Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/ef98e4-01e5-4b88-bbf1-0483d1c01b25/1/EpswE5tyLi1VlIDgGnHvz_y8Up4.roa
File: EpswE5tyLi1VlIDgGnHvz_y8Up4.roa (raw, json)
Hash identifier: oGevmpVRKYwtzOZgSfaIVr7lQe9aTv50JB4lho4vq0Y=
Subject key identifier: 12:9B:30:13:9B:72:2E:2D:55:94:80:E0:1A:71:EF:CF:FC:BC:52:9E
Certificate issuer: /CN=5259e000c991f78f243fde5980cd5cef649409e6
Certificate serial: 018CC94C13AA52199BAEC472F077AD510D0A
Authority key identifier: 52:59:E0:00:C9:91:F7:8F:24:3F:DE:59:80:CD:5C:EF:64:94:09:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UlngAMmR948kP95ZgM1c72SUCeY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/ef98e4-01e5-4b88-bbf1-0483d1c01b25/1/EpswE5tyLi1VlIDgGnHvz_y8Up4.roa
Signing time: Tue 02 Jan 2024 08:30:55 +0000
ROA not before: Tue 02 Jan 2024 08:30:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35292
IP address blocks: 87.239.136.0/21 maxlen: 24
78.31.168.0/21 maxlen: 24
193.47.73.0/24 maxlen: 24
2001:678:2a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/ef98e4-01e5-4b88-bbf1-0483d1c01b25/1/UlngAMmR948kP95ZgM1c72SUCeY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/ef98e4-01e5-4b88-bbf1-0483d1c01b25/1/UlngAMmR948kP95ZgM1c72SUCeY.mft
rsync://rpki.ripe.net/repository/DEFAULT/UlngAMmR948kP95ZgM1c72SUCeY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 20:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:13:aa:52:19:9b:ae:c4:72:f0:77:ad:51:0d:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5259e000c991f78f243fde5980cd5cef649409e6
Validity
Not Before: Jan 2 08:30:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=129b30139b722e2d559480e01a71efcffcbc529e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:ce:7a:a2:2e:3a:68:73:48:65:22:d9:1b:0b:
4d:95:30:a0:2b:b1:7f:59:96:ea:85:3e:76:2e:f9:
1d:14:4a:52:78:9e:9c:db:13:6c:0e:57:3e:e8:45:
4b:c7:33:e5:ce:71:91:ad:79:70:54:d4:96:b2:f3:
2a:1f:7f:45:40:71:5f:40:bc:48:6c:a0:42:fb:ba:
d7:9d:44:6b:1f:43:18:71:73:a8:05:49:c4:f5:9e:
59:fd:7d:8e:ed:e4:fd:b3:42:81:6d:c7:c1:40:42:
f6:1f:40:d4:ab:7c:4a:22:3d:46:85:89:db:ba:5a:
e8:32:4a:e1:fc:58:29:d4:87:b4:29:c1:e1:58:94:
92:a1:da:2f:f6:f4:bb:98:b1:69:1d:b6:41:31:c2:
4d:ef:23:ae:ab:0c:2e:2f:fe:87:78:ad:1c:fe:83:
85:e1:44:66:05:af:58:03:ac:2e:81:b3:1f:f0:51:
3b:f8:ff:e6:04:6a:40:93:c7:02:e1:08:57:b5:9f:
6c:21:65:16:35:9a:d9:a0:39:c4:49:50:4f:bf:28:
38:bf:a4:69:a7:c9:0f:7d:bc:65:dc:fd:f7:b3:b4:
38:3c:a4:82:68:28:88:83:56:05:56:b3:cb:5e:2a:
8c:b3:d7:26:3c:b7:34:4e:c1:8d:9f:16:46:4b:16:
83:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:9B:30:13:9B:72:2E:2D:55:94:80:E0:1A:71:EF:CF:FC:BC:52:9E
X509v3 Authority Key Identifier:
keyid:52:59:E0:00:C9:91:F7:8F:24:3F:DE:59:80:CD:5C:EF:64:94:09:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UlngAMmR948kP95ZgM1c72SUCeY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef98e4-01e5-4b88-bbf1-0483d1c01b25/1/EpswE5tyLi1VlIDgGnHvz_y8Up4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/ef98e4-01e5-4b88-bbf1-0483d1c01b25/1/UlngAMmR948kP95ZgM1c72SUCeY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.31.168.0/21
