Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/IoeNxdA1GjOTGgmctWo6Cigts-k.roa
File: IoeNxdA1GjOTGgmctWo6Cigts-k.roa (raw, json)
Hash identifier: LKPJFemfNIP/d3N7CBxclNB0gfL01GhfhiibDg5EpXA=
Subject key identifier: 22:87:8D:C5:D0:35:1A:33:93:1A:09:9C:B5:6A:3A:0A:28:2D:B3:E9
Certificate issuer: /CN=1795ac843cd8ba90188f7313652bb561299b296f
Certificate serial: 018CC4244E831391E177F1821F8082B51C55
Authority key identifier: 17:95:AC:84:3C:D8:BA:90:18:8F:73:13:65:2B:B5:61:29:9B:29:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F5WshDzYupAYj3MTZSu1YSmbKW8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/IoeNxdA1GjOTGgmctWo6Cigts-k.roa
Signing time: Mon 01 Jan 2024 08:29:22 +0000
ROA not before: Mon 01 Jan 2024 08:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62101
IP address blocks: 176.126.221.0/24 maxlen: 32
176.126.220.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/F5WshDzYupAYj3MTZSu1YSmbKW8.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/F5WshDzYupAYj3MTZSu1YSmbKW8.mft
rsync://rpki.ripe.net/repository/DEFAULT/F5WshDzYupAYj3MTZSu1YSmbKW8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:03:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:4e:83:13:91:e1:77:f1:82:1f:80:82:b5:1c:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1795ac843cd8ba90188f7313652bb561299b296f
Validity
Not Before: Jan 1 08:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22878dc5d0351a33931a099cb56a3a0a282db3e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:58:97:8d:43:49:27:24:be:1f:2e:c5:10:ba:
c0:a5:0f:30:58:9a:cf:6f:df:d6:a7:fc:55:66:9d:
7d:5d:1d:2a:22:37:68:a1:54:ac:95:bf:c9:99:d5:
3d:16:be:aa:b4:0b:8a:e7:a8:63:86:45:88:3b:b9:
1c:2a:de:29:9f:de:0a:c2:f5:da:37:e2:86:fc:b8:
aa:3b:a8:1c:8c:df:ad:e8:00:46:13:90:b5:2d:ea:
ac:31:ec:3e:d2:cc:4c:8c:ff:21:d2:7e:51:2f:bf:
c3:c0:35:bb:0d:7a:c3:9c:e7:02:46:94:ae:5f:13:
07:b4:ed:89:ab:61:70:7d:04:1d:03:80:8b:6b:58:
97:96:60:f3:aa:27:1f:b8:ae:66:36:7e:4d:3c:97:
40:98:54:a7:9f:83:39:bd:1d:1b:95:2a:c1:ad:79:
c3:23:89:f3:ac:aa:b9:cf:5f:12:10:a6:ee:77:bd:
42:1f:09:4f:ea:e3:7c:e7:2c:e1:22:b7:ae:ca:52:
87:ae:ee:95:2c:b1:8d:d0:94:5e:06:5e:06:9c:6a:
32:de:04:ae:08:e9:1a:74:6d:52:63:d7:71:ae:e4:
05:4e:1e:0a:46:d8:a6:8b:e4:a7:6b:e4:b8:0d:78:
de:2c:71:3a:82:45:8a:78:82:3f:c4:d8:f8:fd:94:
d9:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:87:8D:C5:D0:35:1A:33:93:1A:09:9C:B5:6A:3A:0A:28:2D:B3:E9
X509v3 Authority Key Identifier:
keyid:17:95:AC:84:3C:D8:BA:90:18:8F:73:13:65:2B:B5:61:29:9B:29:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F5WshDzYupAYj3MTZSu1YSmbKW8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/IoeNxdA1GjOTGgmctWo6Cigts-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/6683f4-3eec-4dcb-8787-731abc6f75ca/1/F5WshDzYupAYj3MTZSu1YSmbKW8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.220.0/23
