Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/eyb9WMGGMfI97ol7Y_AEWpf2HWg.roa
File: eyb9WMGGMfI97ol7Y_AEWpf2HWg.roa (raw, json)
Hash identifier: VTZTA+PmpEkq+waDAMXCQjHMPg09hN+phzURPEMy+EA=
Subject key identifier: 7B:26:FD:58:C1:86:31:F2:3D:EE:89:7B:63:F0:04:5A:97:F6:1D:68
Certificate issuer: /CN=91d8c32a703972aaea093a01f8dedf57f9675575
Certificate serial: 018CC3B6FC4EC939092D09BEA59E06914B1F
Authority key identifier: 91:D8:C3:2A:70:39:72:AA:EA:09:3A:01:F8:DE:DF:57:F9:67:55:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kdjDKnA5cqrqCToB-N7fV_lnVXU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/eyb9WMGGMfI97ol7Y_AEWpf2HWg.roa
Signing time: Mon 01 Jan 2024 06:29:58 +0000
ROA not before: Mon 01 Jan 2024 06:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24730
IP address blocks: 81.23.224.0/20 maxlen: 20
81.173.4.0/24 maxlen: 24
81.173.124.0/24 maxlen: 24
185.236.176.0/22 maxlen: 22
2001:15b8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/kdjDKnA5cqrqCToB-N7fV_lnVXU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/kdjDKnA5cqrqCToB-N7fV_lnVXU.mft
rsync://rpki.ripe.net/repository/DEFAULT/kdjDKnA5cqrqCToB-N7fV_lnVXU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:fc:4e:c9:39:09:2d:09:be:a5:9e:06:91:4b:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=91d8c32a703972aaea093a01f8dedf57f9675575
Validity
Not Before: Jan 1 06:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b26fd58c18631f23dee897b63f0045a97f61d68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6d:88:ff:41:0c:97:c8:76:a8:72:35:93:ac:
6f:4d:a1:8e:13:a4:4f:33:22:4d:59:9d:fe:19:3e:
c4:59:1e:da:5e:1b:4e:9d:74:6b:2e:77:b0:20:70:
58:17:1c:23:96:96:c6:ed:19:c3:dc:1a:b5:3d:d6:
3d:53:d2:58:19:12:1a:18:80:e9:9e:69:63:c7:07:
33:b6:3e:02:03:6f:ec:e5:45:27:bc:d9:90:62:f6:
3d:c6:9a:af:ce:3c:ef:4e:41:25:a3:85:7e:48:8b:
03:9e:af:40:b4:cb:c3:af:3c:b0:4e:43:31:05:29:
4d:1f:64:9d:07:6c:ae:4a:2b:f6:6f:81:4f:04:13:
4e:0f:4c:b6:b0:1a:d8:19:87:35:47:90:fa:97:c9:
4d:32:87:7c:5c:2b:26:22:35:f8:ce:8d:4b:3a:db:
f2:b3:1d:3f:0c:5a:1b:2a:9c:a5:89:2c:fd:a8:14:
2a:32:f9:df:65:dd:02:17:76:d1:50:0b:8e:70:c6:
33:ed:8c:44:d9:78:05:d3:e3:bd:d4:6c:64:dd:13:
50:5a:cb:11:11:e8:3c:df:ad:33:13:1a:c2:3e:70:
8d:52:2d:6d:15:cf:0b:69:e7:da:54:ce:c2:e5:ab:
a3:bc:a8:a9:8d:59:a7:4d:ba:bc:28:c9:d0:05:d3:
e6:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:26:FD:58:C1:86:31:F2:3D:EE:89:7B:63:F0:04:5A:97:F6:1D:68
X509v3 Authority Key Identifier:
keyid:91:D8:C3:2A:70:39:72:AA:EA:09:3A:01:F8:DE:DF:57:F9:67:55:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kdjDKnA5cqrqCToB-N7fV_lnVXU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/eyb9WMGGMfI97ol7Y_AEWpf2HWg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/4e816d-d8ec-437c-986a-3c12781e202d/1/kdjDKnA5cqrqCToB-N7fV_lnVXU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.23.224.0/20
