Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/IIQZ-ySUK9XoJ2dV15IClA7FaUA.roa
File: IIQZ-ySUK9XoJ2dV15IClA7FaUA.roa (raw, json)
Hash identifier: nGLc0ebTgm+QWcsdgsj8t+ccdTVSYH17v7BJeRLJcl0=
Subject key identifier: 20:84:19:FB:24:94:2B:D5:E8:27:67:55:D7:92:02:94:0E:C5:69:40
Certificate issuer: /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial: 018CCECFB5B26876351A6581D5C8BC6C7F30
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/IIQZ-ySUK9XoJ2dV15IClA7FaUA.roa
Signing time: Wed 03 Jan 2024 10:12:48 +0000
ROA not before: Wed 03 Jan 2024 10:12:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42689
IP address blocks: 93.89.212.0/24 maxlen: 24
93.89.213.0/24 maxlen: 24
93.89.208.0/24 maxlen: 24
93.89.209.0/24 maxlen: 24
93.89.210.0/24 maxlen: 24
93.89.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.mft
rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 13:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:cf:b5:b2:68:76:35:1a:65:81:d5:c8:bc:6c:7f:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Validity
Not Before: Jan 3 10:12:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=208419fb24942bd5e8276755d79202940ec56940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c4:99:92:4e:f9:12:c1:51:92:ad:80:d4:ba:
5a:19:4a:31:25:69:2e:50:28:8e:64:b3:ea:7d:7f:
27:9d:ec:e0:ba:67:8b:13:39:05:ad:0f:f2:34:3c:
3b:cf:6d:14:34:07:52:8b:3a:9e:ea:4a:a5:88:a3:
e1:87:e8:18:89:9a:13:bd:0c:b6:72:98:31:a8:7f:
12:6b:79:0e:89:b4:7e:ca:d0:e0:28:6b:d5:93:23:
bf:1c:f7:48:a4:de:ab:d6:f8:ee:16:a2:16:25:db:
d3:c9:85:07:87:86:f7:fd:73:84:91:a0:d0:13:fc:
72:db:0f:d4:2f:f7:37:b9:77:8b:a2:ed:41:8b:a5:
23:ea:cb:7a:e7:18:d8:fb:c3:06:b1:14:77:79:25:
5a:7a:6e:b9:ec:a8:a5:5a:e5:2b:8c:c9:02:ae:dc:
1d:0c:2a:7c:7c:7e:c0:f6:2f:a0:87:f8:1f:27:68:
2d:e7:98:29:89:a8:92:cd:1a:cd:34:1a:29:c6:74:
6f:be:df:8a:6e:11:59:fc:c1:a7:00:c5:e9:c6:71:
c7:2b:20:63:85:87:11:53:b7:36:ff:ca:0a:50:62:
f6:7b:35:5a:60:4c:b6:85:90:70:cf:7f:a8:16:ca:
cd:06:e4:e4:26:7f:d6:5d:12:58:e7:3a:e9:a7:ec:
cb:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:84:19:FB:24:94:2B:D5:E8:27:67:55:D7:92:02:94:0E:C5:69:40
X509v3 Authority Key Identifier:
keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/IIQZ-ySUK9XoJ2dV15IClA7FaUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.208.0-93.89.210.255
93.89.212.0-93.89.214.255
Signature Algorithm: sha256WithRSAEncryption
87:a5:84:00:60:d0:a6:6b:29:b9:5f:1d:d8:79:b7:a2:b0:b7:
43:5f:97:5f:af:d3:4f:5f:91:ef:f9:32:d2:e8:ef:87:73:d4:
e6:10:9c:b7:e7:c6:91:c1:08:56:71:bf:ee:a5:35:09:3f:e8:
b3:f2:80:01:21:52:5d:3d:b2:e6:cc:cf:3a:44:41:03:cc:81:
05:c4:d7:18:5f:6b:1e:2f:a1:08:bf:f4:08:65:3b:e8:f4:09:
f7:b3:6b:28:3f:80:d0:08:21:ac:55:ec:b9:49:ab:1a:7e:2d:
57:89:46:f8:dd:5b:96:62:c6:e2:4a:e3:8c:e8:1a:9e:eb:4a:
25:30:c8:12:9f:da:fd:e5:0f:71:38:d2:38:02:95:0b:26:5d:
4c:df:ad:97:7a:0b:4f:a3:6e:11:4c:ef:f6:dd:c9:62:b0:52:
bc:7f:68:58:9d:8a:48:e6:23:63:db:de:f0:bb:ac:f8:61:ec:
f4:d1:61:6e:33:74:45:67:66:14:ab:90:d1:57:04:c3:f6:19:
d6:5f:63:7b:47:f5:4c:ca:2b:af:6f:4b:cc:a0:bb:1b:7e:7d:
65:01:4b:18:f0:f3:d8:c5:ec:a0:17:9b:d8:6c:81:55:79:0e:
e8:73:b6:4f:ef:e6:a4:8b:0d:2e:71:50:e0:34:b7:b7:25:47:
43:25:a5:6a
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzOz7WyaHY1GmWB1ci8bH8wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjQwMTAzMTAxMjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDg0MTlmYjI0OTQyYmQ1ZTgyNzY3NTVkNzkyMDI5NDBlYzU2OTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcSZkk75EsFRkq2A1LpaGUoxJWku
UCiOZLPqfX8nnezgumeLEzkFrQ/yNDw7z20UNAdSizqe6kqliKPhh+gYiZoTvQy2
cpgxqH8Sa3kOibR+ytDgKGvVkyO/HPdIpN6r1vjuFqIWJdvTyYUHh4b3/XOEkaDQ
E/xy2w/UL/c3uXeLou1Bi6Uj6st65xjY+8MGsRR3eSVaem657KilWuUrjMkCrtwd
DCp8fH7A9i+gh/gfJ2gt55gpiaiSzRrNNBopxnRvvt+KbhFZ/MGnAMXpxnHHKyBj
hYcRU7c2/8oKUGL2ezVaYEy2hZBwz3+oFsrNBuTkJn/WXRJY5zrpp+zLpQIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCCEGfsklCvV6CdnVdeSApQOxWlAMB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvSUlRWi15U1VLOVhvSjJkVjE1SUNsQTdGYVVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDAiBAIAATAcMAwDBARdWdAD
BABdWdIwDAMEAl1Z1AMEAF1Z1jANBgkqhkiG9w0BAQsFAAOCAQEAh6WEAGDQpmsp
uV8d2Hm3orC3Q1+XX6/TT1+R7/ky0ujvh3PU5hCct+fGkcEIVnG/7qU1CT/os/KA
ASFSXT2y5szPOkRBA8yBBcTXGF9rHi+hCL/0CGU76PQJ97NrKD+A0AghrFXsuUmr
Gn4tV4lG+N1blmLG4krjjOganutKJTDIEp/a/eUPcTjSOAKVCyZdTN+tl3oLT6Nu
EUzv9t3JYrBSvH9oWJ2KSOYjY9ve8Lus+GHs9NFhbjN0RWdmFKuQ0VcEw/YZ1l9j
e0f1TMorr29LzKC7G359ZQFLGPDz2MXsoBeb2GyBVXkO6HO2T+/mpIsNLnFQ4DS3
tyVHQyWlag==
-----END CERTIFICATE-----
Generated at Sun Jun 2 17:14:28 2024 by rpki-client on console-fra.rpki-client.org