Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/94ea4b-3ff0-4f7b-9d83-c310eca3c07b/1/EmcUcl_6Dhby46seFgpu1CWyPws.roa
File: EmcUcl_6Dhby46seFgpu1CWyPws.roa (raw, json)
Hash identifier: TLxUIg6DoFe+DYf4/43NLMSXkovCRrZ7/4ANlkDgpJQ=
Subject key identifier: 12:67:14:72:5F:FA:0E:16:F2:E3:AB:1E:16:0A:6E:D4:25:B2:3F:0B
Certificate issuer: /CN=caf613311a7869c335ca66cb423cc6e8b2fa902c
Certificate serial: 018CC8DE797600A8E50C83823030DBBAFF8F
Authority key identifier: CA:F6:13:31:1A:78:69:C3:35:CA:66:CB:42:3C:C6:E8:B2:FA:90:2C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yvYTMRp4acM1ymbLQjzG6LL6kCw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/94ea4b-3ff0-4f7b-9d83-c310eca3c07b/1/EmcUcl_6Dhby46seFgpu1CWyPws.roa
Signing time: Tue 02 Jan 2024 06:31:12 +0000
ROA not before: Tue 02 Jan 2024 06:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6786
IP address blocks: 217.74.192.0/20 maxlen: 24
185.156.224.0/22 maxlen: 24
192.166.192.0/21 maxlen: 24
192.166.200.0/23 maxlen: 24
2a07:a240::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/94ea4b-3ff0-4f7b-9d83-c310eca3c07b/1/yvYTMRp4acM1ymbLQjzG6LL6kCw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/94ea4b-3ff0-4f7b-9d83-c310eca3c07b/1/yvYTMRp4acM1ymbLQjzG6LL6kCw.mft
rsync://rpki.ripe.net/repository/DEFAULT/yvYTMRp4acM1ymbLQjzG6LL6kCw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 09:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:79:76:00:a8:e5:0c:83:82:30:30:db:ba:ff:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caf613311a7869c335ca66cb423cc6e8b2fa902c
Validity
Not Before: Jan 2 06:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=126714725ffa0e16f2e3ab1e160a6ed425b23f0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:e8:55:fe:1e:07:f5:37:8d:f4:62:99:77:c7:
8f:aa:af:98:ba:a4:b6:ce:17:4e:5c:62:c4:e2:77:
9c:83:4d:81:b7:c1:cc:2b:0c:72:44:8b:fe:af:aa:
e2:56:9b:3f:74:b8:b3:d6:a2:63:06:cc:6b:52:83:
79:6e:69:48:bd:7e:13:50:8d:c3:04:07:7e:e8:7d:
f1:d3:d2:06:80:d8:2a:95:95:ec:ee:5b:b2:2e:b4:
59:1f:0d:63:ee:a9:e4:ca:6c:72:1b:28:5a:78:f2:
c0:81:14:c7:7c:36:8c:ca:47:59:65:2a:81:28:d4:
c0:fd:4c:47:d0:45:b9:8a:29:ed:54:9d:88:e3:47:
b4:83:42:71:4e:ee:32:71:67:52:e2:f0:1a:0e:45:
69:2e:e7:bb:f9:9e:5f:e7:50:3b:fb:23:af:44:97:
24:bc:f1:85:b2:2f:11:77:ab:f7:f6:47:0d:53:91:
08:17:41:1a:f4:ab:eb:ee:a2:f5:9d:05:50:f3:ef:
7d:52:69:ac:a2:be:64:da:d5:92:4e:d4:24:03:97:
eb:72:fa:1a:84:d7:84:77:92:2e:86:e2:76:23:2f:
dd:61:aa:3c:98:4f:71:1c:e0:05:15:cc:15:55:d1:
f7:4d:98:19:36:26:07:7e:d7:7e:a8:a3:0a:94:4b:
6f:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:67:14:72:5F:FA:0E:16:F2:E3:AB:1E:16:0A:6E:D4:25:B2:3F:0B
X509v3 Authority Key Identifier:
keyid:CA:F6:13:31:1A:78:69:C3:35:CA:66:CB:42:3C:C6:E8:B2:FA:90:2C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yvYTMRp4acM1ymbLQjzG6LL6kCw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/94ea4b-3ff0-4f7b-9d83-c310eca3c07b/1/EmcUcl_6Dhby46seFgpu1CWyPws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/94ea4b-3ff0-4f7b-9d83-c310eca3c07b/1/yvYTMRp4acM1ymbLQjzG6LL6kCw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.156.224.0/22
