Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/eTAyFfH85bOWseqALyJwvD-vAhI.roa
File: eTAyFfH85bOWseqALyJwvD-vAhI.roa (raw, json)
Hash identifier: VWVfRQ8em06SNzvwvyYCqsoA2WudN+ZAYQXKUAizZ3Q=
Subject key identifier: 79:30:32:15:F1:FC:E5:B3:96:B1:EA:80:2F:22:70:BC:3F:AF:02:12
Certificate issuer: /CN=71a2739b20c259c5d1b388d1453f6f1799f28f6c
Certificate serial: 0191DBBAA80C679313BB2C9F3B2C695F835C
Authority key identifier: 71:A2:73:9B:20:C2:59:C5:D1:B3:88:D1:45:3F:6F:17:99:F2:8F:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caJzmyDCWcXRs4jRRT9vF5nyj2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/eTAyFfH85bOWseqALyJwvD-vAhI.roa
Signing time: Tue 10 Sep 2024 11:38:48 +0000
ROA not before: Tue 10 Sep 2024 11:38:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61084
IP address blocks: 84.54.13.0/24 maxlen: 24
176.98.41.0/24 maxlen: 24
193.31.116.0/24 maxlen: 24
213.226.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/caJzmyDCWcXRs4jRRT9vF5nyj2w.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/caJzmyDCWcXRs4jRRT9vF5nyj2w.mft
rsync://rpki.ripe.net/repository/DEFAULT/caJzmyDCWcXRs4jRRT9vF5nyj2w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:db:ba:a8:0c:67:93:13:bb:2c:9f:3b:2c:69:5f:83:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a2739b20c259c5d1b388d1453f6f1799f28f6c
Validity
Not Before: Sep 10 11:38:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79303215f1fce5b396b1ea802f2270bc3faf0212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:e8:92:7a:be:96:16:ce:25:3d:1d:e3:91:ac:
c3:db:19:e5:a6:c4:86:9e:22:92:7b:5f:c2:bd:26:
94:94:ab:3f:f3:91:b0:b8:ea:42:74:01:55:36:3c:
ea:74:c5:91:96:a1:2f:07:cc:b9:9a:58:4e:89:65:
35:6c:ea:6e:68:7c:a8:02:00:c6:d6:64:a9:36:8c:
16:8e:31:b2:ad:9f:37:56:9b:46:52:f0:48:bf:ab:
5c:95:72:b1:8d:06:0e:96:d7:70:3e:7c:b6:f5:80:
13:4b:20:af:f8:a4:2c:42:84:40:28:9e:fe:67:65:
f4:f7:45:a9:32:88:33:eb:42:e3:f1:42:60:0a:f7:
77:95:a8:17:a2:09:a1:ac:8d:e5:f2:4b:e9:7e:92:
e9:18:57:d9:99:c2:61:5e:a6:0c:ed:64:3f:99:b4:
b8:a3:18:34:8c:29:ca:72:38:57:48:43:ee:a9:86:
91:6b:a6:c4:f2:1a:1a:01:85:95:ef:f0:0e:41:54:
57:16:2d:72:16:49:d0:7c:8a:c6:6f:2c:61:d9:e8:
85:ab:a1:4c:ba:76:9d:f0:2a:7b:f3:63:44:b6:d9:
e2:63:61:6a:73:4a:92:2b:e9:f6:f1:26:d4:74:93:
24:7b:0c:9d:46:38:bf:14:d2:09:9a:5f:fa:87:4f:
e2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:30:32:15:F1:FC:E5:B3:96:B1:EA:80:2F:22:70:BC:3F:AF:02:12
X509v3 Authority Key Identifier:
keyid:71:A2:73:9B:20:C2:59:C5:D1:B3:88:D1:45:3F:6F:17:99:F2:8F:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caJzmyDCWcXRs4jRRT9vF5nyj2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/eTAyFfH85bOWseqALyJwvD-vAhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/caJzmyDCWcXRs4jRRT9vF5nyj2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.13.0/24
