Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/EUtGf4ZdLSBltz5fzVf4sDx0zlc.roa
File: EUtGf4ZdLSBltz5fzVf4sDx0zlc.roa (raw, json)
Hash identifier: YARVyBFS2GBDJS7gddriG/FAPEWmansAPyUXExWVogo=
Subject key identifier: 11:4B:46:7F:86:5D:2D:20:65:B7:3E:5F:CD:57:F8:B0:3C:74:CE:57
Certificate issuer: /CN=4b70a3a6c4a85725037598b3913e21869dbdd38d
Certificate serial: 018D3FBAEDAC4314483B411759CAFA8EE852
Authority key identifier: 4B:70:A3:A6:C4:A8:57:25:03:75:98:B3:91:3E:21:86:9D:BD:D3:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S3CjpsSoVyUDdZizkT4hhp29040.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/EUtGf4ZdLSBltz5fzVf4sDx0zlc.roa
Signing time: Thu 25 Jan 2024 08:27:11 +0000
ROA not before: Thu 25 Jan 2024 08:27:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197444
IP address blocks: 91.217.52.0/23 maxlen: 23
91.221.148.0/23 maxlen: 23
217.26.221.0/24 maxlen: 24
2001:67c:2038::/48 maxlen: 48
2a13:50c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/S3CjpsSoVyUDdZizkT4hhp29040.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/S3CjpsSoVyUDdZizkT4hhp29040.mft
rsync://rpki.ripe.net/repository/DEFAULT/S3CjpsSoVyUDdZizkT4hhp29040.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:3f:ba:ed:ac:43:14:48:3b:41:17:59:ca:fa:8e:e8:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b70a3a6c4a85725037598b3913e21869dbdd38d
Validity
Not Before: Jan 25 08:27:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=114b467f865d2d2065b73e5fcd57f8b03c74ce57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:a9:24:d7:36:6d:17:15:d7:34:b1:6e:ee:0d:
3d:bf:c7:85:cc:29:a1:84:5d:8e:a2:03:13:1a:15:
84:be:67:5a:e4:4d:4c:a4:bc:d5:2e:35:29:e6:0a:
bf:bb:0c:39:76:0e:38:10:3a:dd:50:9e:1b:58:70:
4c:45:2e:c1:e9:aa:71:40:74:79:5c:13:cf:16:45:
f0:f3:ef:ff:eb:f3:11:88:52:92:7a:a8:9f:a5:42:
3e:bd:29:c3:51:1d:6d:ed:2a:ca:7f:3d:1c:9e:32:
27:6a:f9:9b:b3:5f:88:3f:23:a3:3d:f3:a3:c7:eb:
56:ae:8a:04:5e:ea:e6:ef:1c:2c:7e:37:9d:82:f3:
e0:e8:b2:12:22:57:0b:ab:54:74:c7:3a:bf:d7:c5:
34:0b:ed:9a:63:7f:c3:b6:37:69:1a:10:87:52:38:
5d:01:74:c3:eb:b7:7c:c3:67:39:3c:1b:0e:62:04:
92:1d:11:3b:25:ac:d7:de:fd:55:22:d7:41:cc:ff:
3d:5e:72:4f:53:3d:5e:3c:80:ee:c2:48:02:d8:6c:
25:34:11:05:50:9d:ed:0f:a5:76:7e:23:f9:0e:fe:
91:56:45:35:93:1c:2d:ce:d4:1d:80:62:a5:f3:41:
1f:e4:a4:f2:5a:11:b8:af:4a:45:9d:07:a3:ab:e4:
51:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:4B:46:7F:86:5D:2D:20:65:B7:3E:5F:CD:57:F8:B0:3C:74:CE:57
X509v3 Authority Key Identifier:
keyid:4B:70:A3:A6:C4:A8:57:25:03:75:98:B3:91:3E:21:86:9D:BD:D3:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S3CjpsSoVyUDdZizkT4hhp29040.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/EUtGf4ZdLSBltz5fzVf4sDx0zlc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/dc7010-19f9-4768-a615-4825b29dd572/1/S3CjpsSoVyUDdZizkT4hhp29040.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.52.0/23
