Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/a2EN8URCzjUPptRhuEvARGxji64.roa
File: a2EN8URCzjUPptRhuEvARGxji64.roa (raw, json)
Hash identifier: Yym2Oy2e03pSRSIAT9LUPN2ybfzOtsZtK8fVLTAh+j4=
Subject key identifier: 6B:61:0D:F1:44:42:CE:35:0F:A6:D4:61:B8:4B:C0:44:6C:63:8B:AE
Certificate issuer: /CN=75ea894ee05775e0ef061d086ca252147f5c91de
Certificate serial: 0191D6E79C496026DB2D10C20DD429B1AADF
Authority key identifier: 75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/a2EN8URCzjUPptRhuEvARGxji64.roa
Signing time: Mon 09 Sep 2024 13:09:48 +0000
ROA not before: Mon 09 Sep 2024 13:09:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58075
IP address blocks: 37.235.80.0/21 maxlen: 24
45.95.68.0/22 maxlen: 24
45.154.44.0/22 maxlen: 24
185.21.52.0/22 maxlen: 24
185.43.20.0/22 maxlen: 24
185.96.148.0/22 maxlen: 24
185.186.172.0/22 maxlen: 24
194.110.22.0/24 maxlen: 24
194.110.27.0/24 maxlen: 24
194.110.30.0/24 maxlen: 24
194.110.72.0/24 maxlen: 24
195.96.158.0/24 maxlen: 24
2a04:9380::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/deqJTuBXdeDvBh0IbKJSFH9ckd4.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/deqJTuBXdeDvBh0IbKJSFH9ckd4.mft
rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:d6:e7:9c:49:60:26:db:2d:10:c2:0d:d4:29:b1:aa:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=75ea894ee05775e0ef061d086ca252147f5c91de
Validity
Not Before: Sep 9 13:09:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6b610df14442ce350fa6d461b84bc0446c638bae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:0d:b2:64:64:5e:b0:d0:2f:91:12:84:0d:6f:
ab:3c:1c:86:29:e2:2f:b0:fd:84:96:93:23:a2:9d:
6f:3d:80:d6:2b:51:eb:7e:16:9a:de:80:77:ae:6e:
27:ac:67:c4:ca:9b:cf:77:6f:d4:e7:f9:b4:97:21:
42:6a:f6:56:0f:25:0f:f2:85:26:43:7e:ee:fa:20:
ac:13:41:e4:91:80:4f:06:82:1c:91:98:a6:a8:e6:
36:61:fd:8b:b2:dd:e2:25:a2:3b:0d:e2:28:24:4a:
0f:c1:ca:2b:60:f8:f5:a2:e3:9f:28:2e:91:a4:ff:
db:5f:44:3c:c7:32:33:c8:b7:0f:62:03:dd:1f:65:
a0:ad:99:13:14:e6:41:51:b2:38:7d:82:f7:11:00:
2b:57:3f:2f:b6:28:3a:73:75:db:28:58:80:fc:9f:
25:70:6f:a6:b2:41:27:88:1b:7a:7c:47:c3:47:31:
61:22:f3:59:27:68:de:d3:91:2b:be:e1:50:90:8f:
f3:75:cc:f4:83:c2:42:26:18:cf:27:2f:3c:a7:47:
f0:90:68:c9:0d:38:7d:e2:7d:ea:1a:20:71:58:66:
0f:06:6a:e0:b6:1c:ce:b5:7f:fa:84:fe:28:91:5f:
03:11:83:d2:9d:30:14:d8:5b:a8:67:5a:98:4e:c3:
55:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:61:0D:F1:44:42:CE:35:0F:A6:D4:61:B8:4B:C0:44:6C:63:8B:AE
X509v3 Authority Key Identifier:
keyid:75:EA:89:4E:E0:57:75:E0:EF:06:1D:08:6C:A2:52:14:7F:5C:91:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/deqJTuBXdeDvBh0IbKJSFH9ckd4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/a2EN8URCzjUPptRhuEvARGxji64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/1cdce2-a3f8-44b6-b5e1-b7f2984eb653/1/deqJTuBXdeDvBh0IbKJSFH9ckd4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.80.0/21
