Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/442a9b-9ed7-493d-83f3-3ca488deee89/1/0yEo1y4OWnYUj7-t4UMTx3zIsJM.roa
File: 0yEo1y4OWnYUj7-t4UMTx3zIsJM.roa (raw, json)
Hash identifier: yKD+XrTP+fAGwL+g3WDcE5XOWMXbfm/zIvcp7VNELY8=
Subject key identifier: D3:21:28:D7:2E:0E:5A:76:14:8F:BF:AD:E1:43:13:C7:7C:C8:B0:93
Certificate issuer: /CN=810af00225106b2096e9b21d9ac2f2040688dea2
Certificate serial: 018D3C1516DB1F4E62947D33BB74E44DDAAF
Authority key identifier: 81:0A:F0:02:25:10:6B:20:96:E9:B2:1D:9A:C2:F2:04:06:88:DE:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gQrwAiUQayCW6bIdmsLyBAaI3qI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/442a9b-9ed7-493d-83f3-3ca488deee89/1/0yEo1y4OWnYUj7-t4UMTx3zIsJM.roa
Signing time: Wed 24 Jan 2024 15:27:11 +0000
ROA not before: Wed 24 Jan 2024 15:27:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198890
IP address blocks: 80.79.13.0/24 maxlen: 24
87.120.100.0/22 maxlen: 22
93.187.110.0/24 maxlen: 24
2a13:1540::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/442a9b-9ed7-493d-83f3-3ca488deee89/1/gQrwAiUQayCW6bIdmsLyBAaI3qI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/442a9b-9ed7-493d-83f3-3ca488deee89/1/gQrwAiUQayCW6bIdmsLyBAaI3qI.mft
rsync://rpki.ripe.net/repository/DEFAULT/gQrwAiUQayCW6bIdmsLyBAaI3qI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3c:15:16:db:1f:4e:62:94:7d:33:bb:74:e4:4d:da:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=810af00225106b2096e9b21d9ac2f2040688dea2
Validity
Not Before: Jan 24 15:27:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d32128d72e0e5a76148fbfade14313c77cc8b093
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:86:28:1a:b8:cd:19:ed:b5:07:2b:b9:3a:bf:
64:40:5a:45:44:af:7b:55:d3:dc:e0:ab:02:d7:b9:
2e:8d:93:44:75:5b:4d:f0:37:20:82:b7:95:b2:6c:
54:87:04:39:0e:b9:8b:fc:52:38:77:88:77:70:0c:
3d:c1:38:c0:f7:2d:30:17:f0:2f:7b:29:6d:69:d8:
86:e4:6b:a2:b3:52:9a:03:b1:9f:8e:ed:b0:26:99:
9c:22:95:06:71:2d:a4:5a:f4:a0:2d:4e:59:40:47:
ae:77:c6:ec:b7:2d:30:0f:90:77:7c:60:7d:17:82:
00:cd:16:5b:83:2f:bd:0f:f0:ce:af:f3:68:fb:0e:
cf:05:bd:34:de:e8:03:75:ee:09:de:c1:98:74:53:
ce:07:9d:a2:d9:a4:fc:26:67:cd:39:63:dd:c8:84:
fc:f7:20:8b:50:e0:49:76:03:23:e2:4b:00:2d:f2:
6a:29:03:d5:9a:41:8a:59:27:17:c4:1f:d3:81:34:
0f:49:e0:16:17:ff:e9:c9:53:16:9d:24:61:e9:84:
cb:47:4f:ed:e5:d4:db:4f:33:81:3a:ab:e4:2a:a6:
d6:aa:bc:a2:df:0c:92:ae:c8:ae:b4:0f:39:f7:95:
da:a3:5b:82:2f:ed:19:2f:2c:c9:78:92:bf:c1:0a:
cf:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:21:28:D7:2E:0E:5A:76:14:8F:BF:AD:E1:43:13:C7:7C:C8:B0:93
X509v3 Authority Key Identifier:
keyid:81:0A:F0:02:25:10:6B:20:96:E9:B2:1D:9A:C2:F2:04:06:88:DE:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gQrwAiUQayCW6bIdmsLyBAaI3qI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/442a9b-9ed7-493d-83f3-3ca488deee89/1/0yEo1y4OWnYUj7-t4UMTx3zIsJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/442a9b-9ed7-493d-83f3-3ca488deee89/1/gQrwAiUQayCW6bIdmsLyBAaI3qI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.79.13.0/24
