Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/5ba81e-e274-4ba3-954d-bdf94a3fb32d/1/eg_F7AYXbZRzzw2AoPGlLRMH7Rk.roa
File: eg_F7AYXbZRzzw2AoPGlLRMH7Rk.roa (raw, json)
Hash identifier: WJjEoYjGIZUXHQxGS/As9r/R5OoEweIby6UZs/gGD0U=
Subject key identifier: 7A:0F:C5:EC:06:17:6D:94:73:CF:0D:80:A0:F1:A5:2D:13:07:ED:19
Certificate issuer: /CN=4dcfd001a667e1645ab40c5bbed89f5927004f85
Certificate serial: 018CC5DC10119AEE0FB0C277344AF65B582C
Authority key identifier: 4D:CF:D0:01:A6:67:E1:64:5A:B4:0C:5B:BE:D8:9F:59:27:00:4F:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tc_QAaZn4WRatAxbvtifWScAT4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/5ba81e-e274-4ba3-954d-bdf94a3fb32d/1/eg_F7AYXbZRzzw2AoPGlLRMH7Rk.roa
Signing time: Mon 01 Jan 2024 16:29:42 +0000
ROA not before: Mon 01 Jan 2024 16:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34947
IP address blocks: 45.89.200.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/5ba81e-e274-4ba3-954d-bdf94a3fb32d/1/Tc_QAaZn4WRatAxbvtifWScAT4U.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/5ba81e-e274-4ba3-954d-bdf94a3fb32d/1/Tc_QAaZn4WRatAxbvtifWScAT4U.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tc_QAaZn4WRatAxbvtifWScAT4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 07:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:10:11:9a:ee:0f:b0:c2:77:34:4a:f6:5b:58:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4dcfd001a667e1645ab40c5bbed89f5927004f85
Validity
Not Before: Jan 1 16:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a0fc5ec06176d9473cf0d80a0f1a52d1307ed19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f2:90:f1:62:e1:d7:fe:22:d1:7b:b7:42:e8:
c0:02:87:b0:85:64:64:2c:ea:bd:dc:db:fe:9c:7c:
39:32:49:01:2a:68:18:6a:e7:ee:77:d1:bc:74:79:
42:43:cd:14:91:57:24:43:95:79:da:04:c8:de:7c:
c6:f6:f2:cb:1e:0c:33:a2:2d:22:40:70:50:b4:df:
8c:39:ed:b6:d9:51:ec:d4:d7:9c:9a:53:ac:ba:a3:
a5:49:fe:77:80:30:e9:cb:12:05:67:30:bd:a2:dd:
7d:fd:87:23:5d:1c:bc:26:90:81:29:84:0f:f2:67:
f1:90:0b:6b:4c:5b:fb:03:d9:3c:d8:06:30:ba:af:
87:bc:5a:10:df:a5:43:9b:69:3b:58:17:46:e5:f3:
7e:07:46:33:5f:af:60:7f:da:e0:9b:9b:70:02:53:
0c:bb:8f:46:d1:bf:83:b4:fb:63:fa:cb:fb:77:aa:
9d:b6:95:48:19:6f:51:95:e3:00:15:7c:51:ee:29:
03:8c:67:56:6b:f7:6c:41:c4:b9:6f:2d:0b:f2:01:
8c:e5:30:09:fd:a7:cf:a5:32:ba:28:ba:c8:3f:a3:
85:4a:51:de:8c:19:d1:75:be:01:23:a7:b8:f9:ce:
a4:52:d6:4c:74:9f:98:b3:03:85:a0:ef:7c:59:c4:
aa:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:0F:C5:EC:06:17:6D:94:73:CF:0D:80:A0:F1:A5:2D:13:07:ED:19
X509v3 Authority Key Identifier:
keyid:4D:CF:D0:01:A6:67:E1:64:5A:B4:0C:5B:BE:D8:9F:59:27:00:4F:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tc_QAaZn4WRatAxbvtifWScAT4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/5ba81e-e274-4ba3-954d-bdf94a3fb32d/1/eg_F7AYXbZRzzw2AoPGlLRMH7Rk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/5ba81e-e274-4ba3-954d-bdf94a3fb32d/1/Tc_QAaZn4WRatAxbvtifWScAT4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.200.0/22