87.239.136.0/21
193.47.73.0/24
IPv6:
2001:678:2a0::/48
Signature Algorithm: sha256WithRSAEncryption
64:0f:af:6c:36:ba:19:b3:54:fe:4b:74:3d:8d:4d:e4:dd:fd:
ac:42:94:76:c0:66:23:2a:f4:ea:75:a1:a9:8f:b1:ba:66:c2:
ca:79:80:c2:b2:1b:1f:05:d5:f2:20:d4:ee:49:2e:e8:bd:3c:
db:7a:ae:18:cc:85:79:8d:a1:43:0c:4d:c5:bb:6f:da:16:71:
a4:1f:25:24:f4:73:79:cc:1c:c5:61:f5:fb:48:1d:1b:c4:99:
72:29:a3:ea:c6:73:32:0b:cf:5c:bf:5d:ac:db:20:f1:02:3a:
88:74:b3:4c:8e:41:ee:4c:8f:df:d6:0f:f0:4b:49:8e:22:bd:
1d:df:bf:e9:f3:05:8d:f8:52:da:ba:4b:63:89:16:39:e9:59:
b9:5b:d9:7e:30:df:ad:41:fd:74:20:33:e8:56:9d:3f:73:dc:
2f:64:ee:fd:2e:b4:4d:b4:e1:b8:ae:b2:9d:6b:25:54:31:b9:
3e:ac:61:a6:fe:81:90:48:e7:df:75:3c:a0:d7:75:e2:75:4c:
1f:02:18:22:90:31:06:58:67:5b:11:21:fc:58:b4:78:d4:e2:
76:62:fd:80:14:08:f5:e9:11:37:c6:f6:63:8d:b6:6a:71:c2:
4b:67:67:5f:8c:51:bf:38:ed:e6:36:bf:65:b2:d6:6d:d9:21:
2d:71:df:8e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzJTBOqUhmbrsRy8HetUQ0KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyNTllMDAwYzk5MWY3OGYyNDNmZGU1OTgwY2Q1Y2VmNjQ5
NDA5ZTYwHhcNMjQwMTAyMDgzMDU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjliMzAxMzliNzIyZTJkNTU5NDgwZTAxYTcxZWZjZmZjYmM1MjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwM56oi46aHNIZSLZGwtNlTCgK7F/
WZbqhT52LvkdFEpSeJ6c2xNsDlc+6EVLxzPlznGRrXlwVNSWsvMqH39FQHFfQLxI
bKBC+7rXnURrH0MYcXOoBUnE9Z5Z/X2O7eT9s0KBbcfBQEL2H0DUq3xKIj1GhYnb
ulroMkrh/Fgp1Ie0KcHhWJSSodov9vS7mLFpHbZBMcJN7yOuqwwuL/6HeK0c/oOF
4URmBa9YA6wugbMf8FE7+P/mBGpAk8cC4QhXtZ9sIWUWNZrZoDnESVBPvyg4v6Rp
p8kPfbxl3P33s7Q4PKSCaCiIg1YFVrPLXiqMs9cmPLc0TsGNnxZGSxaDEQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBKbMBObci4tVZSA4Bpx78/8vFKeMB8GA1UdIwQY
MBaAFFJZ4ADJkfePJD/eWYDNXO9klAnmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWxuZ0FNbVI5NDhrUDk1WmdNMWM3MlNVQ2VZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS9lZjk4ZTQtMDFlNS00Yjg4LWJiZjEt
MDQ4M2QxYzAxYjI1LzEvRXBzd0U1dHlMaTFWbElEZ0duSHZ6X3k4VXA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS9lZjk4ZTQtMDFlNS00Yjg4LWJiZjEtMDQ4M2QxYzAxYjI1
LzEvVWxuZ0FNbVI5NDhrUDk1WmdNMWM3MlNVQ2VZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQDTh+oAwQD
V++IAwQAwS9JMA8EAgACMAkDBwAgAQZ4AqAwDQYJKoZIhvcNAQELBQADggEBAGQP
r2w2uhmzVP5LdD2NTeTd/axClHbAZiMq9Op1oamPsbpmwsp5gMKyGx8F1fIg1O5J
Lui9PNt6rhjMhXmNoUMMTcW7b9oWcaQfJST0c3nMHMVh9ftIHRvEmXIpo+rGczIL
z1y/XazbIPECOoh0s0yOQe5Mj9/WD/BLSY4ivR3fv+nzBY34Utq6S2OJFjnpWblb
2X4w361B/XQgM+hWnT9z3C9k7v0utE204biusp1rJVQxuT6sYab+gZBI5991PKDX
deJ1TB8CGCKQMQZYZ1sRIfxYtHjU4nZi/YAUCPXpETfG9mONtmpxwktnZ1+MUb84
7eY2v2Wy1m3ZIS1x344=
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:13:07 2024 by rpki-client on console-fra.rpki-client.org