Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/EiYB9xqM-gE0CZ5uoJLfVYvigIE.roa
File: EiYB9xqM-gE0CZ5uoJLfVYvigIE.roa (raw, json)
Hash identifier: +EkDWAxBN0Y7Ze+R+uHTGb9drYS6gn6JUAdhUi/AX/I=
Subject key identifier: 12:26:01:F7:1A:8C:FA:01:34:09:9E:6E:A0:92:DF:55:8B:E2:80:81
Certificate issuer: /CN=541fc54762cfe92d76c2f4c6af8999cbccf6bb67
Certificate serial: 018CC9BCC42036F02446FF6BAB9BF5C160DF
Authority key identifier: 54:1F:C5:47:62:CF:E9:2D:76:C2:F4:C6:AF:89:99:CB:CC:F6:BB:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VB_FR2LP6S12wvTGr4mZy8z2u2c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/EiYB9xqM-gE0CZ5uoJLfVYvigIE.roa
Signing time: Tue 02 Jan 2024 10:34:00 +0000
ROA not before: Tue 02 Jan 2024 10:34:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205809
IP address blocks: 162.208.16.0/24 maxlen: 24
66.203.126.0/23 maxlen: 24
94.24.36.0/23 maxlen: 24
185.206.24.0/22 maxlen: 24
2a0b:e40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/VB_FR2LP6S12wvTGr4mZy8z2u2c.crl
rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/VB_FR2LP6S12wvTGr4mZy8z2u2c.mft
rsync://rpki.ripe.net/repository/DEFAULT/VB_FR2LP6S12wvTGr4mZy8z2u2c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:c4:20:36:f0:24:46:ff:6b:ab:9b:f5:c1:60:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=541fc54762cfe92d76c2f4c6af8999cbccf6bb67
Validity
Not Before: Jan 2 10:34:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=122601f71a8cfa0134099e6ea092df558be28081
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:6f:7f:93:f1:cd:00:20:a7:59:1e:bc:9a:81:
b0:78:a5:95:07:8f:ff:04:e4:d8:0c:89:8b:58:77:
2a:e2:a5:cb:9a:f9:92:02:5a:a2:6c:9c:9f:02:8e:
2a:54:39:37:f4:c0:44:68:24:83:73:2d:38:5a:f2:
0b:a7:b2:79:71:78:22:b9:e9:4c:9c:37:1c:1e:61:
0d:7c:17:2f:82:29:c4:9d:6c:89:d8:3a:b5:c6:18:
6c:f3:b6:08:eb:9f:90:56:3e:bc:e1:b7:b3:d4:c9:
44:21:cd:cc:07:b3:14:e4:af:4f:5a:c3:ee:35:28:
c0:c9:8c:90:9d:ea:3a:fe:fd:b5:65:5c:37:a0:26:
a7:62:92:c2:70:f8:31:5f:4c:dc:47:a2:01:bb:a5:
73:c9:81:d7:b7:b8:9c:91:25:56:ea:b4:13:9a:a7:
24:6e:49:b4:20:25:cb:aa:25:dd:46:4d:4a:8d:78:
b8:8c:c1:c1:ab:15:e7:f5:89:65:8e:08:7c:b8:0e:
c5:b3:d5:3e:76:89:b2:67:01:c0:39:09:c2:1f:43:
45:e0:64:fd:a1:97:4f:6d:5b:7c:db:56:27:45:74:
e4:9e:f2:21:62:77:ff:af:1f:59:24:72:ec:f4:7c:
b9:39:8d:39:61:d0:8d:ab:09:e7:62:00:65:9e:c2:
26:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
12:26:01:F7:1A:8C:FA:01:34:09:9E:6E:A0:92:DF:55:8B:E2:80:81
X509v3 Authority Key Identifier:
keyid:54:1F:C5:47:62:CF:E9:2D:76:C2:F4:C6:AF:89:99:CB:CC:F6:BB:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VB_FR2LP6S12wvTGr4mZy8z2u2c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/EiYB9xqM-gE0CZ5uoJLfVYvigIE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f9/ddda5e-feef-4763-88da-8bc825c3a324/1/VB_FR2LP6S12wvTGr4mZy8z2u2c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.203.126.0/23
