Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/eapc41tjJa0hfHId5ykkkfvMMRs.roa
File: eapc41tjJa0hfHId5ykkkfvMMRs.roa (raw, json)
Hash identifier: zZNPbqe/vwD/MRbkiLPjy5F7oHm/SGU+BxBbBkXNjlo=
Subject key identifier: 79:AA:5C:E3:5B:63:25:AD:21:7C:72:1D:E7:29:24:91:FB:CC:31:1B
Certificate issuer: /CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Certificate serial: 018CC348E106B50B6243063B6EF5AA7E673C
Authority key identifier: EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/eapc41tjJa0hfHId5ykkkfvMMRs.roa
Signing time: Mon 01 Jan 2024 04:29:42 +0000
ROA not before: Mon 01 Jan 2024 04:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9123
IP address blocks: 92.51.39.0/24 maxlen: 24
92.51.44.0/24 maxlen: 24
92.51.46.0/24 maxlen: 24
92.51.47.0/24 maxlen: 24
92.51.45.0/24 maxlen: 24
92.51.36.0/24 maxlen: 24
92.51.37.0/24 maxlen: 24
92.51.38.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.mft
rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:e1:06:b5:0b:62:43:06:3b:6e:f5:aa:7e:67:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef57c2d9d93ac7cf9b2f17caa7859b6985b39b9d
Validity
Not Before: Jan 1 04:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=79aa5ce35b6325ad217c721de7292491fbcc311b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d3:12:99:b4:37:1a:91:73:19:af:df:86:29:
d5:4a:e7:84:67:f1:8f:f6:13:bb:5c:2b:19:b0:36:
6e:eb:8d:df:24:29:40:d1:a8:01:ac:c8:6b:e8:f6:
fb:9e:72:06:8a:21:b7:4c:c0:0a:b1:d1:12:64:aa:
cc:a5:da:1e:c7:37:1c:de:34:10:a6:be:ec:d4:37:
3f:9e:62:2c:44:d1:3c:b8:34:04:18:35:98:b4:5c:
43:39:6d:44:72:20:1f:d8:3c:6a:05:6e:90:b1:f2:
2d:ac:2c:77:0f:c9:cb:95:38:ab:07:14:25:ee:8a:
2a:8d:25:d2:27:d2:51:a2:f4:d8:5a:dc:05:80:37:
78:da:4e:80:9c:fa:c5:d3:df:c2:4f:92:ec:d7:a2:
d1:0f:ec:79:0e:aa:97:c3:f3:fd:07:fe:61:8c:58:
eb:26:c7:3d:6a:a3:15:2f:06:b7:36:75:96:13:46:
33:84:92:13:79:d9:26:22:7e:fd:79:0e:ee:a4:c0:
37:b7:e3:62:1e:3d:f1:9b:76:e6:e9:cc:9a:e5:d2:
15:ee:a3:2f:7d:92:b5:1f:f7:d2:0f:93:64:ba:3b:
53:e6:c8:5c:43:6d:f5:92:48:01:3f:78:36:fb:e3:
08:ae:97:a4:18:c2:84:84:cd:19:e9:61:82:3c:2b:
e0:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:AA:5C:E3:5B:63:25:AD:21:7C:72:1D:E7:29:24:91:FB:CC:31:1B
X509v3 Authority Key Identifier:
keyid:EF:57:C2:D9:D9:3A:C7:CF:9B:2F:17:CA:A7:85:9B:69:85:B3:9B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71fC2dk6x8-bLxfKp4WbaYWzm50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/eapc41tjJa0hfHId5ykkkfvMMRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/1e04b8-1031-43f9-9667-8e6f878db5f4/1/71fC2dk6x8-bLxfKp4WbaYWzm50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.51.36.0/22