87.120.100.0/22
93.187.110.0/24
IPv6:
2a13:1540::/48
Signature Algorithm: sha256WithRSAEncryption
27:57:ef:90:1f:f1:4d:7e:4f:97:f8:b9:f7:c6:51:9e:d1:a9:
f2:92:37:13:a7:52:0d:42:51:9c:6d:1f:6e:96:6e:25:4b:61:
8d:2c:88:88:d6:72:17:0f:19:d6:c3:6d:17:84:e7:73:a1:e7:
12:59:0f:69:cb:61:57:9c:c1:55:9d:d8:39:9d:00:11:fe:27:
7f:0f:c4:2f:f8:07:4c:a5:62:09:65:fa:64:24:87:a6:7d:eb:
31:d9:48:88:72:75:f5:b5:49:e7:fa:1a:e2:a0:03:20:78:09:
6c:e8:7c:88:a7:36:46:01:fb:2a:31:43:be:cc:fb:e9:1d:d5:
ae:36:a2:ea:fa:02:a0:02:6b:8f:61:e1:ac:e6:c6:0d:40:42:
8e:09:9b:98:dd:d1:b7:de:4b:43:6f:5d:95:56:e9:c9:e7:e7:
c7:c5:7c:9b:55:3b:a6:e3:06:30:ce:ed:cf:43:7f:02:c1:97:
98:b3:44:75:38:bf:41:7f:05:b7:64:ef:1a:24:13:14:5c:6b:
54:da:97:b2:17:39:7e:a1:76:ff:89:e5:65:d5:6f:ca:82:03:
a2:95:72:7b:5d:15:11:81:65:0f:f6:7c:cd:23:4c:32:f7:fc:
bd:7e:99:f2:b5:09:d6:66:6f:00:21:55:d4:72:05:d3:ab:d6:
d6:34:5d:06
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAY08FRbbH05ilH0zu3TkTdqvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxMGFmMDAyMjUxMDZiMjA5NmU5YjIxZDlhYzJmMjA0MDY4
OGRlYTIwHhcNMjQwMTI0MTUyNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzIxMjhkNzJlMGU1YTc2MTQ4ZmJmYWRlMTQzMTNjNzdjYzhiMDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtoYoGrjNGe21Byu5Or9kQFpFRK97
VdPc4KsC17kujZNEdVtN8DcggreVsmxUhwQ5DrmL/FI4d4h3cAw9wTjA9y0wF/Av
eyltadiG5Guis1KaA7Gfju2wJpmcIpUGcS2kWvSgLU5ZQEeud8bsty0wD5B3fGB9
F4IAzRZbgy+9D/DOr/No+w7PBb003ugDde4J3sGYdFPOB52i2aT8JmfNOWPdyIT8
9yCLUOBJdgMj4ksALfJqKQPVmkGKWScXxB/TgTQPSeAWF//pyVMWnSRh6YTLR0/t
5dTbTzOBOqvkKqbWqryi3wySrsiutA8595Xao1uCL+0ZLyzJeJK/wQrPSwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNMhKNcuDlp2FI+/reFDE8d8yLCTMB8GA1UdIwQY
MBaAFIEK8AIlEGsglumyHZrC8gQGiN6iMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ1Fyd0FpVVFheUNXNmJJZG1zTHlCQWFJM3FJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80NDJhOWItOWVkNy00OTNkLTgzZjMt
M2NhNDg4ZGVlZTg5LzEvMHlFbzF5NE9XbllVajctdDRVTVR4M3pJc0pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80NDJhOWItOWVkNy00OTNkLTgzZjMtM2NhNDg4ZGVlZTg5
LzEvZ1Fyd0FpVVFheUNXNmJJZG1zTHlCQWFJM3FJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAUE8NAwQC
V3hkAwQAXbtuMA8EAgACMAkDBwAqExVAAAAwDQYJKoZIhvcNAQELBQADggEBACdX
75Af8U1+T5f4uffGUZ7RqfKSNxOnUg1CUZxtH26WbiVLYY0siIjWchcPGdbDbReE
53Oh5xJZD2nLYVecwVWd2DmdABH+J38PxC/4B0ylYgll+mQkh6Z96zHZSIhydfW1
Sef6GuKgAyB4CWzofIinNkYB+yoxQ77M++kd1a42our6AqACa49h4azmxg1AQo4J
m5jd0bfeS0NvXZVW6cnn58fFfJtVO6bjBjDO7c9DfwLBl5izRHU4v0F/Bbdk7xok
ExRca1Tal7IXOX6hdv+J5WXVb8qCA6KVcntdFRGBZQ/2fM0jTDL3/L1+mfK1CdZm
bwAhVdRyBdOr1tY0XQY=
-----END CERTIFICATE-----
Generated at Sat Jun 8 04:24:17 2024 by rpki-client on console-ams.rpki-client.org