Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/6c78da-bded-41a9-b508-302ce1bc99c0/1/_mHrvpZo_Ap7CrCoKskdJGgkDiU.roa
File: _mHrvpZo_Ap7CrCoKskdJGgkDiU.roa (raw, json)
Hash identifier: TkeXMzrxizZlkyHZa08m08NEwBervFsNJLGlFC4An/w=
Subject key identifier: FE:61:EB:BE:96:68:FC:0A:7B:0A:B0:A8:2A:C9:1D:24:68:24:0E:25
Certificate issuer: /CN=c1c20fbc48fa59a7d8dea57908f350a1b97459df
Certificate serial: 018CC34913CCE73668D2E330D90B7281D209
Authority key identifier: C1:C2:0F:BC:48:FA:59:A7:D8:DE:A5:79:08:F3:50:A1:B9:74:59:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wcIPvEj6WafY3qV5CPNQobl0Wd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/6c78da-bded-41a9-b508-302ce1bc99c0/1/_mHrvpZo_Ap7CrCoKskdJGgkDiU.roa
Signing time: Mon 01 Jan 2024 04:29:55 +0000
ROA not before: Mon 01 Jan 2024 04:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 33930
IP address blocks: 80.75.152.0/21 maxlen: 21
93.187.40.0/21 maxlen: 21
91.223.207.0/24 maxlen: 24
45.15.212.0/22 maxlen: 22
185.56.204.0/22 maxlen: 22
194.6.240.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/6c78da-bded-41a9-b508-302ce1bc99c0/1/wcIPvEj6WafY3qV5CPNQobl0Wd8.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/6c78da-bded-41a9-b508-302ce1bc99c0/1/wcIPvEj6WafY3qV5CPNQobl0Wd8.mft
rsync://rpki.ripe.net/repository/DEFAULT/wcIPvEj6WafY3qV5CPNQobl0Wd8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:13:cc:e7:36:68:d2:e3:30:d9:0b:72:81:d2:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1c20fbc48fa59a7d8dea57908f350a1b97459df
Validity
Not Before: Jan 1 04:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe61ebbe9668fc0a7b0ab0a82ac91d2468240e25
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:32:eb:fe:ea:c2:31:03:bd:04:07:e4:91:36:
49:c8:18:73:cf:2b:1d:71:9f:0c:b5:83:a9:b3:1c:
1e:2f:6a:b7:4b:64:32:58:32:d7:ac:63:10:f1:1a:
20:84:d7:0d:77:f2:2d:f3:bb:04:b0:0b:11:77:b5:
75:0c:3a:f2:28:0b:30:49:ee:ad:37:47:e3:d2:41:
92:1d:30:56:5b:0e:22:f0:1a:00:8a:02:14:6a:b3:
5d:4b:c7:19:05:38:15:4e:3d:76:73:ba:e8:b1:27:
cd:86:7b:57:49:4b:13:4b:e8:f5:9b:3e:04:53:d5:
41:e2:cf:c1:b0:ab:8d:14:c2:9a:16:a8:cd:84:e5:
1d:ab:5d:f4:ae:12:b4:f6:12:7d:0a:92:5c:a8:7a:
a9:17:3d:8d:1e:06:e3:4b:d2:98:15:e4:22:9c:98:
f9:61:fd:ed:3e:df:3c:50:0c:73:8e:b9:35:c1:9d:
23:4e:93:6b:47:f5:43:49:e9:4b:2f:4a:df:0d:a1:
53:6f:43:bc:4f:ec:0f:4e:2d:26:71:e1:6b:df:eb:
f1:8c:28:c6:a3:46:f1:e0:93:f5:d4:bf:85:74:1a:
79:ed:d8:51:a9:f3:ed:ec:b2:54:59:5f:8c:6e:83:
ba:a8:ca:dc:da:02:02:6b:fd:ce:38:5f:f1:02:72:
4f:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:61:EB:BE:96:68:FC:0A:7B:0A:B0:A8:2A:C9:1D:24:68:24:0E:25
X509v3 Authority Key Identifier:
keyid:C1:C2:0F:BC:48:FA:59:A7:D8:DE:A5:79:08:F3:50:A1:B9:74:59:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wcIPvEj6WafY3qV5CPNQobl0Wd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6c78da-bded-41a9-b508-302ce1bc99c0/1/_mHrvpZo_Ap7CrCoKskdJGgkDiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/6c78da-bded-41a9-b508-302ce1bc99c0/1/wcIPvEj6WafY3qV5CPNQobl0Wd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.15.212.0/22
