Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/EBYYFh_WQxrZ9Rltz6F6B8Cq1c4.roa
File: EBYYFh_WQxrZ9Rltz6F6B8Cq1c4.roa (raw, json)
Hash identifier: 8SIntfmwoh14yAFut2X6/YnJcO06eQDHW2ATabz/Wbo=
Subject key identifier: 10:16:18:16:1F:D6:43:1A:D9:F5:19:6D:CF:A1:7A:07:C0:AA:D5:CE
Certificate issuer: /CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Certificate serial: 0193257FC2064076980C84C308586A22C280
Authority key identifier: FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/EBYYFh_WQxrZ9Rltz6F6B8Cq1c4.roa
Signing time: Wed 13 Nov 2024 12:29:09 +0000
ROA not before: Wed 13 Nov 2024 12:29:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209236
IP address blocks: 171.25.128.0/21 maxlen: 21
193.221.28.0/24 maxlen: 24
193.221.36.0/24 maxlen: 24
193.221.37.0/24 maxlen: 24
193.221.47.0/24 maxlen: 24
193.221.52.0/24 maxlen: 24
193.221.53.0/24 maxlen: 24
193.221.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.mft
rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:25:7f:c2:06:40:76:98:0c:84:c3:08:58:6a:22:c2:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Validity
Not Before: Nov 13 12:29:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=101618161fd6431ad9f5196dcfa17a07c0aad5ce
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:e8:85:f1:ba:cb:bd:7d:b3:ec:f5:36:e8:53:
f8:82:23:c6:be:e1:52:fe:8f:11:a3:76:5f:cb:ce:
01:91:b3:4a:77:cb:db:73:9c:61:9b:cc:3c:2a:98:
30:71:60:dd:5b:d9:d3:6a:b3:b4:cf:59:64:a4:c2:
b9:27:a6:f5:50:03:e9:30:f6:30:71:48:88:e3:09:
40:bc:14:47:aa:34:22:c6:aa:7e:ec:57:61:38:c0:
9d:34:e5:5c:4d:8d:a7:e2:ee:8c:d0:fc:0a:9e:7b:
8e:26:ad:76:ed:ef:a8:07:9f:9a:9a:e1:40:50:64:
32:b9:33:c9:b1:71:df:32:5c:05:e7:d3:8c:f0:a9:
1a:f4:2e:51:11:17:f6:0a:c6:6d:74:d7:09:8e:f8:
6f:8e:88:bf:b5:37:b7:ed:78:58:79:a6:d1:14:c9:
ca:f3:74:6d:01:47:73:a3:28:4b:3b:81:8f:33:4e:
2b:55:0c:a1:fb:39:75:5c:b7:33:9f:e2:cd:a8:74:
0a:65:fa:72:a3:90:43:c5:77:7b:84:d8:7c:1f:8c:
10:10:07:e1:e4:a3:dc:ae:e1:ad:c0:51:0d:d4:35:
6b:b2:1d:bb:da:b3:33:ca:e5:99:43:49:31:fa:26:
aa:d8:c3:39:8e:33:24:82:c6:73:77:4c:09:07:da:
f7:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:16:18:16:1F:D6:43:1A:D9:F5:19:6D:CF:A1:7A:07:C0:AA:D5:CE
X509v3 Authority Key Identifier:
keyid:FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/EBYYFh_WQxrZ9Rltz6F6B8Cq1c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.128.0/21
193.221.28.0/24
193.221.36.0/23
193.221.47.0/24
193.221.52.0/23
193.221.59.0/24
