Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/Ea-2PpVyemMWUSMWl_MN4OAHkec.roa
File: Ea-2PpVyemMWUSMWl_MN4OAHkec.roa (raw, json)
Hash identifier: LhdUhBpuN2/TNi7211T2vWgD+Nvg8bgAGeU83uBvU18=
Subject key identifier: 11:AF:B6:3E:95:72:7A:63:16:51:23:16:97:F3:0D:E0:E0:07:91:E7
Certificate issuer: /CN=5bee051a93901ecc01744079aa4ac2fb077b9fc1
Certificate serial: 018CC94DF766279DFE30EC41C58E980D7DF2
Authority key identifier: 5B:EE:05:1A:93:90:1E:CC:01:74:40:79:AA:4A:C2:FB:07:7B:9F:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-4FGpOQHswBdEB5qkrC-wd7n8E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/Ea-2PpVyemMWUSMWl_MN4OAHkec.roa
Signing time: Tue 02 Jan 2024 08:32:59 +0000
ROA not before: Tue 02 Jan 2024 08:32:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49558
IP address blocks: 195.20.137.0/24 maxlen: 24
194.4.164.0/22 maxlen: 22
91.228.64.0/22 maxlen: 22
45.128.224.0/22 maxlen: 22
91.213.39.0/24 maxlen: 24
2a0e:4240::/29 maxlen: 29
2a0d:8540::/29 maxlen: 29
2a11:500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/W-4FGpOQHswBdEB5qkrC-wd7n8E.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/W-4FGpOQHswBdEB5qkrC-wd7n8E.mft
rsync://rpki.ripe.net/repository/DEFAULT/W-4FGpOQHswBdEB5qkrC-wd7n8E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:f7:66:27:9d:fe:30:ec:41:c5:8e:98:0d:7d:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5bee051a93901ecc01744079aa4ac2fb077b9fc1
Validity
Not Before: Jan 2 08:32:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11afb63e95727a631651231697f30de0e00791e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:be:11:0d:b3:7d:45:0d:83:99:15:7c:31:05:
47:62:2b:79:16:72:c1:73:a2:71:39:27:25:31:23:
27:4e:67:12:be:b7:be:66:7f:aa:25:0c:58:bd:62:
ab:c0:e8:5c:3e:8f:22:46:a5:c8:91:10:96:9a:2c:
f3:69:a6:81:04:b3:c3:fa:66:73:70:8a:f6:00:3e:
7e:f6:ae:ed:35:29:4c:02:b5:12:1a:e2:f1:00:94:
ac:0b:61:b6:f4:fb:37:58:22:0d:a7:ac:b0:59:ee:
8b:b5:0d:37:3b:ec:be:20:ac:ef:f9:43:fb:18:3d:
b9:fa:90:6a:bf:67:79:81:97:9c:05:0e:96:26:02:
ce:71:91:9b:c9:07:2e:5a:e1:35:08:8c:c5:30:78:
b0:0f:96:a1:7a:73:77:ca:49:37:55:90:ec:db:5c:
a7:47:2e:f7:b0:5d:b2:c0:29:f0:6a:e9:fc:a8:08:
64:0c:f5:56:c3:6c:65:d9:9c:27:b6:a3:c1:1d:1f:
d3:90:f5:fa:db:71:84:ea:7a:86:f4:ba:11:7a:9f:
7b:48:10:04:c0:30:bc:a2:46:ec:e5:2e:98:30:91:
b9:cb:37:43:7a:0d:33:3d:a5:7a:c0:3d:43:f9:f8:
08:41:ff:c2:d2:f2:cb:ec:32:2d:ad:e1:72:4f:f5:
b1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:AF:B6:3E:95:72:7A:63:16:51:23:16:97:F3:0D:E0:E0:07:91:E7
X509v3 Authority Key Identifier:
keyid:5B:EE:05:1A:93:90:1E:CC:01:74:40:79:AA:4A:C2:FB:07:7B:9F:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-4FGpOQHswBdEB5qkrC-wd7n8E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/Ea-2PpVyemMWUSMWl_MN4OAHkec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/8eff42-5b55-4e6f-8222-a52a8795d956/1/W-4FGpOQHswBdEB5qkrC-wd7n8E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.224.0/22