176.98.41.0/24
193.31.116.0/24
213.226.119.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:fa:1f:a4:d0:1c:e8:6c:7b:7f:e1:35:98:e4:e8:7f:80:1b:
8d:49:db:bf:03:c8:27:64:2d:63:09:1f:47:ff:73:bc:d6:ce:
d3:2a:c6:f8:17:93:af:55:a1:8b:12:64:c5:58:a7:d5:83:b5:
86:3b:97:e8:ae:e2:7b:e7:3a:f4:55:72:4b:a4:4c:8a:5c:16:
cd:12:dc:2f:ad:81:48:44:ef:fb:7b:1d:b2:e6:ef:07:33:ff:
4c:02:2f:63:fd:51:da:3a:6b:95:3c:7f:0b:20:a8:a6:5f:6c:
e2:5c:d2:99:27:76:4d:95:11:37:9c:e0:1a:a1:16:1a:98:59:
56:64:3c:e7:17:91:11:c2:06:9a:55:42:a7:11:d6:17:8d:6e:
28:aa:4a:76:80:72:c4:bb:fa:54:6a:d1:ba:83:1e:d1:17:29:
32:19:25:9a:fc:83:57:7a:1f:22:d5:4c:d2:e8:c2:aa:53:46:
60:c2:e9:04:b7:83:d4:11:91:80:14:03:2c:5c:9c:0a:7e:c1:
c0:28:41:ea:79:91:d8:ae:51:eb:42:65:04:35:d7:32:50:b3:
78:c9:ba:18:2c:c6:a0:2c:a3:5d:cd:b5:aa:aa:e5:c3:42:0b:
2e:76:8d:13:e3:c5:78:57:c4:ca:7d:f4:51:77:39:52:83:52:
10:8a:a1:18
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZHbuqgMZ5MTuyyfOyxpX4NcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTI3MzliMjBjMjU5YzVkMWIzODhkMTQ1M2Y2ZjE3OTlm
MjhmNmMwHhcNMjQwOTEwMTEzODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTMwMzIxNWYxZmNlNWIzOTZiMWVhODAyZjIyNzBiYzNmYWYwMjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzeiSer6WFs4lPR3jkazD2xnlpsSG
niKSe1/CvSaUlKs/85GwuOpCdAFVNjzqdMWRlqEvB8y5mlhOiWU1bOpuaHyoAgDG
1mSpNowWjjGyrZ83VptGUvBIv6tclXKxjQYOltdwPny29YATSyCv+KQsQoRAKJ7+
Z2X090WpMogz60Lj8UJgCvd3lagXogmhrI3l8kvpfpLpGFfZmcJhXqYM7WQ/mbS4
oxg0jCnKcjhXSEPuqYaRa6bE8hoaAYWV7/AOQVRXFi1yFknQfIrGbyxh2eiFq6FM
unad8Cp782NEttniY2Fqc0qSK+n28SbUdJMkewydRji/FNIJml/6h0/iIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHkwMhXx/OWzlrHqgC8icLw/rwISMB8GA1UdIwQY
MBaAFHGic5sgwlnF0bOI0UU/bxeZ8o9sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FKem15RENXY1hSczRqUlJUOXZGNW55ajJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC80OTlkZjMtYmQ0Zi00ZTQwLThmODIt
YTM4NTU1MDVlYTJlLzEvZVRBeUZmSDg1Yk9Xc2VxQUx5Snd2RC12QWhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC80OTlkZjMtYmQ0Zi00ZTQwLThmODItYTM4NTU1MDVlYTJl
LzEvY2FKem15RENXY1hSczRqUlJUOXZGNW55ajJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVDYNAwQA
sGIpAwQAwR90AwQA1eJ3MA0GCSqGSIb3DQEBCwUAA4IBAQBv+h+k0BzobHt/4TWY
5Oh/gBuNSdu/A8gnZC1jCR9H/3O81s7TKsb4F5OvVaGLEmTFWKfVg7WGO5foruJ7
5zr0VXJLpEyKXBbNEtwvrYFIRO/7ex2y5u8HM/9MAi9j/VHaOmuVPH8LIKimX2zi
XNKZJ3ZNlRE3nOAaoRYamFlWZDznF5ERwgaaVUKnEdYXjW4oqkp2gHLEu/pUatG6
gx7RFykyGSWa/INXeh8i1UzS6MKqU0ZgwukEt4PUEZGAFAMsXJwKfsHAKEHqeZHY
rlHrQmUENdcyULN4yboYLMagLKNdzbWqquXDQgsudo0T48V4V8TKffRRdzlSg1IQ
iqEY
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:55:25 2024 by rpki-client on console-ams.rpki-client.org