Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/95c3c8-6ab1-4951-8f59-65503a9306a0/1/EMLrRxp7hBQcTJXV9PXuRsWGQcc.roa
File: EMLrRxp7hBQcTJXV9PXuRsWGQcc.roa (raw, json)
Hash identifier: H9wqCdNrYrwPbTi+g67uWVXK+GMXSZ9G0OSoQXAXB/8=
Subject key identifier: 10:C2:EB:47:1A:7B:84:14:1C:4C:95:D5:F4:F5:EE:46:C5:86:41:C7
Certificate issuer: /CN=18d801de9fe8a6680758817823ae36ba065c610d
Certificate serial: 018CC5014FDDF2374181E535E790CB6B55E2
Authority key identifier: 18:D8:01:DE:9F:E8:A6:68:07:58:81:78:23:AE:36:BA:06:5C:61:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GNgB3p_opmgHWIF4I642ugZcYQ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/95c3c8-6ab1-4951-8f59-65503a9306a0/1/EMLrRxp7hBQcTJXV9PXuRsWGQcc.roa
Signing time: Mon 01 Jan 2024 12:30:46 +0000
ROA not before: Mon 01 Jan 2024 12:30:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21473
IP address blocks: 213.206.160.0/19 maxlen: 24
77.72.216.0/21 maxlen: 24
77.72.221.0/24 maxlen: 24
213.183.64.0/19 maxlen: 24
2a02:24d8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/95c3c8-6ab1-4951-8f59-65503a9306a0/1/GNgB3p_opmgHWIF4I642ugZcYQ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/95c3c8-6ab1-4951-8f59-65503a9306a0/1/GNgB3p_opmgHWIF4I642ugZcYQ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/GNgB3p_opmgHWIF4I642ugZcYQ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:4f:dd:f2:37:41:81:e5:35:e7:90:cb:6b:55:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=18d801de9fe8a6680758817823ae36ba065c610d
Validity
Not Before: Jan 1 12:30:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10c2eb471a7b84141c4c95d5f4f5ee46c58641c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:81:28:fe:04:0c:69:54:84:2d:a8:97:e8:d5:
44:69:8c:f3:77:81:8c:26:3c:90:9f:77:6f:2c:8f:
fc:fc:ad:28:48:25:97:9b:f9:a8:9a:b7:f8:2b:82:
69:24:2b:f3:14:a5:d3:74:51:39:48:cc:d6:6f:f2:
86:67:55:ed:f6:28:60:be:48:73:8e:aa:80:23:35:
64:fd:db:73:e1:2d:7f:15:5c:b4:06:1d:ae:04:00:
bd:1b:95:8d:16:65:08:5c:2b:da:98:96:ad:c3:22:
24:07:5c:c3:01:d4:46:28:c0:42:43:44:cd:b7:e5:
e8:70:0a:83:82:1b:2b:43:07:cd:eb:3b:1d:dc:c7:
22:3b:53:bd:f7:ec:f5:54:26:2d:da:57:ed:d1:aa:
9f:69:c2:b5:5f:f9:a1:f0:8b:3f:1f:fb:44:9e:ed:
8b:5f:8e:35:0b:45:cc:51:d8:c2:8d:ac:c8:c8:b1:
b7:1b:bf:4a:91:67:bc:d9:a3:0d:c9:f6:fd:e8:4e:
66:c3:6e:60:ca:a9:cb:5a:72:22:92:17:d6:a5:b0:
e7:8b:a6:cf:37:b5:fe:04:53:fb:c6:9e:ec:f6:78:
ff:5e:8c:e3:d1:6a:26:83:26:69:2f:2e:83:06:e5:
b5:16:b5:5c:15:1f:91:4c:f6:92:14:8e:f3:8a:a2:
23:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:C2:EB:47:1A:7B:84:14:1C:4C:95:D5:F4:F5:EE:46:C5:86:41:C7
X509v3 Authority Key Identifier:
keyid:18:D8:01:DE:9F:E8:A6:68:07:58:81:78:23:AE:36:BA:06:5C:61:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GNgB3p_opmgHWIF4I642ugZcYQ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/95c3c8-6ab1-4951-8f59-65503a9306a0/1/EMLrRxp7hBQcTJXV9PXuRsWGQcc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/95c3c8-6ab1-4951-8f59-65503a9306a0/1/GNgB3p_opmgHWIF4I642ugZcYQ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.72.216.0/21
