Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/euVnHtig2jI749Evr1YnLQxzKIY.roa
File: euVnHtig2jI749Evr1YnLQxzKIY.roa (raw, json)
Hash identifier: SLKXY8thJIzUfMAbvE2yeNilozRFM1+iix5oNFRKiV4=
Subject key identifier: 7A:E5:67:1E:D8:A0:DA:32:3B:E3:D1:2F:AF:56:27:2D:0C:73:28:86
Certificate issuer: /CN=a30ddaa7494d69ba1cacb457ef91b6dcd22e8dd9
Certificate serial: 018CC42462205794DC745B19E0344D37606B
Authority key identifier: A3:0D:DA:A7:49:4D:69:BA:1C:AC:B4:57:EF:91:B6:DC:D2:2E:8D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/euVnHtig2jI749Evr1YnLQxzKIY.roa
Signing time: Mon 01 Jan 2024 08:29:27 +0000
ROA not before: Mon 01 Jan 2024 08:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29484
IP address blocks: 185.73.22.0/24 maxlen: 24
185.73.22.128/25 maxlen: 25
185.73.23.0/24 maxlen: 24
185.73.22.0/25 maxlen: 25
185.73.20.0/23 maxlen: 23
185.73.20.0/22 maxlen: 22
134.147.0.0/16 maxlen: 16
2a05:3e04::/32 maxlen: 32
2a05:3e06::/31 maxlen: 31
2a05:3e05::/32 maxlen: 32
2a05:3e00::/30 maxlen: 30
2a05:3e00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/ow3ap0lNabocrLRX75G23NIujdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/ow3ap0lNabocrLRX75G23NIujdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:62:20:57:94:dc:74:5b:19:e0:34:4d:37:60:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a30ddaa7494d69ba1cacb457ef91b6dcd22e8dd9
Validity
Not Before: Jan 1 08:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7ae5671ed8a0da323be3d12faf56272d0c732886
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:74:06:71:ca:61:a1:05:9f:e7:87:bb:ae:6f:
50:85:df:e9:b3:2a:18:9a:e0:a1:7b:57:d3:4d:7c:
b0:a9:4c:af:57:84:16:3e:18:db:18:e9:2f:96:e8:
98:62:ae:fd:74:44:dc:fb:e9:9c:c1:a7:c8:9c:f0:
76:c1:bf:cf:6a:51:a7:c2:46:32:90:94:54:33:11:
c5:42:a0:f7:b5:d0:52:3b:5c:c1:ce:ea:90:4a:eb:
23:32:0b:81:c9:f0:ef:fd:ca:93:43:ef:7a:be:6e:
98:a5:75:e8:ac:83:6b:9f:ac:56:29:49:0c:82:fb:
48:fa:63:dc:c7:96:6d:40:24:21:b3:64:ca:7d:bb:
12:ba:0a:3c:25:80:32:8d:a4:8b:88:ce:3a:e3:5e:
42:e9:73:44:fe:e0:62:93:57:26:49:48:03:a4:71:
f3:e7:71:ff:f0:7f:a6:f5:ee:29:87:00:66:1f:31:
7c:1d:df:11:16:51:97:c4:1a:55:6b:79:43:e9:65:
62:aa:94:30:11:90:ce:98:13:16:1e:a6:89:76:a9:
5b:13:6b:3e:eb:cb:4c:c0:0d:b0:2f:9c:03:c9:a2:
cb:c4:06:85:2f:b5:7f:4f:76:24:e4:de:40:9d:6d:
6d:af:7a:1b:a7:07:96:ab:aa:84:3f:2d:c7:ac:d5:
29:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:E5:67:1E:D8:A0:DA:32:3B:E3:D1:2F:AF:56:27:2D:0C:73:28:86
X509v3 Authority Key Identifier:
keyid:A3:0D:DA:A7:49:4D:69:BA:1C:AC:B4:57:EF:91:B6:DC:D2:2E:8D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ow3ap0lNabocrLRX75G23NIujdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/euVnHtig2jI749Evr1YnLQxzKIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/76112c-f17e-4dc1-ba52-6544a2b99817/1/ow3ap0lNabocrLRX75G23NIujdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.147.0.0/16
