Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/f6a579-244c-4610-bbea-24c626e7f520/1/eXJsvIMRzCBvweK-8EuNyX77t5Q.roa
File: eXJsvIMRzCBvweK-8EuNyX77t5Q.roa (raw, json)
Hash identifier: nOutuXW40VY0AmmJ0f/OAiD+Vy5peuxfOnhiSSTX27M=
Subject key identifier: 79:72:6C:BC:83:11:CC:20:6F:C1:E2:BE:F0:4B:8D:C9:7E:FB:B7:94
Certificate issuer: /CN=77517aaf48f669a0bec8ec6ac8682b4c124e6d30
Certificate serial: 0191986C09753B84EBC314BBF0DE12D74326
Authority key identifier: 77:51:7A:AF:48:F6:69:A0:BE:C8:EC:6A:C8:68:2B:4C:12:4E:6D:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d1F6r0j2aaC-yOxqyGgrTBJObTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/f6a579-244c-4610-bbea-24c626e7f520/1/eXJsvIMRzCBvweK-8EuNyX77t5Q.roa
Signing time: Wed 28 Aug 2024 09:58:22 +0000
ROA not before: Wed 28 Aug 2024 09:58:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33806
IP address blocks: 178.212.255.0/24 maxlen: 24
188.191.128.0/24 maxlen: 24
188.191.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/f6a579-244c-4610-bbea-24c626e7f520/1/d1F6r0j2aaC-yOxqyGgrTBJObTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/f6a579-244c-4610-bbea-24c626e7f520/1/d1F6r0j2aaC-yOxqyGgrTBJObTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/d1F6r0j2aaC-yOxqyGgrTBJObTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:98:6c:09:75:3b:84:eb:c3:14:bb:f0:de:12:d7:43:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77517aaf48f669a0bec8ec6ac8682b4c124e6d30
Validity
Not Before: Aug 28 09:58:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79726cbc8311cc206fc1e2bef04b8dc97efbb794
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ea:64:48:96:f7:9b:c1:a7:9b:20:d7:ec:8e:
7b:db:10:78:31:d9:09:e7:e2:e8:0e:ae:d2:dd:76:
2c:42:10:cf:08:e9:5b:54:f4:86:f3:9d:80:75:c6:
45:86:e0:2d:30:9a:6d:27:95:fe:f3:ff:48:b5:79:
7d:47:0b:11:ba:7f:f6:64:e5:ac:e6:da:aa:69:6b:
08:05:32:44:0b:17:ca:2d:c6:6b:cc:c5:10:ef:c4:
64:e3:06:da:71:b5:2d:fc:6f:10:aa:32:54:bb:9d:
4a:ad:71:6c:41:ae:ac:10:25:9a:8b:89:bc:78:cb:
c6:06:ba:d6:b7:94:68:48:e6:0b:c2:79:2a:c5:2a:
5c:2d:5e:b0:6a:b7:99:26:51:42:06:fa:0e:ad:c1:
16:9b:4b:fa:91:b7:5b:2b:86:52:e5:1d:49:d4:77:
77:77:ff:26:19:49:de:28:59:5e:c1:d1:4c:19:45:
6a:f7:ef:19:4e:f7:c7:f6:ec:a4:2e:ef:01:2c:e6:
5a:dd:2c:16:1a:e5:7e:a4:f7:41:de:6a:8b:74:e7:
5d:80:ef:75:ad:ca:12:2a:ef:b1:79:1b:17:f3:5f:
fe:65:dd:8e:d1:39:d3:57:15:82:83:a1:f2:b1:32:
78:63:3e:22:58:8f:6e:c2:2f:0f:b9:5a:ba:8f:0b:
cd:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:72:6C:BC:83:11:CC:20:6F:C1:E2:BE:F0:4B:8D:C9:7E:FB:B7:94
X509v3 Authority Key Identifier:
keyid:77:51:7A:AF:48:F6:69:A0:BE:C8:EC:6A:C8:68:2B:4C:12:4E:6D:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d1F6r0j2aaC-yOxqyGgrTBJObTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f6a579-244c-4610-bbea-24c626e7f520/1/eXJsvIMRzCBvweK-8EuNyX77t5Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/f6a579-244c-4610-bbea-24c626e7f520/1/d1F6r0j2aaC-yOxqyGgrTBJObTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.212.255.0/24
