Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/ebmw2Ohkv-DXbIresXGyA2nPdcM.roa
File: ebmw2Ohkv-DXbIresXGyA2nPdcM.roa (raw, json)
Hash identifier: wfTZdRLSd0A5eXWkzhqgH1vuB2RbV8Hzn2QaVsygoro=
Subject key identifier: 79:B9:B0:D8:E8:64:BF:E0:D7:6C:8A:DE:B1:71:B2:03:69:CF:75:C3
Certificate issuer: /CN=374e2729b17369890a1512f643cd08e4ba2ff414
Certificate serial: 018CC5DD1A3BC2611520F42492DDC1FA8E6D
Authority key identifier: 37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/ebmw2Ohkv-DXbIresXGyA2nPdcM.roa
Signing time: Mon 01 Jan 2024 16:30:50 +0000
ROA not before: Mon 01 Jan 2024 16:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51765
IP address blocks: 178.20.215.0/24 maxlen: 24
178.20.214.0/24 maxlen: 24
77.243.88.0/22 maxlen: 24
185.101.20.0/23 maxlen: 24
178.20.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:1a:3b:c2:61:15:20:f4:24:92:dd:c1:fa:8e:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374e2729b17369890a1512f643cd08e4ba2ff414
Validity
Not Before: Jan 1 16:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79b9b0d8e864bfe0d76c8adeb171b20369cf75c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:b0:67:c7:66:d1:c6:c8:ee:8a:cc:96:93:3c:
d7:f4:b6:b7:56:6d:fb:d6:0d:8a:18:1e:f9:31:f1:
e5:76:fc:04:99:a6:4d:84:d3:2e:ce:1a:d8:03:d6:
f3:3b:21:7f:45:99:75:e6:46:14:d3:11:74:8c:bf:
2a:d3:ed:80:26:d5:0d:95:91:b3:d0:9e:c1:2e:85:
07:40:a5:a3:dd:f9:3a:2d:b4:e0:dd:a9:a3:8a:af:
c1:4e:8e:42:a5:8e:28:9b:fa:db:69:4a:e0:4e:3b:
c6:00:c3:85:08:ea:45:fe:a9:c2:18:d1:73:5c:c1:
f1:b3:b2:b0:91:53:ce:65:e1:8a:97:38:f3:50:d5:
67:3c:1d:1f:52:78:8c:7f:39:aa:2f:92:93:b1:95:
75:d8:7b:9f:2e:14:ce:21:1c:8c:c7:93:5d:ac:3f:
de:d9:a0:e1:0f:d1:4c:24:7d:f3:2d:db:43:50:61:
89:a8:52:36:11:8a:f7:ae:c6:20:f3:85:a7:a1:c6:
5e:45:0f:e8:a2:22:9a:16:e8:bd:17:31:5e:5f:ce:
75:8b:eb:fb:dd:20:e8:5a:41:36:9d:71:5e:56:3f:
ae:38:dc:c2:b3:b4:b8:f9:a2:f9:cd:65:0a:0a:12:
1e:2e:59:62:d0:a5:ab:57:c9:df:a8:80:45:8c:56:
d4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:B9:B0:D8:E8:64:BF:E0:D7:6C:8A:DE:B1:71:B2:03:69:CF:75:C3
X509v3 Authority Key Identifier:
keyid:37:4E:27:29:B1:73:69:89:0A:15:12:F6:43:CD:08:E4:BA:2F:F4:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N04nKbFzaYkKFRL2Q80I5Lov9BQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/ebmw2Ohkv-DXbIresXGyA2nPdcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/952230-c262-41cc-b956-cfc46a76ec78/1/N04nKbFzaYkKFRL2Q80I5Lov9BQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.243.88.0/22
178.20.213.0-178.20.215.255
