Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/9d0245-7855-4031-9648-54628dfcba4c/1/Eig7IbS4anflFnmEw_7hn8A5lhI.roa
File: Eig7IbS4anflFnmEw_7hn8A5lhI.roa (raw, json)
Hash identifier: CAh+UnVhIqlMq42OpwiuJ4EKIFW5ESjtqYegTJ4J5w0=
Subject key identifier: 12:28:3B:21:B4:B8:6A:77:E5:16:79:84:C3:FE:E1:9F:C0:39:96:12
Certificate issuer: /CN=0a84e473aa564eb51a7e7eb8b18f14ac0cbc2c9c
Certificate serial: 018CC500C9003E2A8E8C09AB274E35723FCB
Authority key identifier: 0A:84:E4:73:AA:56:4E:B5:1A:7E:7E:B8:B1:8F:14:AC:0C:BC:2C:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CoTkc6pWTrUafn64sY8UrAy8LJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/9d0245-7855-4031-9648-54628dfcba4c/1/Eig7IbS4anflFnmEw_7hn8A5lhI.roa
Signing time: Mon 01 Jan 2024 12:30:12 +0000
ROA not before: Mon 01 Jan 2024 12:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200000
IP address blocks: 91.222.136.0/22 maxlen: 22
194.247.12.0/23 maxlen: 23
91.206.200.0/23 maxlen: 23
2001:67c:2070::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/9d0245-7855-4031-9648-54628dfcba4c/1/CoTkc6pWTrUafn64sY8UrAy8LJw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/9d0245-7855-4031-9648-54628dfcba4c/1/CoTkc6pWTrUafn64sY8UrAy8LJw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CoTkc6pWTrUafn64sY8UrAy8LJw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 May 2024 14:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:c9:00:3e:2a:8e:8c:09:ab:27:4e:35:72:3f:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a84e473aa564eb51a7e7eb8b18f14ac0cbc2c9c
Validity
Not Before: Jan 1 12:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=12283b21b4b86a77e5167984c3fee19fc0399612
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:1a:50:bf:e3:9c:b2:5f:b2:91:cb:7e:cc:7e:
74:09:17:7a:d3:6e:a8:75:bc:44:4b:ed:5a:9d:db:
91:44:9e:e7:7e:57:a5:91:68:8c:0a:85:c0:51:01:
ae:cc:ed:1f:34:5d:59:72:04:d9:31:ea:9d:1b:fd:
02:73:22:04:e0:cf:ed:f4:8b:2d:d2:5e:16:ff:bb:
57:e5:b4:26:70:16:02:61:a6:cc:b4:ed:8a:36:6a:
2b:89:2e:b5:49:84:fa:e6:1f:c6:ef:64:98:9b:0c:
6b:d7:ae:58:c3:5b:7e:91:62:90:f7:05:10:a8:d8:
df:1e:f5:1c:df:8e:e3:14:7c:8c:c0:ba:18:85:ec:
e6:8a:bd:e9:ef:e1:b3:21:31:e5:59:44:4c:93:c3:
e2:f0:1b:73:18:8d:da:76:76:be:a0:27:6c:58:64:
50:54:c0:de:0b:9f:f5:ca:b2:27:9e:63:77:e7:40:
2c:5d:fc:2f:d6:09:83:e5:f7:47:f2:b7:fe:8c:3d:
c9:76:e6:23:aa:8f:39:20:a9:b7:b0:23:f0:24:e4:
f9:fe:d8:15:d1:eb:f1:43:0a:32:e1:f8:04:91:9f:
47:7e:b9:5d:2e:67:3f:7e:e3:89:b9:63:1c:fa:57:
9a:84:9a:a4:51:37:68:cb:ff:f7:9e:a5:91:27:be:
a3:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:28:3B:21:B4:B8:6A:77:E5:16:79:84:C3:FE:E1:9F:C0:39:96:12
X509v3 Authority Key Identifier:
keyid:0A:84:E4:73:AA:56:4E:B5:1A:7E:7E:B8:B1:8F:14:AC:0C:BC:2C:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CoTkc6pWTrUafn64sY8UrAy8LJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9d0245-7855-4031-9648-54628dfcba4c/1/Eig7IbS4anflFnmEw_7hn8A5lhI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/9d0245-7855-4031-9648-54628dfcba4c/1/CoTkc6pWTrUafn64sY8UrAy8LJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.206.200.0/23
