Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/eg9DvnW0ac_YOHepddU_YfDKsR4.roa
File: eg9DvnW0ac_YOHepddU_YfDKsR4.roa (raw, json)
Hash identifier: B1U0chK1lOVCivTDXCQ/WadPEcbia0qHcJVWVvw2ztY=
Subject key identifier: 7A:0F:43:BE:75:B4:69:CF:D8:38:77:A9:75:D5:3F:61:F0:CA:B1:1E
Certificate issuer: /CN=7ee5c0f95ab7be8b85f711fa433665c14e6e9359
Certificate serial: 018CC6B926029F07A113ED26D7D8FFE0334F
Authority key identifier: 7E:E5:C0:F9:5A:B7:BE:8B:85:F7:11:FA:43:36:65:C1:4E:6E:93:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fuXA-Vq3vouF9xH6QzZlwU5uk1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/eg9DvnW0ac_YOHepddU_YfDKsR4.roa
Signing time: Mon 01 Jan 2024 20:31:11 +0000
ROA not before: Mon 01 Jan 2024 20:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47913
IP address blocks: 185.117.28.0/23 maxlen: 23
109.68.210.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/fuXA-Vq3vouF9xH6QzZlwU5uk1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/fuXA-Vq3vouF9xH6QzZlwU5uk1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/fuXA-Vq3vouF9xH6QzZlwU5uk1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:26:02:9f:07:a1:13:ed:26:d7:d8:ff:e0:33:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ee5c0f95ab7be8b85f711fa433665c14e6e9359
Validity
Not Before: Jan 1 20:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a0f43be75b469cfd83877a975d53f61f0cab11e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:aa:a9:a1:c8:a8:af:ed:32:fd:e5:c1:63:e3:
a1:9e:a0:76:4d:e4:82:f5:1a:e8:9b:31:36:17:15:
27:98:ac:b8:ad:ae:ee:65:89:73:40:ef:f4:fc:bb:
5d:c4:ee:48:e0:50:bf:ba:6b:ae:d9:bb:54:0d:fc:
04:e8:9e:65:0e:71:8a:72:59:89:f8:65:9c:71:4c:
38:d8:7f:d3:a8:53:d1:86:ee:4f:aa:7f:f6:93:16:
96:ed:c7:1d:dc:96:62:da:79:f1:48:b6:1f:da:69:
7f:d9:ab:3a:b1:f5:80:5e:9f:39:44:08:28:7a:da:
24:6f:c7:f0:43:e7:36:00:d8:a5:db:e7:19:c3:7a:
09:27:af:bc:27:61:7c:46:db:8b:14:a0:83:75:99:
02:05:90:70:80:f3:a2:cf:c4:ba:91:a0:71:f6:49:
5c:71:be:4c:88:59:1c:2c:30:ac:13:23:4d:d0:08:
24:30:1d:90:09:39:ab:77:0b:1c:29:3d:66:10:81:
41:43:26:24:79:ee:1d:65:f2:3d:de:f0:93:cb:06:
6d:81:e0:21:93:ad:3a:9a:15:dd:09:cb:2a:19:4e:
1d:13:da:e2:e2:07:ab:51:ff:36:d6:95:77:8d:de:
1f:8d:12:2f:68:4e:f4:0b:3c:8b:40:ba:0e:87:00:
1b:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:0F:43:BE:75:B4:69:CF:D8:38:77:A9:75:D5:3F:61:F0:CA:B1:1E
X509v3 Authority Key Identifier:
keyid:7E:E5:C0:F9:5A:B7:BE:8B:85:F7:11:FA:43:36:65:C1:4E:6E:93:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fuXA-Vq3vouF9xH6QzZlwU5uk1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/eg9DvnW0ac_YOHepddU_YfDKsR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/a83886-8b4a-4b23-b4aa-90194bd68428/1/fuXA-Vq3vouF9xH6QzZlwU5uk1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.68.210.0/23
