Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/EeFPhEstvW1EwmoMEs09YH1cZlE.roa
File: EeFPhEstvW1EwmoMEs09YH1cZlE.roa (raw, json)
Hash identifier: zuogsczPuVIDLnfiQ5YgxbbQeRIuIE6FvsJkQLHPGfI=
Subject key identifier: 11:E1:4F:84:4B:2D:BD:6D:44:C2:6A:0C:12:CD:3D:60:7D:5C:66:51
Certificate issuer: /CN=35b03ec85d08607a6b1ddf1fe79dc651ccfe3f37
Certificate serial: 019422FBBF76502843D179A5B47FA99805EA
Authority key identifier: 35:B0:3E:C8:5D:08:60:7A:6B:1D:DF:1F:E7:9D:C6:51:CC:FE:3F:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NbA-yF0IYHprHd8f553GUcz-Pzc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/EeFPhEstvW1EwmoMEs09YH1cZlE.roa
Signing time: Wed 01 Jan 2025 17:48:31 +0000
ROA not before: Wed 01 Jan 2025 17:48:31 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44134
IP address blocks: 79.142.224.0/20 maxlen: 20
217.71.0.0/20 maxlen: 20
2a02:2190::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/NbA-yF0IYHprHd8f553GUcz-Pzc.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/NbA-yF0IYHprHd8f553GUcz-Pzc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NbA-yF0IYHprHd8f553GUcz-Pzc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:22:fb:bf:76:50:28:43:d1:79:a5:b4:7f:a9:98:05:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35b03ec85d08607a6b1ddf1fe79dc651ccfe3f37
Validity
Not Before: Jan 1 17:48:31 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=11e14f844b2dbd6d44c26a0c12cd3d607d5c6651
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:76:a9:09:54:50:d5:fe:f7:dc:00:66:11:97:
a6:11:7a:be:b3:75:5f:4b:95:4f:b9:b9:cd:93:d4:
19:8e:1f:82:6a:c7:d8:97:e1:6a:c4:7c:d2:f1:14:
4d:81:47:a6:2b:43:91:26:96:d8:6f:03:07:f6:a7:
48:c9:6f:71:45:ee:46:0f:4c:69:8d:f5:8e:83:32:
5a:3f:86:d6:d6:dc:35:a6:93:32:97:ae:6b:df:7b:
da:9c:7b:6b:d1:be:3a:4a:aa:cd:b5:a9:1f:52:77:
1b:2b:23:c4:f6:66:e7:ec:a7:84:ab:6c:d0:e3:c9:
16:36:0d:fc:dd:c9:d7:19:93:11:a6:b0:34:aa:1a:
1e:41:f1:b9:5a:2b:92:35:e2:9d:fb:72:13:b4:72:
ca:2b:7e:75:60:34:6b:38:e8:3f:e6:88:2c:4e:b3:
99:ca:71:97:0c:97:08:e4:c5:e4:f5:09:49:25:52:
8a:9e:06:a9:65:0c:ec:42:2c:be:a7:21:58:06:c2:
11:8b:54:84:e2:3c:d7:d5:f8:51:bd:76:e1:3b:26:
61:5f:a7:ed:d3:0b:37:13:78:a1:c7:8b:64:9a:3b:
6e:35:69:12:48:10:4e:29:6e:74:dd:b5:73:19:03:
5f:9a:65:69:2b:91:7c:8e:9b:9e:21:9c:19:f3:bb:
28:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:E1:4F:84:4B:2D:BD:6D:44:C2:6A:0C:12:CD:3D:60:7D:5C:66:51
X509v3 Authority Key Identifier:
keyid:35:B0:3E:C8:5D:08:60:7A:6B:1D:DF:1F:E7:9D:C6:51:CC:FE:3F:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NbA-yF0IYHprHd8f553GUcz-Pzc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/EeFPhEstvW1EwmoMEs09YH1cZlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/cc4fe9-e48c-42da-97ea-ab57cabc18f7/1/NbA-yF0IYHprHd8f553GUcz-Pzc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.142.224.0/20
