Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/EfVzubkrxDs_HzQbSRVBLxRDQa4.roa
File: EfVzubkrxDs_HzQbSRVBLxRDQa4.roa (raw, json)
Hash identifier: xagRJaNaEUSjujaGN91T7wT/15UTfJ2Kj1GEVqr4gVU=
Subject key identifier: 11:F5:73:B9:B9:2B:C4:3B:3F:1F:34:1B:49:15:41:2F:14:43:41:AE
Certificate issuer: /CN=894928a39627cd5ee5f975bd897c2d775ab29940
Certificate serial: 018CCA99B25D716A06E566A2267FAD672907
Authority key identifier: 89:49:28:A3:96:27:CD:5E:E5:F9:75:BD:89:7C:2D:77:5A:B2:99:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/EfVzubkrxDs_HzQbSRVBLxRDQa4.roa
Signing time: Tue 02 Jan 2024 14:35:19 +0000
ROA not before: Tue 02 Jan 2024 14:35:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9183
IP address blocks: 193.108.217.0/24 maxlen: 24
185.112.176.0/22 maxlen: 24
194.39.218.0/23 maxlen: 24
139.15.0.0/16 maxlen: 24
193.141.57.0/24 maxlen: 24
2a03:cc00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/iUkoo5YnzV7l-XW9iXwtd1qymUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/iUkoo5YnzV7l-XW9iXwtd1qymUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:b2:5d:71:6a:06:e5:66:a2:26:7f:ad:67:29:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=894928a39627cd5ee5f975bd897c2d775ab29940
Validity
Not Before: Jan 2 14:35:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11f573b9b92bc43b3f1f341b4915412f144341ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:1a:65:bc:38:0e:fe:40:41:ae:89:41:2e:d9:
f8:fa:98:2e:0b:b7:eb:dd:51:4c:af:7b:89:87:0e:
f6:d1:f4:43:0e:5e:3f:6c:f2:74:5f:8c:8d:5a:e0:
90:9c:20:4f:bb:6f:ed:58:05:1f:20:3b:e0:71:af:
55:df:d0:d2:53:fa:65:72:03:a2:81:7c:78:81:d2:
f3:f3:32:09:35:0f:6e:45:66:cd:85:32:ad:5a:e1:
c8:b8:41:6e:9c:9d:c0:43:93:1a:70:a5:7b:27:e6:
84:f1:1d:0c:94:4f:48:30:89:31:9a:b4:10:6f:6f:
bb:68:8d:5a:07:92:c8:82:c5:94:9a:05:f4:87:59:
16:1d:bc:fe:63:04:57:f9:00:e6:d8:c6:6f:29:0b:
b1:57:09:b3:7c:a2:06:3e:71:50:b1:78:52:bb:7f:
0c:18:b6:04:99:34:dc:83:8d:0f:df:90:03:42:8c:
a7:ff:32:18:66:85:58:3f:d9:e8:de:7b:53:7f:43:
2f:0f:c8:1e:21:fb:1f:2b:c8:a3:67:49:85:18:4f:
89:8f:29:ce:6c:5d:be:b2:74:99:3d:b7:ef:88:9e:
03:9d:f0:6a:89:c4:c7:b3:31:b3:5e:64:d3:57:72:
d6:1d:fa:6f:89:3a:38:8f:1e:d0:6d:d7:0e:4e:7e:
a4:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:F5:73:B9:B9:2B:C4:3B:3F:1F:34:1B:49:15:41:2F:14:43:41:AE
X509v3 Authority Key Identifier:
keyid:89:49:28:A3:96:27:CD:5E:E5:F9:75:BD:89:7C:2D:77:5A:B2:99:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iUkoo5YnzV7l-XW9iXwtd1qymUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/EfVzubkrxDs_HzQbSRVBLxRDQa4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/69c7d1-c43d-4bcd-8e6a-1593d4045cbc/1/iUkoo5YnzV7l-XW9iXwtd1qymUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
