Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/e076dc-10d8-44cc-8aa5-5a94ad133118/1/ep1Ig6iltvYws1RmYx15h4Sl4AU.roa
File: ep1Ig6iltvYws1RmYx15h4Sl4AU.roa (raw, json)
Hash identifier: 7l6VpA3FzH3+fczQ+piI9lq2RqS96c+YhncT2PfQVBM=
Subject key identifier: 7A:9D:48:83:A8:A5:B6:F6:30:B3:54:66:63:1D:79:87:84:A5:E0:05
Certificate issuer: /CN=821f6e9ff1fbbf21f6413a137e7367dd8a8c035c
Certificate serial: 018CC5DC65F6FD7F47B57F1942EDDBA68116
Authority key identifier: 82:1F:6E:9F:F1:FB:BF:21:F6:41:3A:13:7E:73:67:DD:8A:8C:03:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gh9un_H7vyH2QToTfnNn3YqMA1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/e076dc-10d8-44cc-8aa5-5a94ad133118/1/ep1Ig6iltvYws1RmYx15h4Sl4AU.roa
Signing time: Mon 01 Jan 2024 16:30:04 +0000
ROA not before: Mon 01 Jan 2024 16:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212686
IP address blocks: 185.206.9.0/24 maxlen: 24
185.206.11.0/24 maxlen: 24
185.206.8.0/24 maxlen: 24
185.206.10.0/24 maxlen: 24
2a12:ff80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/e076dc-10d8-44cc-8aa5-5a94ad133118/1/gh9un_H7vyH2QToTfnNn3YqMA1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/e076dc-10d8-44cc-8aa5-5a94ad133118/1/gh9un_H7vyH2QToTfnNn3YqMA1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/gh9un_H7vyH2QToTfnNn3YqMA1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:65:f6:fd:7f:47:b5:7f:19:42:ed:db:a6:81:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=821f6e9ff1fbbf21f6413a137e7367dd8a8c035c
Validity
Not Before: Jan 1 16:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7a9d4883a8a5b6f630b35466631d798784a5e005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:05:39:8b:0f:55:27:10:98:dc:a6:ad:c9:57:
e8:4a:8c:9b:66:04:e6:fb:a0:79:70:7d:db:cf:a0:
69:23:52:18:ba:71:1b:77:b0:c3:3b:4a:c7:4f:2d:
ac:f8:63:0b:07:9b:da:dd:14:ae:28:22:f8:71:11:
f8:45:be:5f:b2:09:08:17:d5:0f:10:76:f1:23:7b:
a2:7e:2a:c0:5e:57:09:3c:bc:84:26:fc:79:6d:e6:
cf:81:f6:ce:9e:d4:86:ee:79:3e:1b:a3:05:e1:30:
b4:0d:f0:14:19:7f:1d:55:8d:29:c3:df:fa:e1:41:
7e:74:57:70:65:f1:a9:5c:1b:0b:c9:e7:ae:48:a8:
2f:5c:53:a9:54:9a:d6:c1:e2:fa:01:30:1d:84:00:
a5:6d:5d:1a:51:07:8d:47:78:f2:c6:83:8e:64:5e:
fc:b2:71:45:c2:e1:df:9b:d2:43:84:9a:38:df:cf:
9c:9a:23:f9:09:16:74:48:fd:02:29:eb:23:c6:e0:
fd:57:b6:e7:4d:d2:c0:6e:30:7a:1a:c5:10:8d:a2:
7b:6f:5c:3c:60:4e:bb:fa:32:17:02:73:0b:3f:73:
1a:fd:c8:24:b8:8d:3b:3e:19:f9:da:16:e1:48:37:
dc:4e:9d:37:4c:06:aa:3a:65:fa:fc:db:6c:ec:cd:
86:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:9D:48:83:A8:A5:B6:F6:30:B3:54:66:63:1D:79:87:84:A5:E0:05
X509v3 Authority Key Identifier:
keyid:82:1F:6E:9F:F1:FB:BF:21:F6:41:3A:13:7E:73:67:DD:8A:8C:03:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gh9un_H7vyH2QToTfnNn3YqMA1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/e076dc-10d8-44cc-8aa5-5a94ad133118/1/ep1Ig6iltvYws1RmYx15h4Sl4AU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/e076dc-10d8-44cc-8aa5-5a94ad133118/1/gh9un_H7vyH2QToTfnNn3YqMA1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.206.8.0/22