92.51.44.0/22
Signature Algorithm: sha256WithRSAEncryption
1f:a4:62:7a:64:d9:55:6b:09:10:97:82:2b:fa:2a:c4:0e:d1:
ce:29:0e:81:a4:e8:4b:39:f1:f9:52:01:c0:9b:da:a0:c3:a4:
f5:e7:4f:97:99:21:61:32:af:42:4a:12:9a:2f:4d:cf:4a:f8:
02:7e:3f:0d:11:31:62:53:a4:57:13:b6:4a:95:4b:99:aa:4e:
21:bb:52:3b:1c:e5:c3:fe:2d:fa:c5:9d:74:e1:2f:af:4c:f0:
3e:94:84:b7:a7:be:79:01:75:e8:16:4c:36:65:6d:9e:af:fe:
1d:da:53:d1:34:1b:73:13:79:f4:b9:6a:55:16:f4:f9:6f:18:
b0:1e:9a:a8:7b:d2:fb:66:cf:be:d4:f5:0a:6c:1b:6c:93:8c:
e4:7d:2a:82:47:5a:b5:b3:52:3e:c9:2d:31:22:97:31:a6:05:
4e:d9:00:fb:44:ac:c3:94:16:c0:2a:7d:ac:bd:45:4e:20:b5:
95:7f:81:f0:a8:b8:79:64:2d:9a:8b:b7:3c:07:15:5c:80:d8:
d7:dc:1f:1a:cb:b4:51:81:53:56:82:76:96:60:81:d0:a4:a4:
cf:75:a5:f4:f9:01:5e:2e:01:41:1d:c0:85:90:01:d9:0a:b3:
c7:0b:9a:d2:8c:4f:44:a8:e7:b4:75:38:63:fb:67:62:3f:39:
4a:9f:69:c5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzDSOEGtQtiQwY7bvWqfmc8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTdjMmQ5ZDkzYWM3Y2Y5YjJmMTdjYWE3ODU5YjY5ODVi
MzliOWQwHhcNMjQwMTAxMDQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OWFhNWNlMzViNjMyNWFkMjE3YzcyMWRlNzI5MjQ5MWZiY2MzMTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNMSmbQ3GpFzGa/fhinVSueEZ/GP
9hO7XCsZsDZu643fJClA0agBrMhr6Pb7nnIGiiG3TMAKsdESZKrMpdoexzcc3jQQ
pr7s1Dc/nmIsRNE8uDQEGDWYtFxDOW1EciAf2DxqBW6QsfItrCx3D8nLlTirBxQl
7ooqjSXSJ9JRovTYWtwFgDd42k6AnPrF09/CT5Ls16LRD+x5DqqXw/P9B/5hjFjr
Jsc9aqMVLwa3NnWWE0YzhJITedkmIn79eQ7upMA3t+NiHj3xm3bm6cya5dIV7qMv
fZK1H/fSD5NkujtT5shcQ231kkgBP3g2++MIrpekGMKEhM0Z6WGCPCvgBwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHmqXONbYyWtIXxyHecpJJH7zDEbMB8GA1UdIwQY
MBaAFO9XwtnZOsfPmy8XyqeFm2mFs5udMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2Njct
OGU2Zjg3OGRiNWY0LzEvZWFwYzQxdGpKYTBoZkhJZDV5a2trZnZNTVJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8xZTA0YjgtMTAzMS00M2Y5LTk2NjctOGU2Zjg3OGRiNWY0
LzEvNzFmQzJkazZ4OC1iTHhmS3A0V2JhWVd6bTUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXDMkAwQC
XDMsMA0GCSqGSIb3DQEBCwUAA4IBAQAfpGJ6ZNlVawkQl4Ir+irEDtHOKQ6BpOhL
OfH5UgHAm9qgw6T150+XmSFhMq9CShKaL03PSvgCfj8NETFiU6RXE7ZKlUuZqk4h
u1I7HOXD/i36xZ104S+vTPA+lIS3p755AXXoFkw2ZW2er/4d2lPRNBtzE3n0uWpV
FvT5bxiwHpqoe9L7Zs++1PUKbBtsk4zkfSqCR1q1s1I+yS0xIpcxpgVO2QD7RKzD
lBbAKn2svUVOILWVf4HwqLh5ZC2ai7c8BxVcgNjX3B8ay7RRgVNWgnaWYIHQpKTP
daX0+QFeLgFBHcCFkAHZCrPHC5rSjE9EqOe0dThj+2diPzlKn2nF
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:03:33 2024 by rpki-client on console-fra.rpki-client.org