Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/ff3618-7032-4143-9374-ba1418d22087/1/eB1yc7PtmvaqSSZ9xwLhBJoNy8g.roa
File: eB1yc7PtmvaqSSZ9xwLhBJoNy8g.roa (raw, json)
Hash identifier: gBPmjAV5pK+2hPTH2Kg2xzlqwu+4lmEZD9l4gTdeJ2E=
Subject key identifier: 78:1D:72:73:B3:ED:9A:F6:AA:49:26:7D:C7:02:E1:04:9A:0D:CB:C8
Certificate issuer: /CN=5ce1aae0c93ad04b7298082b68bf6a54fa68bcf0
Certificate serial: 018CC8DEE7DA2CA98F21B7683311F0387FDF
Authority key identifier: 5C:E1:AA:E0:C9:3A:D0:4B:72:98:08:2B:68:BF:6A:54:FA:68:BC:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XOGq4Mk60EtymAgraL9qVPpovPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/ff3618-7032-4143-9374-ba1418d22087/1/eB1yc7PtmvaqSSZ9xwLhBJoNy8g.roa
Signing time: Tue 02 Jan 2024 06:31:40 +0000
ROA not before: Tue 02 Jan 2024 06:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42831
IP address blocks: 94.136.168.0/22 maxlen: 22
185.75.20.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/ff3618-7032-4143-9374-ba1418d22087/1/XOGq4Mk60EtymAgraL9qVPpovPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/ff3618-7032-4143-9374-ba1418d22087/1/XOGq4Mk60EtymAgraL9qVPpovPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/XOGq4Mk60EtymAgraL9qVPpovPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:e7:da:2c:a9:8f:21:b7:68:33:11:f0:38:7f:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ce1aae0c93ad04b7298082b68bf6a54fa68bcf0
Validity
Not Before: Jan 2 06:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=781d7273b3ed9af6aa49267dc702e1049a0dcbc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:7d:3c:e1:b4:df:e1:52:ab:6e:77:3f:35:08:
3f:98:b4:56:32:be:0e:ad:c0:7b:f5:c4:51:0e:a6:
7f:6c:46:e1:69:6a:e4:90:78:9a:92:2d:20:34:d7:
f9:e7:c1:e6:05:a9:93:9e:1c:cf:3e:7b:01:fa:7e:
be:3c:e8:90:58:1b:80:88:d9:13:a3:b0:b4:c8:24:
7c:ee:80:51:7c:8b:e8:aa:07:af:e1:00:40:d3:aa:
62:3f:19:a0:9c:df:9c:02:f8:65:e7:11:15:1d:80:
44:1d:69:17:2f:cb:4e:7e:da:65:4a:37:c5:36:0a:
1c:ba:79:db:cb:af:d4:54:31:b9:bf:c1:7a:07:a3:
d8:84:20:c7:16:54:95:17:2e:6b:a2:f2:26:bf:61:
c4:53:e3:e4:88:d5:91:65:36:07:d9:2a:d7:d1:6d:
e0:aa:24:5e:81:49:cb:6d:09:c7:8d:7d:58:b0:8d:
a8:3c:54:27:0c:79:6b:ad:8a:a9:56:ca:ba:c7:3f:
98:dd:c2:fe:36:7e:c3:59:28:fc:6a:1c:63:8a:9b:
5c:6a:93:d0:83:d7:48:1a:ae:70:74:9c:3f:3f:43:
14:99:99:0b:81:37:17:22:0a:0e:9c:73:12:2c:a7:
9d:c6:6b:b9:48:31:f4:0c:dc:ff:d7:6e:08:95:bb:
70:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:1D:72:73:B3:ED:9A:F6:AA:49:26:7D:C7:02:E1:04:9A:0D:CB:C8
X509v3 Authority Key Identifier:
keyid:5C:E1:AA:E0:C9:3A:D0:4B:72:98:08:2B:68:BF:6A:54:FA:68:BC:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XOGq4Mk60EtymAgraL9qVPpovPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ff3618-7032-4143-9374-ba1418d22087/1/eB1yc7PtmvaqSSZ9xwLhBJoNy8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/ff3618-7032-4143-9374-ba1418d22087/1/XOGq4Mk60EtymAgraL9qVPpovPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.136.168.0/22