188.191.128.0/23
Signature Algorithm: sha256WithRSAEncryption
0a:72:35:85:07:5a:4e:4a:19:b1:8f:53:e1:3b:be:a0:98:aa:
0e:85:ea:88:4b:83:99:b2:37:2b:47:cd:a3:2e:ae:ab:22:85:
79:84:39:4d:15:cd:68:42:8a:38:c1:50:7f:78:db:a0:c5:c1:
99:a1:09:f0:91:b1:19:6b:4d:7a:15:83:24:f3:c8:78:51:e4:
6d:42:6d:f7:d0:26:45:bc:b9:ac:9f:65:39:be:34:0a:21:24:
e4:5c:2f:7d:5c:b6:88:07:69:b9:1a:22:bc:10:40:db:37:87:
03:8e:db:00:4f:6b:6c:25:9a:40:73:98:8a:47:ec:86:ae:34:
01:83:d4:c4:91:40:0d:45:67:e1:bb:99:4c:be:34:e0:6a:4b:
59:b2:5a:ab:e7:cc:97:41:4b:7f:a1:ac:67:47:33:32:32:40:
2f:3d:f2:b4:ba:2c:c5:1e:4f:33:46:9d:b4:8b:1b:15:26:a7:
97:95:c8:93:84:53:ab:43:49:cc:a7:e8:c0:a7:fa:96:c2:1d:
d1:8d:b4:6b:e0:ec:17:fc:22:61:35:44:15:0c:88:53:10:25:
f3:78:b3:a2:43:64:26:0a:66:9c:4e:7e:b9:5d:99:98:bb:96:
e7:6c:df:eb:09:72:05:a9:f3:a1:18:00:43:55:d8:35:1e:6d:
3b:cb:46:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGYbAl1O4TrwxS78N4S10MmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3NTE3YWFmNDhmNjY5YTBiZWM4ZWM2YWM4NjgyYjRjMTI0
ZTZkMzAwHhcNMjQwODI4MDk1ODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTcyNmNiYzgzMTFjYzIwNmZjMWUyYmVmMDRiOGRjOTdlZmJiNzk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+pkSJb3m8GnmyDX7I572xB4MdkJ
5+LoDq7S3XYsQhDPCOlbVPSG852AdcZFhuAtMJptJ5X+8/9ItXl9RwsRun/2ZOWs
5tqqaWsIBTJECxfKLcZrzMUQ78Rk4wbacbUt/G8QqjJUu51KrXFsQa6sECWai4m8
eMvGBrrWt5RoSOYLwnkqxSpcLV6wareZJlFCBvoOrcEWm0v6kbdbK4ZS5R1J1Hd3
d/8mGUneKFlewdFMGUVq9+8ZTvfH9uykLu8BLOZa3SwWGuV+pPdB3mqLdOddgO91
rcoSKu+xeRsX81/+Zd2O0TnTVxWCg6HysTJ4Yz4iWI9uwi8PuVq6jwvNzwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHlybLyDEcwgb8HivvBLjcl++7eUMB8GA1UdIwQY
MBaAFHdReq9I9mmgvsjsashoK0wSTm0wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDFGNnIwajJhYUMteU94cXlHZ3JUQkpPYlRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9mNmE1NzktMjQ0Yy00NjEwLWJiZWEt
MjRjNjI2ZTdmNTIwLzEvZVhKc3ZJTVJ6Q0J2d2VLLThFdU55WDc3dDVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9mNmE1NzktMjQ0Yy00NjEwLWJiZWEtMjRjNjI2ZTdmNTIw
LzEvZDFGNnIwajJhYUMteU94cXlHZ3JUQkpPYlRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAstT/AwQB
vL+AMA0GCSqGSIb3DQEBCwUAA4IBAQAKcjWFB1pOShmxj1PhO76gmKoOheqIS4OZ
sjcrR82jLq6rIoV5hDlNFc1oQoo4wVB/eNugxcGZoQnwkbEZa016FYMk88h4UeRt
Qm330CZFvLmsn2U5vjQKISTkXC99XLaIB2m5GiK8EEDbN4cDjtsAT2tsJZpAc5iK
R+yGrjQBg9TEkUANRWfhu5lMvjTgaktZslqr58yXQUt/oaxnRzMyMkAvPfK0uizF
Hk8zRp20ixsVJqeXlciThFOrQ0nMp+jAp/qWwh3RjbRr4OwX/CJhNUQVDIhTECXz
eLOiQ2QmCmacTn65XZmYu5bnbN/rCXIFqfOhGABDVdg1Hm07y0az
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:12:07 2024 by rpki-client on console-fra.rpki-client.org