185.101.20.0/23
Signature Algorithm: sha256WithRSAEncryption
84:1f:61:3a:dd:3f:87:aa:4f:03:fa:a4:94:b3:3d:08:55:c7:
16:06:66:63:95:22:16:70:a7:bc:db:74:55:d4:81:8b:41:82:
c4:94:76:f2:bb:f4:81:b8:31:b9:25:4a:c6:2e:e7:1b:ef:d2:
6c:70:fe:30:eb:8e:45:cd:3d:59:4b:d4:46:50:73:33:17:2e:
e3:60:55:48:62:7c:7c:80:59:c3:49:08:3c:4b:b4:49:ee:7c:
31:fa:b2:76:fe:f7:f7:71:eb:ff:ec:cc:bc:3c:45:e1:bc:14:
9a:b4:9f:44:68:ca:8b:50:f6:7e:98:3a:48:61:17:7d:5e:68:
6b:7a:84:ad:b7:c4:79:7b:41:51:b3:88:8b:2c:7a:c1:07:3e:
ac:3a:ed:67:9c:ca:80:d5:e8:a2:ea:9f:f0:8c:3c:fe:04:ef:
bb:2a:11:75:26:c2:d0:7f:2f:65:c1:40:63:41:46:1b:53:e4:
5e:3e:9d:8f:70:f0:a7:fa:e6:5e:9f:5e:d4:1b:35:6d:7b:68:
ab:f1:9f:34:8e:e8:5e:57:67:7f:43:cc:2a:05:b2:c5:58:eb:
b4:e5:e7:4f:46:4c:fd:6e:bc:78:9e:4b:aa:41:5d:6c:fd:e4:
4f:4e:35:79:ed:7b:38:cf:e1:e8:68:b8:82:39:a6:46:89:30:
38:3f:04:c5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzF3Ro7wmEVIPQkkt3B+o5tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGUyNzI5YjE3MzY5ODkwYTE1MTJmNjQzY2QwOGU0YmEy
ZmY0MTQwHhcNMjQwMTAxMTYzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWI5YjBkOGU4NjRiZmUwZDc2YzhhZGViMTcxYjIwMzY5Y2Y3NWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhLBnx2bRxsjuisyWkzzX9La3Vm37
1g2KGB75MfHldvwEmaZNhNMuzhrYA9bzOyF/RZl15kYU0xF0jL8q0+2AJtUNlZGz
0J7BLoUHQKWj3fk6LbTg3amjiq/BTo5CpY4om/rbaUrgTjvGAMOFCOpF/qnCGNFz
XMHxs7KwkVPOZeGKlzjzUNVnPB0fUniMfzmqL5KTsZV12HufLhTOIRyMx5NdrD/e
2aDhD9FMJH3zLdtDUGGJqFI2EYr3rsYg84WnocZeRQ/ooiKaFui9FzFeX851i+v7
3SDoWkE2nXFeVj+uONzCs7S4+aL5zWUKChIeLlli0KWrV8nfqIBFjFbUMQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHm5sNjoZL/g12yK3rFxsgNpz3XDMB8GA1UdIwQY
MBaAFDdOJymxc2mJChUS9kPNCOS6L/QUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYt
Y2ZjNDZhNzZlYzc4LzEvZWJtdzJPaGt2LURYYklyZXNYR3lBMm5QZGNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC85NTIyMzAtYzI2Mi00MWNjLWI5NTYtY2ZjNDZhNzZlYzc4
LzEvTjA0bktiRnphWWtLRlJMMlE4MEk1TG92OUJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCTfNYMAwD
BACyFNUDBAOyFNADBAG5ZRQwDQYJKoZIhvcNAQELBQADggEBAIQfYTrdP4eqTwP6
pJSzPQhVxxYGZmOVIhZwp7zbdFXUgYtBgsSUdvK79IG4MbklSsYu5xvv0mxw/jDr
jkXNPVlL1EZQczMXLuNgVUhifHyAWcNJCDxLtEnufDH6snb+9/dx6//szLw8ReG8
FJq0n0RoyotQ9n6YOkhhF31eaGt6hK23xHl7QVGziIssesEHPqw67WecyoDV6KLq
n/CMPP4E77sqEXUmwtB/L2XBQGNBRhtT5F4+nY9w8Kf65l6fXtQbNW17aKvxnzSO
6F5XZ39DzCoFssVY67Tl509GTP1uvHieS6pBXWz95E9ONXntezjP4ehouII5pkaJ
MDg/BMU=
-----END CERTIFICATE-----
Generated at Fri May 17 04:44:10 2024 by rpki-client on console-fra.rpki-client.org