Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/EOxwZPIUpLigxrF3gRYGdfNZqNM.roa
File: EOxwZPIUpLigxrF3gRYGdfNZqNM.roa (raw, json)
Hash identifier: NKeKqnP42WVV9kgjtzXS6PexZnDzAHAM2nDsmLcnAhs=
Subject key identifier: 10:EC:70:64:F2:14:A4:B8:A0:C6:B1:77:81:16:06:75:F3:59:A8:D3
Certificate issuer: /CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Certificate serial: 018CF8303FEBE176B4B026A5E3D7736AB1E8
Authority key identifier: 3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/EOxwZPIUpLigxrF3gRYGdfNZqNM.roa
Signing time: Thu 11 Jan 2024 11:02:40 +0000
ROA not before: Thu 11 Jan 2024 11:02:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12306
IP address blocks: 82.98.93.0/24 maxlen: 24
82.98.127.0/24 maxlen: 24
213.83.0.0/18 maxlen: 32
82.98.64.0/18 maxlen: 32
212.19.32.0/19 maxlen: 32
2a02:2e0::/29 maxlen: 128
2a02:2e0:a::/48 maxlen: 48
2a02:2e0:cd4e::/48 maxlen: 48
2a02:2e0:431::/48 maxlen: 48
2a02:2e0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 17:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f8:30:3f:eb:e1:76:b4:b0:26:a5:e3:d7:73:6a:b1:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3d8ba0a52c42129af1d4f743feb33bb144d4bb5c
Validity
Not Before: Jan 11 11:02:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=10ec7064f214a4b8a0c6b17781160675f359a8d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:2e:45:44:81:87:dd:e7:16:ae:3d:96:31:ef:
43:b1:a3:4b:b1:70:05:8f:28:17:5d:94:b7:39:ba:
32:7c:6c:01:f1:02:cd:29:be:55:d6:b5:84:fd:d1:
c5:79:ae:d6:f6:60:a9:02:2c:69:9d:0a:97:32:70:
85:f3:e0:04:a5:9b:b2:2d:13:61:19:ab:c8:09:84:
69:f2:c1:83:4a:dd:7f:80:32:6f:f9:4a:ad:02:17:
9a:cb:bd:4b:ca:24:ba:e0:16:88:1e:2f:5b:e1:17:
28:a9:66:42:15:7e:77:3a:d7:40:54:fa:7e:34:b8:
5e:e7:9e:0d:d5:a7:ae:1a:f6:0e:7b:a7:41:d5:76:
d0:12:50:09:b8:96:1d:56:8e:bb:74:71:85:b6:e8:
c0:e5:a5:22:1e:4d:3e:76:55:8d:01:57:d8:0d:29:
93:a3:d8:00:4e:46:c9:f9:4c:e8:42:07:92:11:47:
7d:60:ef:6b:fd:ef:bc:f7:4c:9a:0b:3e:b9:32:b5:
0e:07:3b:80:58:58:b7:4f:fa:52:1a:25:06:39:cd:
0a:9a:6c:d1:b0:1e:a1:69:63:bd:65:fb:68:79:da:
d3:2d:14:1e:34:df:ce:74:03:1b:ee:c6:e5:9c:cb:
02:39:4b:e4:7c:20:32:05:97:02:6f:0c:09:6f:85:
07:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:EC:70:64:F2:14:A4:B8:A0:C6:B1:77:81:16:06:75:F3:59:A8:D3
X509v3 Authority Key Identifier:
keyid:3D:8B:A0:A5:2C:42:12:9A:F1:D4:F7:43:FE:B3:3B:B1:44:D4:BB:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PYugpSxCEprx1PdD_rM7sUTUu1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/EOxwZPIUpLigxrF3gRYGdfNZqNM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b3/ff6f4a-8d5f-45b2-875c-a5683844e792/1/PYugpSxCEprx1PdD_rM7sUTUu1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.98.64.0/18