185.73.20.0/22
IPv6:
2a05:3e00::/29
Signature Algorithm: sha256WithRSAEncryption
91:4c:50:00:1c:96:98:a0:39:2a:e6:68:00:db:9e:b3:90:dc:
5f:fc:3a:ce:ca:57:76:e5:d3:dc:b5:1f:75:e8:78:f1:86:33:
a3:5a:89:16:66:5f:78:7a:28:67:dd:9e:9e:44:cb:2e:4c:c6:
dc:21:c1:fb:17:0a:5b:c9:d1:e2:95:25:90:2e:40:2f:ad:62:
90:b0:9e:0d:76:80:19:73:a1:f4:f2:61:6c:90:5b:89:d4:8e:
94:08:c2:c0:2a:05:f9:1b:eb:f1:5e:77:88:fc:a0:40:4a:ba:
28:c4:dc:44:91:b0:d2:30:10:d9:df:53:94:35:a2:d6:d9:18:
01:75:73:9a:6a:cd:5c:d6:59:86:14:38:d4:58:a5:ec:46:af:
a1:61:43:a3:3c:13:93:08:ac:21:03:3d:d5:52:f9:e2:37:a1:
8f:b5:a7:d3:57:9b:05:2d:d4:3b:63:1a:c8:4a:7a:3a:11:da:
12:32:70:e7:f7:43:4b:0e:61:31:e5:97:40:cb:dc:07:9b:a6:
84:2e:e7:74:d1:54:09:62:e2:6b:28:fa:b0:72:4d:f1:2f:2c:
15:dd:9b:fa:ae:02:0f:8a:dc:48:e4:a0:65:d7:82:9f:da:67:
0b:02:c2:cf:b9:92:8f:c0:e7:ed:9a:3b:89:51:ed:de:c7:36:
20:d9:9e:e2
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzEJGIgV5TcdFsZ4DRNN2BrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMGRkYWE3NDk0ZDY5YmExY2FjYjQ1N2VmOTFiNmRjZDIy
ZThkZDkwHhcNMjQwMTAxMDgyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWU1NjcxZWQ4YTBkYTMyM2JlM2QxMmZhZjU2MjcyZDBjNzMyODg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXQGccphoQWf54e7rm9Qhd/psyoY
muChe1fTTXywqUyvV4QWPhjbGOkvluiYYq79dETc++mcwafInPB2wb/PalGnwkYy
kJRUMxHFQqD3tdBSO1zBzuqQSusjMguByfDv/cqTQ+96vm6YpXXorINrn6xWKUkM
gvtI+mPcx5ZtQCQhs2TKfbsSugo8JYAyjaSLiM46415C6XNE/uBik1cmSUgDpHHz
53H/8H+m9e4phwBmHzF8Hd8RFlGXxBpVa3lD6WViqpQwEZDOmBMWHqaJdqlbE2s+
68tMwA2wL5wDyaLLxAaFL7V/T3Yk5N5AnW1tr3obpweWq6qEPy3HrNUp7QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHrlZx7YoNoyO+PRL69WJy0McyiGMB8GA1UdIwQY
MBaAFKMN2qdJTWm6HKy0V++RttzSLo3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3czYXAwbE5hYm9jckxSWDc1RzIzTkl1amRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NjExMmMtZjE3ZS00ZGMxLWJhNTIt
NjU0NGEyYjk5ODE3LzEvZXVWbkh0aWcyakk3NDlFdnIxWW5MUXh6S0lZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NjExMmMtZjE3ZS00ZGMxLWJhNTItNjU0NGEyYjk5ODE3
LzEvb3czYXAwbE5hYm9jckxSWDc1RzIzTkl1amRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAhpMDBAK5
SRQwDQQCAAIwBwMFAyoFPgAwDQYJKoZIhvcNAQELBQADggEBAJFMUAAclpigOSrm
aADbnrOQ3F/8Os7KV3bl09y1H3XoePGGM6NaiRZmX3h6KGfdnp5Eyy5MxtwhwfsX
ClvJ0eKVJZAuQC+tYpCwng12gBlzofTyYWyQW4nUjpQIwsAqBfkb6/Fed4j8oEBK
uijE3ESRsNIwENnfU5Q1otbZGAF1c5pqzVzWWYYUONRYpexGr6FhQ6M8E5MIrCED
PdVS+eI3oY+1p9NXmwUt1DtjGshKejoR2hIycOf3Q0sOYTHll0DL3AebpoQu53TR
VAli4mso+rByTfEvLBXdm/quAg+K3EjkoGXXgp/aZwsCws+5ko/A5+2aO4lR7d7H
NiDZnuI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:19:58 2024 by rpki-client on console-ams.rpki-client.org