Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/ElFa_oxzb5_af50DdsZaVlglBlQ.roa
File: ElFa_oxzb5_af50DdsZaVlglBlQ.roa (raw, json)
Hash identifier: 6QwIVkmcyGaG7m+9c4Yiub6JPgqA5V7Tr5/Bh/JqIWE=
Subject key identifier: 12:51:5A:FE:8C:73:6F:9F:DA:7F:9D:03:76:C6:5A:56:58:25:06:54
Certificate issuer: /CN=3f96240998fce4124c3cb4dfbacbb0ed1618405a
Certificate serial: 018CC3B6F26B7F05AC6CB28110A72E7147FB
Authority key identifier: 3F:96:24:09:98:FC:E4:12:4C:3C:B4:DF:BA:CB:B0:ED:16:18:40:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/ElFa_oxzb5_af50DdsZaVlglBlQ.roa
Signing time: Mon 01 Jan 2024 06:29:55 +0000
ROA not before: Mon 01 Jan 2024 06:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198101
IP address blocks: 185.52.216.0/22 maxlen: 24
185.74.204.0/22 maxlen: 24
2a04:bf80::/29 maxlen: 48
2a03:4760::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 08:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:f2:6b:7f:05:ac:6c:b2:81:10:a7:2e:71:47:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3f96240998fce4124c3cb4dfbacbb0ed1618405a
Validity
Not Before: Jan 1 06:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12515afe8c736f9fda7f9d0376c65a5658250654
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:76:ce:88:5b:28:5f:c9:31:53:93:5d:f3:b2:
f3:e6:bb:ad:59:ba:56:86:aa:f2:9e:2e:26:2a:bf:
0d:da:b2:1d:9e:26:7c:95:46:89:fc:47:8e:b4:39:
37:9b:87:26:0c:0f:94:28:be:30:3e:46:e1:91:4d:
a8:a9:f3:a1:d3:0b:83:6c:83:fc:dc:e3:bf:1a:cd:
8a:c9:56:dd:7b:20:49:5a:9f:e5:76:66:31:4d:a9:
54:52:64:34:3b:65:4d:cf:0e:89:b6:19:f5:fb:62:
2b:be:bf:3a:a9:65:d2:80:ac:70:e2:84:79:0e:cc:
04:59:99:57:01:88:94:29:f6:a0:54:5e:e3:bc:7f:
60:03:bb:6f:5a:3c:34:2b:8c:00:f9:57:f4:4f:52:
28:99:91:71:f3:e4:87:81:62:a7:87:5d:e4:ea:09:
fd:f0:0a:83:90:92:25:12:75:ab:d2:a7:ff:4b:d6:
32:55:ec:c0:0f:47:13:d9:54:71:7a:94:b2:89:66:
87:8d:19:d5:1f:69:6b:d1:c6:73:69:14:fb:8e:70:
bf:63:4b:b0:50:66:87:29:bc:0a:ac:23:06:1b:42:
6d:e2:62:e5:6d:61:f6:d9:75:5e:a1:81:3b:b4:88:
f0:f7:30:04:fd:e7:ea:28:fd:53:cc:5a:c6:2f:7c:
23:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:51:5A:FE:8C:73:6F:9F:DA:7F:9D:03:76:C6:5A:56:58:25:06:54
X509v3 Authority Key Identifier:
keyid:3F:96:24:09:98:FC:E4:12:4C:3C:B4:DF:BA:CB:B0:ED:16:18:40:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P5YkCZj85BJMPLTfusuw7RYYQFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/ElFa_oxzb5_af50DdsZaVlglBlQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/60fec7-0b51-4446-9b5d-c741c27b4e22/1/P5YkCZj85BJMPLTfusuw7RYYQFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.52.216.0/22
185.74.204.0/22
IPv6:
2a03:4760::/29
