Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/220e62-a137-4657-a94a-df84cbb19a30/1/ih-u8mSFv40UxhXyOm_u4-X6-tw.roa
File: ih-u8mSFv40UxhXyOm_u4-X6-tw.roa (raw, json)
Hash identifier: klWrPvGSxFkLCtYkV52VKMOc0yabch8S9qe5lFh5SVw=
Subject key identifier: 8A:1F:AE:F2:64:85:BF:8D:14:C6:15:F2:3A:6F:EE:E3:E5:FA:FA:DC
Certificate issuer: /CN=ee527c9a03562902328374e15099c365846a6be8
Certificate serial: 018CF386968B6A8ED26209F3F75F7BE7E045
Authority key identifier: EE:52:7C:9A:03:56:29:02:32:83:74:E1:50:99:C3:65:84:6A:6B:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7lJ8mgNWKQIyg3ThUJnDZYRqa-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/220e62-a137-4657-a94a-df84cbb19a30/1/ih-u8mSFv40UxhXyOm_u4-X6-tw.roa
Signing time: Wed 10 Jan 2024 13:18:52 +0000
ROA not before: Wed 10 Jan 2024 13:18:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201499
IP address blocks: 185.72.144.0/23 maxlen: 32
185.72.146.0/24 maxlen: 32
185.72.147.0/24 maxlen: 32
2a05:3a80::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/220e62-a137-4657-a94a-df84cbb19a30/1/7lJ8mgNWKQIyg3ThUJnDZYRqa-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/220e62-a137-4657-a94a-df84cbb19a30/1/7lJ8mgNWKQIyg3ThUJnDZYRqa-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/7lJ8mgNWKQIyg3ThUJnDZYRqa-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 02:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:f3:86:96:8b:6a:8e:d2:62:09:f3:f7:5f:7b:e7:e0:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ee527c9a03562902328374e15099c365846a6be8
Validity
Not Before: Jan 10 13:18:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a1faef26485bf8d14c615f23a6feee3e5fafadc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6b:a4:bc:82:1f:68:41:ec:61:22:2f:70:96:
7d:1d:71:d4:6e:13:23:8a:06:a7:e1:e8:4d:de:c0:
63:f1:be:8d:31:1e:3c:80:e2:a0:fb:cf:4d:ec:3b:
bc:23:e6:0a:80:a8:cb:ec:d6:1a:cd:91:31:2e:1a:
78:cd:5d:d6:db:14:b8:d2:91:98:2f:55:e9:07:c3:
28:1c:70:bb:44:d8:1a:ea:5b:43:c6:26:29:c8:81:
df:c1:2f:a1:86:b4:4b:4d:4b:c8:55:42:55:62:2b:
8e:7f:19:94:99:6d:a1:7a:b6:67:58:fb:01:5d:43:
01:0d:17:70:0e:19:e5:aa:1f:d3:4a:a1:1e:ce:23:
c0:8e:d0:f6:77:a6:03:8a:7f:5e:7b:4c:97:58:99:
1d:6f:5b:25:a4:09:9c:1b:9c:63:01:04:74:31:db:
68:a4:95:d0:dc:0c:26:74:09:16:9e:0d:f1:da:95:
e6:73:42:a3:eb:c0:8e:66:a4:5a:2d:5c:d4:36:02:
8f:69:cf:bb:2a:fe:19:56:4c:db:1e:95:2a:92:43:
23:bb:8b:f7:fd:32:4e:c3:33:53:1b:3e:87:1b:88:
d8:c3:99:0d:84:e6:95:35:5e:25:41:e5:ec:c1:5a:
a9:c1:5e:df:35:a5:41:e9:36:7a:2b:5d:18:17:6c:
dd:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:1F:AE:F2:64:85:BF:8D:14:C6:15:F2:3A:6F:EE:E3:E5:FA:FA:DC
X509v3 Authority Key Identifier:
keyid:EE:52:7C:9A:03:56:29:02:32:83:74:E1:50:99:C3:65:84:6A:6B:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7lJ8mgNWKQIyg3ThUJnDZYRqa-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/220e62-a137-4657-a94a-df84cbb19a30/1/ih-u8mSFv40UxhXyOm_u4-X6-tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/220e62-a137-4657-a94a-df84cbb19a30/1/7lJ8mgNWKQIyg3ThUJnDZYRqa-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.72.144.0/22
IPv6:
2a05:3a80::/48
Signature Algorithm: sha256WithRSAEncryption
b5:ba:7c:e2:f5:f3:06:ae:5a:06:7c:dd:4e:19:24:63:08:d2:
b0:fa:ae:17:a5:32:2b:d6:6a:aa:1b:96:56:9c:21:85:a1:1c:
58:c8:c3:35:af:02:b0:26:01:01:0b:5c:30:1b:06:99:73:ca:
e2:86:fe:eb:f4:a5:72:d4:e2:fa:b3:be:ad:3d:9e:fb:f9:2d:
cb:e1:19:da:34:44:53:7a:6f:16:66:08:4d:43:2e:c7:f1:ab:
64:9e:a7:ad:a1:26:35:73:eb:9c:0f:f2:03:85:21:05:df:80:
db:0b:b6:b9:98:01:82:a4:76:de:d3:d9:0d:19:14:19:3e:c9:
04:ee:82:8f:6c:f5:6f:eb:53:3a:8b:70:df:69:1e:e0:92:05:
82:b6:88:71:d6:c5:50:5e:5c:40:d4:64:46:51:be:f9:e5:52:
fd:fa:90:19:b8:2e:51:4e:7a:d3:0b:50:9f:71:c8:1e:47:21:
7e:02:8c:78:ae:87:46:dd:75:54:4c:64:0f:8a:01:c2:89:2a:
a5:ae:86:59:a6:c3:bf:ef:c9:b0:32:ed:ee:80:a3:d6:ea:3f:
6c:8e:a1:e1:25:a3:e9:21:73:06:cc:52:28:63:a7:68:45:a1:
7f:30:e7:cd:c2:42:a3:bf:42:46:16:f9:79:73:a7:32:eb:a1:
5f:48:90:9b
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzzhpaLao7SYgnz91975+BFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlNTI3YzlhMDM1NjI5MDIzMjgzNzRlMTUwOTljMzY1ODQ2
YTZiZTgwHhcNMjQwMTEwMTMxODUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTFmYWVmMjY0ODViZjhkMTRjNjE1ZjIzYTZmZWVlM2U1ZmFmYWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApmukvIIfaEHsYSIvcJZ9HXHUbhMj
igan4ehN3sBj8b6NMR48gOKg+89N7Du8I+YKgKjL7NYazZExLhp4zV3W2xS40pGY
L1XpB8MoHHC7RNga6ltDxiYpyIHfwS+hhrRLTUvIVUJVYiuOfxmUmW2herZnWPsB
XUMBDRdwDhnlqh/TSqEeziPAjtD2d6YDin9ee0yXWJkdb1slpAmcG5xjAQR0Mdto
pJXQ3AwmdAkWng3x2pXmc0Kj68COZqRaLVzUNgKPac+7Kv4ZVkzbHpUqkkMju4v3
/TJOwzNTGz6HG4jYw5kNhOaVNV4lQeXswVqpwV7fNaVB6TZ6K10YF2zdrQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFIofrvJkhb+NFMYV8jpv7uPl+vrcMB8GA1UdIwQY
MBaAFO5SfJoDVikCMoN04VCZw2WEamvoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2xKOG1nTldLUUl5ZzNUaFVKbkRaWVJxYS1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS8yMjBlNjItYTEzNy00NjU3LWE5NGEt
ZGY4NGNiYjE5YTMwLzEvaWgtdThtU0Z2NDBVeGhYeU9tX3U0LVg2LXR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS8yMjBlNjItYTEzNy00NjU3LWE5NGEtZGY4NGNiYjE5YTMw
LzEvN2xKOG1nTldLUUl5ZzNUaFVKbkRaWVJxYS1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuUiQMA8E
AgACMAkDBwAqBTqAAAAwDQYJKoZIhvcNAQELBQADggEBALW6fOL18wauWgZ83U4Z
JGMI0rD6rhelMivWaqobllacIYWhHFjIwzWvArAmAQELXDAbBplzyuKG/uv0pXLU
4vqzvq09nvv5LcvhGdo0RFN6bxZmCE1DLsfxq2Sep62hJjVz65wP8gOFIQXfgNsL
trmYAYKkdt7T2Q0ZFBk+yQTugo9s9W/rUzqLcN9pHuCSBYK2iHHWxVBeXEDUZEZR
vvnlUv36kBm4LlFOetMLUJ9xyB5HIX4CjHiuh0bddVRMZA+KAcKJKqWuhlmmw7/v
ybAy7e6Ao9bqP2yOoeElo+khcwbMUihjp2hFoX8w583CQqO/QkYW+XlzpzLroV9I
kJs=
-----END CERTIFICATE-----
Generated at Sat May 18 06:09:13 2024 by rpki-client on console-ams.rpki-client.org