94.24.36.0/23
162.208.16.0/24
185.206.24.0/22
IPv6:
2a0b:e40::/29
Signature Algorithm: sha256WithRSAEncryption
3a:3f:e9:cc:c8:00:fd:24:ff:9b:3a:c4:68:ba:f7:2b:7e:53:
05:a0:70:20:20:64:cc:c0:f4:36:2b:d5:46:4d:80:be:b2:fb:
c6:f8:bd:a3:80:74:82:11:d0:ec:20:ec:66:8c:00:87:ca:12:
2e:2c:e1:47:89:02:42:94:e7:d9:f4:80:cb:1f:8d:6e:4d:69:
6d:6d:42:ff:9c:df:0b:38:85:03:59:d6:34:75:78:1f:28:c8:
4e:cb:ad:3c:c8:13:44:26:a2:09:02:06:69:82:d1:04:c2:cb:
0a:fe:af:9a:b7:07:ba:71:6f:5c:95:e2:71:99:09:77:1f:ac:
1d:1f:fd:60:b0:a7:7c:5e:af:d0:7d:44:36:4d:3c:0d:ba:e0:
95:61:d9:80:88:30:9e:19:d7:2e:81:79:d8:ee:4d:c1:85:00:
de:2b:85:43:be:87:df:d8:b9:a8:c8:80:a3:62:cd:3b:7e:a2:
ea:ea:1f:c3:83:12:b1:7d:6b:dd:68:41:c8:f6:f9:cd:f9:2b:
0e:75:e4:19:39:66:ec:7e:30:2a:50:b9:bc:dc:30:b4:7f:fe:
42:fa:0f:ce:ee:4e:53:02:ab:c7:67:b2:ac:e0:58:c7:b8:90:
e8:b4:f6:b4:8b:bc:5f:d1:77:c4:5c:53:7a:d2:83:e4:43:da:
9a:7c:a3:be
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzJvMQgNvAkRv9rq5v1wWDfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0MWZjNTQ3NjJjZmU5MmQ3NmMyZjRjNmFmODk5OWNiY2Nm
NmJiNjcwHhcNMjQwMTAyMTAzNDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMjI2MDFmNzFhOGNmYTAxMzQwOTllNmVhMDkyZGY1NThiZTI4MDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAum9/k/HNACCnWR68moGweKWVB4//
BOTYDImLWHcq4qXLmvmSAlqibJyfAo4qVDk39MBEaCSDcy04WvILp7J5cXgiuelM
nDccHmENfBcvginEnWyJ2Dq1xhhs87YI65+QVj684bez1MlEIc3MB7MU5K9PWsPu
NSjAyYyQneo6/v21ZVw3oCanYpLCcPgxX0zcR6IBu6VzyYHXt7ickSVW6rQTmqck
bkm0ICXLqiXdRk1KjXi4jMHBqxXn9Ylljgh8uA7Fs9U+domyZwHAOQnCH0NF4GT9
oZdPbVt821YnRXTknvIhYnf/rx9ZJHLs9Hy5OY05YdCNqwnnYgBlnsIm8wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFBImAfcajPoBNAmebqCS31WL4oCBMB8GA1UdIwQY
MBaAFFQfxUdiz+ktdsL0xq+JmcvM9rtnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkJfRlIyTFA2UzEyd3ZUR3I0bVp5OHoydTJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOS9kZGRhNWUtZmVlZi00NzYzLTg4ZGEt
OGJjODI1YzNhMzI0LzEvRWlZQjl4cU0tZ0UwQ1o1dW9KTGZWWXZpZ0lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOS9kZGRhNWUtZmVlZi00NzYzLTg4ZGEtOGJjODI1YzNhMzI0
LzEvVkJfRlIyTFA2UzEyd3ZUR3I0bVp5OHoydTJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQBQst+AwQB
XhgkAwQAotAQAwQCuc4YMA0EAgACMAcDBQMqCw5AMA0GCSqGSIb3DQEBCwUAA4IB
AQA6P+nMyAD9JP+bOsRouvcrflMFoHAgIGTMwPQ2K9VGTYC+svvG+L2jgHSCEdDs
IOxmjACHyhIuLOFHiQJClOfZ9IDLH41uTWltbUL/nN8LOIUDWdY0dXgfKMhOy608
yBNEJqIJAgZpgtEEwssK/q+atwe6cW9cleJxmQl3H6wdH/1gsKd8Xq/QfUQ2TTwN
uuCVYdmAiDCeGdcugXnY7k3BhQDeK4VDvoff2LmoyICjYs07fqLq6h/DgxKxfWvd
aEHI9vnN+SsOdeQZOWbsfjAqULm83DC0f/5C+g/O7k5TAqvHZ7Ks4FjHuJDotPa0
i7xf0XfEXFN60oPkQ9qafKO+
-----END CERTIFICATE-----
Generated at Sat Nov 23 19:23:11 2024 by rpki-client on console-fra.rpki-client.org