81.173.4.0/24
81.173.124.0/24
185.236.176.0/22
IPv6:
2001:15b8::/32
Signature Algorithm: sha256WithRSAEncryption
3a:c7:17:81:7d:fe:d3:c2:5e:30:68:b6:ac:6f:b0:56:b6:00:
66:be:12:48:81:8c:e3:d5:53:3f:e5:96:38:f2:5c:6d:c7:c0:
12:b2:de:8c:3a:ee:20:27:44:5b:51:71:41:f1:ab:50:38:b2:
00:62:45:47:e4:bf:4f:6e:13:44:5c:47:b4:24:f6:86:f5:e2:
86:66:3a:fd:89:36:80:19:61:be:0d:df:09:d1:a3:1c:36:f6:
23:f4:1d:82:79:f0:8b:18:0f:58:ff:05:9e:75:ab:7d:f4:a8:
46:d0:2e:f0:55:f3:82:ed:88:9e:d8:60:35:65:e6:93:cf:c2:
7b:0b:7b:f9:5e:5b:d0:9b:9a:27:2b:45:95:06:37:dd:07:57:
e8:46:45:60:be:f5:87:53:cf:e8:ff:9f:dc:4f:44:47:b4:a4:
99:14:5a:9d:78:f9:2b:d7:40:23:d9:24:ed:6c:19:18:f0:04:
f5:85:97:bc:cb:5c:df:d9:24:cb:85:db:e3:1c:08:d2:ce:60:
9c:28:92:9d:eb:b5:c3:d5:ad:4d:53:f4:8c:1d:9b:bc:e7:ca:
7c:94:91:02:aa:f8:d0:ef:21:2b:4c:a0:38:f8:66:c2:17:79:
73:c7:c6:c6:01:f5:79:93:79:71:34:37:a5:ee:03:08:77:39:
36:3b:16:53
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDtvxOyTkJLQm+pZ4GkUsfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxZDhjMzJhNzAzOTcyYWFlYTA5M2EwMWY4ZGVkZjU3Zjk2
NzU1NzUwHhcNMjQwMTAxMDYyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjI2ZmQ1OGMxODYzMWYyM2RlZTg5N2I2M2YwMDQ1YTk3ZjYxZDY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhG2I/0EMl8h2qHI1k6xvTaGOE6RP
MyJNWZ3+GT7EWR7aXhtOnXRrLnewIHBYFxwjlpbG7RnD3Bq1PdY9U9JYGRIaGIDp
nmljxwcztj4CA2/s5UUnvNmQYvY9xpqvzjzvTkElo4V+SIsDnq9AtMvDrzywTkMx
BSlNH2SdB2yuSiv2b4FPBBNOD0y2sBrYGYc1R5D6l8lNMod8XCsmIjX4zo1LOtvy
sx0/DFobKpyliSz9qBQqMvnfZd0CF3bRUAuOcMYz7YxE2XgF0+O91Gxk3RNQWssR
Eeg8360zExrCPnCNUi1tFc8LaefaVM7C5aujvKipjVmnTbq8KMnQBdPmFQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFHsm/VjBhjHyPe6Je2PwBFqX9h1oMB8GA1UdIwQY
MBaAFJHYwypwOXKq6gk6Afje31f5Z1V1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2RqREtuQTVjcXJxQ1RvQi1ON2ZWX2xuVlhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC80ZTgxNmQtZDhlYy00MzdjLTk4NmEt
M2MxMjc4MWUyMDJkLzEvZXliOVdNR0dNZkk5N29sN1lfQUVXcGYySFdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC80ZTgxNmQtZDhlYy00MzdjLTk4NmEtM2MxMjc4MWUyMDJk
LzEva2RqREtuQTVjcXJxQ1RvQi1ON2ZWX2xuVlhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEURfgAwQA
Ua0EAwQAUa18AwQCueywMA0EAgACMAcDBQAgARW4MA0GCSqGSIb3DQEBCwUAA4IB
AQA6xxeBff7Twl4waLasb7BWtgBmvhJIgYzj1VM/5ZY48lxtx8ASst6MOu4gJ0Rb
UXFB8atQOLIAYkVH5L9PbhNEXEe0JPaG9eKGZjr9iTaAGWG+Dd8J0aMcNvYj9B2C
efCLGA9Y/wWedat99KhG0C7wVfOC7Yie2GA1ZeaTz8J7C3v5XlvQm5onK0WVBjfd
B1foRkVgvvWHU8/o/5/cT0RHtKSZFFqdePkr10Aj2STtbBkY8AT1hZe8y1zf2STL
hdvjHAjSzmCcKJKd67XD1a1NU/SMHZu858p8lJECqvjQ7yErTKA4+GbCF3lzx8bG
AfV5k3lxNDel7gMIdzk2OxZT
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:51:31 2024 by rpki-client on console-fra.rpki-client.org