Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/eGM8QxxtR6LQYycJMHe77hI1GS8.roa
File: eGM8QxxtR6LQYycJMHe77hI1GS8.roa (raw, json)
Hash identifier: y5XgkSevb+owa7ale8QoK7X4lcq90ORK6HtJd1yjmGE=
Subject key identifier: 78:63:3C:43:1C:6D:47:A2:D0:63:27:09:30:77:BB:EE:12:35:19:2F
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 01942369927B0BFBBCD66324269B189A89AA
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/eGM8QxxtR6LQYycJMHe77hI1GS8.roa
Signing time: Wed 01 Jan 2025 19:48:28 +0000
ROA not before: Wed 01 Jan 2025 19:48:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41807
IP address blocks: 89.45.166.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 14:00:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:23:69:92:7b:0b:fb:bc:d6:63:24:26:9b:18:9a:89:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 1 19:48:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=78633c431c6d47a2d06327093077bbee1235192f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2b:59:2c:2e:d5:1e:dc:31:1f:27:2e:61:4f:
a3:6d:2c:9b:27:38:46:8f:3e:b6:ee:76:53:8b:21:
a7:70:10:81:d0:71:cb:7b:1f:7f:77:1c:0c:a4:d7:
7c:63:e9:52:3c:22:48:68:e2:1f:33:7c:e9:09:82:
2c:5c:15:e8:12:8d:f2:a8:05:99:c8:8a:d2:ef:05:
fc:93:37:8b:c3:3d:0d:f2:9a:b0:65:6b:70:67:25:
68:54:ce:1f:9f:be:f6:0f:8b:0b:2b:c3:45:a3:65:
64:89:04:22:85:83:af:45:7a:21:3b:c1:7d:06:3e:
36:39:89:29:b7:24:47:b6:a9:84:b7:b6:3b:f3:2f:
4d:f4:7e:99:64:42:e4:2e:75:73:10:cd:2b:de:b9:
cc:81:63:33:b6:78:7d:34:97:b7:c8:81:81:20:d3:
b1:0d:b9:b9:95:b9:a8:e0:fd:2a:6d:55:93:ef:91:
23:37:5a:c2:af:61:53:1d:ff:e5:fd:f5:c4:96:b8:
dc:6d:14:ed:cd:27:aa:66:cf:cc:f5:19:1c:8e:68:
bb:36:e8:05:11:7c:9a:74:df:41:80:c8:bc:00:be:
52:dd:73:18:06:54:22:a4:a3:c3:81:b8:a4:90:c0:
13:b0:c1:cb:1a:dd:6a:e8:c7:3b:04:bd:e7:44:fa:
e2:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:63:3C:43:1C:6D:47:A2:D0:63:27:09:30:77:BB:EE:12:35:19:2F
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/eGM8QxxtR6LQYycJMHe77hI1GS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.45.166.0/23
Signature Algorithm: sha256WithRSAEncryption
0e:b8:06:53:c1:49:dd:20:b4:e8:ae:29:d6:84:e4:d9:db:b9:
9a:9a:a8:71:60:26:68:34:33:57:6f:e3:fd:8c:43:df:c4:02:
22:54:45:3d:d4:25:62:a7:cf:5d:d9:c8:b6:4d:25:c6:11:c2:
4d:e1:63:16:d7:21:e3:d5:c9:7a:f3:30:94:a7:d5:ee:cc:a9:
1c:b2:2b:77:5f:55:30:87:78:ce:57:11:10:0e:19:9b:2d:31:
b7:1e:af:39:bb:77:77:88:59:34:ba:af:dc:f8:48:b2:91:51:
08:1f:e0:9b:fe:42:e4:b8:85:77:4d:e1:cd:e4:27:ce:5c:d2:
fa:08:0d:f6:c4:5d:65:fb:33:9e:d4:8c:a3:d3:1f:c2:d8:03:
12:7b:ec:53:53:e0:48:6e:48:65:1c:22:cf:66:9c:96:8e:00:
da:23:0f:77:19:9b:1c:76:07:be:94:6d:83:63:6c:db:46:cc:
e2:ca:1a:ac:4e:db:84:66:8f:92:6c:c5:97:ec:f2:65:be:48:
01:cb:c7:10:ee:ab:ed:f1:3f:b9:f6:8f:77:40:4f:83:b2:e7:
a4:15:15:18:9b:39:41:f0:20:66:05:a8:10:ac:e7:55:94:4b:
db:c9:65:ea:9e:b2:e0:ef:1e:0e:15:c9:fe:27:3f:06:af:eb:
ac:2e:46:4e
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZQjaZJ7C/u81mMkJpsYmomqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjUwMTAxMTk0ODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODYzM2M0MzFjNmQ0N2EyZDA2MzI3MDkzMDc3YmJlZTEyMzUxOTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjitZLC7VHtwxHycuYU+jbSybJzhG
jz627nZTiyGncBCB0HHLex9/dxwMpNd8Y+lSPCJIaOIfM3zpCYIsXBXoEo3yqAWZ
yIrS7wX8kzeLwz0N8pqwZWtwZyVoVM4fn772D4sLK8NFo2VkiQQihYOvRXohO8F9
Bj42OYkptyRHtqmEt7Y78y9N9H6ZZELkLnVzEM0r3rnMgWMztnh9NJe3yIGBINOx
Dbm5lbmo4P0qbVWT75EjN1rCr2FTHf/l/fXElrjcbRTtzSeqZs/M9Rkcjmi7NugF
EXyadN9BgMi8AL5S3XMYBlQipKPDgbikkMATsMHLGt1q6Mc7BL3nRPriuwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFHhjPEMcbUei0GMnCTB3u+4SNRkvMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL2VHTThReHh0UjZMUVl5Y0pNSGU3N2hJMUdTOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFZLaYw
DQYJKoZIhvcNAQELBQADggEBAA64BlPBSd0gtOiuKdaE5NnbuZqaqHFgJmg0M1dv
4/2MQ9/EAiJURT3UJWKnz13ZyLZNJcYRwk3hYxbXIePVyXrzMJSn1e7MqRyyK3df
VTCHeM5XERAOGZstMbcerzm7d3eIWTS6r9z4SLKRUQgf4Jv+QuS4hXdN4c3kJ85c
0voIDfbEXWX7M57UjKPTH8LYAxJ77FNT4EhuSGUcIs9mnJaOANojD3cZmxx2B76U
bYNjbNtGzOLKGqxO24Rmj5JsxZfs8mW+SAHLxxDuq+3xP7n2j3dAT4Oy56QVFRib
OUHwIGYFqBCs51WUS9vJZeqesuDvHg4Vyf4nPwav66wuRk4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:32:52 2025 by rpki-client