Signature Algorithm: sha256WithRSAEncryption
94:a9:04:a4:6a:80:20:3a:15:3d:8b:ac:67:7f:7f:29:5a:8c:
b4:bf:74:25:0b:93:35:ce:c6:f1:c2:f7:9f:bb:95:36:16:06:
97:3a:10:39:df:3d:6c:6f:34:7b:67:3e:a0:a3:2f:b5:4d:7c:
15:a2:a6:a7:95:ee:df:1c:8a:b7:78:37:07:7d:a1:aa:18:ea:
30:17:ed:ef:49:5c:2b:10:c9:af:99:75:e5:83:ce:19:b4:53:
a3:09:c8:a1:e3:60:3c:3c:81:a9:04:69:cf:ee:41:48:51:3f:
e6:57:d8:40:71:ae:12:09:a3:e1:a7:7e:d1:c7:41:4a:2e:22:
72:53:50:02:54:e1:66:83:b2:07:01:f5:5a:3c:ab:d2:03:04:
db:b1:e1:35:2e:72:8d:89:c7:32:13:7c:f5:a9:57:77:65:bf:
87:e3:3b:c4:85:76:22:eb:e0:c9:6b:64:dd:17:eb:21:6e:fe:
c4:fc:db:dc:76:9a:4e:af:59:2b:a1:ba:de:4b:d7:aa:b7:7e:
be:ec:55:39:dc:7e:d2:0a:6a:6f:d9:83:cc:99:72:bc:b9:c4:
0a:34:d2:ba:ec:03:54:aa:00:54:aa:a3:2b:70:6b:4b:83:94:
00:4a:0d:f7:0e:b4:32:21:9b:55:3d:3a:07:f5:f5:73:1c:c4:
bd:0a:44:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF3BARmu4PsMJ3NEr2W1gsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkY2ZkMDAxYTY2N2UxNjQ1YWI0MGM1YmJlZDg5ZjU5Mjcw
MDRmODUwHhcNMjQwMTAxMTYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTBmYzVlYzA2MTc2ZDk0NzNjZjBkODBhMGYxYTUyZDEzMDdlZDE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/KQ8WLh1/4i0Xu3QujAAoewhWRk
LOq93Nv+nHw5MkkBKmgYaufud9G8dHlCQ80UkVckQ5V52gTI3nzG9vLLHgwzoi0i
QHBQtN+MOe222VHs1NecmlOsuqOlSf53gDDpyxIFZzC9ot19/YcjXRy8JpCBKYQP
8mfxkAtrTFv7A9k82AYwuq+HvFoQ36VDm2k7WBdG5fN+B0YzX69gf9rgm5twAlMM
u49G0b+DtPtj+sv7d6qdtpVIGW9RleMAFXxR7ikDjGdWa/dsQcS5by0L8gGM5TAJ
/afPpTK6KLrIP6OFSlHejBnRdb4BI6e4+c6kUtZMdJ+YswOFoO98WcSqnQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHoPxewGF22Uc88NgKDxpS0TB+0ZMB8GA1UdIwQY
MBaAFE3P0AGmZ+FkWrQMW77Yn1knAE+FMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGNfUUFhWm40V1JhdEF4YnZ0aWZXU2NBVDRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81YmE4MWUtZTI3NC00YmEzLTk1NGQt
YmRmOTRhM2ZiMzJkLzEvZWdfRjdBWVhiWlJ6encyQW9QR2xMUk1IN1JrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81YmE4MWUtZTI3NC00YmEzLTk1NGQtYmRmOTRhM2ZiMzJk
LzEvVGNfUUFhWm40V1JhdEF4YnZ0aWZXU2NBVDRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVnIMA0G
CSqGSIb3DQEBCwUAA4IBAQCUqQSkaoAgOhU9i6xnf38pWoy0v3QlC5M1zsbxwvef
u5U2FgaXOhA53z1sbzR7Zz6goy+1TXwVoqanle7fHIq3eDcHfaGqGOowF+3vSVwr
EMmvmXXlg84ZtFOjCcih42A8PIGpBGnP7kFIUT/mV9hAca4SCaPhp37Rx0FKLiJy
U1ACVOFmg7IHAfVaPKvSAwTbseE1LnKNiccyE3z1qVd3Zb+H4zvEhXYi6+DJa2Td
F+shbv7E/NvcdppOr1krobreS9eqt36+7FU53H7SCmpv2YPMmXK8ucQKNNK67ANU
qgBUqqMrcGtLg5QASg33DrQyIZtVPToH9fVzHMS9CkTz
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:18:38 2024 by rpki-client on console-fra.rpki-client.org