45.95.68.0/22
45.154.44.0/22
185.21.52.0/22
185.43.20.0/22
185.96.148.0/22
185.186.172.0/22
194.110.22.0/24
194.110.27.0/24
194.110.30.0/24
194.110.72.0/24
195.96.158.0/24
IPv6:
2a04:9380::/29
Signature Algorithm: sha256WithRSAEncryption
24:12:1f:f8:9a:41:cc:ff:2e:46:e0:3d:ef:e7:7f:87:5f:66:
55:44:38:75:0b:1c:96:73:f1:f3:20:b3:48:99:09:c2:9d:9a:
37:a6:a6:a7:b7:24:e2:7c:2f:ca:a2:a5:0e:69:5d:9d:cd:e4:
e6:c8:fd:99:1b:97:77:f8:97:99:78:58:8e:cb:1e:71:2f:60:
d6:49:63:5c:d2:72:a3:97:50:f4:83:a7:64:36:cb:c5:71:27:
78:49:92:8a:18:d1:77:94:08:d2:86:04:87:5e:d1:eb:c2:2c:
0c:e4:31:dd:d3:79:2d:e7:ab:e5:5c:f7:43:fd:c2:69:fc:5f:
3e:e9:26:2b:1b:57:be:c0:2d:b8:84:9f:55:8b:74:80:34:7b:
48:21:b5:14:9d:f4:bc:fe:f1:3c:c7:a7:fe:fd:df:9d:02:af:
7f:58:0b:26:c3:94:b0:a1:a6:af:ec:5e:66:be:06:dc:ca:5d:
17:b0:39:be:06:77:f1:b9:0f:4b:68:bd:42:90:9b:ef:68:ce:
f2:54:1d:93:f1:e2:b5:13:53:f5:f7:25:04:f6:97:42:48:71:
d3:9c:43:dd:bd:db:14:ee:85:2a:e1:4a:d8:b2:b8:84:d3:a2:
3c:94:93:b7:1a:28:f8:79:af:b7:6f:32:91:d9:a1:c1:be:9b:
e9:43:80:cf
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZHW55xJYCbbLRDCDdQpsarfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1ZWE4OTRlZTA1Nzc1ZTBlZjA2MWQwODZjYTI1MjE0N2Y1
YzkxZGUwHhcNMjQwOTA5MTMwOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjYxMGRmMTQ0NDJjZTM1MGZhNmQ0NjFiODRiYzA0NDZjNjM4YmFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3A2yZGResNAvkRKEDW+rPByGKeIv
sP2ElpMjop1vPYDWK1Hrfhaa3oB3rm4nrGfEypvPd2/U5/m0lyFCavZWDyUP8oUm
Q37u+iCsE0HkkYBPBoIckZimqOY2Yf2Lst3iJaI7DeIoJEoPwcorYPj1ouOfKC6R
pP/bX0Q8xzIzyLcPYgPdH2WgrZkTFOZBUbI4fYL3EQArVz8vtig6c3XbKFiA/J8l
cG+mskEniBt6fEfDRzFhIvNZJ2je05ErvuFQkI/zdcz0g8JCJhjPJy88p0fwkGjJ
DTh94n3qGiBxWGYPBmrgthzOtX/6hP4okV8DEYPSnTAU2FuoZ1qYTsNVIwIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFGthDfFEQs41D6bUYbhLwERsY4uuMB8GA1UdIwQY
MBaAFHXqiU7gV3Xg7wYdCGyiUhR/XJHeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEt
YjdmMjk4NGViNjUzLzEvYTJFTjhVUkN6alVQcHRSaHVFdkFSR3hqaTY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS8xY2RjZTItYTNmOC00NGI2LWI1ZTEtYjdmMjk4NGViNjUz
LzEvZGVxSlR1QlhkZUR2QmgwSWJLSlNGSDlja2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDJetQAwQC
LV9EAwQCLZosAwQCuRU0AwQCuSsUAwQCuWCUAwQCubqsAwQAwm4WAwQAwm4bAwQA
wm4eAwQAwm5IAwQAw2CeMA0EAgACMAcDBQMqBJOAMA0GCSqGSIb3DQEBCwUAA4IB
AQAkEh/4mkHM/y5G4D3v53+HX2ZVRDh1CxyWc/HzILNImQnCnZo3pqantyTifC/K
oqUOaV2dzeTmyP2ZG5d3+JeZeFiOyx5xL2DWSWNc0nKjl1D0g6dkNsvFcSd4SZKK
GNF3lAjShgSHXtHrwiwM5DHd03kt56vlXPdD/cJp/F8+6SYrG1e+wC24hJ9Vi3SA
NHtIIbUUnfS8/vE8x6f+/d+dAq9/WAsmw5Swoaav7F5mvgbcyl0XsDm+BnfxuQ9L
aL1CkJvvaM7yVB2T8eK1E1P19yUE9pdCSHHTnEPdvdsU7oUq4UrYsriE06I8lJO3
Gij4ea+3bzKR2aHBvpvpQ4DP
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:12:53 2024 by rpki-client on console-fra.rpki-client.org