Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/a46be7-317e-4708-a016-4fd6b7d76a2f/1/eNkm65rDZIawGpVRtOG5I6SHb54.roa
File: eNkm65rDZIawGpVRtOG5I6SHb54.roa (raw, json)
Hash identifier: WXRPt2vRT0L34fbZa2L7DZ06/e0TPnaukcRuk6KGz0Q=
Subject key identifier: 78:D9:26:EB:9A:C3:64:86:B0:1A:95:51:B4:E1:B9:23:A4:87:6F:9E
Certificate issuer: /CN=79d69dd98333558401edd1a60168265dd1a0d958
Certificate serial: 018CC7275A826E9E19B95C632D6913ABE2E6
Authority key identifier: 79:D6:9D:D9:83:33:55:84:01:ED:D1:A6:01:68:26:5D:D1:A0:D9:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edad2YMzVYQB7dGmAWgmXdGg2Vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/a46be7-317e-4708-a016-4fd6b7d76a2f/1/eNkm65rDZIawGpVRtOG5I6SHb54.roa
Signing time: Mon 01 Jan 2024 22:31:34 +0000
ROA not before: Mon 01 Jan 2024 22:31:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 513
IP address blocks: 128.141.0.0/16 maxlen: 16
192.65.183.0/24 maxlen: 24
192.65.184.0/21 maxlen: 21
192.65.192.0/22 maxlen: 22
192.65.196.0/23 maxlen: 23
192.91.236.0/22 maxlen: 22
192.91.240.0/22 maxlen: 22
192.91.246.0/24 maxlen: 24
192.91.244.0/23 maxlen: 23
192.16.164.0/23 maxlen: 23
192.16.160.0/22 maxlen: 22
192.16.166.0/24 maxlen: 24
194.12.128.0/18 maxlen: 18
137.138.0.0/16 maxlen: 16
185.249.56.0/22 maxlen: 22
188.184.0.0/16 maxlen: 16
128.142.0.0/16 maxlen: 16
192.16.155.0/24 maxlen: 24
192.16.156.0/22 maxlen: 22
188.185.0.0/16 maxlen: 16
2001:1459::/32 maxlen: 32
2001:1458::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/a46be7-317e-4708-a016-4fd6b7d76a2f/1/edad2YMzVYQB7dGmAWgmXdGg2Vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/a46be7-317e-4708-a016-4fd6b7d76a2f/1/edad2YMzVYQB7dGmAWgmXdGg2Vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/edad2YMzVYQB7dGmAWgmXdGg2Vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:5a:82:6e:9e:19:b9:5c:63:2d:69:13:ab:e2:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d69dd98333558401edd1a60168265dd1a0d958
Validity
Not Before: Jan 1 22:31:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78d926eb9ac36486b01a9551b4e1b923a4876f9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:3d:5b:99:fc:25:8e:6f:c9:63:b2:ff:f3:64:
99:47:19:fa:de:57:23:68:68:5d:f1:8c:93:97:ee:
34:49:3b:19:16:f1:49:e7:37:d8:ac:cd:80:4d:af:
43:40:f9:a2:9e:b5:14:d5:31:c2:5b:9f:38:49:be:
de:42:03:86:5e:93:76:16:8b:b9:e0:ca:cb:c8:a1:
13:74:af:1d:a7:50:b4:72:a1:06:cd:c2:c2:4f:f0:
41:96:3a:53:13:36:99:e0:c3:6d:a3:fd:ee:0e:c5:
eb:16:45:ff:59:a3:71:42:7c:62:a2:de:39:26:fd:
15:04:d5:a8:52:e8:e3:3c:c6:5f:96:60:9f:5e:b7:
5d:6c:f6:bc:6f:9a:93:2c:98:a8:6c:b9:7f:a1:dc:
1e:c3:6c:a4:54:d7:75:34:b6:2a:f6:ca:bf:83:bc:
ad:6f:7d:aa:3d:39:93:2f:4d:da:d5:16:27:a0:6e:
a2:21:7a:1e:1c:41:27:f5:04:7c:80:c3:8f:af:81:
e7:88:e9:61:63:c5:c9:f5:43:6f:66:ea:9b:60:ff:
0c:6d:a3:be:16:59:1e:31:70:0f:59:82:ba:d8:05:
bf:78:de:ea:c7:93:f3:d5:93:9a:3b:f3:8d:08:b9:
68:00:57:d3:fa:4b:59:54:82:b4:c0:40:60:4c:bc:
26:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:D9:26:EB:9A:C3:64:86:B0:1A:95:51:B4:E1:B9:23:A4:87:6F:9E
X509v3 Authority Key Identifier:
