Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/5q7ZvpS7BQ2mPktVbmUQf3GcRs4.roa
File: 5q7ZvpS7BQ2mPktVbmUQf3GcRs4.roa (raw, json)
Hash identifier: I+IJmnDMgIoTXukTkeVvMrdG1I20S7oPIJnniM7q+Hw=
Subject key identifier: E6:AE:D9:BE:94:BB:05:0D:A6:3E:4B:55:6E:65:10:7F:71:9C:46:CE
Certificate issuer: /CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Certificate serial: 018CC80162487509C03437E3DEEC58BBF8FB
Authority key identifier: 79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/5q7ZvpS7BQ2mPktVbmUQf3GcRs4.roa
Signing time: Tue 02 Jan 2024 02:29:43 +0000
ROA not before: Tue 02 Jan 2024 02:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208006
IP address blocks: 130.185.123.0/24 maxlen: 24
130.185.122.0/24 maxlen: 24
185.215.232.0/22 maxlen: 24
185.215.235.0/24 maxlen: 24
185.215.234.0/24 maxlen: 24
185.204.168.0/22 maxlen: 24
2a0d:4ac0::/48 maxlen: 48
2a0d:4ac0:3::/48 maxlen: 48
2a0d:4ac0:1::/48 maxlen: 48
2a0d:4ac0:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:62:48:75:09:c0:34:37:e3:de:ec:58:bb:f8:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d565f99ff5e0ffb5bdf9995ed7a808d41406e5
Validity
Not Before: Jan 2 02:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e6aed9be94bb050da63e4b556e65107f719c46ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:3e:2f:68:9c:4a:ff:ea:ca:aa:6e:a4:ab:cd:
dd:54:32:3b:ac:e0:34:e1:14:34:2d:70:76:50:d5:
dc:26:13:8b:de:eb:96:f2:59:0a:fa:04:4a:ea:bf:
ef:ff:09:f1:9f:02:ac:98:db:d5:2a:6c:3f:7c:ed:
9c:91:60:54:09:69:f9:fc:d1:d4:92:b1:99:fc:96:
71:7b:69:9c:f6:f3:c5:d8:2a:fa:96:1d:63:70:ea:
9c:71:8a:80:a0:e3:d9:5a:64:6d:a4:b5:89:f7:d9:
53:be:15:e9:2c:ad:53:53:58:4d:4c:32:a5:78:34:
52:35:1c:48:6d:ca:75:7b:ae:86:01:c7:28:16:b8:
e8:f6:ad:1e:2e:05:f4:56:cc:9d:95:e3:7c:bd:cb:
5d:07:82:53:2f:5f:fc:8e:e2:80:37:14:9b:99:bd:
5d:a7:e3:35:56:d5:0a:32:e9:2c:c4:25:fc:3e:1e:
c1:2b:f1:17:cb:f7:08:f0:64:93:08:4d:1c:79:76:
50:ea:9c:74:49:47:61:12:be:81:e2:90:4d:26:77:
ae:0f:48:42:fd:d6:3a:25:b2:af:50:d7:78:96:fb:
c2:56:17:5b:f2:22:a9:c8:b6:05:6a:ae:a8:dd:84:
b8:34:f2:87:75:80:df:ce:f7:93:31:2c:01:05:a7:
ee:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:AE:D9:BE:94:BB:05:0D:A6:3E:4B:55:6E:65:10:7F:71:9C:46:CE
X509v3 Authority Key Identifier:
keyid:79:D5:65:F9:9F:F5:E0:FF:B5:BD:F9:99:5E:D7:A8:08:D4:14:06:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edVl-Z_14P-1vfmZXteoCNQUBuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/5q7ZvpS7BQ2mPktVbmUQf3GcRs4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ee5cd7-b30e-466b-aaad-6c3b87443e06/1/edVl-Z_14P-1vfmZXteoCNQUBuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
