Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/e32494-84e5-4d7e-b793-9d130d48be34/1/ePPzEQvc5NxH7B5bOyDy1WJs_t0.roa
File: ePPzEQvc5NxH7B5bOyDy1WJs_t0.roa (raw, json)
Hash identifier: QYv5AaCdTjg8f7cQgcohGmKEU25ncu4OF2Sae26p4J0=
Subject key identifier: 78:F3:F3:11:0B:DC:E4:DC:47:EC:1E:5B:3B:20:F2:D5:62:6C:FE:DD
Certificate issuer: /CN=a4fd7836d71308c42d0f9d168ffd4c5816714459
Certificate serial: 018CC6B780C70FF244681BA1B4F3EDC4775F
Authority key identifier: A4:FD:78:36:D7:13:08:C4:2D:0F:9D:16:8F:FD:4C:58:16:71:44:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pP14NtcTCMQtD50Wj_1MWBZxRFk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/e32494-84e5-4d7e-b793-9d130d48be34/1/ePPzEQvc5NxH7B5bOyDy1WJs_t0.roa
Signing time: Mon 01 Jan 2024 20:29:23 +0000
ROA not before: Mon 01 Jan 2024 20:29:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207202
IP address blocks: 185.163.12.0/24 maxlen: 24
2a0a:6800::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/e32494-84e5-4d7e-b793-9d130d48be34/1/pP14NtcTCMQtD50Wj_1MWBZxRFk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/e32494-84e5-4d7e-b793-9d130d48be34/1/pP14NtcTCMQtD50Wj_1MWBZxRFk.mft
rsync://rpki.ripe.net/repository/DEFAULT/pP14NtcTCMQtD50Wj_1MWBZxRFk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:80:c7:0f:f2:44:68:1b:a1:b4:f3:ed:c4:77:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4fd7836d71308c42d0f9d168ffd4c5816714459
Validity
Not Before: Jan 1 20:29:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=78f3f3110bdce4dc47ec1e5b3b20f2d5626cfedd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:af:e4:fc:09:d8:1d:0c:32:8e:3a:e0:6e:4c:
3b:52:a2:e9:02:70:81:fb:c0:47:62:19:e3:ed:3a:
68:00:f9:0f:a2:4f:eb:bb:2e:be:b5:d5:a9:97:1d:
73:04:e3:84:c7:07:ba:f2:28:ad:f4:ce:c1:22:d0:
0e:38:d1:13:2e:4c:4d:0e:49:95:29:5c:cc:75:f8:
89:d6:e9:cf:56:1c:d1:e5:d6:55:f7:77:d6:75:48:
94:84:f3:24:d4:dc:44:8e:3d:74:0b:fd:12:7d:e5:
2e:de:dd:48:b6:e8:d4:14:ce:07:f2:20:a8:d1:d8:
eb:84:c7:04:b7:e1:25:48:73:d5:32:25:43:c8:a4:
38:a2:61:e2:7b:04:a3:9a:22:bf:97:35:fa:63:4b:
39:b7:b0:b4:63:84:19:63:76:70:65:af:02:43:80:
95:32:f9:4c:38:50:7d:56:0e:f0:63:ff:75:7d:f3:
6a:67:a0:77:d2:ca:16:c1:2c:01:9f:11:62:78:8e:
16:e7:23:a0:b5:8e:61:b6:cd:03:08:cb:eb:88:75:
7e:50:7a:be:f8:20:1a:91:1b:db:6f:fc:70:43:64:
06:25:ec:1c:e4:6b:a3:08:41:ba:7d:08:7f:1d:4b:
84:16:f8:a1:b1:b7:42:9b:38:98:2d:34:34:58:0a:
96:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:F3:F3:11:0B:DC:E4:DC:47:EC:1E:5B:3B:20:F2:D5:62:6C:FE:DD
X509v3 Authority Key Identifier:
keyid:A4:FD:78:36:D7:13:08:C4:2D:0F:9D:16:8F:FD:4C:58:16:71:44:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pP14NtcTCMQtD50Wj_1MWBZxRFk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/e32494-84e5-4d7e-b793-9d130d48be34/1/ePPzEQvc5NxH7B5bOyDy1WJs_t0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/e32494-84e5-4d7e-b793-9d130d48be34/1/pP14NtcTCMQtD50Wj_1MWBZxRFk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.12.0/24
