Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/97/3ed97d-e867-425f-8743-0daed3aa6249/1/EdLZcuUoPIggdSjFqbcY9A2Zww8.roa
File: EdLZcuUoPIggdSjFqbcY9A2Zww8.roa (raw, json)
Hash identifier: 4OCPDPJjqE9tjOZS/qChZOMSj0voQLSo3u5rgABTUHM=
Subject key identifier: 11:D2:D9:72:E5:28:3C:88:20:75:28:C5:A9:B7:18:F4:0D:99:C3:0F
Certificate issuer: /CN=2776d64ea8fd028b6888e374557bb91f05ee0ec6
Certificate serial: 018CCA29D43CE625CD22BBE5FB1620720CBA
Authority key identifier: 27:76:D6:4E:A8:FD:02:8B:68:88:E3:74:55:7B:B9:1F:05:EE:0E:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J3bWTqj9AotoiON0VXu5HwXuDsY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/97/3ed97d-e867-425f-8743-0daed3aa6249/1/EdLZcuUoPIggdSjFqbcY9A2Zww8.roa
Signing time: Tue 02 Jan 2024 12:33:08 +0000
ROA not before: Tue 02 Jan 2024 12:33:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48719
IP address blocks: 91.211.210.0/24 maxlen: 24
91.211.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/97/3ed97d-e867-425f-8743-0daed3aa6249/1/J3bWTqj9AotoiON0VXu5HwXuDsY.crl
rsync://rpki.ripe.net/repository/DEFAULT/97/3ed97d-e867-425f-8743-0daed3aa6249/1/J3bWTqj9AotoiON0VXu5HwXuDsY.mft
rsync://rpki.ripe.net/repository/DEFAULT/J3bWTqj9AotoiON0VXu5HwXuDsY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:d4:3c:e6:25:cd:22:bb:e5:fb:16:20:72:0c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2776d64ea8fd028b6888e374557bb91f05ee0ec6
Validity
Not Before: Jan 2 12:33:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11d2d972e5283c88207528c5a9b718f40d99c30f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:3d:57:c0:83:4c:97:a6:7d:47:0b:e3:df:27:
99:22:18:57:64:25:23:7a:23:90:4a:16:00:d8:a0:
ab:22:1d:bd:5b:f1:1d:03:ea:5d:09:72:89:32:a6:
2b:35:40:e7:73:a8:81:f9:47:7a:6c:cf:13:24:f6:
37:2e:a7:29:7b:67:61:ca:a9:e2:ea:0a:4e:8d:33:
b5:ed:ed:a3:e8:53:01:08:8f:c4:87:fc:21:87:7a:
21:58:d1:40:ff:b0:a0:80:40:5c:d1:90:47:bc:a5:
0c:16:96:22:b9:01:63:78:93:09:d8:ae:9c:16:72:
da:77:db:3d:23:7f:c2:43:ce:c4:fa:9b:a8:ed:43:
18:c9:59:5b:54:55:b3:b3:bd:34:64:28:6e:27:18:
b1:43:16:4d:e3:8d:cd:eb:75:a8:a9:9a:2c:75:6c:
dd:db:fb:61:b0:cf:5b:b1:62:91:c6:76:4e:c5:dd:
51:7a:f2:fc:65:fb:54:c8:45:6a:a8:1f:9a:53:d8:
52:d9:24:6d:bf:04:6e:25:f1:86:ec:6a:fb:9e:9b:
f9:38:8a:b2:f7:d0:e4:00:9a:c1:62:13:4b:67:28:
d4:73:44:08:1b:32:09:b9:a9:61:cf:cc:ab:a4:b0:
87:85:b0:2c:4d:1f:94:68:41:a0:95:15:91:20:0c:
46:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:D2:D9:72:E5:28:3C:88:20:75:28:C5:A9:B7:18:F4:0D:99:C3:0F
X509v3 Authority Key Identifier:
keyid:27:76:D6:4E:A8:FD:02:8B:68:88:E3:74:55:7B:B9:1F:05:EE:0E:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J3bWTqj9AotoiON0VXu5HwXuDsY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3ed97d-e867-425f-8743-0daed3aa6249/1/EdLZcuUoPIggdSjFqbcY9A2Zww8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/97/3ed97d-e867-425f-8743-0daed3aa6249/1/J3bWTqj9AotoiON0VXu5HwXuDsY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.211.208.0/22