192.166.192.0-192.166.201.255
217.74.192.0/20
IPv6:
2a07:a240::/29
Signature Algorithm: sha256WithRSAEncryption
9b:50:a6:a8:04:1b:15:eb:d8:3f:46:a6:60:cf:e4:28:8a:f6:
0d:44:a2:b5:a7:c1:7d:17:3f:58:c9:57:c8:20:d7:53:fb:a1:
c1:a8:3b:98:a3:61:dd:43:21:de:64:3c:87:12:e8:fd:ea:77:
e5:13:65:f7:5c:9d:a6:b5:66:da:a7:e7:8a:7d:8d:e8:80:de:
de:98:6d:f8:6e:9a:eb:de:c0:0a:65:12:65:62:ec:4d:ca:41:
84:31:54:17:e5:51:e1:ab:d3:95:18:43:8c:f4:02:7f:25:b2:
8d:07:7b:26:0d:d1:97:07:c9:6c:0b:dc:6e:8c:3d:d0:79:d2:
78:6f:5a:ff:9b:14:45:db:a7:a0:03:f4:d5:f6:36:06:96:49:
ce:1e:f2:f5:88:78:ef:69:c7:20:97:f9:44:af:02:36:7f:01:
62:3e:a7:fe:42:c4:e2:0b:cf:4e:aa:df:87:1c:2c:d7:05:54:
bf:0a:0a:2f:95:15:c2:c7:c0:42:30:20:57:13:f3:f7:13:39:
c4:f8:23:a5:82:99:4d:b0:c4:d6:0d:c8:49:f4:38:8e:c4:b6:
86:2e:d8:a7:46:d9:6d:4e:53:64:84:bd:91:ae:a2:af:cf:53:
be:25:54:a7:2c:43:fb:5c:a8:ca:be:02:c5:46:38:b2:3f:55:
4b:82:46:49
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzI3nl2AKjlDIOCMDDbuv+PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZjYxMzMxMWE3ODY5YzMzNWNhNjZjYjQyM2NjNmU4YjJm
YTkwMmMwHhcNMjQwMTAyMDYzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjY3MTQ3MjVmZmEwZTE2ZjJlM2FiMWUxNjBhNmVkNDI1YjIzZjBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuhV/h4H9TeN9GKZd8ePqq+YuqS2
zhdOXGLE4necg02Bt8HMKwxyRIv+r6riVps/dLiz1qJjBsxrUoN5bmlIvX4TUI3D
BAd+6H3x09IGgNgqlZXs7luyLrRZHw1j7qnkymxyGyhaePLAgRTHfDaMykdZZSqB
KNTA/UxH0EW5iintVJ2I40e0g0JxTu4ycWdS4vAaDkVpLue7+Z5f51A7+yOvRJck
vPGFsi8Rd6v39kcNU5EIF0Ea9Kvr7qL1nQVQ8+99Ummsor5k2tWSTtQkA5frcvoa
hNeEd5IuhuJ2Iy/dYao8mE9xHOAFFcwVVdH3TZgZNiYHftd+qKMKlEtvEQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFBJnFHJf+g4W8uOrHhYKbtQlsj8LMB8GA1UdIwQY
MBaAFMr2EzEaeGnDNcpmy0I8xuiy+pAsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXZZVE1ScDRhY00xeW1iTFFqekc2TEw2a0N3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC85NGVhNGItM2ZmMC00ZjdiLTlkODMt
YzMxMGVjYTNjMDdiLzEvRW1jVWNsXzZEaGJ5NDZzZUZncHUxQ1d5UHdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC85NGVhNGItM2ZmMC00ZjdiLTlkODMtYzMxMGVjYTNjMDdi
LzEveXZZVE1ScDRhY00xeW1iTFFqekc2TEw2a0N3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQCuZzgMAwD
BAbApsADBAHApsgDBATZSsAwDQQCAAIwBwMFAyoHokAwDQYJKoZIhvcNAQELBQAD
ggEBAJtQpqgEGxXr2D9GpmDP5CiK9g1EorWnwX0XP1jJV8gg11P7ocGoO5ijYd1D
Id5kPIcS6P3qd+UTZfdcnaa1Ztqn54p9jeiA3t6YbfhumuvewAplEmVi7E3KQYQx
VBflUeGr05UYQ4z0An8lso0HeyYN0ZcHyWwL3G6MPdB50nhvWv+bFEXbp6AD9NX2
NgaWSc4e8vWIeO9pxyCX+USvAjZ/AWI+p/5CxOILz06q34ccLNcFVL8KCi+VFcLH
wEIwIFcT8/cTOcT4I6WCmU2wxNYNyEn0OI7EtoYu2KdG2W1OU2SEvZGuoq/PU74l
VKcsQ/tcqMq+AsVGOLI/VUuCRkk=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:35:48 2024 by rpki-client on console-fra.rpki-client.org