185.117.28.0/23
Signature Algorithm: sha256WithRSAEncryption
10:4d:fb:b3:28:11:fb:47:8b:7e:2e:ae:50:5a:c0:7e:de:ee:
a1:bf:30:24:a1:c3:ca:1f:b2:aa:b9:7c:ed:c8:52:38:d7:46:
08:f6:c4:a0:41:b4:a2:77:e0:db:30:db:0c:a5:8d:38:39:e8:
d7:65:4a:97:45:3a:85:c7:06:21:b1:08:1d:8f:47:e3:b2:a7:
66:e0:1c:4c:16:8a:5e:d2:16:71:77:69:bc:c7:d8:7e:8c:73:
45:23:a9:df:72:03:b3:42:1e:fb:58:c4:a0:1f:6f:6b:3a:71:
0b:97:a0:b3:0a:2f:68:11:94:b8:0a:4e:5b:13:dc:0b:09:2e:
74:2c:24:17:f3:6a:ae:d8:c6:50:83:42:3d:a7:38:39:df:9c:
64:d9:16:07:1d:e0:06:11:47:54:3d:56:60:59:2c:fc:69:66:
0b:92:37:eb:55:dc:b8:a1:95:f1:29:4d:f0:ae:88:a6:6c:4b:
c4:bd:0f:ce:16:6f:6d:e2:78:e3:0d:cd:5a:7c:e5:06:a3:d5:
00:24:3f:e1:da:5d:66:cd:4c:7e:36:13:e1:ab:e9:84:37:c3:
08:fc:48:95:4f:90:cd:a6:f9:fb:44:54:f8:55:36:63:fa:e2:
ae:4d:14:e5:1b:37:01:0f:b0:74:db:c2:a3:93:38:cd:ce:ba:
b6:61:6f:86
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuSYCnwehE+0m19j/4DNPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlZTVjMGY5NWFiN2JlOGI4NWY3MTFmYTQzMzY2NWMxNGU2
ZTkzNTkwHhcNMjQwMTAxMjAzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTBmNDNiZTc1YjQ2OWNmZDgzODc3YTk3NWQ1M2Y2MWYwY2FiMTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgaqpocior+0y/eXBY+OhnqB2TeSC
9RromzE2FxUnmKy4ra7uZYlzQO/0/LtdxO5I4FC/umuu2btUDfwE6J5lDnGKclmJ
+GWccUw42H/TqFPRhu5Pqn/2kxaW7ccd3JZi2nnxSLYf2ml/2as6sfWAXp85RAgo
etokb8fwQ+c2ANil2+cZw3oJJ6+8J2F8RtuLFKCDdZkCBZBwgPOiz8S6kaBx9klc
cb5MiFkcLDCsEyNN0AgkMB2QCTmrdwscKT1mEIFBQyYkee4dZfI93vCTywZtgeAh
k606mhXdCcsqGU4dE9ri4gerUf821pV3jd4fjRIvaE70CzyLQLoOhwAb4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFHoPQ751tGnP2Dh3qXXVP2HwyrEeMB8GA1UdIwQY
MBaAFH7lwPlat76LhfcR+kM2ZcFObpNZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZnVYQS1WcTN2b3VGOXhINlF6Wmx3VTV1azFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy9hODM4ODYtOGI0YS00YjIzLWI0YWEt
OTAxOTRiZDY4NDI4LzEvZWc5RHZuVzBhY19ZT0hlcGRkVV9ZZkRLc1I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy9hODM4ODYtOGI0YS00YjIzLWI0YWEtOTAxOTRiZDY4NDI4
LzEvZnVYQS1WcTN2b3VGOXhINlF6Wmx3VTV1azFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBbUTSAwQB
uXUcMA0GCSqGSIb3DQEBCwUAA4IBAQAQTfuzKBH7R4t+Lq5QWsB+3u6hvzAkocPK
H7KquXztyFI410YI9sSgQbSid+DbMNsMpY04OejXZUqXRTqFxwYhsQgdj0fjsqdm
4BxMFope0hZxd2m8x9h+jHNFI6nfcgOzQh77WMSgH29rOnELl6CzCi9oEZS4Ck5b
E9wLCS50LCQX82qu2MZQg0I9pzg535xk2RYHHeAGEUdUPVZgWSz8aWYLkjfrVdy4
oZXxKU3wroimbEvEvQ/OFm9t4njjDc1afOUGo9UAJD/h2l1mzUx+NhPhq+mEN8MI
/EiVT5DNpvn7RFT4VTZj+uKuTRTlGzcBD7B028KjkzjNzrq2YW+G
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:12:33 2024 by rpki-client on console-fra.rpki-client.org