91.221.148.0/23
217.26.221.0/24
IPv6:
2001:67c:2038::/48
2a13:50c0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:34:57:eb:74:09:5c:9d:87:d7:7d:a3:d3:0d:69:db:44:de:
d6:14:89:a6:0e:7e:65:d3:8f:94:c3:16:ce:6b:be:b4:8d:14:
c8:cc:9d:f5:be:c4:44:0c:c8:4b:ca:f6:91:de:c1:fc:11:7b:
77:45:49:ee:86:ff:fb:5d:dc:25:70:09:23:30:6a:9e:87:5e:
01:24:a7:4b:c9:aa:00:e7:21:b5:ed:bd:f1:52:13:c7:98:9c:
b9:09:32:c1:0c:dd:33:83:0a:76:3b:c9:db:9c:97:0e:86:db:
ec:77:21:b4:73:a0:11:8c:45:01:32:67:a3:d1:29:60:cd:e5:
1d:1e:83:0a:e0:e1:f0:3b:4a:8e:e0:15:81:c9:11:b8:1d:1a:
42:3f:80:b0:17:28:9e:21:63:5e:a4:46:40:52:63:12:85:ad:
b5:b3:51:2d:25:b3:90:d6:41:00:c3:c6:89:8e:45:2a:fa:2e:
6a:cb:29:8a:49:4c:30:ea:4a:af:0e:28:1c:0c:fe:7a:4e:c1:
e5:17:b6:42:cf:ae:3c:13:3e:4f:06:a6:63:2c:66:92:33:00:
f8:4a:90:db:15:79:4f:67:f2:be:04:06:b8:ef:82:3b:92:ce:
21:82:52:2b:ea:ec:65:4e:cb:a8:7a:5c:53:e3:35:13:54:31:
42:a0:1a:a9
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY0/uu2sQxRIO0EXWcr6juhSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiNzBhM2E2YzRhODU3MjUwMzc1OThiMzkxM2UyMTg2OWRi
ZGQzOGQwHhcNMjQwMTI1MDgyNzExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTRiNDY3Zjg2NWQyZDIwNjViNzNlNWZjZDU3ZjhiMDNjNzRjZTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlqkk1zZtFxXXNLFu7g09v8eFzCmh
hF2OogMTGhWEvmda5E1MpLzVLjUp5gq/uww5dg44EDrdUJ4bWHBMRS7B6apxQHR5
XBPPFkXw8+//6/MRiFKSeqifpUI+vSnDUR1t7SrKfz0cnjInavmbs1+IPyOjPfOj
x+tWrooEXurm7xwsfjedgvPg6LISIlcLq1R0xzq/18U0C+2aY3/DtjdpGhCHUjhd
AXTD67d8w2c5PBsOYgSSHRE7JazX3v1VItdBzP89XnJPUz1ePIDuwkgC2GwlNBEF
UJ3tD6V2fiP5Dv6RVkU1kxwtztQdgGKl80Ef5KTyWhG4r0pFnQejq+RRuwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFBFLRn+GXS0gZbc+X81X+LA8dM5XMB8GA1UdIwQY
MBaAFEtwo6bEqFclA3WYs5E+IYadvdONMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzNDanBzU29WeVVEZFppemtUNGhocDI5MDQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9kYzcwMTAtMTlmOS00NzY4LWE2MTUt
NDgyNWIyOWRkNTcyLzEvRVV0R2Y0WmRMU0JsdHo1ZnpWZjRzRHgwemxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9kYzcwMTAtMTlmOS00NzY4LWE2MTUtNDgyNWIyOWRkNTcy
LzEvUzNDanBzU29WeVVEZFppemtUNGhocDI5MDQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAYBAIAATASAwQBW9k0AwQB
W92UAwQA2RrdMBYEAgACMBADBwAgAQZ8IDgDBQMqE1DAMA0GCSqGSIb3DQEBCwUA
A4IBAQA/NFfrdAlcnYfXfaPTDWnbRN7WFImmDn5l04+UwxbOa760jRTIzJ31vsRE
DMhLyvaR3sH8EXt3RUnuhv/7XdwlcAkjMGqeh14BJKdLyaoA5yG17b3xUhPHmJy5
CTLBDN0zgwp2O8nbnJcOhtvsdyG0c6ARjEUBMmej0SlgzeUdHoMK4OHwO0qO4BWB
yRG4HRpCP4CwFyieIWNepEZAUmMSha21s1EtJbOQ1kEAw8aJjkUq+i5qyymKSUww
6kqvDigcDP56TsHlF7ZCz648Ez5PBqZjLGaSMwD4SpDbFXlPZ/K+BAa474I7ks4h
glIr6uxlTsuoelxT4zUTVDFCoBqp
-----END CERTIFICATE-----
Generated at Sat Jun 1 18:38:21 2024 by rpki-client on console-ams.rpki-client.org