Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/auEd2AJZBbZPig_7z1vxDlWadmA.roa
File: auEd2AJZBbZPig_7z1vxDlWadmA.roa (raw, json)
Hash identifier: 60BE0mDiR8P6qgvwmA8KQFG8GMDS3ckQBTSoMT45CdA=
Subject key identifier: 6A:E1:1D:D8:02:59:05:B6:4F:8A:0F:FB:CF:5B:F1:0E:55:9A:76:60
Certificate issuer: /CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Certificate serial: 019421B1D00B207785ECE8A240A5DA3D90BA
Authority key identifier: 83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/auEd2AJZBbZPig_7z1vxDlWadmA.roa
Signing time: Wed 01 Jan 2025 11:48:08 +0000
ROA not before: Wed 01 Jan 2025 11:48:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59793
IP address blocks: 79.133.106.0/23 maxlen: 23
79.133.112.0/21 maxlen: 21
93.179.70.0/23 maxlen: 23
93.179.72.0/21 maxlen: 21
93.179.80.0/21 maxlen: 21
93.179.122.0/23 maxlen: 23
95.85.80.0/23 maxlen: 23
95.181.136.0/21 maxlen: 21
95.181.240.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 16 Apr 2025 12:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:21:b1:d0:0b:20:77:85:ec:e8:a2:40:a5:da:3d:90:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8338ef41b2c0105a91ccbb9c89337faeb129ff84
Validity
Not Before: Jan 1 11:48:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ae11dd8025905b64f8a0ffbcf5bf10e559a7660
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6d:8a:96:f0:76:4f:ff:b2:a2:ae:31:76:13:
07:ee:c5:43:ba:59:28:0e:2e:f8:e5:1a:7a:e8:08:
c4:30:7f:e3:64:e1:5b:23:a9:c5:05:67:0a:6a:80:
a4:f3:4b:e1:22:ee:6b:09:a3:b3:38:13:87:34:b1:
7b:10:1f:8f:11:05:ad:09:4f:82:ad:81:f3:4b:24:
d0:79:ae:8c:29:65:0e:ef:7b:06:a4:53:e7:f9:af:
10:50:32:1d:88:12:5a:f3:fc:ab:5d:dc:6f:2b:b0:
8c:cc:b7:8c:4b:6e:4f:41:e3:cb:ea:bb:41:5b:96:
a9:4f:56:25:8a:a0:55:ca:5b:b5:e4:7d:a2:9a:4f:
e2:5c:9e:3a:2b:1b:63:17:c2:68:8f:26:57:9c:47:
ef:d7:4a:81:b1:d5:21:45:f3:16:0a:2a:26:f0:73:
23:13:ce:70:ac:c7:ff:9f:6d:b8:95:cb:c0:1b:13:
fb:c6:60:82:c6:89:9c:88:e6:76:6f:0a:f6:c8:23:
3e:c8:28:18:58:91:b2:d6:39:4c:f7:c6:8e:37:f1:
66:44:52:d4:78:bf:8a:f8:ee:92:98:16:86:8a:83:
01:e8:14:9a:46:c3:10:e7:9e:42:0b:49:a5:6b:7e:
4d:68:c1:66:83:9b:cd:d8:fb:6e:94:0c:cf:c1:a9:
07:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:E1:1D:D8:02:59:05:B6:4F:8A:0F:FB:CF:5B:F1:0E:55:9A:76:60
X509v3 Authority Key Identifier:
keyid:83:38:EF:41:B2:C0:10:5A:91:CC:BB:9C:89:33:7F:AE:B1:29:FF:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gzjvQbLAEFqRzLuciTN_rrEp_4Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/auEd2AJZBbZPig_7z1vxDlWadmA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/40d996-a2cd-41f1-a738-28fc77967763/1/gzjvQbLAEFqRzLuciTN_rrEp_4Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.106.0/23
