Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/EbAYHUEQWuIQcf8mcX5RJKW4dDo.roa
File: EbAYHUEQWuIQcf8mcX5RJKW4dDo.roa (raw, json)
Hash identifier: ZkNFISTzLvyeScFLdDqHUYoGQFSQTAQusfaif3ETvYg=
Subject key identifier: 11:B0:18:1D:41:10:5A:E2:10:71:FF:26:71:7E:51:24:A5:B8:74:3A
Certificate issuer: /CN=101287927ad7b1db479ae5ab92ab87c4a4faf496
Certificate serial: 018CC4931611DD9C3483E6434D796A77DA27
Authority key identifier: 10:12:87:92:7A:D7:B1:DB:47:9A:E5:AB:92:AB:87:C4:A4:FA:F4:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EBKHknrXsdtHmuWrkquHxKT69JY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/EbAYHUEQWuIQcf8mcX5RJKW4dDo.roa
Signing time: Mon 01 Jan 2024 10:30:22 +0000
ROA not before: Mon 01 Jan 2024 10:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198949
IP address blocks: 95.176.0.0/17 maxlen: 24
185.147.220.0/22 maxlen: 24
81.14.0.0/17 maxlen: 24
2a00:be80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/EBKHknrXsdtHmuWrkquHxKT69JY.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/EBKHknrXsdtHmuWrkquHxKT69JY.mft
rsync://rpki.ripe.net/repository/DEFAULT/EBKHknrXsdtHmuWrkquHxKT69JY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:16:11:dd:9c:34:83:e6:43:4d:79:6a:77:da:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=101287927ad7b1db479ae5ab92ab87c4a4faf496
Validity
Not Before: Jan 1 10:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11b0181d41105ae21071ff26717e5124a5b8743a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:7c:ef:12:48:e6:23:51:32:ce:d8:6f:ea:5d:
c4:d9:37:ca:54:4b:95:40:3e:5e:43:fc:93:ee:87:
dd:92:88:6f:ca:67:8d:51:30:02:d2:40:8c:b7:81:
a4:b1:0d:be:c7:f4:75:94:7f:ba:85:82:eb:7f:36:
2d:10:9b:71:24:13:28:33:c6:d7:a5:99:a3:89:56:
83:d1:4e:79:f4:53:68:77:d5:b8:7b:6d:22:eb:b3:
8e:26:ef:04:35:e9:bc:3d:33:f5:9b:7f:fc:f1:dd:
61:fb:44:f4:2b:01:ab:29:20:78:47:1b:67:3e:f8:
ac:91:81:14:13:e2:2c:88:cf:29:8f:a9:2d:4f:5a:
7e:4a:c8:bf:a9:1b:63:89:e6:c6:9d:3d:19:b3:5d:
c0:06:41:89:4c:d3:47:80:4d:2e:ba:66:4f:3e:b9:
cf:d2:2d:8a:2a:8b:ec:f3:5e:3a:1d:31:70:6f:88:
a5:58:c5:05:0f:54:34:fc:fa:9a:d1:f0:9a:7c:e0:
04:f0:f6:ad:33:86:10:0a:38:86:0f:db:ca:8c:cd:
f0:c1:df:df:0a:a9:e4:3a:87:fa:ab:ac:75:05:3c:
af:26:58:7b:a2:88:50:37:0e:39:4a:2f:3d:41:a4:
99:4b:89:3e:ae:ff:d7:e0:29:10:81:03:3b:7d:a5:
3e:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:B0:18:1D:41:10:5A:E2:10:71:FF:26:71:7E:51:24:A5:B8:74:3A
X509v3 Authority Key Identifier:
keyid:10:12:87:92:7A:D7:B1:DB:47:9A:E5:AB:92:AB:87:C4:A4:FA:F4:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EBKHknrXsdtHmuWrkquHxKT69JY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/EbAYHUEQWuIQcf8mcX5RJKW4dDo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/12391d-5fb6-4dea-a713-73a452bafb46/1/EBKHknrXsdtHmuWrkquHxKT69JY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.14.0.0/17
