Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/eLvoVgZ7UuL9S4UcQdbPMfB65co.roa
File: eLvoVgZ7UuL9S4UcQdbPMfB65co.roa (raw, json)
Hash identifier: F5gGXuh4KneIIgUJgbIS2cJgIZmhSlmRQI3oJRlEbIQ=
Subject key identifier: 78:BB:E8:56:06:7B:52:E2:FD:4B:85:1C:41:D6:CF:31:F0:7A:E5:CA
Certificate issuer: /CN=3af09ba33b5ae581b0d29323249314f76aa10511
Certificate serial: 018CC3B72B3547DA0E6549B6E1DCFB50F947
Authority key identifier: 3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/eLvoVgZ7UuL9S4UcQdbPMfB65co.roa
Signing time: Mon 01 Jan 2024 06:30:10 +0000
ROA not before: Mon 01 Jan 2024 06:30:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8362
IP address blocks: 195.6.244.0/22 maxlen: 24
92.188.0.0/16 maxlen: 24
194.51.85.0/24 maxlen: 24
194.206.79.0/24 maxlen: 24
194.206.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:2b:35:47:da:0e:65:49:b6:e1:dc:fb:50:f9:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af09ba33b5ae581b0d29323249314f76aa10511
Validity
Not Before: Jan 1 06:30:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78bbe856067b52e2fd4b851c41d6cf31f07ae5ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:9c:10:39:de:e7:b1:4f:19:8f:6b:f8:b1:fa:
8a:4d:1f:e9:4e:6a:38:42:73:35:73:9f:b9:a8:f0:
26:79:e6:f1:1e:78:56:01:f3:16:a4:f6:7e:ec:68:
54:50:8c:7e:44:e7:a7:18:a1:45:b3:6b:94:e9:12:
64:74:80:db:96:22:12:41:88:bd:e8:79:ca:15:c4:
a2:cf:ff:88:5b:f3:f1:0d:cb:a3:98:bb:7a:bd:43:
8b:72:45:e8:11:98:d4:99:4b:f6:cb:4a:7e:a2:6a:
3c:30:20:89:e4:7e:2b:e4:50:d4:5d:70:1a:be:91:
06:8b:c6:07:71:25:0c:a9:a1:61:56:8d:59:02:c7:
c7:2b:8d:70:f9:9e:54:c8:57:9a:3c:0c:8d:6a:e2:
05:e3:11:05:43:49:87:da:9c:6c:e9:e3:9d:aa:0d:
c4:35:7f:17:74:18:89:32:39:7d:76:9c:18:02:c8:
c1:0b:78:9a:9a:4b:5e:c1:62:0b:34:5a:55:ba:bd:
89:45:b7:6a:9d:86:c0:10:2e:2f:79:af:35:d7:f3:
d3:c5:e6:c8:e1:a6:c2:3d:53:88:50:7b:42:4e:40:
b2:97:0a:08:42:e3:31:3c:e2:6d:ef:92:ae:4e:f7:
1d:55:13:46:b2:5a:1b:aa:26:ca:66:c1:52:a8:78:
58:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:BB:E8:56:06:7B:52:E2:FD:4B:85:1C:41:D6:CF:31:F0:7A:E5:CA
X509v3 Authority Key Identifier:
keyid:3A:F0:9B:A3:3B:5A:E5:81:B0:D2:93:23:24:93:14:F7:6A:A1:05:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvCbozta5YGw0pMjJJMU92qhBRE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/eLvoVgZ7UuL9S4UcQdbPMfB65co.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/33d5d1-c450-413b-afe4-45935f506a12/1/OvCbozta5YGw0pMjJJMU92qhBRE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.188.0.0/16
194.51.85.0/24
194.206.79.0/24