139.15.0.0/16
185.112.176.0/22
193.108.217.0/24
193.141.57.0/24
194.39.218.0/23
IPv6:
2a03:cc00::/32
Signature Algorithm: sha256WithRSAEncryption
46:d8:6e:70:d8:35:83:f0:5b:e6:d3:c7:b6:f5:7a:d4:87:1a:
2d:da:80:9d:a6:c7:ea:44:2c:3b:8a:fd:a7:e1:d0:c6:6c:61:
09:e6:d0:98:0b:24:99:b4:89:59:08:1c:d7:08:55:c9:3e:61:
fd:2e:89:f5:64:97:24:4b:e3:18:db:2b:d3:b4:01:46:b2:90:
f2:98:98:79:94:1d:d1:bf:7a:cd:d3:d5:32:5b:63:61:b1:86:
8b:10:f9:16:5b:31:85:7d:49:6a:f6:37:36:69:f2:5f:8b:fc:
8e:81:98:f9:22:e4:20:11:11:1f:ce:65:ed:02:51:0e:89:61:
a3:1d:42:3f:f7:d7:d2:c0:31:2c:79:04:a5:0b:f6:64:6e:64:
73:e4:42:21:78:70:5e:6b:a7:99:d5:32:97:07:cf:a6:69:79:
f9:7b:7c:2c:18:bd:76:00:45:aa:05:b6:d6:dc:3a:1c:4c:cc:
cf:da:ce:fb:d8:c5:7b:64:26:14:50:7e:1c:9e:ed:c8:d2:d9:
8c:3f:b4:79:a4:0d:b1:5e:02:ec:a2:8c:9d:8e:27:ba:9d:e0:
a1:b8:7c:9d:c2:7a:d6:d1:26:4c:20:b3:2e:9c:e3:5f:90:e3:
51:02:21:32:e1:dd:30:44:ec:23:43:85:3d:ce:fa:e4:62:35:
a3:de:aa:fb
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzKmbJdcWoG5WaiJn+tZykHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5NDkyOGEzOTYyN2NkNWVlNWY5NzViZDg5N2MyZDc3NWFi
Mjk5NDAwHhcNMjQwMTAyMTQzNTE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWY1NzNiOWI5MmJjNDNiM2YxZjM0MWI0OTE1NDEyZjE0NDM0MWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApBplvDgO/kBBrolBLtn4+pguC7fr
3VFMr3uJhw720fRDDl4/bPJ0X4yNWuCQnCBPu2/tWAUfIDvgca9V39DSU/plcgOi
gXx4gdLz8zIJNQ9uRWbNhTKtWuHIuEFunJ3AQ5MacKV7J+aE8R0MlE9IMIkxmrQQ
b2+7aI1aB5LIgsWUmgX0h1kWHbz+YwRX+QDm2MZvKQuxVwmzfKIGPnFQsXhSu38M
GLYEmTTcg40P35ADQoyn/zIYZoVYP9no3ntTf0MvD8geIfsfK8ijZ0mFGE+JjynO
bF2+snSZPbfviJ4DnfBqicTHszGzXmTTV3LWHfpviTo4jx7QbdcOTn6kUQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFBH1c7m5K8Q7Px80G0kVQS8UQ0GuMB8GA1UdIwQY
MBaAFIlJKKOWJ81e5fl1vYl8LXdasplAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVVrb281WW56VjdsLVhXOWlYd3RkMXF5bVVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC82OWM3ZDEtYzQzZC00YmNkLThlNmEt
MTU5M2Q0MDQ1Y2JjLzEvRWZWenVia3J4RHNfSHpRYlNSVkJMeFJEUWE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC82OWM3ZDEtYzQzZC00YmNkLThlNmEtMTU5M2Q0MDQ1Y2Jj
LzEvaVVrb281WW56VjdsLVhXOWlYd3RkMXF5bVVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwMAiw8DBAK5
cLADBADBbNkDBADBjTkDBAHCJ9owDQQCAAIwBwMFACoDzAAwDQYJKoZIhvcNAQEL
BQADggEBAEbYbnDYNYPwW+bTx7b1etSHGi3agJ2mx+pELDuK/afh0MZsYQnm0JgL
JJm0iVkIHNcIVck+Yf0uifVklyRL4xjbK9O0AUaykPKYmHmUHdG/es3T1TJbY2Gx
hosQ+RZbMYV9SWr2NzZp8l+L/I6BmPki5CARER/OZe0CUQ6JYaMdQj/319LAMSx5
BKUL9mRuZHPkQiF4cF5rp5nVMpcHz6Zpefl7fCwYvXYARaoFttbcOhxMzM/azvvY
xXtkJhRQfhye7cjS2Yw/tHmkDbFeAuyijJ2OJ7qd4KG4fJ3CetbRJkwgsy6c41+Q
41ECITLh3TBE7CNDhT3O+uRiNaPeqvs=
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:04:27 2024 by rpki-client on console-fra.rpki-client.org