:4d:8a:94:4d:5f:ed:ea:34:36:2c:
3d:7f:98:9d:99:25:5a:ca:f4:74:9c:44:8e:e0:88:6c:5b:6c:
db:72:74:04:87:c8:d0:93:21:6d:59:32:54:51:f5:79:ce:83:
e7:0f:57:43:b8:12:02:b7:65:f2:cb:a7:f3:9a:30:c6:6f:8e:
5c:d2:21:fb:5c:ba:b6:17:69:5c:6a:59:71:53:4e:37:b3:b4:
db:f0:3a:72:05:8a:c4:1d:ef:6a:ef:bb:a1:20:86:e7:c4:ab:
89:95:7f:93:72:30:ef:1a:e0:44:c3:aa:ae:94:f8:bf:fb:73:
9b:b1:a4:32:a4:56:6b:37:8b:58:46:be:a7:99:03:b2:8f:21:
4f:f4:67:08:5d:15:df:3c:f3:84:6e:cc:c6:6c:a9:55:e9:81:
a9:84:a5:d6:8b:98:7e:b6:7b:69:18:d3:75:eb:01:e6:d1:0c:
58:a2:56:97
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQfjIQGJ7FgqwFgBfBJgx92MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjNTRlY2NlNmNiYzljNTQ5MjllYWE0YjIyYjMzN2IwZmQ5
YjM2YmYwHhcNMjUwMTAxMDE0ODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGY2N2I2MmViYjdmYmY2OTMzMWYzNDQwNWY5OGJlMWY3NjE1YzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3TG2JPTmlqJ/qmH+kcK4lWhVmoAa
Ib1Vmv4VXl5UsF6Tovbfi7luVjIokqfdXzjgB1gWg4e4HfhvxnCqDcSlYeDhozr2
GW/zyDn7PveR8w4OP/7HbDXJUpqK5EmOpCTuBELv7+A46sdqqweEOviKjwgSS38o
7x3IJ/VMXqXb7WKrWX0n/LXLpJCyxPy5KPjMhrHDb13epntb8ub2JmP41x1KTfVC
8RULyuAhDgBzaRPYrwQi22hgIlzlqup35KB1orv6nEmye9L1ZdZRpfZGoHBmT6qG
uG7W/CFSq/wUBR6/6yUFLKDYS04xqh5WLGXUqxfUaNLdvc8fcSosdHcBeQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHj2e2Lrt/v2kzHzRAX5i+H3YVyCMB8GA1UdIwQY
MBaAFExU7M5svJxUkp6qSyKzN7D9mza/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEZUc3pteThuRlNTbnFwTElyTTNzUDJiTnI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS8wMmM1ZWMtN2M2Zi00YWUyLTk4OTct
MzA1OWM4OWI3MmVhLzEvZVBaN1l1dTMtX2FUTWZORUJmbUw0ZmRoWElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS8wMmM1ZWMtN2M2Zi00YWUyLTk4OTctMzA1OWM4OWI3MmVh
LzEvVEZUc3pteThuRlNTbnFwTElyTTNzUDJiTnI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQDU4h4AwQA
w1JgAwQAw1JrAwQC1FX4MA0GCSqGSIb3DQEBCwUAA4IBAQA3gun6AeTX37ZCsYSg
GxLYqxwx8pqLtKa8+XkGhGpFA4V2DX119t55h+LynDUhtJ7N7y+vyxPfefzQZ58k
pK5f9otf8tdgcC5DqPphf5O4HU2KlE1f7eo0Niw9f5idmSVayvR0nESO4IhsW2zb
cnQEh8jQkyFtWTJUUfV5zoPnD1dDuBICt2Xyy6fzmjDGb45c0iH7XLq2F2lcallx
U043s7Tb8DpyBYrEHe9q77uhIIbnxKuJlX+TcjDvGuBEw6qulPi/+3ObsaQypFZr
N4tYRr6nmQOyjyFP9GcIXRXfPPOEbszGbKlV6YGphKXWi5h+tntpGNN16wHm0QxY
olaX
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:31:30 2025 by rpki-client