Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/7AarGFpmzxMM3BMMiUCSdKVzuR4.roa
File: 7AarGFpmzxMM3BMMiUCSdKVzuR4.roa (raw, json)
Hash identifier: y5QHEYvsYCjGVCmeL62vmveFNb6leAGhQiP3cqLu2OA=
Subject key identifier: EC:06:AB:18:5A:66:CF:13:0C:DC:13:0C:89:40:92:74:A5:73:B9:1E
Certificate issuer: /CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Certificate serial: 018DF45CF1D42F669427BE50414F9C14F604
Authority key identifier: 97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/7AarGFpmzxMM3BMMiUCSdKVzuR4.roa
Signing time: Thu 29 Feb 2024 10:15:48 +0000
ROA not before: Thu 29 Feb 2024 10:15:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 82.206.12.0/23 maxlen: 23
82.206.14.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.mft
rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 05:01:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:f4:5c:f1:d4:2f:66:94:27:be:50:41:4f:9c:14:f6:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9799140b42db6cb6bf8c6dd413747fcf4a6fd9b5
Validity
Not Before: Feb 29 10:15:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec06ab185a66cf130cdc130c89409274a573b91e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:af:0d:ba:ab:75:f6:79:83:a3:d1:95:0d:16:
51:e3:93:a5:98:7d:27:86:ac:3d:a6:0c:51:c1:7c:
1c:11:fd:29:1c:40:ee:c6:d6:6e:33:f7:cf:ef:3d:
5a:9a:cc:82:e4:20:b7:59:77:86:f8:3f:6b:80:10:
b1:e4:2c:31:dc:fb:f0:da:1b:97:dd:24:c2:84:d2:
f1:94:cd:46:28:3b:87:b7:aa:92:5e:00:09:bd:6c:
ed:be:90:e7:d7:8b:b1:b6:89:29:66:da:5a:c2:a1:
19:af:de:22:1d:bc:e2:ba:dc:e7:72:7a:da:b2:5e:
74:ab:24:6b:19:1c:81:4e:33:ea:67:9b:1f:76:ac:
08:77:50:6b:38:ee:f2:42:d4:be:04:0d:ba:06:c3:
88:57:d3:71:73:fa:df:1d:fe:77:59:42:ce:ed:bb:
0c:1f:58:08:b0:fb:7b:c8:e4:dc:7e:da:b4:23:56:
43:3a:13:6d:06:f0:2a:2c:b9:58:98:2b:8e:89:55:
eb:d6:6f:32:c0:28:85:3d:8a:b4:91:be:09:96:40:
2f:22:9a:3a:12:86:94:e7:f0:d4:8d:a7:fe:83:36:
3a:39:29:bc:d5:dd:f4:02:bf:0d:5c:04:ea:17:11:
cc:c5:c0:7e:a0:89:46:4d:f2:9d:e6:9d:0f:58:7d:
7d:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:06:AB:18:5A:66:CF:13:0C:DC:13:0C:89:40:92:74:A5:73:B9:1E
X509v3 Authority Key Identifier:
keyid:97:99:14:0B:42:DB:6C:B6:BF:8C:6D:D4:13:74:7F:CF:4A:6F:D9:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l5kUC0LbbLa_jG3UE3R_z0pv2bU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/7AarGFpmzxMM3BMMiUCSdKVzuR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/4eef03-91fe-445a-a7cd-595919be0f52/1/l5kUC0LbbLa_jG3UE3R_z0pv2bU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.206.12.0/22