91.222.136.0/22
194.247.12.0/23
IPv6:
2001:67c:2070::/48
Signature Algorithm: sha256WithRSAEncryption
7e:52:31:db:85:63:b0:f4:20:d0:80:1d:ce:ff:bc:63:88:e5:
ae:6a:aa:d4:20:82:9e:e0:d2:03:e9:be:d7:2e:17:c1:fa:7c:
48:86:6d:3f:1a:7f:85:07:3b:2f:ac:ab:37:4d:35:cd:3d:60:
65:51:5d:55:53:6b:7d:27:f2:6a:52:3d:b5:a1:a0:4e:ce:32:
e6:e0:75:7f:ee:c6:ec:30:36:63:85:f1:29:fd:3b:1f:24:6b:
8a:a8:99:91:85:ed:1e:8c:78:e9:5c:97:5c:93:8e:69:60:d3:
95:81:d1:c1:21:a3:50:b6:0f:16:c3:c6:10:b2:af:63:a6:38:
6b:32:d7:91:4a:6e:d2:f9:77:0a:ad:5d:39:ff:29:3f:16:6c:
92:63:18:50:72:2e:ef:22:a2:57:93:fd:35:38:4e:8b:cf:59:
07:c5:64:70:06:0a:c3:d4:53:81:d8:80:ea:21:40:be:62:5d:
a4:a7:c4:9d:ac:66:b9:dc:ae:17:30:ce:d5:d1:60:41:47:34:
ec:cb:a5:55:bd:c9:ce:e4:fc:d5:a5:08:8b:f1:25:60:90:a8:
91:ba:90:59:3f:bc:86:17:a0:79:c5:5e:d7:f4:4d:05:12:3b:
15:31:8c:4d:6a:a3:94:f0:9b:31:d7:b1:d4:25:83:e3:4f:90:
32:82:e1:48
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzFAMkAPiqOjAmrJ041cj/LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhODRlNDczYWE1NjRlYjUxYTdlN2ViOGIxOGYxNGFjMGNi
YzJjOWMwHhcNMjQwMTAxMTIzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjI4M2IyMWI0Yjg2YTc3ZTUxNjc5ODRjM2ZlZTE5ZmMwMzk5NjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBpQv+Ocsl+ykct+zH50CRd6026o
dbxES+1anduRRJ7nflelkWiMCoXAUQGuzO0fNF1ZcgTZMeqdG/0CcyIE4M/t9Ist
0l4W/7tX5bQmcBYCYabMtO2KNmoriS61SYT65h/G72SYmwxr165Yw1t+kWKQ9wUQ
qNjfHvUc347jFHyMwLoYhezmir3p7+GzITHlWURMk8Pi8BtzGI3adna+oCdsWGRQ
VMDeC5/1yrInnmN350AsXfwv1gmD5fdH8rf+jD3JduYjqo85IKm3sCPwJOT5/tgV
0evxQwoy4fgEkZ9HfrldLmc/fuOJuWMc+leahJqkUTdoy//3nqWRJ76jyQIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFBIoOyG0uGp35RZ5hMP+4Z/AOZYSMB8GA1UdIwQY
MBaAFAqE5HOqVk61Gn5+uLGPFKwMvCycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ29Ua2M2cFdUclVhZm42NHNZOFVyQXk4TEp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy85ZDAyNDUtNzg1NS00MDMxLTk2NDgt
NTQ2MjhkZmNiYTRjLzEvRWlnN0liUzRhbmZsRm5tRXdfN2huOEE1bGhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy85ZDAyNDUtNzg1NS00MDMxLTk2NDgtNTQ2MjhkZmNiYTRj
LzEvQ29Ua2M2cFdUclVhZm42NHNZOFVyQXk4TEp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQBW87IAwQC
W96IAwQBwvcMMA8EAgACMAkDBwAgAQZ8IHAwDQYJKoZIhvcNAQELBQADggEBAH5S
MduFY7D0INCAHc7/vGOI5a5qqtQggp7g0gPpvtcuF8H6fEiGbT8af4UHOy+sqzdN
Nc09YGVRXVVTa30n8mpSPbWhoE7OMubgdX/uxuwwNmOF8Sn9Ox8ka4qomZGF7R6M
eOlcl1yTjmlg05WB0cEho1C2DxbDxhCyr2OmOGsy15FKbtL5dwqtXTn/KT8WbJJj
GFByLu8ioleT/TU4TovPWQfFZHAGCsPUU4HYgOohQL5iXaSnxJ2sZrncrhcwztXR
YEFHNOzLpVW9yc7k/NWlCIvxJWCQqJG6kFk/vIYXoHnFXtf0TQUSOxUxjE1qo5Tw
mzHXsdQlg+NPkDKC4Ug=
-----END CERTIFICATE-----
Generated at Tue May 21 23:16:18 2024 by rpki-client on console-ams.rpki-client.org