91.213.39.0/24
91.228.64.0/22
194.4.164.0/22
195.20.137.0/24
IPv6:
2a0d:8540::/29
2a0e:4240::/29
2a11:500::/29
Signature Algorithm: sha256WithRSAEncryption
ba:2c:e9:b9:92:63:03:10:99:3b:f5:89:55:b6:df:fc:f8:db:
38:a1:41:48:65:99:1e:70:ae:25:58:20:79:d1:9a:3e:7a:44:
2a:5d:4a:3a:b1:62:23:cd:1e:b9:41:57:58:5e:c6:83:1a:c4:
aa:cf:13:1f:ce:97:3a:1c:fc:51:07:19:86:4c:55:af:91:36:
e5:71:4e:bd:bd:bd:c8:59:8d:e8:53:97:c3:7e:10:7d:d2:2d:
fc:7b:c0:e6:73:ee:31:9d:19:c4:69:09:4b:95:a6:7f:2f:ca:
9b:44:df:ac:50:59:be:a4:6b:a3:0a:77:c5:85:89:9c:43:65:
73:df:06:2f:70:c9:8f:a3:26:df:9d:81:6c:47:43:ab:b9:c3:
8c:31:d8:40:d0:e1:dd:d5:1c:d1:2b:5a:71:78:df:56:24:1e:
1a:83:13:82:a9:29:eb:37:99:6b:aa:82:e3:39:07:f3:59:c5:
5c:60:07:9c:76:81:00:3a:12:71:eb:4d:03:c7:af:28:4c:f9:
6d:4d:f8:1d:23:b3:7f:db:87:e0:90:d1:36:d0:f2:1c:d1:fb:
c1:18:54:ee:73:df:4d:11:cb:8c:cb:e6:2f:cc:11:16:eb:84:
ae:c6:e9:d9:c0:82:da:be:b2:ab:1a:5b:68:34:c8:f8:cd:fe:
d0:0d:d6:6e
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYzJTfdmJ53+MOxBxY6YDX3yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZWUwNTFhOTM5MDFlY2MwMTc0NDA3OWFhNGFjMmZiMDc3
YjlmYzEwHhcNMjQwMTAyMDgzMjU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWFmYjYzZTk1NzI3YTYzMTY1MTIzMTY5N2YzMGRlMGUwMDc5MWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyL4RDbN9RQ2DmRV8MQVHYit5FnLB
c6JxOSclMSMnTmcSvre+Zn+qJQxYvWKrwOhcPo8iRqXIkRCWmizzaaaBBLPD+mZz
cIr2AD5+9q7tNSlMArUSGuLxAJSsC2G29Ps3WCINp6ywWe6LtQ03O+y+IKzv+UP7
GD25+pBqv2d5gZecBQ6WJgLOcZGbyQcuWuE1CIzFMHiwD5ahenN3ykk3VZDs21yn
Ry73sF2ywCnwaun8qAhkDPVWw2xl2ZwntqPBHR/TkPX623GE6nqG9LoRep97SBAE
wDC8okbs5S6YMJG5yzdDeg0zPaV6wD1D+fgIQf/C0vLL7DItreFyT/WxIwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFBGvtj6VcnpjFlEjFpfzDeDgB5HnMB8GA1UdIwQY
MBaAFFvuBRqTkB7MAXRAeapKwvsHe5/BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy00RkdwT1FIc3dCZEVCNXFrckMtd2Q3bjhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni84ZWZmNDItNWI1NS00ZTZmLTgyMjIt
YTUyYTg3OTVkOTU2LzEvRWEtMlBwVnllbU1XVVNNV2xfTU40T0FIa2VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni84ZWZmNDItNWI1NS00ZTZmLTgyMjItYTUyYTg3OTVkOTU2
LzEvVy00RkdwT1FIc3dCZEVCNXFrckMtd2Q3bjhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAkBAIAATAeAwQCLYDgAwQA
W9UnAwQCW+RAAwQCwgSkAwQAwxSJMBsEAgACMBUDBQMqDYVAAwUDKg5CQAMFAyoR
BQAwDQYJKoZIhvcNAQELBQADggEBALos6bmSYwMQmTv1iVW23/z42zihQUhlmR5w
riVYIHnRmj56RCpdSjqxYiPNHrlBV1hexoMaxKrPEx/Olzoc/FEHGYZMVa+RNuVx
Tr29vchZjehTl8N+EH3SLfx7wOZz7jGdGcRpCUuVpn8vyptE36xQWb6ka6MKd8WF
iZxDZXPfBi9wyY+jJt+dgWxHQ6u5w4wx2EDQ4d3VHNErWnF431YkHhqDE4KpKes3
mWuqguM5B/NZxVxgB5x2gQA6EnHrTQPHryhM+W1N+B0js3/bh+CQ0TbQ8hzR+8EY
VO5z300Ry4zL5i/MERbrhK7G6dnAgtq+sqsaW2g0yPjN/tAN1m4=
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:31:37 2024 by rpki-client on console-ams.rpki-client.org