Signature Algorithm: sha256WithRSAEncryption
6e:e4:b9:e1:7e:26:cf:31:09:73:bd:ce:b7:52:60:bf:a6:ed:
50:ec:68:4f:d5:8a:f6:b2:fc:56:79:f7:e7:5c:c4:56:15:6d:
83:99:a0:27:54:93:a9:3d:42:c0:8d:92:85:14:7c:52:5b:78:
60:4b:b5:97:67:3c:38:10:8d:b3:22:7d:fa:80:97:e3:e2:66:
f9:76:d9:1e:58:9e:7d:21:ce:5d:07:a9:93:86:f8:b7:de:fc:
27:29:b0:9f:ba:4a:cb:0a:cc:b3:cc:b7:59:e8:aa:fe:73:10:
b9:e4:09:f2:d6:e1:a0:56:72:f5:f0:8e:bf:cf:69:71:87:0f:
dc:6e:d5:ad:ca:68:62:67:ab:5e:92:db:8e:3a:e4:3f:a9:6d:
35:d2:57:19:96:59:a9:0b:6a:d8:bb:65:9d:dc:08:49:b4:0b:
c5:d7:f7:27:32:29:3d:d0:61:05:24:26:59:01:8d:92:7a:38:
3b:0d:a1:90:de:89:77:c1:2b:44:7d:7d:e4:05:45:d3:99:e4:
bc:4d:2d:18:ea:87:52:88:5f:66:93:5d:c9:e6:f0:0c:17:e4:
a1:8a:da:a5:af:14:44:c3:75:a8:b2:a7:04:64:c5:be:ca:06:
c0:6c:c1:97:da:11:51:da:2a:a9:26:6f:72:fb:2f:c6:75:fa:
f3:58:29:ec
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJE6DE5Hhd/GCH4CCtRxVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3OTVhYzg0M2NkOGJhOTAxODhmNzMxMzY1MmJiNTYxMjk5
YjI5NmYwHhcNMjQwMTAxMDgyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjg3OGRjNWQwMzUxYTMzOTMxYTA5OWNiNTZhM2EwYTI4MmRiM2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFiXjUNJJyS+Hy7FELrApQ8wWJrP
b9/Wp/xVZp19XR0qIjdooVSslb/JmdU9Fr6qtAuK56hjhkWIO7kcKt4pn94KwvXa
N+KG/LiqO6gcjN+t6ABGE5C1LeqsMew+0sxMjP8h0n5RL7/DwDW7DXrDnOcCRpSu
XxMHtO2Jq2FwfQQdA4CLa1iXlmDzqicfuK5mNn5NPJdAmFSnn4M5vR0blSrBrXnD
I4nzrKq5z18SEKbud71CHwlP6uN85yzhIreuylKHru6VLLGN0JReBl4GnGoy3gSu
COkadG1SY9dxruQFTh4KRtimi+Sna+S4DXjeLHE6gkWKeII/xNj4/ZTZnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCKHjcXQNRozkxoJnLVqOgooLbPpMB8GA1UdIwQY
MBaAFBeVrIQ82LqQGI9zE2UrtWEpmylvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjVXc2hEell1cEFZajNNVFpTdTFZU21iS1c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS82NjgzZjQtM2VlYy00ZGNiLTg3ODct
NzMxYWJjNmY3NWNhLzEvSW9lTnhkQTFHak9UR2dtY3RXbzZDaWd0cy1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS82NjgzZjQtM2VlYy00ZGNiLTg3ODctNzMxYWJjNmY3NWNh
LzEvRjVXc2hEell1cEFZajNNVFpTdTFZU21iS1c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsH7cMA0G
CSqGSIb3DQEBCwUAA4IBAQBu5LnhfibPMQlzvc63UmC/pu1Q7GhP1Yr2svxWeffn
XMRWFW2DmaAnVJOpPULAjZKFFHxSW3hgS7WXZzw4EI2zIn36gJfj4mb5dtkeWJ59
Ic5dB6mThvi33vwnKbCfukrLCsyzzLdZ6Kr+cxC55Any1uGgVnL18I6/z2lxhw/c
btWtymhiZ6tektuOOuQ/qW010lcZllmpC2rYu2Wd3AhJtAvF1/cnMik90GEFJCZZ
AY2Sejg7DaGQ3ol3wStEfX3kBUXTmeS8TS0Y6odSiF9mk13J5vAMF+ShitqlrxRE
w3WosqcEZMW+ygbAbMGX2hFR2iqpJm9y+y/GdfrzWCns
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:04:24 2024 by rpki-client on console-ams.rpki-client.org