Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/ePVOcURw0mWxmfgbJo7vDWD_1b8.roa
File: ePVOcURw0mWxmfgbJo7vDWD_1b8.roa (raw, json)
Hash identifier: qF7cYQre3Vc2h+ejsMV5qthZ19wVsBnq1cxhwdc4fpA=
Subject key identifier: 78:F5:4E:71:44:70:D2:65:B1:99:F8:1B:26:8E:EF:0D:60:FF:D5:BF
Certificate issuer: /CN=e4cc76e3b5477ffd42a0fe4b8c783aad2f96fe70
Certificate serial: 018FC7388A6AA6F7C6273D4D10E0E41EF9F2
Authority key identifier: E4:CC:76:E3:B5:47:7F:FD:42:A0:FE:4B:8C:78:3A:AD:2F:96:FE:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5Mx247VHf_1CoP5LjHg6rS-W_nA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/ePVOcURw0mWxmfgbJo7vDWD_1b8.roa
Signing time: Thu 30 May 2024 01:58:42 +0000
ROA not before: Thu 30 May 2024 01:58:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202423
IP address blocks: 185.149.194.0/24 maxlen: 24
193.0.178.0/24 maxlen: 24
193.0.179.0/24 maxlen: 24
2a0b:9080::/48 maxlen: 48
2a0b:9080:1::/48 maxlen: 48
2a0b:9080:2::/48 maxlen: 48
2a0b:9080:3::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/5Mx247VHf_1CoP5LjHg6rS-W_nA.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/5Mx247VHf_1CoP5LjHg6rS-W_nA.mft
rsync://rpki.ripe.net/repository/DEFAULT/5Mx247VHf_1CoP5LjHg6rS-W_nA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c7:38:8a:6a:a6:f7:c6:27:3d:4d:10:e0:e4:1e:f9:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4cc76e3b5477ffd42a0fe4b8c783aad2f96fe70
Validity
Not Before: May 30 01:58:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78f54e714470d265b199f81b268eef0d60ffd5bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:94:b5:79:3c:1d:09:40:50:c0:f1:bc:6d:2c:
67:ef:5d:fd:7d:ba:e4:b9:66:20:ea:21:4b:4a:b7:
c1:66:28:fc:b0:ac:45:4c:ae:7a:f0:9c:e7:17:a9:
e9:31:88:65:ec:f1:36:1a:a5:2c:ac:ed:97:87:80:
4a:96:ee:64:a9:37:cf:e8:a7:a4:08:2b:7b:8a:ac:
11:87:44:a0:1f:67:cf:1a:7e:9e:bf:e5:88:b6:3f:
89:54:04:42:60:da:39:ef:04:32:0f:63:41:82:af:
6c:89:db:a2:58:c8:4a:d5:b5:7d:d0:ea:de:39:64:
43:da:3b:ff:99:f0:b4:57:6f:60:6f:fc:de:34:0b:
9e:a7:72:6b:52:0e:fe:30:9b:8e:e4:00:a4:ae:2c:
d5:f6:65:4c:de:97:1d:51:03:7a:06:61:b9:44:d6:
33:93:65:18:29:92:79:f9:12:a5:b5:88:4b:0a:a0:
0e:b7:26:18:da:73:7d:1e:55:1a:79:22:c5:3c:4c:
e4:0d:69:cc:04:df:62:6d:80:fd:f8:00:80:5d:b5:
d6:5b:b4:8d:c5:47:b9:6e:ef:8b:67:e6:50:e5:1b:
c0:a6:3e:82:cb:8f:bf:f0:84:a3:8b:72:f8:3b:76:
1b:9f:bf:9a:fd:1a:5d:ce:fb:be:99:69:75:f3:52:
fd:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:F5:4E:71:44:70:D2:65:B1:99:F8:1B:26:8E:EF:0D:60:FF:D5:BF
X509v3 Authority Key Identifier:
keyid:E4:CC:76:E3:B5:47:7F:FD:42:A0:FE:4B:8C:78:3A:AD:2F:96:FE:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5Mx247VHf_1CoP5LjHg6rS-W_nA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/ePVOcURw0mWxmfgbJo7vDWD_1b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/5f8881-8a44-4842-8009-1165d1d1564f/1/5Mx247VHf_1CoP5LjHg6rS-W_nA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.194.0/24
