Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/eFzyAoD94-AZvXC585GOCzuRZJs.roa
File: eFzyAoD94-AZvXC585GOCzuRZJs.roa (raw, json)
Hash identifier: hRPFU/WU9XXcFD/HuSqUGFEE2mcMlD5nal9gB59nR+c=
Subject key identifier: 78:5C:F2:02:80:FD:E3:E0:19:BD:70:B9:F3:91:8E:0B:3B:91:64:9B
Certificate issuer: /CN=a14e499240cea588541a7dc74f321c9141744bb6
Certificate serial: 018E75CC93187C567BA14D2D586EF5F7920D
Authority key identifier: A1:4E:49:92:40:CE:A5:88:54:1A:7D:C7:4F:32:1C:91:41:74:4B:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oU5JkkDOpYhUGn3HTzIckUF0S7Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/eFzyAoD94-AZvXC585GOCzuRZJs.roa
Signing time: Mon 25 Mar 2024 13:28:44 +0000
ROA not before: Mon 25 Mar 2024 13:28:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49603
IP address blocks: 46.19.152.0/21 maxlen: 24
89.207.248.0/21 maxlen: 24
185.88.60.0/22 maxlen: 24
185.92.152.0/22 maxlen: 24
185.92.168.0/22 maxlen: 24
185.92.180.0/22 maxlen: 24
185.92.188.0/22 maxlen: 24
2a05:ca80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/oU5JkkDOpYhUGn3HTzIckUF0S7Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/oU5JkkDOpYhUGn3HTzIckUF0S7Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/oU5JkkDOpYhUGn3HTzIckUF0S7Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 10:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:75:cc:93:18:7c:56:7b:a1:4d:2d:58:6e:f5:f7:92:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a14e499240cea588541a7dc74f321c9141744bb6
Validity
Not Before: Mar 25 13:28:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=785cf20280fde3e019bd70b9f3918e0b3b91649b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:9e:6f:20:b7:08:7c:95:f8:2c:e6:d4:48:18:
d8:63:46:71:83:11:87:de:50:b6:0b:2a:eb:5f:12:
32:50:cc:be:42:69:c1:26:e5:5c:a1:0b:4c:1e:a9:
e4:29:80:f8:98:4a:0c:52:c6:c5:9f:49:8a:2d:a8:
14:65:0c:dd:a8:77:a0:3c:df:2b:23:1d:5a:ba:fe:
d6:93:06:76:2a:f7:ab:14:62:d3:6b:61:06:5e:4a:
fd:78:3e:10:dd:59:04:e9:00:26:50:67:1a:57:13:
ea:cc:d5:07:cf:ca:19:1f:f3:fd:57:4d:01:c9:2a:
98:94:71:f8:61:ee:8c:5d:d5:72:98:6c:f8:45:06:
c5:fc:49:42:22:66:84:c9:11:9a:89:26:8a:ab:5c:
e4:d1:51:0a:7b:f9:ce:90:eb:67:f8:80:ed:38:42:
05:e9:20:f8:a1:24:d9:bc:66:df:f5:5a:7b:fa:b0:
15:56:60:51:2a:21:0c:27:51:3d:65:e5:06:22:6d:
7b:54:0c:8c:14:bb:59:3a:b4:5e:cd:5f:bc:28:3b:
6d:60:13:6b:a4:bf:cb:2f:b6:b5:72:58:4b:e8:ac:
ef:db:8a:eb:e2:31:4c:8b:31:51:94:3b:92:2c:63:
39:1e:11:26:86:75:23:df:5a:1a:54:b7:9b:dd:fa:
21:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:5C:F2:02:80:FD:E3:E0:19:BD:70:B9:F3:91:8E:0B:3B:91:64:9B
X509v3 Authority Key Identifier:
keyid:A1:4E:49:92:40:CE:A5:88:54:1A:7D:C7:4F:32:1C:91:41:74:4B:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oU5JkkDOpYhUGn3HTzIckUF0S7Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/eFzyAoD94-AZvXC585GOCzuRZJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/0828e7-1e57-4747-8ea1-36a808f3d14d/1/oU5JkkDOpYhUGn3HTzIckUF0S7Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.19.152.0/21