Signature Algorithm: sha256WithRSAEncryption
36:85:ba:ff:a1:06:63:7c:1c:6a:1e:01:48:51:99:2f:90:08:
ff:c5:9c:37:a5:0b:16:82:51:db:02:30:ad:a9:9f:e4:4b:bd:
93:21:28:aa:97:4a:b1:27:d5:ed:ad:66:6f:28:a0:5d:25:5c:
c7:c6:44:9f:95:34:f8:f7:b4:ee:9d:de:16:6f:3b:c0:57:d1:
c4:27:d5:b6:a6:9b:78:67:4c:8f:cc:94:be:34:cc:de:20:ab:
1c:26:e1:93:bf:29:19:d0:62:ca:b4:95:16:a3:f0:d1:39:46:
32:eb:8f:33:4a:83:0d:29:3a:c2:3f:81:79:6c:6c:f4:c9:ea:
7d:ff:35:e8:7d:de:c4:33:79:e8:bc:33:3d:07:a3:26:c3:dd:
09:fe:53:c9:69:ce:2e:22:f9:03:f7:f4:7a:18:1f:e9:85:6b:
db:c9:e2:32:bb:f9:c7:ee:65:4d:e7:cd:a8:73:a6:a8:5c:69:
37:1b:05:6f:0c:0c:3f:29:87:61:45:91:ac:3a:e1:48:7b:00:
70:39:f6:61:47:c5:0f:76:55:11:ea:48:25:5c:b1:b1:f2:f3:
ac:8c:ca:41:9d:7d:f4:d8:65:21:74:dd:74:1f:87:df:e9:bc:
c2:13:dd:17:10:88:f0:36:1c:12:41:e5:df:3f:d2:e3:bb:54:
54:24:d6:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKdQ85iXNIrvl+xYgcgy6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3NzZkNjRlYThmZDAyOGI2ODg4ZTM3NDU1N2JiOTFmMDVl
ZTBlYzYwHhcNMjQwMTAyMTIzMzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWQyZDk3MmU1MjgzYzg4MjA3NTI4YzVhOWI3MThmNDBkOTljMzBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4j1XwINMl6Z9Rwvj3yeZIhhXZCUj
eiOQShYA2KCrIh29W/EdA+pdCXKJMqYrNUDnc6iB+Ud6bM8TJPY3Lqcpe2dhyqni
6gpOjTO17e2j6FMBCI/Eh/whh3ohWNFA/7CggEBc0ZBHvKUMFpYiuQFjeJMJ2K6c
FnLad9s9I3/CQ87E+puo7UMYyVlbVFWzs700ZChuJxixQxZN443N63WoqZosdWzd
2/thsM9bsWKRxnZOxd1RevL8ZftUyEVqqB+aU9hS2SRtvwRuJfGG7Gr7npv5OIqy
99DkAJrBYhNLZyjUc0QIGzIJualhz8yrpLCHhbAsTR+UaEGglRWRIAxGAQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBHS2XLlKDyIIHUoxam3GPQNmcMPMB8GA1UdIwQY
MBaAFCd21k6o/QKLaIjjdFV7uR8F7g7GMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjNiV1RxajlBb3RvaU9OMFZYdTVId1h1RHNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ny8zZWQ5N2QtZTg2Ny00MjVmLTg3NDMt
MGRhZWQzYWE2MjQ5LzEvRWRMWmN1VW9QSWdnZFNqRnFiY1k5QTJad3c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ny8zZWQ5N2QtZTg2Ny00MjVmLTg3NDMtMGRhZWQzYWE2MjQ5
LzEvSjNiV1RxajlBb3RvaU9OMFZYdTVId1h1RHNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW9PQMA0G
CSqGSIb3DQEBCwUAA4IBAQA2hbr/oQZjfBxqHgFIUZkvkAj/xZw3pQsWglHbAjCt
qZ/kS72TISiql0qxJ9XtrWZvKKBdJVzHxkSflTT497Tund4WbzvAV9HEJ9W2ppt4
Z0yPzJS+NMzeIKscJuGTvykZ0GLKtJUWo/DROUYy648zSoMNKTrCP4F5bGz0yep9
/zXofd7EM3novDM9B6Mmw90J/lPJac4uIvkD9/R6GB/phWvbyeIyu/nH7mVN582o
c6aoXGk3GwVvDAw/KYdhRZGsOuFIewBwOfZhR8UPdlUR6kglXLGx8vOsjMpBnX30
2GUhdN10H4ff6bzCE90XEIjwNhwSQeXfP9Lju1RUJNYr
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:45:19 2024 by rpki-client on console-ams.rpki-client.org