Signature Algorithm: sha256WithRSAEncryption
44:ac:cc:71:5c:09:85:62:71:6e:79:e1:60:de:5d:ad:ca:ec:
23:83:e7:ac:d5:fe:03:74:20:3a:2c:6e:02:bc:b6:06:c9:bc:
60:b7:a1:b7:e1:4f:4f:82:36:06:61:96:89:3e:3d:65:66:32:
99:3a:9c:ae:61:bf:a0:c1:ee:ff:40:ed:9a:df:03:c6:e7:ca:
30:4f:e2:c2:b7:cc:3c:14:05:7b:23:0e:37:f5:f1:7c:ff:ca:
68:f8:89:6b:72:df:32:02:99:59:13:a4:e3:79:1b:c7:32:c6:
31:78:ff:c1:48:51:90:5e:8b:fd:31:53:37:85:1b:06:3d:f0:
8a:59:d7:87:38:a8:fb:87:05:c5:a9:b6:74:ad:62:f4:9b:67:
b6:a1:06:53:a7:87:b0:6c:2c:0c:1d:57:5a:ca:37:b3:5c:3d:
f9:ee:4a:9d:9e:bf:06:c3:10:22:de:1c:99:7b:d4:bf:8f:8a:
bb:dc:1d:0e:21:1a:13:8e:1e:94:4f:77:fe:e1:ac:0a:57:5a:
05:a0:4c:53:f8:07:59:ba:87:9b:f0:61:c8:60:90:ad:a4:f6:
c8:5e:4d:2d:97:82:a1:6b:c9:d3:c7:4c:f7:fa:78:c1:ab:e3:
4d:1d:d1:50:93:65:50:11:56:3b:d3:86:e9:e7:0d:5e:b6:6e:
2f:ed:9d:bc
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY30XPHUL2aUJ75QQU+cFPYEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OTkxNDBiNDJkYjZjYjZiZjhjNmRkNDEzNzQ3ZmNmNGE2
ZmQ5YjUwHhcNMjQwMjI5MTAxNTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzA2YWIxODVhNjZjZjEzMGNkYzEzMGM4OTQwOTI3NGE1NzNiOTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj68Nuqt19nmDo9GVDRZR45OlmH0n
hqw9pgxRwXwcEf0pHEDuxtZuM/fP7z1amsyC5CC3WXeG+D9rgBCx5Cwx3Pvw2huX
3STChNLxlM1GKDuHt6qSXgAJvWztvpDn14uxtokpZtpawqEZr94iHbziutzncnra
sl50qyRrGRyBTjPqZ5sfdqwId1BrOO7yQtS+BA26BsOIV9Nxc/rfHf53WULO7bsM
H1gIsPt7yOTcftq0I1ZDOhNtBvAqLLlYmCuOiVXr1m8ywCiFPYq0kb4JlkAvIpo6
EoaU5/DUjaf+gzY6OSm81d30Ar8NXATqFxHMxcB+oIlGTfKd5p0PWH19DwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOwGqxhaZs8TDNwTDIlAknSlc7keMB8GA1UdIwQY
MBaAFJeZFAtC22y2v4xt1BN0f89Kb9m1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2Qt
NTk1OTE5YmUwZjUyLzEvN0FhckdGcG16eE1NM0JNTWlVQ1NkS1Z6dVI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS80ZWVmMDMtOTFmZS00NDVhLWE3Y2QtNTk1OTE5YmUwZjUy
LzEvbDVrVUMwTGJiTGFfakczVUUzUl96MHB2MmJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUs4MMA0G
CSqGSIb3DQEBCwUAA4IBAQBErMxxXAmFYnFueeFg3l2tyuwjg+es1f4DdCA6LG4C
vLYGybxgt6G34U9PgjYGYZaJPj1lZjKZOpyuYb+gwe7/QO2a3wPG58owT+LCt8w8
FAV7Iw439fF8/8po+Ilrct8yAplZE6TjeRvHMsYxeP/BSFGQXov9MVM3hRsGPfCK
WdeHOKj7hwXFqbZ0rWL0m2e2oQZTp4ewbCwMHVdayjezXD357kqdnr8GwxAi3hyZ
e9S/j4q73B0OIRoTjh6UT3f+4awKV1oFoExT+AdZuoeb8GHIYJCtpPbIXk0tl4Kh
a8nTx0z3+njBq+NNHdFQk2VQEVY704bp5w1etm4v7Z28
-----END CERTIFICATE-----
Generated at Thu May 2 10:42:56 2024 by rpki-client on console-ams.rpki-client.org