89.207.248.0/21
185.88.60.0/22
185.92.152.0/22
185.92.168.0/22
185.92.180.0/22
185.92.188.0/22
IPv6:
2a05:ca80::/29
Signature Algorithm: sha256WithRSAEncryption
78:ef:ee:71:08:d5:3a:d7:8a:85:0b:3d:cb:6a:c3:5f:d3:88:
83:e8:82:a3:00:81:e7:7b:71:01:a6:f3:28:f3:af:24:5f:f0:
ab:10:32:b9:6c:89:a8:3f:35:4e:e3:02:3a:fb:9b:08:de:b6:
53:e6:6f:b6:aa:ee:57:3a:70:86:0a:db:4e:3e:6a:f9:e5:08:
76:3d:bf:03:59:1e:43:69:ad:38:97:a6:49:c7:ea:c6:75:12:
7e:fe:62:52:0c:f8:61:fe:bb:3c:3d:c9:c4:0e:c6:54:72:4d:
ae:49:1b:4b:5b:bf:b2:58:fc:f9:ce:2e:69:2a:11:c3:1d:da:
8e:2a:61:0a:1d:16:c8:41:e7:0c:63:e3:a6:51:f8:78:8a:75:
0f:0e:7a:b4:14:16:27:25:ee:9d:d2:85:56:2f:d4:44:20:96:
61:3c:f0:a6:df:98:b8:8b:fa:e0:5d:22:ae:17:61:59:54:28:
de:9b:99:16:c2:fe:24:72:4d:27:9e:07:c8:25:85:46:78:39:
5c:8b:e9:4b:3e:7e:ba:28:13:d1:85:a9:eb:b8:89:c7:63:30:
72:ad:17:c7:34:56:22:3b:b0:7c:c6:4b:1f:1c:ac:e3:08:f7:
5f:9e:f9:9b:40:f5:03:b5:82:1f:85:06:8b:ee:0a:2a:bc:04:
f6:92:5f:2d
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY51zJMYfFZ7oU0tWG7195INMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNGU0OTkyNDBjZWE1ODg1NDFhN2RjNzRmMzIxYzkxNDE3
NDRiYjYwHhcNMjQwMzI1MTMyODQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODVjZjIwMjgwZmRlM2UwMTliZDcwYjlmMzkxOGUwYjNiOTE2NDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgZ5vILcIfJX4LObUSBjYY0ZxgxGH
3lC2CyrrXxIyUMy+QmnBJuVcoQtMHqnkKYD4mEoMUsbFn0mKLagUZQzdqHegPN8r
Ix1auv7WkwZ2KverFGLTa2EGXkr9eD4Q3VkE6QAmUGcaVxPqzNUHz8oZH/P9V00B
ySqYlHH4Ye6MXdVymGz4RQbF/ElCImaEyRGaiSaKq1zk0VEKe/nOkOtn+IDtOEIF
6SD4oSTZvGbf9Vp7+rAVVmBRKiEMJ1E9ZeUGIm17VAyMFLtZOrRezV+8KDttYBNr
pL/LL7a1clhL6Kzv24rr4jFMizFRlDuSLGM5HhEmhnUj31oaVLeb3fohWwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFHhc8gKA/ePgGb1wufORjgs7kWSbMB8GA1UdIwQY
MBaAFKFOSZJAzqWIVBp9x08yHJFBdEu2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1U1SmtrRE9wWWhVR24zSFR6SWNrVUYwUzdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy8wODI4ZTctMWU1Ny00NzQ3LThlYTEt
MzZhODA4ZjNkMTRkLzEvZUZ6eUFvRDk0LUFadlhDNTg1R09DenVSWkpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy8wODI4ZTctMWU1Ny00NzQ3LThlYTEtMzZhODA4ZjNkMTRk
LzEvb1U1SmtrRE9wWWhVR24zSFR6SWNrVUYwUzdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQDLhOYAwQD
Wc/4AwQCuVg8AwQCuVyYAwQCuVyoAwQCuVy0AwQCuVy8MA0EAgACMAcDBQMqBcqA
MA0GCSqGSIb3DQEBCwUAA4IBAQB47+5xCNU614qFCz3LasNf04iD6IKjAIHne3EB
pvMo868kX/CrEDK5bImoPzVO4wI6+5sI3rZT5m+2qu5XOnCGCttOPmr55Qh2Pb8D
WR5Daa04l6ZJx+rGdRJ+/mJSDPhh/rs8PcnEDsZUck2uSRtLW7+yWPz5zi5pKhHD
HdqOKmEKHRbIQecMY+OmUfh4inUPDnq0FBYnJe6d0oVWL9REIJZhPPCm35i4i/rg
XSKuF2FZVCjem5kWwv4kck0nngfIJYVGeDlci+lLPn66KBPRhanruInHYzByrRfH
NFYiO7B8xksfHKzjCPdfnvmbQPUDtYIfhQaL7goqvAT2kl8t
-----END CERTIFICATE-----
Generated at Fri Jun 7 20:31:31 2024 by rpki-client on console-ams.rpki-client.org