Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/eVymp_IW2zl70H6prlXkucvVgjo.roa
File: eVymp_IW2zl70H6prlXkucvVgjo.roa (raw, json)
Hash identifier: xslcWIvBg++frEa+tV8dn5kdhYSaeRfZAVNu/xZIo9Q=
Subject key identifier: 79:5C:A6:A7:F2:16:DB:39:7B:D0:7E:A9:AE:55:E4:B9:CB:D5:82:3A
Certificate issuer: /CN=4a7a917ddcfc26e8c87b30858b6f07f29a3db43e
Certificate serial: 018CC26D804AAE7DBEA23713800880612BB7
Authority key identifier: 4A:7A:91:7D:DC:FC:26:E8:C8:7B:30:85:8B:6F:07:F2:9A:3D:B4:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SnqRfdz8JujIezCFi28H8po9tD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/eVymp_IW2zl70H6prlXkucvVgjo.roa
Signing time: Mon 01 Jan 2024 00:30:05 +0000
ROA not before: Mon 01 Jan 2024 00:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8585
IP address blocks: 195.66.189.0/24 maxlen: 24
213.149.96.0/19 maxlen: 19
46.33.192.0/22 maxlen: 22
85.94.96.0/19 maxlen: 19
46.33.192.0/19 maxlen: 19
109.228.64.0/18 maxlen: 18
95.155.0.0/18 maxlen: 18
46.33.198.0/24 maxlen: 24
46.33.199.0/24 maxlen: 24
46.33.196.0/24 maxlen: 24
46.33.197.0/24 maxlen: 24
195.66.166.0/24 maxlen: 24
195.66.164.0/24 maxlen: 24
195.66.160.0/19 maxlen: 19
195.66.167.0/24 maxlen: 24
31.204.192.0/18 maxlen: 18
195.66.180.0/24 maxlen: 24
78.155.32.0/19 maxlen: 19
46.161.64.0/18 maxlen: 18
46.161.76.0/22 maxlen: 22
37.122.160.0/19 maxlen: 19
77.222.0.0/19 maxlen: 19
2a00:fe80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/SnqRfdz8JujIezCFi28H8po9tD4.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/SnqRfdz8JujIezCFi28H8po9tD4.mft
rsync://rpki.ripe.net/repository/DEFAULT/SnqRfdz8JujIezCFi28H8po9tD4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:80:4a:ae:7d:be:a2:37:13:80:08:80:61:2b:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4a7a917ddcfc26e8c87b30858b6f07f29a3db43e
Validity
Not Before: Jan 1 00:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=795ca6a7f216db397bd07ea9ae55e4b9cbd5823a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:0f:ab:7b:25:a4:89:c5:a5:ef:1f:ee:06:68:
3b:cd:90:a4:47:d0:1d:ec:d4:4a:d7:40:64:a1:4e:
bc:06:59:12:6e:5e:5e:c4:89:67:dd:e1:85:d1:d2:
77:08:d6:d0:9c:ae:e3:28:60:37:2d:b3:b0:5d:40:
fa:10:bf:f4:ba:7a:f1:a0:dd:e2:87:aa:56:66:35:
0a:81:71:a1:5c:e4:a2:e1:93:60:36:a6:57:17:4e:
98:c1:9d:fe:9f:0a:3d:01:66:01:84:a1:ea:92:2a:
86:e0:38:8e:f2:5c:41:d7:f7:fb:9a:3b:9c:4b:74:
8a:1e:b8:ba:3e:57:07:77:cd:39:fa:1f:f8:95:4b:
99:b6:95:e1:8e:60:6e:d7:f2:e7:95:41:e3:ad:d4:
9c:70:f3:8d:79:24:01:9c:ce:f0:76:92:59:b2:78:
27:fe:98:cc:0e:c0:5c:0c:fe:41:b2:da:28:11:13:
cb:68:2b:e3:e7:28:c5:39:02:a8:04:21:9c:12:e3:
21:7f:d7:7c:84:f7:c6:be:39:c6:4c:3f:3a:f1:3a:
c5:75:b7:c7:ce:fd:44:50:ec:0e:20:75:7c:f7:99:
9a:9b:62:de:8e:af:92:20:cc:22:2a:f2:b5:62:ea:
c6:02:a6:77:96:97:8c:b2:c3:2c:3a:76:be:18:6f:
2c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:5C:A6:A7:F2:16:DB:39:7B:D0:7E:A9:AE:55:E4:B9:CB:D5:82:3A
X509v3 Authority Key Identifier:
keyid:4A:7A:91:7D:DC:FC:26:E8:C8:7B:30:85:8B:6F:07:F2:9A:3D:B4:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SnqRfdz8JujIezCFi28H8po9tD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/eVymp_IW2zl70H6prlXkucvVgjo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/34c2bb-79ea-4f39-ac82-82016de42212/1/SnqRfdz8JujIezCFi28H8po9tD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.204.192.0/18
37.122.160.0/19
46.33.192.0/19
46.161.64.0/18
77.222.0.0/19
78.155.32.0/19
85.94.96.0/19
95.155.0.0/18
109.228.64.0/18
195.66.160.0/19
213.149.96.0/19
IPv6:
2a00:fe80::/32
Signature Algorithm: sha256WithRSAEncryption
65:ab:8d:b2:02:b0:57:bf:79:a8:44:35:ad:97:6b:36:ef:b2:
e9:f1:26:3e:96:79:59:16:3b:32:a1:37:0e:81:6f:a6:d5:37:
4e:ba:b3:0b:0d:3b:9c:38:58:87:78:4c:1a:af:5e:14:f2:d2:
13:87:b2:4a:d9:82:0e:90:0c:06:cc:a4:e8:ea:86:ec:eb:5e:
98:10:4b:69:2e:78:5b:a4:87:8f:2c:3f:72:f6:26:56:17:ba:
bd:bb:e5:68:b8:dc:90:73:fe:56:60:20:6c:d4:97:27:cf:c2:
de:31:62:ce:97:a2:12:5d:de:72:69:5c:02:18:6d:ae:10:cf:
93:8a:5f:5d:83:84:54:44:11:c5:66:2d:13:25:5b:8e:86:3f:
b1:3e:51:10:39:70:5b:75:8b:ee:c9:b2:f3:c5:4b:0c:49:8e:
cf:44:18:49:e1:e0:c2:a8:c4:ef:1a:11:c8:d1:21:71:eb:06:
9b:ab:9d:b6:20:0a:8a:f2:0e:a0:9b:15:5f:d5:54:eb:cd:71:
b1:53:52:66:4e:a5:7a:0c:5c:1b:04:bd:ea:3c:9e:75:3e:9d:
89:20:68:d6:18:b7:61:ec:8d:eb:36:29:6d:f9:cd:ea:22:fe:
9b:bc:4b:11:57:97:61:50:b8:1e:6b:d2:d7:d9:53:f9:db:e4:
4a:0f:4b:bd
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAYzCbYBKrn2+ojcTgAiAYSu3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhN2E5MTdkZGNmYzI2ZThjODdiMzA4NThiNmYwN2YyOWEz
ZGI0M2UwHhcNMjQwMTAxMDAzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTVjYTZhN2YyMTZkYjM5N2JkMDdlYTlhZTU1ZTRiOWNiZDU4MjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmw+reyWkicWl7x/uBmg7zZCkR9Ad
7NRK10BkoU68BlkSbl5exIln3eGF0dJ3CNbQnK7jKGA3LbOwXUD6EL/0unrxoN3i
h6pWZjUKgXGhXOSi4ZNgNqZXF06YwZ3+nwo9AWYBhKHqkiqG4DiO8lxB1/f7mjuc
S3SKHri6PlcHd805+h/4lUuZtpXhjmBu1/LnlUHjrdSccPONeSQBnM7wdpJZsngn
/pjMDsBcDP5BstooERPLaCvj5yjFOQKoBCGcEuMhf9d8hPfGvjnGTD868TrFdbfH
zv1EUOwOIHV895mam2Lejq+SIMwiKvK1YurGAqZ3lpeMssMsOna+GG8sEwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFHlcpqfyFts5e9B+qa5V5LnL1YI6MB8GA1UdIwQY
MBaAFEp6kX3c/CboyHswhYtvB/KaPbQ+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU25xUmZkejhKdWpJZXpDRmkyOEg4cG85dEQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy8zNGMyYmItNzllYS00ZjM5LWFjODIt
ODIwMTZkZTQyMjEyLzEvZVZ5bXBfSVcyemw3MEg2cHJsWGt1Y3ZWZ2pvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy8zNGMyYmItNzllYS00ZjM5LWFjODItODIwMTZkZTQyMjEy
LzEvU25xUmZkejhKdWpJZXpDRmkyOEg4cG85dEQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQGH8zAAwQF
JXqgAwQFLiHAAwQGLqFAAwQFTd4AAwQFTpsgAwQFVV5gAwQGX5sAAwQGbeRAAwQF
w0KgAwQF1ZVgMA0EAgACMAcDBQAqAP6AMA0GCSqGSIb3DQEBCwUAA4IBAQBlq42y
ArBXv3moRDWtl2s277Lp8SY+lnlZFjsyoTcOgW+m1TdOurMLDTucOFiHeEwar14U
8tITh7JK2YIOkAwGzKTo6obs616YEEtpLnhbpIePLD9y9iZWF7q9u+VouNyQc/5W
YCBs1Jcnz8LeMWLOl6ISXd5yaVwCGG2uEM+Til9dg4RURBHFZi0TJVuOhj+xPlEQ
OXBbdYvuybLzxUsMSY7PRBhJ4eDCqMTvGhHI0SFx6wabq522IAqK8g6gmxVf1VTr
zXGxU1JmTqV6DFwbBL3qPJ51Pp2JIGjWGLdh7I3rNilt+c3qIv6bvEsRV5dhULge
a9LX2VP52+RKD0u9
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:53:40 2024 by rpki-client on console-ams.rpki-client.org