212.19.32.0/19
213.83.0.0/18
IPv6:
2a02:2e0::/29
Signature Algorithm: sha256WithRSAEncryption
22:66:9c:f3:44:ea:71:f1:e7:c9:26:22:ab:7f:d1:0d:ff:ee:
76:aa:cd:8f:37:02:99:2d:40:8c:46:bb:63:1d:9f:2c:e8:58:
a3:71:b3:2b:a2:5a:8a:57:b7:dc:c9:fa:69:ea:42:a5:90:b5:
bf:22:4d:c3:92:ed:d3:0f:68:97:3e:71:2e:85:a4:bd:36:8f:
f1:4b:5c:62:69:9c:26:d8:fe:29:a8:60:e4:61:38:da:28:eb:
81:fa:69:45:21:86:a8:1b:a2:94:25:37:5d:85:60:29:41:6b:
1c:eb:db:23:6e:9d:13:99:64:c4:26:cb:9e:e1:b8:35:94:c3:
66:bd:3d:be:e5:aa:6d:80:fb:ac:8d:db:79:ef:16:4a:30:30:
3d:5d:d0:88:0f:dd:0e:95:c2:de:8f:8e:cb:2f:0d:33:9d:ba:
67:2e:3f:59:55:c7:da:fd:bb:fb:46:8b:e0:33:5f:23:4f:2e:
2c:f8:a7:44:cb:be:c5:4e:34:e7:71:a7:b0:e7:f8:d9:a8:02:
55:66:85:9e:45:13:f3:22:17:92:43:75:27:7b:29:4f:2a:42:
a2:7a:15:00:36:a7:52:08:1d:6a:31:0b:c9:d3:f6:53:73:16:
fb:f9:f0:a5:da:73:72:1a:6d:48:df:33:d0:39:1d:f3:25:f7:
3a:4a:c9:06
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYz4MD/r4Xa0sCal49dzarHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNkOGJhMGE1MmM0MjEyOWFmMWQ0Zjc0M2ZlYjMzYmIxNDRk
NGJiNWMwHhcNMjQwMTExMTEwMjQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMGVjNzA2NGYyMTRhNGI4YTBjNmIxNzc4MTE2MDY3NWYzNTlhOGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjC5FRIGH3ecWrj2WMe9DsaNLsXAF
jygXXZS3OboyfGwB8QLNKb5V1rWE/dHFea7W9mCpAixpnQqXMnCF8+AEpZuyLRNh
GavICYRp8sGDSt1/gDJv+UqtAheay71LyiS64BaIHi9b4RcoqWZCFX53OtdAVPp+
NLhe554N1aeuGvYOe6dB1XbQElAJuJYdVo67dHGFtujA5aUiHk0+dlWNAVfYDSmT
o9gATkbJ+UzoQgeSEUd9YO9r/e+890yaCz65MrUOBzuAWFi3T/pSGiUGOc0KmmzR
sB6haWO9ZftoedrTLRQeNN/OdAMb7sblnMsCOUvkfCAyBZcCbwwJb4UH6wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFBDscGTyFKS4oMaxd4EWBnXzWajTMB8GA1UdIwQY
MBaAFD2LoKUsQhKa8dT3Q/6zO7FE1LtcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMt
YTU2ODM4NDRlNzkyLzEvRU94d1pQSVVwTGlneHJGM2dSWUdkZk5acU5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMy9mZjZmNGEtOGQ1Zi00NWIyLTg3NWMtYTU2ODM4NDRlNzky
LzEvUFl1Z3BTeENFcHJ4MVBkRF9yTTdzVVRVdTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGUmJAAwQF
1BMgAwQG1VMAMA0EAgACMAcDBQMqAgLgMA0GCSqGSIb3DQEBCwUAA4IBAQAiZpzz
ROpx8efJJiKrf9EN/+52qs2PNwKZLUCMRrtjHZ8s6FijcbMrolqKV7fcyfpp6kKl
kLW/Ik3Dku3TD2iXPnEuhaS9No/xS1xiaZwm2P4pqGDkYTjaKOuB+mlFIYaoG6KU
JTddhWApQWsc69sjbp0TmWTEJsue4bg1lMNmvT2+5aptgPusjdt57xZKMDA9XdCI
D90OlcLej47LLw0znbpnLj9ZVcfa/bv7RovgM18jTy4s+KdEy77FTjTncaew5/jZ
qAJVZoWeRRPzIheSQ3UneylPKkKiehUANqdSCB1qMQvJ0/ZTcxb7+fCl2nNyGm1I
3zPQOR3zJfc6SskG
-----END CERTIFICATE-----
Generated at Mon Jun 17 00:36:22 2024 by rpki-client on console-ams.rpki-client.org