79.133.112.0/21
93.179.70.0-93.179.87.255
93.179.122.0/23
95.85.80.0/23
95.181.136.0/21
95.181.240.0/21
Signature Algorithm: sha256WithRSAEncryption
6e:c7:9b:db:0e:d1:39:6c:b8:40:9c:7d:23:0f:fb:81:69:df:
ad:37:74:da:e8:6b:ca:3d:8f:db:c0:72:5a:09:2b:c3:1c:93:
bc:f1:78:25:28:4e:56:e6:4e:91:03:ea:6d:27:8a:43:5f:92:
49:de:3e:65:91:aa:8b:b6:a4:5c:87:da:d0:55:54:32:b7:3f:
9e:39:ee:6a:47:87:08:0d:b8:32:da:7a:3b:75:ae:41:00:26:
72:4c:57:29:32:94:49:1d:cc:db:85:23:26:58:01:34:ea:d7:
9c:23:f0:83:bb:e2:10:57:5b:0e:a2:2c:97:e6:7e:df:d4:89:
f1:3e:78:2d:49:4b:19:b7:c6:d4:14:66:89:41:c4:4d:9e:34:
fd:1f:56:2c:b4:42:ac:43:1c:36:c2:d2:6b:3e:93:06:c6:b6:
20:6b:16:3a:df:03:34:6c:85:65:ae:41:80:09:56:40:ea:da:
cd:3d:a5:bb:a8:30:4c:76:55:38:f1:6b:03:29:df:18:d4:8f:
e3:d8:8f:59:c6:45:03:50:13:ce:9a:9b:80:dd:0b:70:ed:0e:
86:cd:2e:e0:23:8a:cc:5d:71:c9:3a:e0:d8:b4:f0:9c:ce:ed:
70:d6:c7:ce:e4:92:b4:a9:16:44:ab:b6:3b:c3:a3:40:e8:82:
0f:f8:f3:54
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZQhsdALIHeF7OiiQKXaPZC6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzMzhlZjQxYjJjMDEwNWE5MWNjYmI5Yzg5MzM3ZmFlYjEy
OWZmODQwHhcNMjUwMTAxMTE0ODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YWUxMWRkODAyNTkwNWI2NGY4YTBmZmJjZjViZjEwZTU1OWE3NjYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm22KlvB2T/+yoq4xdhMH7sVDulko
Di745Rp66AjEMH/jZOFbI6nFBWcKaoCk80vhIu5rCaOzOBOHNLF7EB+PEQWtCU+C
rYHzSyTQea6MKWUO73sGpFPn+a8QUDIdiBJa8/yrXdxvK7CMzLeMS25PQePL6rtB
W5apT1YliqBVylu15H2imk/iXJ46KxtjF8JojyZXnEfv10qBsdUhRfMWCiom8HMj
E85wrMf/n224lcvAGxP7xmCCxomciOZ2bwr2yCM+yCgYWJGy1jlM98aON/FmRFLU
eL+K+O6SmBaGioMB6BSaRsMQ555CC0mla35NaMFmg5vN2PtulAzPwakH5QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFGrhHdgCWQW2T4oP+89b8Q5VmnZgMB8GA1UdIwQY
MBaAFIM470GywBBakcy7nIkzf66xKf+EMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3Mzgt
MjhmYzc3OTY3NzYzLzEvYXVFZDJBSlpCYlpQaWdfN3oxdnhEbFdhZG1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS80MGQ5OTYtYTJjZC00MWYxLWE3MzgtMjhmYzc3OTY3NzYz
LzEvZ3pqdlFiTEFFRnFSekx1Y2lUTl9yckVwXzRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBT4VqAwQD
T4VwMAwDBAFds0YDBANds1ADBAFds3oDBAFfVVADBANftYgDBANftfAwDQYJKoZI
hvcNAQELBQADggEBAG7Hm9sO0TlsuECcfSMP+4Fp3603dNroa8o9j9vAcloJK8Mc
k7zxeCUoTlbmTpED6m0nikNfkknePmWRqou2pFyH2tBVVDK3P5457mpHhwgNuDLa
ejt1rkEAJnJMVykylEkdzNuFIyZYATTq15wj8IO74hBXWw6iLJfmft/UifE+eC1J
Sxm3xtQUZolBxE2eNP0fViy0QqxDHDbC0ms+kwbGtiBrFjrfAzRshWWuQYAJVkDq
2s09pbuoMEx2VTjxawMp3xjUj+PYj1nGRQNQE86am4DdC3DtDobNLuAjisxdcck6
4Ni08JzO7XDWx87kkrSpFkSrtjvDo0Dogg/481Q=
-----END CERTIFICATE-----
Generated at Tue Apr 15 20:50:15 2025 by rpki-client