Signature Algorithm: sha256WithRSAEncryption
42:44:da:39:20:8a:cb:be:a5:11:60:d8:37:4f:99:b5:6a:88:
03:42:c9:ca:46:bc:c8:66:7b:07:05:c3:31:3d:e6:38:7c:45:
6d:aa:1a:e6:8f:8e:fa:1d:81:28:1d:23:2e:36:bc:a6:b4:60:
f6:ed:cc:3f:b0:31:7c:3e:cf:6c:84:96:8d:2c:1b:be:2e:0c:
89:69:4d:2f:a8:fd:78:f8:da:5a:c5:ef:7f:4a:a4:4b:17:6e:
23:88:3b:a1:ba:6e:b2:83:83:15:32:2a:b8:4d:31:7c:88:3e:
b8:3d:67:6d:15:03:d0:df:d5:b5:0b:36:7e:68:6d:9a:af:0a:
90:c5:41:96:ff:99:10:d0:20:63:32:2d:de:4d:c8:5c:12:f4:
10:f8:5f:54:88:e9:4f:33:21:a6:15:69:22:d6:de:59:d3:32:
42:91:47:f5:4e:1e:bf:91:04:aa:c9:94:87:fd:af:64:0b:df:
e2:b4:a8:2b:39:b3:b3:11:91:9d:6e:80:4b:6a:0d:71:01:e3:
1c:f2:ec:17:05:1f:a5:4d:64:68:00:8e:2b:a2:b9:24:7a:c9:
3c:52:58:f8:da:d6:8c:20:1d:b1:b3:c6:7b:f5:30:47:dc:db:
01:24:6b:07:44:3d:f4:94:9d:a3:ec:31:e0:f3:fd:76:81:2c:
a9:44:02:61
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZMlf8IGQHaYDITDCFhqIsKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTRhYjJkNDgxY2YxNjIyYTJjNTIxODNhYjRmNWE5MzBh
NGFlNDEwHhcNMjQxMTEzMTIyOTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMDE2MTgxNjFmZDY0MzFhZDlmNTE5NmRjZmExN2EwN2MwYWFkNWNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4+iF8brLvX2z7PU26FP4giPGvuFS
/o8Ro3Zfy84BkbNKd8vbc5xhm8w8KpgwcWDdW9nTarO0z1lkpMK5J6b1UAPpMPYw
cUiI4wlAvBRHqjQixqp+7FdhOMCdNOVcTY2n4u6M0PwKnnuOJq127e+oB5+amuFA
UGQyuTPJsXHfMlwF59OM8Kka9C5RERf2CsZtdNcJjvhvjoi/tTe37XhYeabRFMnK
83RtAUdzoyhLO4GPM04rVQyh+zl1XLczn+LNqHQKZfpyo5BDxXd7hNh8H4wQEAfh
5KPcruGtwFEN1DVrsh272rMzyuWZQ0kx+iaq2MM5jjMkgsZzd0wJB9r3MwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFBAWGBYf1kMa2fUZbc+hegfAqtXOMB8GA1UdIwQY
MBaAFP5Uqy1IHPFiKixSGDq09akwpK5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYt
MWIxMzYyYjliNmEyLzEvRUJZWUZoX1dReHJaOVJsdHo2RjZCOENxMWM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYtMWIxMzYyYjliNmEy
LzEvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDqxmAAwQA
wd0cAwQBwd0kAwQAwd0vAwQBwd00AwQAwd07MA0GCSqGSIb3DQEBCwUAA4IBAQBC
RNo5IIrLvqURYNg3T5m1aogDQsnKRrzIZnsHBcMxPeY4fEVtqhrmj476HYEoHSMu
NrymtGD27cw/sDF8Ps9shJaNLBu+LgyJaU0vqP14+Npaxe9/SqRLF24jiDuhum6y
g4MVMiq4TTF8iD64PWdtFQPQ39W1CzZ+aG2arwqQxUGW/5kQ0CBjMi3eTchcEvQQ
+F9UiOlPMyGmFWki1t5Z0zJCkUf1Th6/kQSqyZSH/a9kC9/itKgrObOzEZGdboBL
ag1xAeMc8uwXBR+lTWRoAI4rorkkesk8Ulj42taMIB2xs8Z79TBH3NsBJGsHRD30
lJ2j7DHg8/12gSypRAJh
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:05:45 2024 by rpki-client on console-ams.rpki-client.org