213.183.64.0/19
213.206.160.0/19
IPv6:
2a02:24d8::/32
Signature Algorithm: sha256WithRSAEncryption
63:fd:7f:2d:44:e4:79:a4:49:87:d6:9d:7a:a9:66:86:75:33:
a9:11:70:5c:fe:9a:a5:16:2e:31:c5:8a:f4:66:da:04:f3:d4:
dd:7e:25:6b:b2:61:ad:43:52:d4:c2:a4:0d:63:bd:b8:39:cf:
04:87:f0:ea:c9:b0:9a:fa:a6:30:41:ab:3e:d5:a3:70:1e:12:
ac:36:3f:a6:1c:e9:f3:cf:ff:a7:6e:5d:25:ac:cb:a8:43:26:
db:64:72:d4:a3:7c:3a:6c:a2:4e:3a:fa:39:b6:18:4a:bf:79:
ce:06:4c:14:c8:1b:21:7a:e8:18:ff:1d:d2:75:53:8a:5e:cc:
f6:77:71:89:3e:ec:ce:88:a6:e1:50:af:b9:2b:2c:96:22:22:
75:09:95:55:3e:29:ed:90:4e:5e:e7:8e:7a:bc:f1:c1:b9:21:
81:1b:a0:84:08:d8:2e:ee:37:91:23:bc:68:4a:88:4c:77:90:
69:56:35:88:cf:67:e3:d4:71:f8:a6:27:30:db:75:c4:7e:10:
ce:37:18:ce:07:59:bb:f0:02:0b:1b:33:1b:6f:df:31:b3:72:
54:d6:9a:98:d5:67:be:85:ab:79:00:c0:00:e0:86:93:8b:b9:
74:1c:b7:89:a8:80:0f:e7:c2:10:11:eb:aa:41:5a:84:8b:5b:
3c:06:ef:e3
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFAU/d8jdBgeU155DLa1XiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4ZDgwMWRlOWZlOGE2NjgwNzU4ODE3ODIzYWUzNmJhMDY1
YzYxMGQwHhcNMjQwMTAxMTIzMDQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGMyZWI0NzFhN2I4NDE0MWM0Yzk1ZDVmNGY1ZWU0NmM1ODY0MWM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgoEo/gQMaVSELaiX6NVEaYzzd4GM
JjyQn3dvLI/8/K0oSCWXm/momrf4K4JpJCvzFKXTdFE5SMzWb/KGZ1Xt9ihgvkhz
jqqAIzVk/dtz4S1/FVy0Bh2uBAC9G5WNFmUIXCvamJatwyIkB1zDAdRGKMBCQ0TN
t+XocAqDghsrQwfN6zsd3MciO1O99+z1VCYt2lft0aqfacK1X/mh8Is/H/tEnu2L
X441C0XMUdjCjazIyLG3G79KkWe82aMNyfb96E5mw25gyqnLWnIikhfWpbDni6bP
N7X+BFP7xp7s9nj/Xozj0WomgyZpLy6DBuW1FrVcFR+RTPaSFI7ziqIjgQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBDC60cae4QUHEyV1fT17kbFhkHHMB8GA1UdIwQY
MBaAFBjYAd6f6KZoB1iBeCOuNroGXGENMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR05nQjNwX29wbWdIV0lGNEk2NDJ1Z1pjWVEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS85NWMzYzgtNmFiMS00OTUxLThmNTkt
NjU1MDNhOTMwNmEwLzEvRU1MclJ4cDdoQlFjVEpYVjlQWHVSc1dHUWNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS85NWMzYzgtNmFiMS00OTUxLThmNTktNjU1MDNhOTMwNmEw
LzEvR05nQjNwX29wbWdIV0lGNEk2NDJ1Z1pjWVEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDTUjYAwQF
1bdAAwQF1c6gMA0EAgACMAcDBQAqAiTYMA0GCSqGSIb3DQEBCwUAA4IBAQBj/X8t
ROR5pEmH1p16qWaGdTOpEXBc/pqlFi4xxYr0ZtoE89TdfiVrsmGtQ1LUwqQNY724
Oc8Eh/DqybCa+qYwQas+1aNwHhKsNj+mHOnzz/+nbl0lrMuoQybbZHLUo3w6bKJO
Ovo5thhKv3nOBkwUyBsheugY/x3SdVOKXsz2d3GJPuzOiKbhUK+5KyyWIiJ1CZVV
PintkE5e5456vPHBuSGBG6CECNgu7jeRI7xoSohMd5BpVjWIz2fj1HH4picw23XE
fhDONxjOB1m78AILGzMbb98xs3JU1pqY1We+hat5AMAA4IaTi7l0HLeJqIAP58IQ
EeuqQVqEi1s8Bu/j
-----END CERTIFICATE-----
Generated at Wed Jun 26 00:10:13 2024 by rpki-client on console-fra.rpki-client.org