Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/9014c3-1a49-4e62-9243-21335d1063af/1/EWY61EBMWvIz95kZvxz3f7Ao8DM.roa
File: EWY61EBMWvIz95kZvxz3f7Ao8DM.roa (raw, json)
Hash identifier: hUfTdT/UdwzPCuJouTIN5MiLU84ihpYE+x77dYeKVgo=
Subject key identifier: 11:66:3A:D4:40:4C:5A:F2:33:F7:99:19:BF:1C:F7:7F:B0:28:F0:33
Certificate issuer: /CN=3f0a287bea92588fc5dae4f93fb25628f32d196d
Certificate serial: 01941F8C5D8BDDEC63139C8948B124732B71
Authority key identifier: 3F:0A:28:7B:EA:92:58:8F:C5:DA:E4:F9:3F:B2:56:28:F3:2D:19:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Pwooe-qSWI_F2uT5P7JWKPMtGW0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/9014c3-1a49-4e62-9243-21335d1063af/1/EWY61EBMWvIz95kZvxz3f7Ao8DM.roa
Signing time: Wed 01 Jan 2025 01:48:00 +0000
ROA not before: Wed 01 Jan 2025 01:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35320
IP address blocks: 78.154.160.0/19 maxlen: 19
80.93.112.0/20 maxlen: 20
185.12.140.0/23 maxlen: 23
2a02:5f0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/9014c3-1a49-4e62-9243-21335d1063af/1/Pwooe-qSWI_F2uT5P7JWKPMtGW0.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/9014c3-1a49-4e62-9243-21335d1063af/1/Pwooe-qSWI_F2uT5P7JWKPMtGW0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Pwooe-qSWI_F2uT5P7JWKPMtGW0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:1f:8c:5d:8b:dd:ec:63:13:9c:89:48:b1:24:73:2b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f0a287bea92588fc5dae4f93fb25628f32d196d
Validity
Not Before: Jan 1 01:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11663ad4404c5af233f79919bf1cf77fb028f033
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:4b:36:3b:28:34:49:3c:0f:21:21:22:50:64:
b1:8b:fb:e3:9c:52:44:fa:bc:f5:d9:ca:f6:e6:9a:
ff:68:1a:f6:24:6b:61:ea:0a:53:5f:f4:e3:b2:3d:
dc:5c:97:bc:72:a2:87:8a:cb:92:65:df:d4:55:15:
10:8f:16:04:f2:c3:34:f8:be:56:44:1c:16:35:48:
dd:98:f3:e1:9a:05:74:b0:cf:f6:dd:a4:ba:7a:37:
31:d5:aa:bd:98:97:e2:b1:ad:f8:c0:ba:b4:9b:0a:
5a:c9:6f:7d:84:85:2a:af:ee:f9:d9:f8:dd:e6:32:
82:16:ac:71:52:de:b7:75:38:9f:ad:bf:3f:c5:73:
b8:6e:2b:cb:b3:5a:69:64:34:9d:d9:12:5b:e7:de:
b5:52:a7:72:6c:62:fb:94:75:64:38:74:8b:5e:4a:
c6:f8:28:7e:87:3b:60:58:c1:e4:15:a5:a8:33:02:
39:d4:0d:99:0f:52:de:5a:3f:e8:8d:1c:d6:a8:68:
32:06:2c:e4:75:2c:8c:07:b7:cc:28:c1:ca:90:9b:
4a:89:f1:06:56:6e:b4:27:ef:0c:b9:d4:25:60:31:
92:8c:87:04:f4:32:52:ca:c6:3c:fa:36:64:33:f8:
63:b8:d1:84:2e:5f:90:9e:8a:4c:b9:1b:46:e8:39:
cc:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:66:3A:D4:40:4C:5A:F2:33:F7:99:19:BF:1C:F7:7F:B0:28:F0:33
X509v3 Authority Key Identifier:
keyid:3F:0A:28:7B:EA:92:58:8F:C5:DA:E4:F9:3F:B2:56:28:F3:2D:19:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Pwooe-qSWI_F2uT5P7JWKPMtGW0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/9014c3-1a49-4e62-9243-21335d1063af/1/EWY61EBMWvIz95kZvxz3f7Ao8DM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/9014c3-1a49-4e62-9243-21335d1063af/1/Pwooe-qSWI_F2uT5P7JWKPMtGW0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.154.160.0/19
