Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/SCOt6wiz2C7moE4pqB9RU97IoXI.roa
File: SCOt6wiz2C7moE4pqB9RU97IoXI.roa (raw, json)
Hash identifier: 8NuTGJNe6mWHUATbwh22g5IOMQ+9KpBl6Z8eUIPrs+c=
Subject key identifier: 48:23:AD:EB:08:B3:D8:2E:E6:A0:4E:29:A8:1F:51:53:DE:C8:A1:72
Certificate issuer: /CN=e15136feff3574ef9b2262de59b06a21908fab3e
Certificate serial: 018CC3B67702BB3CB73735D3FBD0433B6C96
Authority key identifier: E1:51:36:FE:FF:35:74:EF:9B:22:62:DE:59:B0:6A:21:90:8F:AB:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/SCOt6wiz2C7moE4pqB9RU97IoXI.roa
Signing time: Mon 01 Jan 2024 06:29:24 +0000
ROA not before: Mon 01 Jan 2024 06:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49801
IP address blocks: 78.111.5.0/24 maxlen: 24
78.111.6.0/24 maxlen: 24
87.247.172.0/23 maxlen: 23
87.247.168.0/21 maxlen: 21
87.247.173.0/24 maxlen: 24
2a10:a440::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:77:02:bb:3c:b7:37:35:d3:fb:d0:43:3b:6c:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e15136feff3574ef9b2262de59b06a21908fab3e
Validity
Not Before: Jan 1 06:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4823adeb08b3d82ee6a04e29a81f5153dec8a172
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:6f:48:b1:cb:ce:c7:6b:7b:f7:6c:64:9d:f2:
82:1f:b0:77:8f:93:06:9a:f8:a2:e3:1f:bb:ef:50:
6a:40:8f:37:58:8a:aa:fc:4d:ce:9d:c2:09:62:1f:
e9:a3:c9:4d:4e:7c:ac:d1:51:9a:02:a9:28:d8:f8:
cd:62:1b:74:6d:52:84:95:ac:9f:a7:23:a0:31:c2:
e8:92:e8:33:f7:2d:10:ac:df:fe:92:92:3c:35:51:
34:e3:f6:a6:de:31:85:64:d2:88:97:84:52:7b:96:
6c:25:9b:06:c1:aa:60:51:a8:3b:c3:97:24:de:25:
d3:46:e5:6d:f0:f0:fd:ff:6c:fa:bd:de:5a:af:e4:
12:dd:9b:38:72:c3:14:48:8a:6c:d1:57:a5:57:16:
c9:5b:ed:03:8c:2a:a8:c5:5e:c0:be:5a:9c:2a:da:
d0:ae:3c:bd:91:a5:88:57:b6:b0:42:ce:e0:e3:51:
f9:cc:cd:76:0c:a2:04:27:68:0e:f9:9f:04:39:bf:
88:2e:40:17:0d:ae:2f:1f:a7:f7:91:86:32:8c:ce:
71:fb:eb:16:56:5b:e1:cc:b3:00:d3:2b:56:03:73:
c4:8a:f5:41:b6:87:c8:f0:79:6d:d7:72:ef:13:ca:
de:8b:7a:7f:8a:98:1b:62:98:61:88:88:82:18:9c:
91:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:23:AD:EB:08:B3:D8:2E:E6:A0:4E:29:A8:1F:51:53:DE:C8:A1:72
X509v3 Authority Key Identifier:
keyid:E1:51:36:FE:FF:35:74:EF:9B:22:62:DE:59:B0:6A:21:90:8F:AB:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4VE2_v81dO-bImLeWbBqIZCPqz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/SCOt6wiz2C7moE4pqB9RU97IoXI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/1e09a6-695b-402e-9bfc-041312242ff3/1/4VE2_v81dO-bImLeWbBqIZCPqz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.111.5.0-78.111.6.255
87.247.168.0/21
IPv6:
2a10:a440::/29
