Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/Eb4OhYaz-jChP1vBqEqHjo1wY18.roa
File: Eb4OhYaz-jChP1vBqEqHjo1wY18.roa (raw, json)
Hash identifier: GsQOEtmb5xThszkTKcQRMsw7bvLcuTv+MjNz0YJ4MDI=
Subject key identifier: 11:BE:0E:85:86:B3:FA:30:A1:3F:5B:C1:A8:4A:87:8E:8D:70:63:5F
Certificate issuer: /CN=20aa60cb0024332a2db68993f3357158af60c8de
Certificate serial: 018CC64B33DB8CCBA8BDE48833BAFB2CB2FC
Authority key identifier: 20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/Eb4OhYaz-jChP1vBqEqHjo1wY18.roa
Signing time: Mon 01 Jan 2024 18:31:06 +0000
ROA not before: Mon 01 Jan 2024 18:31:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12638
IP address blocks: 212.23.96.0/19 maxlen: 19
176.0.0.0/13 maxlen: 13
5.1.128.0/17 maxlen: 17
193.7.128.0/19 maxlen: 19
176.1.0.0/16 maxlen: 16
2001:1a28::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/IKpgywAkMyottomT8zVxWK9gyN4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/IKpgywAkMyottomT8zVxWK9gyN4.mft
rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 15 Jun 2024 11:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:33:db:8c:cb:a8:bd:e4:88:33:ba:fb:2c:b2:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20aa60cb0024332a2db68993f3357158af60c8de
Validity
Not Before: Jan 1 18:31:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=11be0e8586b3fa30a13f5bc1a84a878e8d70635f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:19:4c:b8:27:42:89:74:b2:b1:ae:7f:46:2a:
86:40:ca:67:4b:13:29:33:4b:16:d9:21:d0:88:29:
37:cb:fe:aa:a1:15:f4:54:42:bf:5d:cc:21:5b:3b:
f6:e5:4b:3b:cd:b7:a7:32:60:4a:cd:11:3c:fb:a8:
57:8f:24:1d:69:ee:c0:97:80:1e:d5:ae:ae:30:32:
d2:93:4e:5d:cc:ce:aa:b9:3b:67:a1:fe:6c:1d:73:
bf:3b:ff:ae:03:e9:81:ac:0d:68:89:68:13:75:24:
4f:f1:8f:7c:8d:b0:8b:49:2e:b7:49:e5:df:1b:21:
c4:a5:45:3b:0a:89:c1:68:97:45:6d:61:3c:46:28:
77:23:9c:98:95:6f:e4:fd:a2:71:38:b3:7b:86:36:
fe:ad:cc:8c:71:45:3f:c7:0a:23:f4:f7:01:59:a4:
97:e2:59:46:f9:b3:0c:4e:97:9e:f5:ea:17:a7:4b:
39:a2:3e:57:bd:fd:3f:e4:a6:8a:5f:56:c2:68:c5:
b0:27:99:d7:5a:b2:e3:d8:f6:2c:13:53:69:0d:45:
0d:d3:7a:59:57:fd:31:45:ef:94:c6:55:00:e5:2a:
49:a3:2d:c9:41:56:11:71:6a:db:f5:5f:aa:fd:c1:
f2:69:11:27:8e:6f:d8:7e:9d:fd:92:11:f9:3c:65:
7a:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:BE:0E:85:86:B3:FA:30:A1:3F:5B:C1:A8:4A:87:8E:8D:70:63:5F
X509v3 Authority Key Identifier:
keyid:20:AA:60:CB:00:24:33:2A:2D:B6:89:93:F3:35:71:58:AF:60:C8:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IKpgywAkMyottomT8zVxWK9gyN4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/Eb4OhYaz-jChP1vBqEqHjo1wY18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/352431-e694-4412-a766-73f7d110b82a/1/IKpgywAkMyottomT8zVxWK9gyN4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.128.0/17
