Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/414b36-eca9-4e22-aed5-a48ac31dbbf0/1/eS5qxVBWR5Qf1u_cMY-rST8w2wU.roa
File: eS5qxVBWR5Qf1u_cMY-rST8w2wU.roa (raw, json)
Hash identifier: RW7kzrh3jJuFCIXs/0j+ASt6chL5OHJsrXI+fAY7y40=
Subject key identifier: 79:2E:6A:C5:50:56:47:94:1F:D6:EF:DC:31:8F:AB:49:3F:30:DB:05
Certificate issuer: /CN=5e23518faa9b94a42d1a3b4d9f63b974394d0662
Certificate serial: 0190159660952E6B29162307C726A04E2015
Authority key identifier: 5E:23:51:8F:AA:9B:94:A4:2D:1A:3B:4D:9F:63:B9:74:39:4D:06:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XiNRj6qblKQtGjtNn2O5dDlNBmI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/414b36-eca9-4e22-aed5-a48ac31dbbf0/1/eS5qxVBWR5Qf1u_cMY-rST8w2wU.roa
Signing time: Fri 14 Jun 2024 07:11:35 +0000
ROA not before: Fri 14 Jun 2024 07:11:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62160
IP address blocks: 78.108.176.0/20 maxlen: 20
78.108.187.0/24 maxlen: 24
94.198.224.0/21 maxlen: 21
94.198.240.0/21 maxlen: 21
2a04:a380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/414b36-eca9-4e22-aed5-a48ac31dbbf0/1/XiNRj6qblKQtGjtNn2O5dDlNBmI.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/414b36-eca9-4e22-aed5-a48ac31dbbf0/1/XiNRj6qblKQtGjtNn2O5dDlNBmI.mft
rsync://rpki.ripe.net/repository/DEFAULT/XiNRj6qblKQtGjtNn2O5dDlNBmI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Sep 2024 16:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:15:96:60:95:2e:6b:29:16:23:07:c7:26:a0:4e:20:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e23518faa9b94a42d1a3b4d9f63b974394d0662
Validity
Not Before: Jun 14 07:11:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=792e6ac5505647941fd6efdc318fab493f30db05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:a7:dd:4b:97:07:04:a8:47:72:ac:ca:bb:74:
b6:d9:cd:4d:61:9a:41:77:96:2f:28:c2:12:a2:76:
8c:8a:7f:59:4f:cf:c1:8f:19:2a:50:d4:22:98:2d:
e4:5b:67:cf:ce:03:11:d9:b4:2c:64:ca:b6:9f:6a:
27:4e:85:70:9c:b1:e6:3b:49:98:a0:a8:36:9c:40:
29:45:9e:74:9a:1d:b7:2a:72:2e:5c:60:35:3d:aa:
1e:04:c7:c7:9c:9d:32:89:24:85:53:4f:02:22:5c:
3b:10:a6:2a:ea:61:ab:51:32:4c:2d:27:33:70:55:
db:4e:39:8c:64:03:1c:15:be:f0:3d:57:41:5c:3c:
84:00:8a:ed:3f:e2:12:4c:5f:33:b3:55:bd:b1:7e:
09:d6:e2:53:53:16:40:cf:88:87:90:1e:be:c8:4e:
7a:e9:13:a1:7e:0b:eb:bc:63:52:d5:44:89:f8:4d:
59:6a:d4:2d:82:c4:81:33:fd:fe:4c:6f:ae:fb:dc:
f1:16:b2:de:1c:f7:2c:0e:28:67:a1:3e:77:ea:31:
4c:14:a9:d2:2c:ce:61:0b:11:e5:b4:02:8e:82:41:
35:5a:f3:d7:32:5f:f6:c9:70:d6:3a:bd:16:69:22:
74:59:8e:b5:97:3f:12:16:5a:71:f2:b8:f7:a6:d9:
2c:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:2E:6A:C5:50:56:47:94:1F:D6:EF:DC:31:8F:AB:49:3F:30:DB:05
X509v3 Authority Key Identifier:
keyid:5E:23:51:8F:AA:9B:94:A4:2D:1A:3B:4D:9F:63:B9:74:39:4D:06:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XiNRj6qblKQtGjtNn2O5dDlNBmI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/414b36-eca9-4e22-aed5-a48ac31dbbf0/1/eS5qxVBWR5Qf1u_cMY-rST8w2wU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/414b36-eca9-4e22-aed5-a48ac31dbbf0/1/XiNRj6qblKQtGjtNn2O5dDlNBmI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.108.176.0/20
94.198.224.0/21
94.198.240.0/21
IPv6:
2a04:a380::/29
Signature Algorithm: sha256WithRSAEncryption
22:04:aa:f1:fa:b9:84:89:69:a7:5e:e7:eb:49:4d:fb:9d:58:
67:a8:c5:63:f2:06:bf:b1:1a:f3:36:61:50:f7:8a:cb:5b:c9:
fc:b3:a5:71:88:f8:d5:5d:53:5c:34:a3:c7:6e:06:f1:4e:7e:
26:4b:31:98:ff:d2:99:d1:c6:3e:0a:92:df:75:9e:af:11:0e:
cc:ad:fa:72:58:d2:dc:6f:33:c6:5a:c4:2a:d0:b5:e1:3a:8a:
47:57:03:5f:83:3d:d3:02:ae:85:c8:81:7d:cf:a5:0f:a8:a3:
58:48:24:d5:fd:9a:79:de:6b:70:d5:d0:f9:65:2d:a8:67:1b:
cc:c7:56:b6:b7:ef:fc:84:58:24:5f:55:3c:8c:f3:22:32:3f:
c1:bd:92:1f:70:e4:ed:fb:c5:90:d4:c1:53:88:82:00:5a:32:
93:6a:16:5b:3b:74:cb:44:8e:3f:5c:fb:a0:2a:e3:d5:c7:9c:
0d:67:9f:c0:5f:2f:eb:47:85:c4:f1:c0:e2:28:38:f7:0b:bb:
07:4b:1a:28:3e:c0:59:63:1d:7a:d5:12:fc:a9:21:a6:78:40:
e6:43:cc:a4:dc:84:f8:e2:0d:1a:b8:2f:77:d6:c7:82:b5:73:
90:c8:cd:2f:90:b3:bd:bb:34:9d:ad:eb:90:81:ec:03:5e:1b:
4f:6c:13:63
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZAVlmCVLmspFiMHxyagTiAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlMjM1MThmYWE5Yjk0YTQyZDFhM2I0ZDlmNjNiOTc0Mzk0
ZDA2NjIwHhcNMjQwNjE0MDcxMTM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTJlNmFjNTUwNTY0Nzk0MWZkNmVmZGMzMThmYWI0OTNmMzBkYjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw6fdS5cHBKhHcqzKu3S22c1NYZpB
d5YvKMISonaMin9ZT8/BjxkqUNQimC3kW2fPzgMR2bQsZMq2n2onToVwnLHmO0mY
oKg2nEApRZ50mh23KnIuXGA1PaoeBMfHnJ0yiSSFU08CIlw7EKYq6mGrUTJMLScz
cFXbTjmMZAMcFb7wPVdBXDyEAIrtP+ISTF8zs1W9sX4J1uJTUxZAz4iHkB6+yE56
6ROhfgvrvGNS1USJ+E1ZatQtgsSBM/3+TG+u+9zxFrLeHPcsDihnoT536jFMFKnS
LM5hCxHltAKOgkE1WvPXMl/2yXDWOr0WaSJ0WY61lz8SFlpx8rj3ptks7QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFHkuasVQVkeUH9bv3DGPq0k/MNsFMB8GA1UdIwQY
MBaAFF4jUY+qm5SkLRo7TZ9juXQ5TQZiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGlOUmo2cWJsS1F0R2p0Tm4yTzVkRGxOQm1JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS80MTRiMzYtZWNhOS00ZTIyLWFlZDUt
YTQ4YWMzMWRiYmYwLzEvZVM1cXhWQldSNVFmMXVfY01ZLXJTVDh3MndVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS80MTRiMzYtZWNhOS00ZTIyLWFlZDUtYTQ4YWMzMWRiYmYw
LzEvWGlOUmo2cWJsS1F0R2p0Tm4yTzVkRGxOQm1JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQETmywAwQD
XsbgAwQDXsbwMA0EAgACMAcDBQMqBKOAMA0GCSqGSIb3DQEBCwUAA4IBAQAiBKrx
+rmEiWmnXufrSU37nVhnqMVj8ga/sRrzNmFQ94rLW8n8s6VxiPjVXVNcNKPHbgbx
Tn4mSzGY/9KZ0cY+CpLfdZ6vEQ7MrfpyWNLcbzPGWsQq0LXhOopHVwNfgz3TAq6F
yIF9z6UPqKNYSCTV/Zp53mtw1dD5ZS2oZxvMx1a2t+/8hFgkX1U8jPMiMj/BvZIf
cOTt+8WQ1MFTiIIAWjKTahZbO3TLRI4/XPugKuPVx5wNZ5/AXy/rR4XE8cDiKDj3
C7sHSxooPsBZYx161RL8qSGmeEDmQ8yk3IT44g0auC931seCtXOQyM0vkLO9uzSd
reuQgewDXhtPbBNj
-----END CERTIFICATE-----
Generated at Wed Sep 18 23:43:09 2024 by rpki-client on console-fra.rpki-client.org