130.185.122.0/23
185.204.168.0/22
185.215.232.0/22
IPv6:
2a0d:4ac0::/46
Signature Algorithm: sha256WithRSAEncryption
cb:35:14:28:59:45:6a:c7:56:1a:8b:0a:ab:a9:3f:ec:2d:d1:
cf:d7:ae:9d:32:00:c3:7a:2f:97:5a:9a:62:cf:76:57:dc:c5:
44:a5:1d:46:c5:6a:0d:5c:57:df:ec:24:15:57:1b:2f:3b:6d:
9c:2b:de:c8:39:46:2c:da:63:74:8a:05:dc:ad:7c:34:72:b4:
eb:8c:1c:d4:6f:24:72:3d:9f:f8:f9:d8:aa:97:54:f7:f8:c8:
5f:77:74:fb:fc:c8:08:59:fc:b1:21:ca:80:ff:c3:a1:7f:7f:
29:5d:33:f5:ad:c7:79:c8:64:55:51:ae:f2:d6:84:63:00:62:
1b:df:f1:bd:23:ab:5b:ca:b1:6c:ae:01:8d:33:d0:11:ea:58:
eb:0e:2e:b9:ea:9d:a0:54:02:c9:f8:48:88:3c:9a:b3:c9:a2:
9a:4d:08:71:16:b1:c3:95:a6:5b:71:47:f3:6b:fd:71:85:c5:
3a:f8:2b:88:ae:c6:a3:ce:e4:c6:1d:61:77:69:c1:72:3d:ea:
1d:df:42:1c:23:e1:bb:9b:62:f7:70:ac:2a:47:eb:c7:aa:f4:
b5:70:eb:19:54:14:33:c1:48:56:5e:82:3e:67:3e:ab:e1:8b:
41:c9:8d:83:3c:f5:16:92:e8:34:03:d6:21:3f:87:f7:1c:62:
32:22:6a:0f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzIAWJIdQnANDfj3uxYu/j7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDU2NWY5OWZmNWUwZmZiNWJkZjk5OTVlZDdhODA4ZDQx
NDA2ZTUwHhcNMjQwMTAyMDIyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmFlZDliZTk0YmIwNTBkYTYzZTRiNTU2ZTY1MTA3ZjcxOWM0NmNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsD4vaJxK/+rKqm6kq83dVDI7rOA0
4RQ0LXB2UNXcJhOL3uuW8lkK+gRK6r/v/wnxnwKsmNvVKmw/fO2ckWBUCWn5/NHU
krGZ/JZxe2mc9vPF2Cr6lh1jcOqccYqAoOPZWmRtpLWJ99lTvhXpLK1TU1hNTDKl
eDRSNRxIbcp1e66GAccoFrjo9q0eLgX0VsydleN8vctdB4JTL1/8juKANxSbmb1d
p+M1VtUKMuksxCX8Ph7BK/EXy/cI8GSTCE0ceXZQ6px0SUdhEr6B4pBNJneuD0hC
/dY6JbKvUNd4lvvCVhdb8iKpyLYFaq6o3YS4NPKHdYDfzveTMSwBBafucwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFOau2b6UuwUNpj5LVW5lEH9xnEbOMB8GA1UdIwQY
MBaAFHnVZfmf9eD/tb35mV7XqAjUFAblMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQt
NmMzYjg3NDQzZTA2LzEvNXE3WnZwUzdCUTJtUGt0VmJtVVFmM0djUnM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lZTVjZDctYjMwZS00NjZiLWFhYWQtNmMzYjg3NDQzZTA2
LzEvZWRWbC1aXzE0UC0xdmZtWlh0ZW9DTlFVQnVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBgrl6AwQC
ucyoAwQCudfoMA8EAgACMAkDBwIqDUrAAAAwDQYJKoZIhvcNAQELBQADggEBAMs1
FChZRWrHVhqLCqupP+wt0c/Xrp0yAMN6L5dammLPdlfcxUSlHUbFag1cV9/sJBVX
Gy87bZwr3sg5RizaY3SKBdytfDRytOuMHNRvJHI9n/j52KqXVPf4yF93dPv8yAhZ
/LEhyoD/w6F/fyldM/Wtx3nIZFVRrvLWhGMAYhvf8b0jq1vKsWyuAY0z0BHqWOsO
LrnqnaBUAsn4SIg8mrPJoppNCHEWscOVpltxR/Nr/XGFxTr4K4iuxqPO5MYdYXdp
wXI96h3fQhwj4bubYvdwrCpH68eq9LVw6xlUFDPBSFZegj5nPqvhi0HJjYM89RaS
6DQD1iE/h/ccYjIiag8=
-----END CERTIFICATE-----
Generated at Sat Sep 28 08:05:12 2024 by rpki-client on console-fra.rpki-client.org