80.93.112.0/20
185.12.140.0/23
IPv6:
2a02:5f0::/32
Signature Algorithm: sha256WithRSAEncryption
9f:1d:a7:66:03:d9:d0:fa:02:21:06:3d:3e:75:fa:fa:d0:cb:
8a:a5:4f:46:6f:71:59:9f:a5:68:ed:e6:32:b1:9e:86:a5:4a:
99:9b:6c:cc:f5:cc:3a:50:68:a4:99:d8:ed:b7:79:77:a2:7d:
df:3b:0a:27:40:21:1a:ad:53:67:a5:41:de:f9:3f:51:98:77:
53:01:97:2e:f7:94:2a:f8:17:f3:e5:d9:50:0a:55:c8:4c:06:
f0:a7:95:b7:44:ed:ad:29:9b:e0:20:1d:30:95:12:a5:ed:15:
0d:a4:69:e3:4c:87:01:bd:8f:e4:21:30:d7:af:74:e7:34:95:
50:2a:5b:84:9a:da:59:b8:72:0c:65:78:0b:d4:3e:0a:d9:e3:
18:77:44:20:20:0b:a6:4e:43:da:52:89:7f:30:9b:74:e8:a3:
98:7e:f6:8e:00:54:4a:c8:6f:02:0b:d6:ea:d6:47:e4:b8:6a:
03:d0:6c:57:82:6b:55:83:1c:0a:5c:58:35:21:2f:ad:f0:bb:
76:f8:17:eb:b0:c6:53:06:c1:64:53:34:2e:41:8f:a2:ea:8d:
16:fa:d6:02:43:48:97:f8:8b:86:0d:e2:51:78:91:d4:24:48:
42:a5:d0:59:74:19:6c:64:f2:ad:66:49:c3:83:c3:62:b8:20:
2d:f6:6f:09
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQfjF2L3exjE5yJSLEkcytxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmMGEyODdiZWE5MjU4OGZjNWRhZTRmOTNmYjI1NjI4ZjMy
ZDE5NmQwHhcNMjUwMTAxMDE0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTY2M2FkNDQwNGM1YWYyMzNmNzk5MTliZjFjZjc3ZmIwMjhmMDMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0s2Oyg0STwPISEiUGSxi/vjnFJE
+rz12cr25pr/aBr2JGth6gpTX/Tjsj3cXJe8cqKHisuSZd/UVRUQjxYE8sM0+L5W
RBwWNUjdmPPhmgV0sM/23aS6ejcx1aq9mJfisa34wLq0mwpayW99hIUqr+752fjd
5jKCFqxxUt63dTifrb8/xXO4bivLs1ppZDSd2RJb5961UqdybGL7lHVkOHSLXkrG
+Ch+hztgWMHkFaWoMwI51A2ZD1LeWj/ojRzWqGgyBizkdSyMB7fMKMHKkJtKifEG
Vm60J+8MudQlYDGSjIcE9DJSysY8+jZkM/hjuNGELl+QnopMuRtG6DnMjQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBFmOtRATFryM/eZGb8c93+wKPAzMB8GA1UdIwQY
MBaAFD8KKHvqkliPxdrk+T+yVijzLRltMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHdvb2UtcVNXSV9GMnVUNVA3SldLUE10R1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy85MDE0YzMtMWE0OS00ZTYyLTkyNDMt
MjEzMzVkMTA2M2FmLzEvRVdZNjFFQk1Xdkl6OTVrWnZ4ejNmN0FvOERNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy85MDE0YzMtMWE0OS00ZTYyLTkyNDMtMjEzMzVkMTA2M2Fm
LzEvUHdvb2UtcVNXSV9GMnVUNVA3SldLUE10R1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFTpqgAwQE
UF1wAwQBuQyMMA0EAgACMAcDBQAqAgXwMA0GCSqGSIb3DQEBCwUAA4IBAQCfHadm
A9nQ+gIhBj0+dfr60MuKpU9Gb3FZn6Vo7eYysZ6GpUqZm2zM9cw6UGikmdjtt3l3
on3fOwonQCEarVNnpUHe+T9RmHdTAZcu95Qq+Bfz5dlQClXITAbwp5W3RO2tKZvg
IB0wlRKl7RUNpGnjTIcBvY/kITDXr3TnNJVQKluEmtpZuHIMZXgL1D4K2eMYd0Qg
IAumTkPaUol/MJt06KOYfvaOAFRKyG8CC9bq1kfkuGoD0GxXgmtVgxwKXFg1IS+t
8Lt2+BfrsMZTBsFkUzQuQY+i6o0W+tYCQ0iX+IuGDeJReJHUJEhCpdBZdBlsZPKt
ZknDg8NiuCAt9m8J
-----END CERTIFICATE-----
Generated at Sun Feb 2 08:37:08 2025 by rpki-client