176.0.0.0/13
193.7.128.0/19
212.23.96.0/19
IPv6:
2001:1a28::/32
Signature Algorithm: sha256WithRSAEncryption
a2:4e:5c:df:1d:9d:10:b0:98:bd:0e:be:b6:1a:86:68:b7:cf:
10:82:23:97:9e:4f:52:c9:f6:cc:fc:72:26:16:19:bc:eb:eb:
0e:e8:7d:51:82:bd:a0:26:e4:ae:dc:a9:5a:b6:84:17:c1:cd:
f5:a6:64:ee:c4:ac:f0:c0:e0:fd:b6:83:22:73:3f:27:1d:eb:
66:55:38:db:a0:79:2b:eb:5b:5b:c5:1c:d8:87:30:a6:27:d7:
e6:af:fa:6d:22:98:dc:ac:d2:55:db:d3:9e:45:9c:d8:db:3b:
9b:e2:ee:4a:33:25:f6:4e:8f:ca:f1:d9:03:91:12:e4:7a:a1:
cb:00:a7:4d:ae:f2:c1:b7:51:64:2e:01:e3:d2:20:c5:43:13:
6e:ac:9e:9d:27:eb:42:7f:28:74:b0:5f:33:e1:3c:7e:97:56:
a7:c1:74:d0:7a:50:d9:c5:89:7d:a9:f5:37:d9:41:54:78:4d:
88:b4:56:6f:95:9c:24:f6:8b:43:28:0e:ea:98:e7:0c:cf:7e:
4b:e7:f9:2f:7f:76:9b:db:75:84:86:36:e6:83:a1:55:e3:1f:
ab:db:58:66:77:07:9f:41:97:00:13:48:f7:42:95:a8:5c:f3:
ae:3d:cf:5b:91:b1:80:32:b2:85:79:ff:b4:91:4b:42:83:dd:
5e:eb:20:72
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzGSzPbjMuoveSIM7r7LLL8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYWE2MGNiMDAyNDMzMmEyZGI2ODk5M2YzMzU3MTU4YWY2
MGM4ZGUwHhcNMjQwMTAxMTgzMTA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMWJlMGU4NTg2YjNmYTMwYTEzZjViYzFhODRhODc4ZThkNzA2MzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBlMuCdCiXSysa5/RiqGQMpnSxMp
M0sW2SHQiCk3y/6qoRX0VEK/XcwhWzv25Us7zbenMmBKzRE8+6hXjyQdae7Al4Ae
1a6uMDLSk05dzM6quTtnof5sHXO/O/+uA+mBrA1oiWgTdSRP8Y98jbCLSS63SeXf
GyHEpUU7ConBaJdFbWE8Rih3I5yYlW/k/aJxOLN7hjb+rcyMcUU/xwoj9PcBWaSX
4llG+bMMTpee9eoXp0s5oj5Xvf0/5KaKX1bCaMWwJ5nXWrLj2PYsE1NpDUUN03pZ
V/0xRe+UxlUA5SpJoy3JQVYRcWrb9V+q/cHyaREnjm/Yfp39khH5PGV6jQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFBG+DoWGs/owoT9bwahKh46NcGNfMB8GA1UdIwQY
MBaAFCCqYMsAJDMqLbaJk/M1cVivYMjeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUtwZ3l3QWtNeW90dG9tVDh6VnhXSzlneU40LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8zNTI0MzEtZTY5NC00NDEyLWE3NjYt
NzNmN2QxMTBiODJhLzEvRWI0T2hZYXotakNoUDF2QnFFcUhqbzF3WTE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8zNTI0MzEtZTY5NC00NDEyLWE3NjYtNzNmN2QxMTBiODJh
LzEvSUtwZ3l3QWtNeW90dG9tVDh6VnhXSzlneU40LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwQHBQGAAwMD
sAADBAXBB4ADBAXUF2AwDQQCAAIwBwMFACABGigwDQYJKoZIhvcNAQELBQADggEB
AKJOXN8dnRCwmL0OvrYahmi3zxCCI5eeT1LJ9sz8ciYWGbzr6w7ofVGCvaAm5K7c
qVq2hBfBzfWmZO7ErPDA4P22gyJzPycd62ZVONugeSvrW1vFHNiHMKYn1+av+m0i
mNys0lXb055FnNjbO5vi7kozJfZOj8rx2QOREuR6ocsAp02u8sG3UWQuAePSIMVD
E26snp0n60J/KHSwXzPhPH6XVqfBdNB6UNnFiX2p9TfZQVR4TYi0Vm+VnCT2i0Mo
DuqY5wzPfkvn+S9/dpvbdYSGNuaDoVXjH6vbWGZ3B59BlwATSPdClahc8649z1uR
sYAysoV5/7SRS0KD3V7rIHI=
-----END CERTIFICATE-----
Generated at Fri Jun 14 17:16:53 2024 by rpki-client on console-fra.rpki-client.org