217.71.0.0/20
IPv6:
2a02:2190::/29
Signature Algorithm: sha256WithRSAEncryption
a9:1d:6d:65:fb:ad:74:44:83:a5:1a:3d:3a:c8:7e:8b:ea:1f:
69:49:53:66:5b:b6:fd:eb:6d:dc:97:12:5a:d1:ed:b4:cc:b0:
95:b4:26:65:31:1a:4c:36:d0:f6:de:da:df:1a:cf:b5:fe:bb:
da:98:44:f6:93:5b:2c:b3:73:90:91:37:9c:c4:7b:01:90:f0:
5f:41:e4:7f:37:87:cd:54:5c:b1:b8:6e:d2:5b:4e:af:0e:f9:
2c:4a:18:64:46:4a:e4:17:46:1b:1f:14:0e:b7:2b:93:bb:82:
e8:b5:24:73:ca:db:08:cb:17:4f:3d:c1:15:e4:f8:f1:8f:e5:
2e:db:2d:9d:2f:81:bd:15:73:64:a5:fe:ab:a4:c7:23:2e:ae:
71:6c:7a:4a:87:e0:17:5d:66:75:79:3a:e6:f2:6b:1b:f2:0b:
42:5a:0a:ce:65:3f:33:17:c9:fe:bf:29:16:15:e7:8a:17:21:
2b:48:f3:4f:e0:37:ba:85:7f:f9:2e:30:61:69:e3:b9:d4:d3:
f6:8c:36:66:a0:7b:31:90:73:2a:18:62:03:97:14:76:75:a1:
81:5d:47:f9:ce:91:0c:2f:4c:d8:df:7f:45:b4:26:12:61:15:
40:da:92:2b:0e:2f:0e:7e:82:f1:85:04:b0:da:c8:26:5f:0b:
22:82:cc:37
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZQi+792UChD0XmltH+pmAXqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1YjAzZWM4NWQwODYwN2E2YjFkZGYxZmU3OWRjNjUxY2Nm
ZTNmMzcwHhcNMjUwMTAxMTc0ODMxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWUxNGY4NDRiMmRiZDZkNDRjMjZhMGMxMmNkM2Q2MDdkNWM2NjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXapCVRQ1f733ABmEZemEXq+s3Vf
S5VPubnNk9QZjh+CasfYl+FqxHzS8RRNgUemK0ORJpbYbwMH9qdIyW9xRe5GD0xp
jfWOgzJaP4bW1tw1ppMyl65r33vanHtr0b46SqrNtakfUncbKyPE9mbn7KeEq2zQ
48kWNg383cnXGZMRprA0qhoeQfG5WiuSNeKd+3ITtHLKK351YDRrOOg/5ogsTrOZ
ynGXDJcI5MXk9QlJJVKKngapZQzsQiy+pyFYBsIRi1SE4jzX1fhRvXbhOyZhX6ft
0ws3E3ihx4tkmjtuNWkSSBBOKW503bVzGQNfmmVpK5F8jpueIZwZ87sokQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFBHhT4RLLb1tRMJqDBLNPWB9XGZRMB8GA1UdIwQY
MBaAFDWwPshdCGB6ax3fH+edxlHM/j83MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmJBLXlGMElZSHBySGQ4ZjU1M0dVY3otUHpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS9jYzRmZTktZTQ4Yy00MmRhLTk3ZWEt
YWI1N2NhYmMxOGY3LzEvRWVGUGhFc3R2VzFFd21vTUVzMDlZSDFjWmxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS9jYzRmZTktZTQ4Yy00MmRhLTk3ZWEtYWI1N2NhYmMxOGY3
LzEvTmJBLXlGMElZSHBySGQ4ZjU1M0dVY3otUHpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQET47gAwQE
2UcAMA0EAgACMAcDBQMqAiGQMA0GCSqGSIb3DQEBCwUAA4IBAQCpHW1l+610RIOl
Gj06yH6L6h9pSVNmW7b9623clxJa0e20zLCVtCZlMRpMNtD23trfGs+1/rvamET2
k1sss3OQkTecxHsBkPBfQeR/N4fNVFyxuG7SW06vDvksShhkRkrkF0YbHxQOtyuT
u4LotSRzytsIyxdPPcEV5Pjxj+Uu2y2dL4G9FXNkpf6rpMcjLq5xbHpKh+AXXWZ1
eTrm8msb8gtCWgrOZT8zF8n+vykWFeeKFyErSPNP4De6hX/5LjBhaeO51NP2jDZm
oHsxkHMqGGIDlxR2daGBXUf5zpEML0zY339FtCYSYRVA2pIrDi8OfoLxhQSw2sgm
Xwsigsw3
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:44:39 2025 by rpki-client