IPv6:
2a0a:6800::/29
Signature Algorithm: sha256WithRSAEncryption
37:f5:f0:32:59:4c:a3:71:97:10:9d:8c:45:38:38:42:03:5a:
a5:a8:4d:7f:8a:0e:d8:1b:68:85:a9:91:16:4c:87:13:f9:3c:
93:83:ff:ca:b6:3d:6d:af:e8:aa:eb:16:a0:cf:11:f1:56:ea:
f3:b3:a4:4f:04:a3:6b:0f:4a:9b:e3:19:93:3f:76:cb:6b:36:
bf:97:ba:ea:32:ff:40:f4:69:8e:b5:d1:04:c7:c4:9e:e4:8a:
48:a8:cc:e6:30:ac:f6:7f:60:ab:e8:fc:da:cf:be:61:a9:82:
23:a6:be:6e:86:fa:c4:d3:86:65:18:80:ef:61:ed:b3:f0:83:
cf:99:be:3b:ad:16:57:c0:4f:1c:8d:eb:3b:18:9e:e6:d7:ef:
7a:70:36:04:47:4d:76:74:58:b5:1e:07:42:90:2c:2f:c5:52:
fd:bb:fb:a1:02:63:15:28:c1:dc:56:a4:85:a0:5d:0a:3b:fb:
f2:e4:83:ff:a0:42:5e:45:5d:5e:2e:66:f5:a5:ef:6a:27:ee:
d3:7c:6f:8d:7b:ce:9f:81:f0:97:65:0f:54:5c:ea:a0:50:a9:
50:03:91:7f:28:87:02:11:5f:ad:cc:55:4d:aa:7b:ea:30:c5:
15:72:7a:5d:30:77:cf:1b:00:12:37:9e:ad:d0:fb:b8:0f:a7:
c7:e3:45:62
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGt4DHD/JEaBuhtPPtxHdfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0ZmQ3ODM2ZDcxMzA4YzQyZDBmOWQxNjhmZmQ0YzU4MTY3
MTQ0NTkwHhcNMjQwMTAxMjAyOTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OGYzZjMxMTBiZGNlNGRjNDdlYzFlNWIzYjIwZjJkNTYyNmNmZWRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAta/k/AnYHQwyjjrgbkw7UqLpAnCB
+8BHYhnj7TpoAPkPok/ruy6+tdWplx1zBOOExwe68iit9M7BItAOONETLkxNDkmV
KVzMdfiJ1unPVhzR5dZV93fWdUiUhPMk1NxEjj10C/0SfeUu3t1ItujUFM4H8iCo
0djrhMcEt+ElSHPVMiVDyKQ4omHiewSjmiK/lzX6Y0s5t7C0Y4QZY3ZwZa8CQ4CV
MvlMOFB9Vg7wY/91ffNqZ6B30soWwSwBnxFieI4W5yOgtY5hts0DCMvriHV+UHq+
+CAakRvbb/xwQ2QGJewc5GujCEG6fQh/HUuEFvihsbdCmziYLTQ0WAqWRQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFHjz8xEL3OTcR+weWzsg8tVibP7dMB8GA1UdIwQY
MBaAFKT9eDbXEwjELQ+dFo/9TFgWcURZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFAxNE50Y1RDTVF0RDUwV2pfMU1XQlp4UkZrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9lMzI0OTQtODRlNS00ZDdlLWI3OTMt
OWQxMzBkNDhiZTM0LzEvZVBQekVRdmM1TnhIN0I1Yk95RHkxV0pzX3QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9lMzI0OTQtODRlNS00ZDdlLWI3OTMtOWQxMzBkNDhiZTM0
LzEvcFAxNE50Y1RDTVF0RDUwV2pfMU1XQlp4UkZrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuaMMMA0E
AgACMAcDBQMqCmgAMA0GCSqGSIb3DQEBCwUAA4IBAQA39fAyWUyjcZcQnYxFODhC
A1qlqE1/ig7YG2iFqZEWTIcT+TyTg//Ktj1tr+iq6xagzxHxVurzs6RPBKNrD0qb
4xmTP3bLaza/l7rqMv9A9GmOtdEEx8Se5IpIqMzmMKz2f2Cr6Pzaz75hqYIjpr5u
hvrE04ZlGIDvYe2z8IPPmb47rRZXwE8cjes7GJ7m1+96cDYER012dFi1HgdCkCwv
xVL9u/uhAmMVKMHcVqSFoF0KO/vy5IP/oEJeRV1eLmb1pe9qJ+7TfG+Ne86fgfCX
ZQ9UXOqgUKlQA5F/KIcCEV+tzFVNqnvqMMUVcnpdMHfPGwASN56t0Pu4D6fH40Vi
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:06:32 2024 by rpki-client on console-ams.rpki-client.org