185.75.20.0/23
Signature Algorithm: sha256WithRSAEncryption
5e:85:c1:31:d2:ca:84:f4:6f:f1:10:94:cf:c5:3e:03:4f:59:
a1:cb:c7:58:25:4b:20:18:9e:93:a8:fe:9e:3d:6d:c7:4a:e0:
28:e9:61:b0:a6:ee:a3:95:21:06:25:4b:b4:fe:6f:6b:04:53:
51:d5:e0:2e:63:2f:da:d7:1a:1a:2e:83:48:a7:80:7e:49:92:
95:d7:69:d8:58:3b:25:a3:43:13:2c:39:34:75:1a:d9:2d:7e:
55:48:c6:fa:94:84:40:5c:e4:93:5c:fd:94:67:00:00:be:da:
89:bf:36:60:f3:62:a6:dd:60:93:2b:45:6f:d1:7f:a9:09:d7:
50:5f:4c:43:cb:0c:a8:cd:31:23:91:11:c8:d7:7d:6d:ca:d7:
6c:b6:44:be:de:9b:0e:d6:e6:5c:29:8e:80:17:7d:b1:0b:a3:
5f:57:5e:20:15:09:76:72:00:93:a8:28:5d:b1:c9:d1:df:e4:
01:80:1a:b2:10:5d:43:b0:bc:0a:12:e7:c9:66:15:9f:04:43:
6a:e3:bd:f9:f3:90:ea:ba:15:36:b2:96:cc:bd:9e:2d:c0:75:
14:7b:cc:13:54:88:95:aa:00:5e:c7:9e:e0:21:78:66:2f:93:
03:ad:55:7c:ac:f7:95:9a:0a:de:bf:08:66:2a:05:72:dc:61:
a7:43:50:1a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI3ufaLKmPIbdoMxHwOH/fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZTFhYWUwYzkzYWQwNGI3Mjk4MDgyYjY4YmY2YTU0ZmE2
OGJjZjAwHhcNMjQwMTAyMDYzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODFkNzI3M2IzZWQ5YWY2YWE0OTI2N2RjNzAyZTEwNDlhMGRjYmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0n084bTf4VKrbnc/NQg/mLRWMr4O
rcB79cRRDqZ/bEbhaWrkkHiaki0gNNf558HmBamTnhzPPnsB+n6+POiQWBuAiNkT
o7C0yCR87oBRfIvoqgev4QBA06piPxmgnN+cAvhl5xEVHYBEHWkXL8tOftplSjfF
Ngocunnby6/UVDG5v8F6B6PYhCDHFlSVFy5rovImv2HEU+PkiNWRZTYH2SrX0W3g
qiRegUnLbQnHjX1YsI2oPFQnDHlrrYqpVsq6xz+Y3cL+Nn7DWSj8ahxjiptcapPQ
g9dIGq5wdJw/P0MUmZkLgTcXIgoOnHMSLKedxmu5SDH0DNz/124IlbtwdQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHgdcnOz7Zr2qkkmfccC4QSaDcvIMB8GA1UdIwQY
MBaAFFzhquDJOtBLcpgIK2i/alT6aLzwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWE9HcTRNazYwRXR5bUFncmFMOXFWUHBvdlBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi9mZjM2MTgtNzAzMi00MTQzLTkzNzQt
YmExNDE4ZDIyMDg3LzEvZUIxeWM3UHRtdmFxU1NaOXh3TGhCSm9OeThnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi9mZjM2MTgtNzAzMi00MTQzLTkzNzQtYmExNDE4ZDIyMDg3
LzEvWE9HcTRNazYwRXR5bUFncmFMOXFWUHBvdlBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXoioAwQB
uUsUMA0GCSqGSIb3DQEBCwUAA4IBAQBehcEx0sqE9G/xEJTPxT4DT1mhy8dYJUsg
GJ6TqP6ePW3HSuAo6WGwpu6jlSEGJUu0/m9rBFNR1eAuYy/a1xoaLoNIp4B+SZKV
12nYWDslo0MTLDk0dRrZLX5VSMb6lIRAXOSTXP2UZwAAvtqJvzZg82Km3WCTK0Vv
0X+pCddQX0xDywyozTEjkRHI131tytdstkS+3psO1uZcKY6AF32xC6NfV14gFQl2
cgCTqChdscnR3+QBgBqyEF1DsLwKEufJZhWfBENq473585DquhU2spbMvZ4twHUU
e8wTVIiVqgBex57gIXhmL5MDrVV8rPeVmgrevwhmKgVy3GGnQ1Aa
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:42:52 2024 by rpki-client on console-fra.rpki-client.org