193.0.178.0/23
IPv6:
2a0b:9080::/46
Signature Algorithm: sha256WithRSAEncryption
2b:58:48:13:61:18:6f:fa:af:37:e9:88:39:f0:58:73:7d:e5:
9b:83:b0:07:90:19:f1:a8:02:c1:20:55:7b:f7:3b:5d:bb:c3:
5e:06:44:af:ee:a9:7c:2b:67:f7:5d:89:91:92:64:1a:6d:02:
a3:d9:eb:f5:40:43:0c:51:66:73:8b:75:d9:db:ec:44:2b:89:
3c:4d:c7:a3:7e:66:c0:98:3f:ed:87:21:1e:c9:20:31:da:24:
9f:c3:5b:a0:2e:ce:48:78:0f:55:7d:c2:4f:7b:fd:a8:ad:8e:
96:97:44:58:19:de:b8:2f:2e:80:ef:af:5c:f3:51:a2:b8:3a:
e7:a2:cc:d5:b6:56:f3:95:fd:a6:cc:5e:19:aa:81:7f:b9:0c:
1e:83:3c:84:dc:b8:6c:39:f3:b0:e5:83:e2:d4:c4:d6:05:48:
a6:82:02:51:41:b0:85:a5:6a:4f:de:a7:48:89:ec:1f:b1:4d:
64:33:3b:b9:39:a6:d8:6a:a2:51:95:91:44:37:cc:3d:6a:55:
1c:9a:71:0f:0b:05:cb:41:79:5d:80:10:8d:86:02:ea:54:4a:
ee:c3:b1:d0:d5:29:6e:55:4a:67:fa:7c:00:04:74:e8:03:db:
b0:a9:33:10:4d:b8:01:23:5b:2e:7a:3b:8d:e1:c1:a2:6f:ab:
a8:56:0b:b4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAY/HOIpqpvfGJz1NEODkHvnyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0Y2M3NmUzYjU0NzdmZmQ0MmEwZmU0YjhjNzgzYWFkMmY5
NmZlNzAwHhcNMjQwNTMwMDE1ODQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGY1NGU3MTQ0NzBkMjY1YjE5OWY4MWIyNjhlZWYwZDYwZmZkNWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ZS1eTwdCUBQwPG8bSxn7139fbrk
uWYg6iFLSrfBZij8sKxFTK568JznF6npMYhl7PE2GqUsrO2Xh4BKlu5kqTfP6Kek
CCt7iqwRh0SgH2fPGn6ev+WItj+JVARCYNo57wQyD2NBgq9siduiWMhK1bV90Ore
OWRD2jv/mfC0V29gb/zeNAuep3JrUg7+MJuO5ACkrizV9mVM3pcdUQN6BmG5RNYz
k2UYKZJ5+RKltYhLCqAOtyYY2nN9HlUaeSLFPEzkDWnMBN9ibYD9+ACAXbXWW7SN
xUe5bu+LZ+ZQ5RvApj6Cy4+/8ISji3L4O3Ybn7+a/Rpdzvu+mWl181L9JwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHj1TnFEcNJlsZn4GyaO7w1g/9W/MB8GA1UdIwQY
MBaAFOTMduO1R3/9QqD+S4x4Oq0vlv5wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNU14MjQ3VkhmXzFDb1A1TGpIZzZyUy1XX25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi81Zjg4ODEtOGE0NC00ODQyLTgwMDkt
MTE2NWQxZDE1NjRmLzEvZVBWT2NVUncwbVd4bWZnYkpvN3ZEV0RfMWI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi81Zjg4ODEtOGE0NC00ODQyLTgwMDktMTE2NWQxZDE1NjRm
LzEvNU14MjQ3VkhmXzFDb1A1TGpIZzZyUy1XX25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAuZXCAwQB
wQCyMA8EAgACMAkDBwIqC5CAAAAwDQYJKoZIhvcNAQELBQADggEBACtYSBNhGG/6
rzfpiDnwWHN95ZuDsAeQGfGoAsEgVXv3O127w14GRK/uqXwrZ/ddiZGSZBptAqPZ
6/VAQwxRZnOLddnb7EQriTxNx6N+ZsCYP+2HIR7JIDHaJJ/DW6Auzkh4D1V9wk97
/aitjpaXRFgZ3rgvLoDvr1zzUaK4OueizNW2VvOV/abMXhmqgX+5DB6DPITcuGw5
87Dlg+LUxNYFSKaCAlFBsIWlak/ep0iJ7B+xTWQzO7k5pthqolGVkUQ3zD1qVRya
cQ8LBctBeV2AEI2GAupUSu7DsdDVKW5VSmf6fAAEdOgD27CpMxBNuAEjWy56O43h
waJvq6hWC7Q=
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:04:15 2024 by rpki-client on console-fra.rpki-client.org