Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/IZOqvqGgkILXyyN38uq5sRZpPkk.roa
File: IZOqvqGgkILXyyN38uq5sRZpPkk.roa (raw, json)
Hash identifier: 9F9VdDjxB3slRRS6nfEgc8tanD5yKRhhgJRCCng9SCc=
Subject key identifier: 21:93:AA:BE:A1:A0:90:82:D7:CB:23:77:F2:EA:B9:B1:16:69:3E:49
Certificate issuer: /CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Certificate serial: 0191234FE7A24A08DCB1676FA43AD5A64814
Authority key identifier: 87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/IZOqvqGgkILXyyN38uq5sRZpPkk.roa
Signing time: Mon 05 Aug 2024 16:12:04 +0000
ROA not before: Mon 05 Aug 2024 16:12:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207957
IP address blocks: 146.19.128.0/24 maxlen: 24
178.250.186.0/24 maxlen: 24
193.163.203.0/24 maxlen: 24
217.119.129.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.mft
rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:23:4f:e7:a2:4a:08:dc:b1:67:6f:a4:3a:d5:a6:48:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8778ad8168e09cf92d4e0498257f8e9ceabf0692
Validity
Not Before: Aug 5 16:12:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2193aabea1a09082d7cb2377f2eab9b116693e49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:42:94:2b:2c:27:53:cb:ce:cf:b9:71:d2:3b:
02:fd:28:3d:1b:85:89:15:67:50:91:3b:b4:a1:ce:
e7:38:cc:b8:90:48:a3:03:d3:9f:d0:48:bc:1f:b7:
17:af:9c:52:35:5e:3e:2e:92:2a:43:a2:13:d2:17:
51:7e:57:17:ee:86:26:7a:41:9a:7b:ce:94:cd:b8:
b2:69:84:8b:41:a3:7e:a6:e2:cb:4d:f0:87:e4:91:
ea:fb:4a:58:c2:a5:21:45:5b:e4:e1:b6:42:f2:91:
ef:6a:fb:f0:e3:67:34:4d:a0:ee:a5:74:75:c9:90:
2e:64:ef:9a:00:c6:70:ce:6a:e8:52:19:fb:46:ae:
e6:46:57:a3:0c:ce:c5:f5:c4:61:70:fd:1c:af:37:
d5:b0:64:4e:9e:ce:60:f1:a0:fd:99:28:9d:78:30:
0f:f6:f3:bc:67:28:0f:cd:34:ca:48:4e:08:e2:cf:
19:32:3a:47:b2:9f:a5:56:3d:16:5c:e8:dc:6c:54:
2a:5b:d2:9b:0d:3f:0d:17:53:ae:65:0d:d9:d1:bf:
8f:1c:6c:b8:97:37:bb:19:e4:5d:57:6b:2f:26:37:
64:f8:46:a3:8b:9f:ec:02:36:50:c6:67:3f:f2:03:
b8:00:c2:d8:86:09:04:36:7b:53:3e:4f:89:1c:56:
3a:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:93:AA:BE:A1:A0:90:82:D7:CB:23:77:F2:EA:B9:B1:16:69:3E:49
X509v3 Authority Key Identifier:
keyid:87:78:AD:81:68:E0:9C:F9:2D:4E:04:98:25:7F:8E:9C:EA:BF:06:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3itgWjgnPktTgSYJX-OnOq_BpI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/IZOqvqGgkILXyyN38uq5sRZpPkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/f07f8d-9df0-49c6-b2f0-aa9d691811e7/1/h3itgWjgnPktTgSYJX-OnOq_BpI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.128.0/24
