Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/b64e42-b9de-4c66-9ed9-6fe34805a6c6/1/pEwDZcWgy7NqMazsBGJVMwBzbu4.roa
File: pEwDZcWgy7NqMazsBGJVMwBzbu4.roa (raw, json)
Hash identifier: MnNJqpm1avKnpWuXATib/Q82DbDGHCqr1HiGPWTkaXU=
Subject key identifier: A4:4C:03:65:C5:A0:CB:B3:6A:31:AC:EC:04:62:55:33:00:73:6E:EE
Certificate issuer: /CN=ffc381f53f25dbc2a0efabf889fca32419958dd0
Certificate serial: 018DCB61DB6ED401578FDCA8596552902F50
Authority key identifier: FF:C3:81:F5:3F:25:DB:C2:A0:EF:AB:F8:89:FC:A3:24:19:95:8D:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_8OB9T8l28Kg76v4ifyjJBmVjdA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/b64e42-b9de-4c66-9ed9-6fe34805a6c6/1/pEwDZcWgy7NqMazsBGJVMwBzbu4.roa
Signing time: Wed 21 Feb 2024 11:16:44 +0000
ROA not before: Wed 21 Feb 2024 11:16:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48254
IP address blocks: 212.78.75.0/24 maxlen: 24
212.78.76.0/24 maxlen: 24
212.78.77.0/24 maxlen: 24
212.78.78.0/24 maxlen: 24
212.78.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/b64e42-b9de-4c66-9ed9-6fe34805a6c6/1/_8OB9T8l28Kg76v4ifyjJBmVjdA.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/b64e42-b9de-4c66-9ed9-6fe34805a6c6/1/_8OB9T8l28Kg76v4ifyjJBmVjdA.mft
rsync://rpki.ripe.net/repository/DEFAULT/_8OB9T8l28Kg76v4ifyjJBmVjdA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 17:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:cb:61:db:6e:d4:01:57:8f:dc:a8:59:65:52:90:2f:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffc381f53f25dbc2a0efabf889fca32419958dd0
Validity
Not Before: Feb 21 11:16:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a44c0365c5a0cbb36a31acec0462553300736eee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:31:17:0e:24:d3:31:dd:0b:e4:53:f4:b0:59:
0d:5b:76:3c:07:cb:ff:b5:8d:b8:13:a7:48:c1:ba:
c7:ee:a0:f3:f5:53:c2:f9:ac:27:98:3a:67:9f:60:
90:a8:ba:ee:9d:10:99:2a:28:f7:67:95:b7:0a:3e:
22:83:48:e9:0d:2d:83:29:d0:6d:29:a6:2e:16:a6:
4a:1c:83:c5:5f:6b:57:8a:2e:82:d1:f4:06:de:53:
55:03:48:13:2c:57:aa:dd:d2:e5:7b:5a:03:5e:ec:
f7:54:32:99:ae:8e:32:8d:cd:d3:19:ee:a1:c2:7c:
62:55:e8:cd:8a:68:af:a2:9f:09:7f:b6:03:c4:89:
91:e6:fc:ed:33:e6:73:68:e2:b4:d9:47:96:85:78:
c2:6a:44:f2:73:73:5e:cd:9a:d6:89:cb:11:28:f5:
09:af:88:11:b3:c1:ae:3a:5e:5f:3f:d8:51:ba:6d:
31:fa:84:64:5e:ca:87:8f:23:55:a6:bd:02:a4:9e:
44:4d:4b:da:dc:5c:75:b8:73:55:9a:cf:b3:5a:46:
ee:f2:6b:24:c7:5b:da:dd:ea:40:6e:01:a2:14:7e:
a1:62:bb:fe:f1:b6:e0:63:6d:8a:92:2a:bf:f0:58:
fb:02:b1:af:b6:0d:04:31:db:02:41:4d:5b:e9:1e:
69:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:4C:03:65:C5:A0:CB:B3:6A:31:AC:EC:04:62:55:33:00:73:6E:EE
X509v3 Authority Key Identifier:
keyid:FF:C3:81:F5:3F:25:DB:C2:A0:EF:AB:F8:89:FC:A3:24:19:95:8D:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_8OB9T8l28Kg76v4ifyjJBmVjdA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/b64e42-b9de-4c66-9ed9-6fe34805a6c6/1/pEwDZcWgy7NqMazsBGJVMwBzbu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/b64e42-b9de-4c66-9ed9-6fe34805a6c6/1/_8OB9T8l28Kg76v4ifyjJBmVjdA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
212.78.75.0-212.78.78.255
212.78.85.0/24
Signature Algorithm: sha256WithRSAEncryption
14:9e:db:f2:fb:a9:80:80:2f:03:0a:dd:dc:52:11:b9:84:4e:
ae:58:c4:90:c6:de:fd:6f:3f:c8:c4:27:3a:3c:e4:51:2a:2f:
1b:c7:4f:3c:97:0e:9e:5a:88:93:46:6b:ea:bd:b8:8c:14:9a:
48:45:f0:98:b1:e0:ea:9a:68:5f:35:30:1a:d7:85:8c:bd:c2:
a7:03:92:c2:aa:cf:9c:09:65:df:0d:3c:9c:03:9f:7a:ee:15:
d5:3c:2e:d5:59:55:92:8e:5b:25:d8:ad:e7:5f:e7:53:46:5f:
e5:7c:40:20:68:7d:06:49:81:ed:44:0f:82:ff:bd:5d:9d:4a:
48:20:4b:7a:f6:14:91:1c:7c:49:e9:2a:94:a4:c2:0d:2b:d9:
c4:b8:00:cd:e1:f3:5c:7a:d9:88:bb:a5:10:d0:26:92:0e:33:
9f:9d:d8:68:74:4d:f5:38:9b:50:66:1f:a3:ae:b0:9b:16:c3:
8a:28:f6:d7:d8:fc:b4:86:4a:67:0c:7c:12:77:01:c6:da:14:
0d:eb:79:10:b9:47:fc:6c:3e:8f:e2:33:16:e5:61:00:71:93:
85:97:1a:17:fc:42:cf:a2:a9:da:9a:de:82:2d:56:2a:9c:8c:
7a:c0:21:29:35:29:86:57:f2:cb:94:9a:c6:73:b5:a7:f9:6a:
ad:68:5d:9f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAY3LYdtu1AFXj9yoWWVSkC9QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmYzM4MWY1M2YyNWRiYzJhMGVmYWJmODg5ZmNhMzI0MTk5
NThkZDAwHhcNMjQwMjIxMTExNjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDRjMDM2NWM1YTBjYmIzNmEzMWFjZWMwNDYyNTUzMzAwNzM2ZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjEXDiTTMd0L5FP0sFkNW3Y8B8v/
tY24E6dIwbrH7qDz9VPC+awnmDpnn2CQqLrunRCZKij3Z5W3Cj4ig0jpDS2DKdBt
KaYuFqZKHIPFX2tXii6C0fQG3lNVA0gTLFeq3dLle1oDXuz3VDKZro4yjc3TGe6h
wnxiVejNimivop8Jf7YDxImR5vztM+ZzaOK02UeWhXjCakTyc3NezZrWicsRKPUJ
r4gRs8GuOl5fP9hRum0x+oRkXsqHjyNVpr0CpJ5ETUva3Fx1uHNVms+zWkbu8msk
x1va3epAbgGiFH6hYrv+8bbgY22Kkiq/8Fj7ArGvtg0EMdsCQU1b6R5pzQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFKRMA2XFoMuzajGs7ARiVTMAc27uMB8GA1UdIwQY
MBaAFP/DgfU/JdvCoO+r+In8oyQZlY3QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXzhPQjlUOGwyOEtnNzZ2NGlmeWpKQm1WamRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9iNjRlNDItYjlkZS00YzY2LTllZDkt
NmZlMzQ4MDVhNmM2LzEvcEV3RFpjV2d5N05xTWF6c0JHSlZNd0J6YnU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9iNjRlNDItYjlkZS00YzY2LTllZDktNmZlMzQ4MDVhNmM2
LzEvXzhPQjlUOGwyOEtnNzZ2NGlmeWpKQm1WamRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBADUTksD
BADUTk4DBADUTlUwDQYJKoZIhvcNAQELBQADggEBABSe2/L7qYCALwMK3dxSEbmE
Tq5YxJDG3v1vP8jEJzo85FEqLxvHTzyXDp5aiJNGa+q9uIwUmkhF8Jix4OqaaF81
MBrXhYy9wqcDksKqz5wJZd8NPJwDn3ruFdU8LtVZVZKOWyXYredf51NGX+V8QCBo
fQZJge1ED4L/vV2dSkggS3r2FJEcfEnpKpSkwg0r2cS4AM3h81x62Yi7pRDQJpIO
M5+d2Gh0TfU4m1BmH6OusJsWw4oo9tfY/LSGSmcMfBJ3AcbaFA3reRC5R/xsPo/i
MxblYQBxk4WXGhf8Qs+iqdqa3oItViqcjHrAISk1KYZX8suUmsZztaf5aq1oXZ8=
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:10:12 2024 by rpki-client on console-fra.rpki-client.org