IPv6:
2a12:ff80::/48
Signature Algorithm: sha256WithRSAEncryption
7d:0d:07:3f:ca:1e:10:ff:01:49:26:7d:24:d8:06:d9:b4:1b:
76:53:5d:47:0d:5d:92:61:89:6d:3b:75:13:4d:0f:7f:27:60:
42:08:9a:80:cf:92:ac:16:42:a0:1d:f3:2f:3e:db:c5:1c:77:
26:6c:26:71:85:2a:88:b1:eb:d7:6e:7e:20:a5:1d:96:29:43:
dc:84:65:4b:34:7c:6d:86:78:cb:6b:03:df:6c:d2:d6:5c:ba:
73:36:ad:9c:ad:ad:74:91:c0:d1:55:f9:89:fb:dc:3e:a8:0b:
a2:18:82:b8:ec:29:81:fc:a0:f0:24:9c:db:33:75:6a:25:9d:
3f:5b:8c:85:0d:c7:59:8e:09:f6:9b:f5:f4:16:87:75:cb:ec:
0e:3b:d3:87:15:d9:d4:ea:01:aa:3d:f0:4d:40:e7:b8:76:16:
c7:9b:7b:ff:53:ac:3a:4f:5e:65:e0:4b:43:f5:86:6f:1a:8e:
d9:1e:50:62:d2:f3:9e:c4:0d:1c:21:e3:49:12:91:d6:96:6d:
f3:c0:eb:4b:b8:ad:c9:e4:3e:62:f1:d8:72:8d:7e:00:6a:d5:
50:37:df:05:28:0c:0e:30:34:63:a9:99:b7:37:bc:c4:d9:c7:
a8:29:d5:4c:90:ed:76:a2:f5:47:10:8f:c5:2a:2d:eb:0e:5a:
91:13:08:07
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzF3GX2/X9HtX8ZQu3bpoEWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyMWY2ZTlmZjFmYmJmMjFmNjQxM2ExMzdlNzM2N2RkOGE4
YzAzNWMwHhcNMjQwMTAxMTYzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YTlkNDg4M2E4YTViNmY2MzBiMzU0NjY2MzFkNzk4Nzg0YTVlMDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArQU5iw9VJxCY3KatyVfoSoybZgTm
+6B5cH3bz6BpI1IYunEbd7DDO0rHTy2s+GMLB5va3RSuKCL4cRH4Rb5fsgkIF9UP
EHbxI3uifirAXlcJPLyEJvx5bebPgfbOntSG7nk+G6MF4TC0DfAUGX8dVY0pw9/6
4UF+dFdwZfGpXBsLyeeuSKgvXFOpVJrWweL6ATAdhAClbV0aUQeNR3jyxoOOZF78
snFFwuHfm9JDhJo438+cmiP5CRZ0SP0CKesjxuD9V7bnTdLAbjB6GsUQjaJ7b1w8
YE67+jIXAnMLP3Ma/cgkuI07Phn52hbhSDfcTp03TAaqOmX6/Nts7M2GgQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFHqdSIOopbb2MLNUZmMdeYeEpeAFMB8GA1UdIwQY
MBaAFIIfbp/x+78h9kE6E35zZ92KjANcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2g5dW5fSDd2eUgyUVRvVGZuTm4zWXFNQTF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9lMDc2ZGMtMTBkOC00NGNjLThhYTUt
NWE5NGFkMTMzMTE4LzEvZXAxSWc2aWx0dll3czFSbVl4MTVoNFNsNEFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9lMDc2ZGMtMTBkOC00NGNjLThhYTUtNWE5NGFkMTMzMTE4
LzEvZ2g5dW5fSDd2eUgyUVRvVGZuTm4zWXFNQTF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCuc4IMA8E
AgACMAkDBwAqEv+AAAAwDQYJKoZIhvcNAQELBQADggEBAH0NBz/KHhD/AUkmfSTY
Btm0G3ZTXUcNXZJhiW07dRNND38nYEIImoDPkqwWQqAd8y8+28UcdyZsJnGFKoix
69dufiClHZYpQ9yEZUs0fG2GeMtrA99s0tZcunM2rZytrXSRwNFV+Yn73D6oC6IY
grjsKYH8oPAknNszdWolnT9bjIUNx1mOCfab9fQWh3XL7A4704cV2dTqAao98E1A
57h2Fsebe/9TrDpPXmXgS0P1hm8ajtkeUGLS857EDRwh40kSkdaWbfPA60u4rcnk
PmLx2HKNfgBq1VA33wUoDA4wNGOpmbc3vMTZx6gp1UyQ7Xai9UcQj8UqLesOWpET
CAc=
-----END CERTIFICATE-----
Generated at Sat Jun 8 01:21:12 2024 by rpki-client on console-ams.rpki-client.org