Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/ey_BhYnNlS0ZjOmMGgYFYDf_U0c.roa
File: ey_BhYnNlS0ZjOmMGgYFYDf_U0c.roa (raw, json)
Hash identifier: JOePo2/ApSUHTamiYkTSR55MRdOIcA/+f6zZmwDsz0Y=
Subject key identifier: 7B:2F:C1:85:89:CD:95:2D:19:8C:E9:8C:1A:06:05:60:37:FF:53:47
Certificate issuer: /CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Certificate serial: 01917F635847763C3218DBE48FCAD30BE0AE
Authority key identifier: A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/ey_BhYnNlS0ZjOmMGgYFYDf_U0c.roa
Signing time: Fri 23 Aug 2024 13:18:22 +0000
ROA not before: Fri 23 Aug 2024 13:18:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216139
IP address blocks: 178.217.100.0/24 maxlen: 24
178.217.101.0/24 maxlen: 24
217.144.102.0/24 maxlen: 24
2a03:80c0:abba::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:7f:63:58:47:76:3c:32:18:db:e4:8f:ca:d3:0b:e0:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Validity
Not Before: Aug 23 13:18:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7b2fc18589cd952d198ce98c1a06056037ff5347
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:06:33:90:e4:b3:bc:fc:da:d7:5a:aa:40:a6:
43:fa:8c:b2:d2:3f:e4:2c:47:4e:12:19:f1:ae:5d:
49:53:c6:ac:83:3f:87:0d:25:8c:82:dc:fc:84:21:
f2:4d:0c:25:6c:fe:c8:d1:c8:aa:44:dd:eb:6e:15:
57:8c:79:e7:64:04:23:cf:34:2c:d7:b3:4f:b7:67:
9b:98:ff:85:d3:22:b9:bd:98:9b:19:10:2f:35:7e:
fb:b1:e6:ab:0d:9c:fb:99:a7:5a:bb:90:3e:22:c1:
aa:b2:ed:c1:3b:62:de:bd:59:5a:54:c9:8a:da:d7:
f2:7f:69:3c:4e:82:1a:3d:7a:5b:cd:d6:be:86:b0:
cd:2f:67:9f:fa:92:8c:af:8e:df:09:f8:c1:7b:eb:
17:fb:36:8c:90:13:0f:b5:2c:99:57:f1:48:1f:74:
20:df:c8:e8:13:9d:5f:02:a1:80:37:81:07:50:d8:
f2:13:f7:a2:7f:63:72:bf:dd:f4:5c:86:a4:f7:b4:
f5:8a:0e:d1:55:76:6b:d8:b8:32:8a:a1:97:bc:00:
a3:86:b2:1d:4e:ee:3a:a3:5f:98:1c:2d:53:54:31:
7d:ac:e3:16:b2:ea:8e:a2:a9:31:c8:07:2c:18:96:
06:0b:d9:37:a6:2f:78:e5:57:ca:af:4f:2c:2f:05:
fb:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:2F:C1:85:89:CD:95:2D:19:8C:E9:8C:1A:06:05:60:37:FF:53:47
X509v3 Authority Key Identifier:
keyid:A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/ey_BhYnNlS0ZjOmMGgYFYDf_U0c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.217.100.0/23
217.144.102.0/24
IPv6:
2a03:80c0:abba::/48
Signature Algorithm: sha256WithRSAEncryption
39:a0:c4:2b:16:52:b6:d2:3c:5a:3d:d0:5d:30:72:39:80:0b:
39:56:e7:4c:8b:38:8c:71:d9:58:f9:f6:b6:31:94:ae:93:aa:
79:11:85:e3:be:ad:5f:04:a9:69:44:e9:9a:c7:bc:4c:47:97:
3e:b3:fa:62:3c:71:73:ca:cf:6d:a7:90:d5:6a:3c:21:23:5f:
fe:f6:94:93:4c:5e:2a:31:61:db:8b:4d:49:48:3f:e5:90:6a:
42:7f:f3:0a:24:d4:51:02:66:cb:3f:18:40:23:c2:9a:8c:aa:
47:16:21:75:67:85:3d:09:86:a6:40:03:1d:fa:74:0e:41:ed:
f1:00:9f:ce:1c:69:94:54:93:1c:e1:aa:05:8f:bc:34:ce:ea:
6b:c4:0b:37:a8:8a:bb:16:92:18:ad:1e:e7:af:9c:20:f0:6d:
d7:14:01:f8:ec:97:7b:72:f1:75:ad:cd:e1:3b:73:cc:26:aa:
79:36:e8:e0:40:d1:8b:ad:fa:53:30:a5:c0:76:73:33:6d:68:
1f:7c:85:1f:9e:9d:a9:7d:67:71:c1:44:d8:55:6f:ac:5c:7c:
aa:19:f0:56:e7:06:a0:4d:f3:c7:0c:2f:a9:fb:f0:fd:22:88:
00:ec:d8:b1:83:66:68:61:0a:e4:25:7c:27:ae:da:e6:04:d4:
cc:cd:f0:a4
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZF/Y1hHdjwyGNvkj8rTC+CuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NTJkMGQyNjY1NTczODU4MzZhYWI3YWUzZmRjZWQ0Y2E3
NGFkODkwHhcNMjQwODIzMTMxODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjJmYzE4NTg5Y2Q5NTJkMTk4Y2U5OGMxYTA2MDU2MDM3ZmY1MzQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQYzkOSzvPza11qqQKZD+oyy0j/k
LEdOEhnxrl1JU8asgz+HDSWMgtz8hCHyTQwlbP7I0ciqRN3rbhVXjHnnZAQjzzQs
17NPt2ebmP+F0yK5vZibGRAvNX77searDZz7madau5A+IsGqsu3BO2LevVlaVMmK
2tfyf2k8ToIaPXpbzda+hrDNL2ef+pKMr47fCfjBe+sX+zaMkBMPtSyZV/FIH3Qg
38joE51fAqGAN4EHUNjyE/eif2Nyv930XIak97T1ig7RVXZr2LgyiqGXvACjhrId
Tu46o1+YHC1TVDF9rOMWsuqOoqkxyAcsGJYGC9k3pi945VfKr08sLwX7lwIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFHsvwYWJzZUtGYzpjBoGBWA3/1NHMB8GA1UdIwQY
MBaAFKlS0NJmVXOFg2qreuP9ztTKdK2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAt
NGMyMWE1MDVmMzQ2LzEvZXlfQmhZbk5sUzBaak9tTUdnWUZZRGZfVTBjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAtNGMyMWE1MDVmMzQ2
LzEvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQBstlkAwQA
2ZBmMA8EAgACMAkDBwAqA4DAq7owDQYJKoZIhvcNAQELBQADggEBADmgxCsWUrbS
PFo90F0wcjmACzlW50yLOIxx2Vj59rYxlK6TqnkRheO+rV8EqWlE6ZrHvExHlz6z
+mI8cXPKz22nkNVqPCEjX/72lJNMXioxYduLTUlIP+WQakJ/8wok1FECZss/GEAj
wpqMqkcWIXVnhT0JhqZAAx36dA5B7fEAn84caZRUkxzhqgWPvDTO6mvECzeoirsW
khitHuevnCDwbdcUAfjsl3ty8XWtzeE7c8wmqnk26OBA0Yut+lMwpcB2czNtaB98
hR+enal9Z3HBRNhVb6xcfKoZ8FbnBqBN88cML6n78P0iiADs2LGDZmhhCuQlfCeu
2uYE1MzN8KQ=
-----END CERTIFICATE-----
Generated at Sat Sep 28 23:08:01 2024 by rpki-client on console-fra.rpki-client.org