2a04:bf80::/29
Signature Algorithm: sha256WithRSAEncryption
42:2c:85:98:44:1d:76:90:32:34:ee:04:ca:58:6a:36:76:c3:
07:43:8f:61:8f:57:3f:0d:f8:b6:d0:2e:da:f9:78:b4:7f:c0:
e3:45:54:ac:c4:6b:31:ec:64:72:2b:94:7c:28:64:38:03:82:
0c:74:99:33:d6:74:58:13:09:bc:c5:7e:9c:52:cd:db:38:c3:
e9:a5:6d:ba:4f:33:8b:25:21:40:51:a2:93:a1:62:81:eb:f9:
ff:7b:ed:7f:44:1b:1a:a1:33:63:ae:34:19:f9:c7:21:34:06:
da:c2:9b:3e:4e:df:78:51:af:08:d1:41:19:6f:f0:b6:72:29:
31:ee:1d:15:ab:45:b4:1f:cf:97:67:ed:f3:9f:80:7b:e9:66:
c0:c9:fc:5b:8e:f0:51:b7:f9:34:86:05:54:e3:d2:70:99:13:
ea:53:be:5d:d7:81:7c:f8:14:df:1f:0e:c8:76:19:90:9a:aa:
48:38:53:f0:ed:81:00:8e:a4:89:f5:32:01:61:87:43:e6:43:
f0:18:f9:9f:81:6c:c7:47:ac:32:b6:17:10:94:74:15:42:cf:
7b:0e:f3:58:ec:bf:92:af:7f:07:69:0d:5a:9b:0d:c2:80:16:
3e:1c:2a:6b:d3:4d:fe:51:d2:f8:d4:89:4a:4c:67:ea:53:dc:
32:9f:ef:54
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYzDtvJrfwWsbLKBEKcucUf7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmOTYyNDA5OThmY2U0MTI0YzNjYjRkZmJhY2JiMGVkMTYx
ODQwNWEwHhcNMjQwMTAxMDYyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjUxNWFmZThjNzM2ZjlmZGE3ZjlkMDM3NmM2NWE1NjU4MjUwNjU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHbOiFsoX8kxU5Nd87Lz5rutWbpW
hqryni4mKr8N2rIdniZ8lUaJ/EeOtDk3m4cmDA+UKL4wPkbhkU2oqfOh0wuDbIP8
3OO/Gs2KyVbdeyBJWp/ldmYxTalUUmQ0O2VNzw6Jthn1+2Irvr86qWXSgKxw4oR5
DswEWZlXAYiUKfagVF7jvH9gA7tvWjw0K4wA+Vf0T1IomZFx8+SHgWKnh13k6gn9
8AqDkJIlEnWr0qf/S9YyVezAD0cT2VRxepSyiWaHjRnVH2lr0cZzaRT7jnC/Y0uw
UGaHKbwKrCMGG0Jt4mLlbWH22XVeoYE7tIjw9zAE/efqKP1TzFrGL3wjJwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFBJRWv6Mc2+f2n+dA3bGWlZYJQZUMB8GA1UdIwQY
MBaAFD+WJAmY/OQSTDy037rLsO0WGEBaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDVZa0Naajg1QkpNUExUZnVzdXc3UllZUUZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi82MGZlYzctMGI1MS00NDQ2LTliNWQt
Yzc0MWMyN2I0ZTIyLzEvRWxGYV9veHpiNV9hZjUwRGRzWmFWbGdsQmxRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi82MGZlYzctMGI1MS00NDQ2LTliNWQtYzc0MWMyN2I0ZTIy
LzEvUDVZa0Naajg1QkpNUExUZnVzdXc3UllZUUZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQCuTTYAwQC
uUrMMBQEAgACMA4DBQMqA0dgAwUDKgS/gDANBgkqhkiG9w0BAQsFAAOCAQEAQiyF
mEQddpAyNO4EylhqNnbDB0OPYY9XPw34ttAu2vl4tH/A40VUrMRrMexkciuUfChk
OAOCDHSZM9Z0WBMJvMV+nFLN2zjD6aVtuk8ziyUhQFGik6Figev5/3vtf0QbGqEz
Y640GfnHITQG2sKbPk7feFGvCNFBGW/wtnIpMe4dFatFtB/Pl2ft85+Ae+lmwMn8
W47wUbf5NIYFVOPScJkT6lO+XdeBfPgU3x8OyHYZkJqqSDhT8O2BAI6kifUyAWGH
Q+ZD8Bj5n4Fsx0esMrYXEJR0FULPew7zWOy/kq9/B2kNWpsNwoAWPhwqa9NN/lHS
+NSJSkxn6lPcMp/vVA==
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:45:02 2024 by rpki-client on console-fra.rpki-client.org