keyid:79:D6:9D:D9:83:33:55:84:01:ED:D1:A6:01:68:26:5D:D1:A0:D9:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edad2YMzVYQB7dGmAWgmXdGg2Vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a46be7-317e-4708-a016-4fd6b7d76a2f/1/eNkm65rDZIawGpVRtOG5I6SHb54.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a46be7-317e-4708-a016-4fd6b7d76a2f/1/edad2YMzVYQB7dGmAWgmXdGg2Vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
128.141.0.0-128.142.255.255
137.138.0.0/16
185.249.56.0/22
188.184.0.0/15
192.16.155.0-192.16.166.255
192.65.183.0-192.65.197.255
192.91.236.0-192.91.246.255
194.12.128.0/18
IPv6:
2001:1458::/31
Signature Algorithm: sha256WithRSAEncryption
56:86:22:5e:81:0e:2b:48:59:d6:d5:52:85:19:7d:e4:35:28:
98:46:13:14:d8:17:ee:87:de:ea:31:18:84:8c:d3:3e:f9:38:
66:fe:0c:ad:32:b8:81:15:f9:ce:0d:a6:d5:96:88:6c:4f:3b:
49:ad:7a:51:7d:25:f9:17:d1:f4:28:43:d7:db:53:88:4c:69:
74:f9:e5:3e:d6:9c:10:da:f5:91:05:7b:c9:bf:5d:c0:06:a3:
12:6d:66:37:76:cc:d3:a1:0f:33:fa:07:b8:f9:8d:3f:91:4b:
37:fe:b2:51:05:99:27:9b:03:89:3b:92:53:00:80:c7:61:a2:
63:d3:15:e9:c8:1d:c0:51:26:f5:dc:b1:9a:bf:76:1d:19:d4:
33:0b:44:14:d8:cd:47:f3:ea:cd:12:23:8f:75:34:f8:0e:b4:
3c:de:b9:a8:48:91:7a:b1:5a:d8:2b:25:c4:e9:3b:e2:42:29:
e2:59:38:df:f0:f9:9a:aa:53:0e:a3:15:e0:1f:b3:1f:12:d1:
fe:2e:2f:35:77:fc:00:6c:c5:cf:10:0d:12:bc:f2:e0:e8:f6:
65:2e:01:5d:2f:57:8d:c8:8b:cf:ea:f3:14:16:47:5b:c6:0a:
b6:ea:0c:38:d6:c0:0d:71:20:35:b3:96:88:15:13:48:77:19:
10:ab:1c:aa
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYzHJ1qCbp4ZuVxjLWkTq+LmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDY5ZGQ5ODMzMzU1ODQwMWVkZDFhNjAxNjgyNjVkZDFh
MGQ5NTgwHhcNMjQwMTAxMjIzMTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGQ5MjZlYjlhYzM2NDg2YjAxYTk1NTFiNGUxYjkyM2E0ODc2ZjllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgT1bmfwljm/JY7L/82SZRxn63lcj
aGhd8YyTl+40STsZFvFJ5zfYrM2ATa9DQPminrUU1THCW584Sb7eQgOGXpN2Fou5
4MrLyKETdK8dp1C0cqEGzcLCT/BBljpTEzaZ4MNto/3uDsXrFkX/WaNxQnxiot45
Jv0VBNWoUujjPMZflmCfXrddbPa8b5qTLJiobLl/odwew2ykVNd1NLYq9sq/g7yt
b32qPTmTL03a1RYnoG6iIXoeHEEn9QR8gMOPr4HniOlhY8XJ9UNvZuqbYP8MbaO+
FlkeMXAPWYK62AW/eN7qx5Pz1ZOaO/ONCLloAFfT+ktZVIK0wEBgTLwmCQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFHjZJuuaw2SGsBqVUbThuSOkh2+eMB8GA1UdIwQY
MBaAFHnWndmDM1WEAe3RpgFoJl3RoNlYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWRhZDJZTXpWWVFCN2RHbUFXZ21YZEdnMlZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hNDZiZTctMzE3ZS00NzA4LWEwMTYt
NGZkNmI3ZDc2YTJmLzEvZU5rbTY1ckRaSWF3R3BWUnRPRzVJNlNIYjU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hNDZiZTctMzE3ZS00NzA4LWEwMTYtNGZkNmI3ZDc2YTJm
LzEvZWRhZDJZTXpWWVFCN2RHbUFXZ21YZEdnMlZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMMAoDAwCAjQMD
AICOAwMAiYoDBAK5+TgDAwG8uDAMAwQAwBCbAwQAwBCmMAwDBADAQbcDBAHAQcQw
DAMEAsBb7AMEAMBb9gMEBsIMgDANBAIAAjAHAwUBIAEUWDANBgkqhkiG9w0BAQsF
AAOCAQEAVoYiXoEOK0hZ1tVShRl95DUomEYTFNgX7ofe6jEYhIzTPvk4Zv4MrTK4
gRX5zg2m1ZaIbE87Sa16UX0l+RfR9ChD19tTiExpdPnlPtacENr1kQV7yb9dwAaj
Em1mN3bM06EPM/oHuPmNP5FLN/6yUQWZJ5sDiTuSUwCAx2GiY9MV6cgdwFEm9dyx
mr92HRnUMwtEFNjNR/PqzRIjj3U0+A60PN65qEiRerFa2CslxOk74kIp4lk43/D5
mqpTDqMV4B+zHxLR/i4vNXf8AGzFzxANErzy4Oj2ZS4BXS9XjciLz+rzFBZHW8YK
tuoMONbADXEgNbOWiBUTSHcZEKscqg==
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:41:27 2024 by rpki-client on console-ams.rpki-client.org