95.176.0.0/17
185.147.220.0/22
IPv6:
2a00:be80::/32
Signature Algorithm: sha256WithRSAEncryption
20:86:7f:bd:4a:29:0c:65:e5:1a:b3:de:56:5d:ef:c3:6b:0e:
87:74:11:42:3e:3f:30:c5:74:62:20:7a:ad:31:5c:ad:3d:82:
d4:1c:b0:9c:b6:95:94:fc:6f:2a:50:f9:e0:84:91:f1:59:ad:
a0:20:64:2b:d6:3a:eb:81:c3:22:ce:69:3e:44:f7:48:32:54:
2c:36:24:7f:38:38:15:7c:48:de:35:02:ea:2f:92:2b:18:c4:
20:ba:ef:e4:85:9e:3f:1a:b6:c4:9c:33:72:22:3b:b8:91:4e:
2a:2f:d3:47:75:3c:6c:fb:d8:58:c8:2e:67:57:7d:68:7d:15:
25:96:09:23:4d:4a:1f:33:81:d1:30:79:16:15:96:b2:bc:f5:
30:2d:c7:83:a5:d2:e6:a4:c4:6a:4c:a8:75:b4:0f:63:21:3e:
bd:0f:23:58:dd:7b:9b:d2:47:ee:64:ac:9b:f4:9d:25:51:f3:
8e:79:aa:42:65:0d:06:b8:7e:de:1b:95:53:77:eb:f0:76:94:
ed:d4:a0:ba:d5:85:f8:84:ce:4b:1d:c8:7d:8b:7a:1e:8e:b7:
b0:25:83:d2:02:13:9b:43:bf:6b:e2:e2:b4:b2:5a:2e:49:3f:
f6:b3:1f:36:5f:8d:1d:5d:49:b5:32:1e:07:ff:bd:2b:d4:d8:
74:25:b5:a7
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzEkxYR3Zw0g+ZDTXlqd9onMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEwMTI4NzkyN2FkN2IxZGI0NzlhZTVhYjkyYWI4N2M0YTRm
YWY0OTYwHhcNMjQwMTAxMTAzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWIwMTgxZDQxMTA1YWUyMTA3MWZmMjY3MTdlNTEyNGE1Yjg3NDNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXzvEkjmI1Eyzthv6l3E2TfKVEuV
QD5eQ/yT7ofdkohvymeNUTAC0kCMt4GksQ2+x/R1lH+6hYLrfzYtEJtxJBMoM8bX
pZmjiVaD0U559FNod9W4e20i67OOJu8ENem8PTP1m3/88d1h+0T0KwGrKSB4Rxtn
PviskYEUE+IsiM8pj6ktT1p+Ssi/qRtjiebGnT0Zs13ABkGJTNNHgE0uumZPPrnP
0i2KKovs8146HTFwb4ilWMUFD1Q0/Pqa0fCafOAE8PatM4YQCjiGD9vKjM3wwd/f
CqnkOof6q6x1BTyvJlh7oohQNw45Si89QaSZS4k+rv/X4CkQgQM7faU+7QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBGwGB1BEFriEHH/JnF+USSluHQ6MB8GA1UdIwQY
MBaAFBASh5J617HbR5rlq5Krh8Sk+vSWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRUJLSGtuclhzZHRIbXVXcmtxdUh4S1Q2OUpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8xMjM5MWQtNWZiNi00ZGVhLWE3MTMt
NzNhNDUyYmFmYjQ2LzEvRWJBWUhVRVFXdUlRY2Y4bWNYNVJKS1c0ZERvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8xMjM5MWQtNWZiNi00ZGVhLWE3MTMtNzNhNDUyYmFmYjQ2
LzEvRUJLSGtuclhzZHRIbXVXcmtxdUh4S1Q2OUpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQHUQ4AAwQH
X7AAAwQCuZPcMA0EAgACMAcDBQAqAL6AMA0GCSqGSIb3DQEBCwUAA4IBAQAghn+9
SikMZeUas95WXe/Daw6HdBFCPj8wxXRiIHqtMVytPYLUHLCctpWU/G8qUPnghJHx
Wa2gIGQr1jrrgcMizmk+RPdIMlQsNiR/ODgVfEjeNQLqL5IrGMQguu/khZ4/GrbE
nDNyIju4kU4qL9NHdTxs+9hYyC5nV31ofRUllgkjTUofM4HRMHkWFZayvPUwLceD
pdLmpMRqTKh1tA9jIT69DyNY3Xub0kfuZKyb9J0lUfOOeapCZQ0GuH7eG5VTd+vw
dpTt1KC61YX4hM5LHch9i3oejrewJYPSAhObQ79r4uK0slouST/2sx82X40dXUm1
Mh4H/70r1Nh0JbWn
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:23:36 2024 by rpki-client on console-ams.rpki-client.org