Signature Algorithm: sha256WithRSAEncryption
20:a7:69:c5:a0:3e:e7:a9:de:1d:a7:65:ce:b7:8f:9b:28:83:
2d:ce:16:ba:67:c3:a6:10:96:18:14:c8:ad:5d:47:42:c5:fd:
34:c4:f1:bf:cc:43:45:bc:1f:9b:ce:8e:01:c8:a5:28:2a:75:
71:49:b6:fe:74:36:b2:b4:f7:6a:e3:8f:5d:56:b7:5c:79:20:
29:c6:38:f7:1f:18:6f:53:6e:57:97:dc:51:7b:7e:ff:3b:93:
eb:aa:e8:b1:1f:7f:3d:87:f5:a4:e3:0a:59:c6:f9:05:21:65:
65:e9:62:35:32:64:24:8d:8e:b1:81:03:16:d9:f3:ac:a1:e2:
64:26:46:e4:a1:3e:de:84:fa:e0:f8:00:6f:b2:56:85:71:50:
b8:6c:2c:23:d4:b8:86:af:30:63:55:d1:4f:5a:3d:f0:66:ba:
db:75:a0:78:75:51:18:eb:c4:c9:18:a7:8e:15:35:c5:b8:c1:
e6:51:f9:98:ae:29:ea:fa:d5:e4:1e:b2:34:60:89:d6:ef:14:
1e:fb:66:1a:c0:bb:d5:0d:df:be:66:d9:63:e6:bb:8d:4a:02:
db:25:25:e7:cd:0a:82:2c:aa:5b:c7:d4:01:2b:e5:17:b3:a1:
c3:2a:96:f9:5c:4c:f8:89:f6:9b:f6:14:9b:36:be:44:83:3b:
a6:0d:90:0d
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzDtncCuzy3NzXT+9BDO2yWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxNTEzNmZlZmYzNTc0ZWY5YjIyNjJkZTU5YjA2YTIxOTA4
ZmFiM2UwHhcNMjQwMTAxMDYyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ODIzYWRlYjA4YjNkODJlZTZhMDRlMjlhODFmNTE1M2RlYzhhMTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyW9IscvOx2t792xknfKCH7B3j5MG
mvii4x+771BqQI83WIqq/E3OncIJYh/po8lNTnys0VGaAqko2PjNYht0bVKElayf
pyOgMcLokugz9y0QrN/+kpI8NVE04/am3jGFZNKIl4RSe5ZsJZsGwapgUag7w5ck
3iXTRuVt8PD9/2z6vd5ar+QS3Zs4csMUSIps0VelVxbJW+0DjCqoxV7AvlqcKtrQ
rjy9kaWIV7awQs7g41H5zM12DKIEJ2gO+Z8EOb+ILkAXDa4vH6f3kYYyjM5x++sW
VlvhzLMA0ytWA3PEivVBtofI8Hlt13LvE8rei3p/ipgbYphhiIiCGJyRkwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFEgjresIs9gu5qBOKagfUVPeyKFyMB8GA1UdIwQY
MBaAFOFRNv7/NXTvmyJi3lmwaiGQj6s+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFZFMl92ODFkTy1iSW1MZVdiQnFJWkNQcXo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy8xZTA5YTYtNjk1Yi00MDJlLTliZmMt
MDQxMzEyMjQyZmYzLzEvU0NPdDZ3aXoyQzdtb0U0cHFCOVJVOTdJb1hJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy8xZTA5YTYtNjk1Yi00MDJlLTliZmMtMDQxMzEyMjQyZmYz
LzEvNFZFMl92ODFkTy1iSW1MZVdiQnFJWkNQcXo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBABObwUD
BABObwYDBANX96gwDQQCAAIwBwMFAyoQpEAwDQYJKoZIhvcNAQELBQADggEBACCn
acWgPuep3h2nZc63j5sogy3OFrpnw6YQlhgUyK1dR0LF/TTE8b/MQ0W8H5vOjgHI
pSgqdXFJtv50NrK092rjj11Wt1x5ICnGOPcfGG9TbleX3FF7fv87k+uq6LEffz2H
9aTjClnG+QUhZWXpYjUyZCSNjrGBAxbZ86yh4mQmRuShPt6E+uD4AG+yVoVxULhs
LCPUuIavMGNV0U9aPfBmutt1oHh1URjrxMkYp44VNcW4weZR+ZiuKer61eQesjRg
idbvFB77ZhrAu9UN375m2WPmu41KAtslJefNCoIsqlvH1AEr5RezocMqlvlcTPiJ
9pv2FJs2vkSDO6YNkA0=
-----END CERTIFICATE-----
Generated at Fri May 17 11:02:29 2024 by rpki-client on console-fra.rpki-client.org