Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/1336c7-a33f-4ec6-82d7-f44166bb2db0/1/edrlLIkqJ_2N7AMB9h-CpUba8uE.roa
File: edrlLIkqJ_2N7AMB9h-CpUba8uE.roa (raw, json)
Hash identifier: gDHbGCWqYjAJ2hniEGI7DDq5BSYMtGcQ74CQSxQXNnI=
Subject key identifier: 79:DA:E5:2C:89:2A:27:FD:8D:EC:03:01:F6:1F:82:A5:46:DA:F2:E1
Certificate issuer: /CN=37fbdf2f5f855e5e1ca48e77c3bdd33bd47b4438
Certificate serial: 018CC794E5C5373195107754A53119147737
Authority key identifier: 37:FB:DF:2F:5F:85:5E:5E:1C:A4:8E:77:C3:BD:D3:3B:D4:7B:44:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N_vfL1-FXl4cpI53w73TO9R7RDg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/1336c7-a33f-4ec6-82d7-f44166bb2db0/1/edrlLIkqJ_2N7AMB9h-CpUba8uE.roa
Signing time: Tue 02 Jan 2024 00:31:13 +0000
ROA not before: Tue 02 Jan 2024 00:31:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35829
IP address blocks: 193.151.172.0/22 maxlen: 24
206.190.220.0/22 maxlen: 24
2a0d:e8c0::/29 maxlen: 31
2a0d:e8c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/1336c7-a33f-4ec6-82d7-f44166bb2db0/1/N_vfL1-FXl4cpI53w73TO9R7RDg.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/1336c7-a33f-4ec6-82d7-f44166bb2db0/1/N_vfL1-FXl4cpI53w73TO9R7RDg.mft
rsync://rpki.ripe.net/repository/DEFAULT/N_vfL1-FXl4cpI53w73TO9R7RDg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 03:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:e5:c5:37:31:95:10:77:54:a5:31:19:14:77:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37fbdf2f5f855e5e1ca48e77c3bdd33bd47b4438
Validity
Not Before: Jan 2 00:31:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79dae52c892a27fd8dec0301f61f82a546daf2e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:9a:75:cf:12:be:69:6a:9e:27:d0:1f:5b:72:
60:1d:42:c4:e3:16:e8:03:eb:ae:fa:4a:51:c6:03:
bb:63:d2:25:98:84:84:30:ce:eb:98:2d:5f:16:20:
82:df:c7:66:5b:73:3b:d0:f4:90:3d:e9:34:61:3d:
6b:68:4d:5e:fc:ff:74:76:9d:17:7f:3c:20:67:72:
2e:3d:4c:de:30:3e:59:cc:47:08:01:3b:04:3c:f2:
e4:d2:ae:b8:dd:b9:ec:ab:92:5e:71:f8:f4:68:f8:
5c:0a:7e:87:0b:f7:dd:f2:b4:a3:d9:0c:6a:82:8f:
1b:9b:25:ce:2a:ea:b6:95:6a:d0:da:19:26:a7:a0:
8b:09:cd:7e:9e:ae:18:57:b2:76:6e:df:8d:9f:03:
0e:e3:4d:0d:8e:25:4e:27:6c:25:d5:40:0d:3f:c6:
f2:c1:65:34:a6:96:13:a6:d7:80:89:f6:c9:79:65:
c1:22:6d:71:16:8e:1c:0d:d8:08:3b:f6:97:a7:99:
99:de:0b:4b:59:72:22:77:8d:39:4f:81:12:53:60:
dd:91:3d:2f:03:89:e0:d6:ac:f6:25:4f:19:e8:f6:
39:a4:ae:70:4a:20:cc:c3:2c:c4:d5:7d:2d:6d:db:
a0:a9:a1:4e:b7:53:93:fe:17:91:86:86:88:e8:65:
83:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:DA:E5:2C:89:2A:27:FD:8D:EC:03:01:F6:1F:82:A5:46:DA:F2:E1
X509v3 Authority Key Identifier:
keyid:37:FB:DF:2F:5F:85:5E:5E:1C:A4:8E:77:C3:BD:D3:3B:D4:7B:44:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N_vfL1-FXl4cpI53w73TO9R7RDg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/1336c7-a33f-4ec6-82d7-f44166bb2db0/1/edrlLIkqJ_2N7AMB9h-CpUba8uE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/1336c7-a33f-4ec6-82d7-f44166bb2db0/1/N_vfL1-FXl4cpI53w73TO9R7RDg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.151.172.0/22
206.190.220.0/22
IPv6:
2a0d:e8c0::/29
Signature Algorithm: sha256WithRSAEncryption
7a:c5:52:61:5e:d1:eb:57:40:9f:38:e8:29:1e:8d:f8:3a:65:
ef:cd:20:0b:b5:94:08:3e:9b:f3:71:c1:b6:f9:37:48:e4:eb:
93:7d:d4:3f:3e:50:f0:09:74:5a:b7:80:98:a5:71:ac:09:20:
6a:38:d6:f0:52:02:77:70:31:81:41:1e:91:4a:a1:79:18:3d:
dd:5c:54:53:5f:71:57:13:37:7f:3e:92:ac:dc:26:fb:ac:59:
9e:e8:de:bb:50:6f:bd:7e:c1:59:5a:aa:4e:71:f7:d3:1f:b8:
5d:f9:88:fa:45:82:a5:67:d1:7f:af:e2:ca:1b:30:4f:6b:ef:
fb:37:e7:b4:4f:e4:2a:14:8d:a9:56:d7:94:04:f4:2a:6c:93:
6b:a1:08:2c:47:5d:c9:d4:2f:68:54:05:da:11:61:c0:8f:75:
22:f3:9f:9a:8c:95:d0:81:f9:05:57:7b:09:56:3a:76:4c:a5:
76:98:e8:5e:25:81:e5:48:8b:a9:32:1a:b6:58:df:39:fe:c5:
2d:08:d3:f3:c4:ee:88:6e:22:1b:0c:94:cc:1d:2e:74:44:4f:
66:f4:1b:bb:64:e2:10:f5:bd:37:b8:08:d7:b7:b1:c1:53:67:
35:5a:c1:84:22:ec:53:b5:d9:44:cc:60:2e:ce:b9:cf:22:39:
ac:d3:e9:22
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHlOXFNzGVEHdUpTEZFHc3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3ZmJkZjJmNWY4NTVlNWUxY2E0OGU3N2MzYmRkMzNiZDQ3
YjQ0MzgwHhcNMjQwMTAyMDAzMTEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWRhZTUyYzg5MmEyN2ZkOGRlYzAzMDFmNjFmODJhNTQ2ZGFmMmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqJp1zxK+aWqeJ9AfW3JgHULE4xbo
A+uu+kpRxgO7Y9IlmISEMM7rmC1fFiCC38dmW3M70PSQPek0YT1raE1e/P90dp0X
fzwgZ3IuPUzeMD5ZzEcIATsEPPLk0q643bnsq5Jecfj0aPhcCn6HC/fd8rSj2Qxq
go8bmyXOKuq2lWrQ2hkmp6CLCc1+nq4YV7J2bt+NnwMO400NjiVOJ2wl1UANP8by
wWU0ppYTpteAifbJeWXBIm1xFo4cDdgIO/aXp5mZ3gtLWXIid405T4ESU2DdkT0v
A4ng1qz2JU8Z6PY5pK5wSiDMwyzE1X0tbdugqaFOt1OT/heRhoaI6GWDOQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFHna5SyJKif9jewDAfYfgqVG2vLhMB8GA1UdIwQY
MBaAFDf73y9fhV5eHKSOd8O90zvUe0Q4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTl92ZkwxLUZYbDRjcEk1M3c3M1RPOVI3UkRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS8xMzM2YzctYTMzZi00ZWM2LTgyZDct
ZjQ0MTY2YmIyZGIwLzEvZWRybExJa3FKXzJON0FNQjloLUNwVWJhOHVFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS8xMzM2YzctYTMzZi00ZWM2LTgyZDctZjQ0MTY2YmIyZGIw
LzEvTl92ZkwxLUZYbDRjcEk1M3c3M1RPOVI3UkRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCwZesAwQC
zr7cMA0EAgACMAcDBQMqDejAMA0GCSqGSIb3DQEBCwUAA4IBAQB6xVJhXtHrV0Cf
OOgpHo34OmXvzSALtZQIPpvzccG2+TdI5OuTfdQ/PlDwCXRat4CYpXGsCSBqONbw
UgJ3cDGBQR6RSqF5GD3dXFRTX3FXEzd/PpKs3Cb7rFme6N67UG+9fsFZWqpOcffT
H7hd+Yj6RYKlZ9F/r+LKGzBPa+/7N+e0T+QqFI2pVteUBPQqbJNroQgsR13J1C9o
VAXaEWHAj3Ui85+ajJXQgfkFV3sJVjp2TKV2mOheJYHlSIupMhq2WN85/sUtCNPz
xO6IbiIbDJTMHS50RE9m9Bu7ZOIQ9b03uAjXt7HBU2c1WsGEIuxTtdlEzGAuzrnP
Ijms0+ki
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:07:52 2024 by rpki-client on console-ams.rpki-client.org