80.75.152.0/21
91.223.207.0/24
93.187.40.0/21
185.56.204.0/22
194.6.240.0/24
Signature Algorithm: sha256WithRSAEncryption
af:ca:cc:88:51:03:e4:fd:da:8c:a3:eb:44:e6:cd:c3:85:ff:
7c:92:c3:3e:4f:bc:1f:9a:2f:80:62:bd:45:df:7d:c9:02:9e:
82:5e:cd:0d:45:67:24:17:06:3c:ac:09:1f:03:02:4a:cb:74:
4a:c6:ac:44:ec:91:96:82:8d:31:f2:1b:36:65:25:cd:f5:0c:
e7:67:c3:4d:1f:6b:62:1b:a9:de:c1:2c:65:9c:dc:7f:77:c3:
3d:09:3d:ee:9d:39:03:71:e8:32:99:87:44:44:5d:0a:f3:83:
2b:90:39:5a:2d:14:8f:79:f7:2b:d0:c5:fb:37:4b:67:05:41:
75:dd:f3:e8:18:da:a5:14:d0:08:81:82:3f:72:c4:a8:28:a2:
67:8f:0c:db:5f:bc:ca:78:53:01:de:17:61:3f:96:89:1d:68:
8b:41:cd:9b:a0:3c:1c:e8:cc:4e:cf:f5:1a:7b:6a:bc:6d:29:
46:e0:0b:a9:30:b8:70:05:54:4f:e8:78:73:4c:23:da:11:a6:
65:87:37:0e:23:c1:2b:7d:67:e7:26:28:49:86:26:88:c8:a1:
2e:f2:7c:1c:c7:a7:63:c8:4e:05:fb:2c:12:70:2d:6c:58:c1:
20:37:3f:6b:72:a0:d1:45:4e:02:5d:45:0e:ef:1a:3a:a8:77:
9c:04:59:00
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzDSRPM5zZo0uMw2QtygdIJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYzIwZmJjNDhmYTU5YTdkOGRlYTU3OTA4ZjM1MGExYjk3
NDU5ZGYwHhcNMjQwMTAxMDQyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTYxZWJiZTk2NjhmYzBhN2IwYWIwYTgyYWM5MWQyNDY4MjQwZTI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDLr/urCMQO9BAfkkTZJyBhzzysd
cZ8MtYOpsxweL2q3S2QyWDLXrGMQ8RoghNcNd/It87sEsAsRd7V1DDryKAswSe6t
N0fj0kGSHTBWWw4i8BoAigIUarNdS8cZBTgVTj12c7rosSfNhntXSUsTS+j1mz4E
U9VB4s/BsKuNFMKaFqjNhOUdq130rhK09hJ9CpJcqHqpFz2NHgbjS9KYFeQinJj5
Yf3tPt88UAxzjrk1wZ0jTpNrR/VDSelLL0rfDaFTb0O8T+wPTi0mceFr3+vxjCjG
o0bx4JP11L+FdBp57dhRqfPt7LJUWV+MboO6qMrc2gICa/3OOF/xAnJPMQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP5h676WaPwKewqwqCrJHSRoJA4lMB8GA1UdIwQY
MBaAFMHCD7xI+lmn2N6leQjzUKG5dFnfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2NJUHZFajZXYWZZM3FWNUNQTlFvYmwwV2Q4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi82Yzc4ZGEtYmRlZC00MWE5LWI1MDgt
MzAyY2UxYmM5OWMwLzEvX21IcnZwWm9fQXA3Q3JDb0tza2RKR2drRGlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi82Yzc4ZGEtYmRlZC00MWE5LWI1MDgtMzAyY2UxYmM5OWMw
LzEvd2NJUHZFajZXYWZZM3FWNUNQTlFvYmwwV2Q4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCLQ/UAwQD
UEuYAwQAW9/PAwQDXbsoAwQCuTjMAwQAwgbwMA0GCSqGSIb3DQEBCwUAA4IBAQCv
ysyIUQPk/dqMo+tE5s3Dhf98ksM+T7wfmi+AYr1F333JAp6CXs0NRWckFwY8rAkf
AwJKy3RKxqxE7JGWgo0x8hs2ZSXN9QznZ8NNH2tiG6newSxlnNx/d8M9CT3unTkD
cegymYdERF0K84MrkDlaLRSPefcr0MX7N0tnBUF13fPoGNqlFNAIgYI/csSoKKJn
jwzbX7zKeFMB3hdhP5aJHWiLQc2boDwc6MxOz/Uae2q8bSlG4AupMLhwBVRP6Hhz
TCPaEaZlhzcOI8ErfWfnJihJhiaIyKEu8nwcx6djyE4F+ywScC1sWMEgNz9rcqDR
RU4CXUUO7xo6qHecBFkA
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:17:36 2024 by rpki-client on console-fra.rpki-client.org