178.250.186.0/24
193.163.203.0/24
217.119.129.0/24
Signature Algorithm: sha256WithRSAEncryption
10:86:21:ff:52:53:cf:69:7d:6f:e0:2c:78:52:ed:ee:af:5d:
51:87:df:d5:aa:39:0b:0e:00:19:9f:dc:92:e7:f6:67:bf:67:
83:04:fe:51:80:6a:29:23:5f:b4:ba:22:92:24:90:2b:93:f7:
97:1d:a0:c1:1e:83:92:69:d7:b5:77:1b:67:c2:92:b9:e5:ba:
f5:37:7c:32:93:0c:2e:ad:44:37:10:92:28:50:79:a0:f8:7a:
0c:2f:8c:cc:2f:41:04:50:a1:3d:e8:aa:eb:69:1e:a6:54:a1:
93:0c:53:62:85:dd:f4:30:ca:d2:1f:d1:b2:8e:13:e8:fc:bc:
9d:11:ff:3e:a9:ad:5d:5b:fc:25:e9:31:02:c6:b2:1a:66:92:
6d:c5:05:91:01:80:dd:3b:1b:65:b0:a7:b4:4e:ce:00:af:1b:
e1:fc:95:74:40:23:9c:cc:e0:1b:45:fb:71:91:f6:80:1b:fd:
27:03:e3:72:c6:e0:cb:6c:cd:b5:79:7a:3f:2a:e7:51:0f:0e:
bd:28:9a:e5:3f:05:7d:b6:1c:c4:bc:58:55:0c:23:58:8a:c2:
61:43:58:14:76:4e:ac:5d:e0:98:ec:61:12:30:aa:1e:83:e7:
37:7a:98:a5:13:93:ac:99:3c:83:8d:c0:28:f2:fc:cf:6d:be:
25:86:b9:69
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZEjT+eiSgjcsWdvpDrVpkgUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzhhZDgxNjhlMDljZjkyZDRlMDQ5ODI1N2Y4ZTljZWFi
ZjA2OTIwHhcNMjQwODA1MTYxMjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTkzYWFiZWExYTA5MDgyZDdjYjIzNzdmMmVhYjliMTE2NjkzZTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEKUKywnU8vOz7lx0jsC/Sg9G4WJ
FWdQkTu0oc7nOMy4kEijA9Of0Ei8H7cXr5xSNV4+LpIqQ6IT0hdRflcX7oYmekGa
e86UzbiyaYSLQaN+puLLTfCH5JHq+0pYwqUhRVvk4bZC8pHvavvw42c0TaDupXR1
yZAuZO+aAMZwzmroUhn7Rq7mRlejDM7F9cRhcP0crzfVsGROns5g8aD9mSideDAP
9vO8ZygPzTTKSE4I4s8ZMjpHsp+lVj0WXOjcbFQqW9KbDT8NF1OuZQ3Z0b+PHGy4
lze7GeRdV2svJjdk+Eaji5/sAjZQxmc/8gO4AMLYhgkENntTPk+JHFY6DwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCGTqr6hoJCC18sjd/LqubEWaT5JMB8GA1UdIwQY
MBaAFId4rYFo4Jz5LU4EmCV/jpzqvwaSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAt
YWE5ZDY5MTgxMWU3LzEvSVpPcXZxR2drSUxYeXlOMzh1cTVzUlpwUGtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi9mMDdmOGQtOWRmMC00OWM2LWIyZjAtYWE5ZDY5MTgxMWU3
LzEvaDNpdGdXamduUGt0VGdTWUpYLU9uT3FfQnBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAkhOAAwQA
svq6AwQAwaPLAwQA2XeBMA0GCSqGSIb3DQEBCwUAA4IBAQAQhiH/UlPPaX1v4Cx4
Uu3ur11Rh9/VqjkLDgAZn9yS5/Znv2eDBP5RgGopI1+0uiKSJJArk/eXHaDBHoOS
ade1dxtnwpK55br1N3wykwwurUQ3EJIoUHmg+HoML4zML0EEUKE96KrraR6mVKGT
DFNihd30MMrSH9GyjhPo/LydEf8+qa1dW/wl6TECxrIaZpJtxQWRAYDdOxtlsKe0
Ts4Arxvh/JV0QCOczOAbRftxkfaAG/0nA+NyxuDLbM21eXo/KudRDw69KJrlPwV9
thzEvFhVDCNYisJhQ1gUdk6sXeCY7GESMKoeg+c3epilE5OsmTyDjcAo8vzPbb4l
hrlp
-----END CERTIFICATE-----
Generated at Sat Sep 28 10:57:20 2024 by rpki-client on console-fra.rpki-client.org