194.206.126.0/24
195.6.244.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:f3:1d:80:1b:b2:86:2e:98:2b:09:f0:a9:49:a8:7c:a5:38:
82:6a:22:e3:4e:c3:99:90:ce:e0:02:78:d0:92:19:9d:6f:bb:
9f:ca:92:f3:73:7d:e3:5e:98:37:0f:3e:0d:08:68:62:40:41:
71:20:58:84:ad:d6:7b:1f:8b:be:46:b5:71:15:28:81:ef:44:
8f:48:90:2d:ee:42:1b:42:cc:00:91:bc:03:61:d7:b5:6a:89:
06:29:9f:6b:3a:54:64:10:87:32:f3:05:ed:45:4a:a0:9c:13:
f9:d3:f8:11:21:f7:65:39:33:9e:70:c1:40:89:16:2f:e4:05:
fc:28:e2:51:df:39:11:80:3f:3f:d5:e6:76:0a:ed:cb:3e:d8:
3e:1d:c7:9c:c9:70:bc:d1:47:76:3e:f3:8d:3c:df:62:bb:d3:
56:cc:4f:ca:64:92:01:77:a2:9b:f1:26:21:60:bb:15:0f:8f:
b3:c1:5b:ee:bf:98:be:93:de:45:63:e5:48:3b:e7:bd:ad:47:
a9:46:77:c2:8c:b2:a7:6f:51:d6:f2:9c:06:70:0f:b9:cc:28:
4e:13:ef:4f:dd:82:56:4a:89:6d:e5:24:fa:47:12:e8:e6:89:
cb:58:19:07:5f:6e:73:b2:7b:61:cf:c5:a0:22:a8:97:5a:eb:
82:ba:bf:1f
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzDtys1R9oOZUm24dz7UPlHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjA5YmEzM2I1YWU1ODFiMGQyOTMyMzI0OTMxNGY3NmFh
MTA1MTEwHhcNMjQwMTAxMDYzMDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGJiZTg1NjA2N2I1MmUyZmQ0Yjg1MWM0MWQ2Y2YzMWYwN2FlNWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZwQOd7nsU8Zj2v4sfqKTR/pTmo4
QnM1c5+5qPAmeebxHnhWAfMWpPZ+7GhUUIx+ROenGKFFs2uU6RJkdIDbliISQYi9
6HnKFcSiz/+IW/PxDcujmLt6vUOLckXoEZjUmUv2y0p+omo8MCCJ5H4r5FDUXXAa
vpEGi8YHcSUMqaFhVo1ZAsfHK41w+Z5UyFeaPAyNauIF4xEFQ0mH2pxs6eOdqg3E
NX8XdBiJMjl9dpwYAsjBC3iamktewWILNFpVur2JRbdqnYbAEC4vea811/PTxebI
4abCPVOIUHtCTkCylwoIQuMxPOJt75KuTvcdVRNGslobqibKZsFSqHhYNwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHi76FYGe1Li/UuFHEHWzzHweuXKMB8GA1UdIwQY
MBaAFDrwm6M7WuWBsNKTIySTFPdqoQURMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQt
NDU5MzVmNTA2YTEyLzEvZUx2b1ZnWjdVdUw5UzRVY1FkYlBNZkI2NWNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8zM2Q1ZDEtYzQ1MC00MTNiLWFmZTQtNDU5MzVmNTA2YTEy
LzEvT3ZDYm96dGE1WUd3MHBNakpKTVU5MnFoQlJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAjBAIAATAdAwMAXLwDBADC
M1UDBADCzk8DBADCzn4DBALDBvQwDQYJKoZIhvcNAQELBQADggEBAIvzHYAbsoYu
mCsJ8KlJqHylOIJqIuNOw5mQzuACeNCSGZ1vu5/KkvNzfeNemDcPPg0IaGJAQXEg
WISt1nsfi75GtXEVKIHvRI9IkC3uQhtCzACRvANh17VqiQYpn2s6VGQQhzLzBe1F
SqCcE/nT+BEh92U5M55wwUCJFi/kBfwo4lHfORGAPz/V5nYK7cs+2D4dx5zJcLzR
R3Y+840832K701bMT8pkkgF3opvxJiFguxUPj7PBW+6/mL6T3kVj5Ug7572tR6lG
d8KMsqdvUdbynAZwD7nMKE4T70/dglZKiW3lJPpHEujmictYGQdfbnOye2HPxaAi
qJda64K6vx8=
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:31:54 2024 by rpki-client on console-fra.rpki-client.org