Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/2iOSPdxcehu75Ogz2Um5u0suk-U.roa
File: 2iOSPdxcehu75Ogz2Um5u0suk-U.roa (raw, json)
Hash identifier: D+xtsBduz7jekxB29JcyLp7MB/pUESFyLbymCN8qwfY=
Subject key identifier: DA:23:92:3D:DC:5C:7A:1B:BB:E4:E8:33:D9:49:B9:BB:4B:2E:93:E5
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 018FCD75E975C9788B377D38CCC30FFDAE5C
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/2iOSPdxcehu75Ogz2Um5u0suk-U.roa
Signing time: Fri 31 May 2024 07:03:27 +0000
ROA not before: Fri 31 May 2024 07:03:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 91.194.218.0/24 maxlen: 24
185.1.122.0/24 maxlen: 24
193.239.116.0/22 maxlen: 24
2001:7f8:13::/48 maxlen: 48
2001:7f8:61::/48 maxlen: 48
2001:7f8:cd::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 13:57:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:cd:75:e9:75:c9:78:8b:37:7d:38:cc:c3:0f:fd:ae:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: May 31 07:03:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da23923ddc5c7a1bbbe4e833d949b9bb4b2e93e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:77:96:d9:f8:8b:0a:08:0b:f6:de:6a:a0:4d:
0e:24:1f:7f:a7:33:9a:8e:39:76:67:de:f9:9e:96:
49:5e:b1:e5:59:74:28:69:d9:dd:b0:00:a7:f0:07:
e4:e3:fe:ab:5b:22:4a:29:cd:ad:e7:19:19:d6:88:
f3:ef:52:75:0c:00:5b:cb:a0:8d:cd:c9:32:a4:1a:
e7:72:a5:ee:09:fc:b6:5c:8d:6b:af:28:c0:a6:b9:
d1:47:8e:2f:f7:2d:8d:39:31:7a:83:2a:5a:56:54:
1e:75:b4:55:56:c7:e5:b9:5e:8e:ed:9a:71:b3:61:
1e:25:ae:10:70:59:db:b5:47:96:0b:54:99:cd:cb:
16:fe:cc:af:01:e3:66:06:85:ba:cc:6b:ee:96:51:
d7:52:2a:10:fe:10:e3:75:94:a1:ef:b0:11:31:c9:
c2:ac:95:eb:4d:98:07:d5:0c:36:bd:c1:69:17:04:
67:85:d0:51:c6:91:4c:fc:a8:f9:3f:f4:0b:9e:10:
00:c4:2f:4c:0a:83:13:0a:ae:51:6e:6e:b7:46:44:
df:b0:93:08:d2:8e:fe:b3:2b:22:36:f3:a6:5e:28:
bb:a1:4e:8f:f8:aa:3e:e9:a7:8c:bd:2a:30:24:c0:
8a:c2:c6:b9:64:4c:c7:f7:94:8f:f3:ba:db:fc:0c:
d5:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:23:92:3D:DC:5C:7A:1B:BB:E4:E8:33:D9:49:B9:BB:4B:2E:93:E5
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/2iOSPdxcehu75Ogz2Um5u0suk-U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.218.0/24
185.1.122.0/24
193.239.116.0/22
IPv6:
2001:7f8:13::/48
2001:7f8:61::/48
2001:7f8:cd::/48
Signature Algorithm: sha256WithRSAEncryption
0e:99:fa:80:be:32:13:d3:18:bb:ce:41:e0:07:7d:02:fb:a3:
d6:12:33:11:92:a8:a7:2a:3c:6c:1d:c3:ce:81:40:12:a3:ec:
97:64:d9:fd:56:47:ce:7f:ed:b3:0e:c8:bc:15:ab:a8:81:91:
72:9d:a6:d3:2e:b5:d5:c0:b0:cc:60:2d:59:aa:71:f5:39:be:
47:14:a1:58:2e:35:45:77:fc:72:9f:30:95:99:f3:15:92:66:
05:9d:a3:fd:f5:29:2c:af:78:51:4a:4e:c4:b4:50:b4:4e:92:
48:37:47:14:a4:71:45:84:eb:5d:f2:93:a1:ca:83:63:10:90:
40:97:2d:df:5f:36:0b:63:25:61:42:a4:f4:b3:d3:d1:ab:8e:
9c:c6:ea:f4:a6:5f:66:76:f9:40:35:45:eb:c6:04:2d:37:f1:
f1:7e:41:b8:a8:0d:6a:80:9a:b7:49:58:97:84:d0:9c:a5:cc:
e0:cf:15:d0:20:5b:26:c9:d8:d4:10:c0:56:15:1a:e6:34:ad:
87:67:4e:b9:95:1c:8b:b0:6e:0f:ed:40:c9:37:3e:56:c7:03:
bc:0a:8c:c3:f7:33:50:ec:4b:fb:eb:c4:b3:d5:80:b2:12:f9:
42:0c:2d:91:cd:38:51:ec:0e:36:6f:86:89:db:75:de:46:b1:
b0:b3:42:b0
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAY/Ndel1yXiLN304zMMP/a5cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjQwNTMxMDcwMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTIzOTIzZGRjNWM3YTFiYmJlNGU4MzNkOTQ5YjliYjRiMmU5M2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzHeW2fiLCggL9t5qoE0OJB9/pzOa
jjl2Z975npZJXrHlWXQoadndsACn8Afk4/6rWyJKKc2t5xkZ1ojz71J1DABby6CN
zckypBrncqXuCfy2XI1rryjAprnRR44v9y2NOTF6gypaVlQedbRVVsfluV6O7Zpx
s2EeJa4QcFnbtUeWC1SZzcsW/syvAeNmBoW6zGvullHXUioQ/hDjdZSh77ARMcnC
rJXrTZgH1Qw2vcFpFwRnhdBRxpFM/Kj5P/QLnhAAxC9MCoMTCq5Rbm63RkTfsJMI
0o7+sysiNvOmXii7oU6P+Ko+6aeMvSowJMCKwsa5ZEzH95SP87rb/AzVxwIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFNojkj3cXHobu+ToM9lJubtLLpPlMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvMmlPU1BkeGNlaHU3NU9nejJVbTV1MHN1ay1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTAYBAIAATASAwQAW8LaAwQA
uQF6AwQCwe90MCEEAgACMBsDBwAgAQf4ABMDBwAgAQf4AGEDBwAgAQf4AM0wDQYJ
KoZIhvcNAQELBQADggEBAA6Z+oC+MhPTGLvOQeAHfQL7o9YSMxGSqKcqPGwdw86B
QBKj7Jdk2f1WR85/7bMOyLwVq6iBkXKdptMutdXAsMxgLVmqcfU5vkcUoVguNUV3
/HKfMJWZ8xWSZgWdo/31KSyveFFKTsS0ULROkkg3RxSkcUWE613yk6HKg2MQkECX
Ld9fNgtjJWFCpPSz09GrjpzG6vSmX2Z2+UA1RevGBC038fF+QbioDWqAmrdJWJeE
0JylzODPFdAgWybJ2NQQwFYVGuY0rYdnTrmVHIuwbg/tQMk3PlbHA7wKjMP3M1Ds
S/vrxLPVgLIS+UIMLZHNOFHsDjZvhonbdd5GsbCzQrA=
-----END CERTIFICATE-----
Generated at Fri Jun 21 20:05:32 2024 by rpki-client on console-ams.rpki-client.org