Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/iJxGrYvIz1tVmLswoPXEYDhiMvc.roa
File: iJxGrYvIz1tVmLswoPXEYDhiMvc.roa (raw, json)
Hash identifier: /isVZ+h8iMtHdgA/vXd8T+EhWzq32Fnmy9t3uXSxuxw=
Subject key identifier: 88:9C:46:AD:8B:C8:CF:5B:55:98:BB:30:A0:F5:C4:60:38:62:32:F7
Certificate issuer: /CN=a151cfef8f3ed86d11aeabad4d19e06a5d070d30
Certificate serial: 018CC8DE1E9CEF273250D80196C3F69D7147
Authority key identifier: A1:51:CF:EF:8F:3E:D8:6D:11:AE:AB:AD:4D:19:E0:6A:5D:07:0D:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oVHP748-2G0RrqutTRngal0HDTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/iJxGrYvIz1tVmLswoPXEYDhiMvc.roa
Signing time: Tue 02 Jan 2024 06:30:49 +0000
ROA not before: Tue 02 Jan 2024 06:30:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44850
IP address blocks: 91.203.33.0/24 maxlen: 24
91.203.34.0/24 maxlen: 24
91.203.34.0/23 maxlen: 23
91.203.35.0/24 maxlen: 24
91.203.32.0/23 maxlen: 23
91.203.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/oVHP748-2G0RrqutTRngal0HDTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 00:01:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:1e:9c:ef:27:32:50:d8:01:96:c3:f6:9d:71:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a151cfef8f3ed86d11aeabad4d19e06a5d070d30
Validity
Not Before: Jan 2 06:30:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=889c46ad8bc8cf5b5598bb30a0f5c460386232f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:58:e3:91:87:00:62:68:ed:7d:d5:57:8d:b9:
e1:1e:26:a6:79:4c:ee:06:ab:0b:ba:97:32:55:b2:
55:ba:4a:6d:83:49:84:25:f7:ae:70:05:8b:83:4a:
8b:b6:7f:08:29:0c:48:32:54:e5:7b:a7:2f:24:e4:
38:20:e2:19:fe:0a:1b:6a:1b:9a:af:e4:37:5d:0b:
31:1b:ff:2a:b7:73:c8:1f:60:6e:d3:40:ee:bb:6c:
3b:b3:f1:8e:b9:07:5a:44:3f:1a:03:7e:48:eb:ea:
b3:e0:d1:14:f0:b1:29:2c:cd:74:c7:7e:4f:bc:71:
c8:aa:8a:bb:4d:56:fe:e6:b5:37:bb:6b:51:f9:6b:
53:46:56:ed:e0:d2:f1:38:8b:bb:f3:b6:1f:a1:c7:
64:ae:32:74:75:60:d9:90:c2:7d:54:fe:53:ef:f8:
61:ba:86:68:44:f6:41:24:96:de:0e:d2:55:96:ec:
8f:bb:cd:c1:59:54:77:3b:4a:83:74:aa:08:82:8b:
e8:a5:40:b2:11:cf:a8:c7:88:3b:6c:d6:ff:8c:34:
aa:1c:9a:d7:ba:80:b4:e0:af:93:26:df:9c:68:b3:
72:99:8b:36:d2:c2:6e:12:42:b0:ba:cd:46:c8:3e:
b4:76:39:e9:19:35:05:a2:b2:84:d4:4f:dd:69:e8:
e1:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:9C:46:AD:8B:C8:CF:5B:55:98:BB:30:A0:F5:C4:60:38:62:32:F7
X509v3 Authority Key Identifier:
keyid:A1:51:CF:EF:8F:3E:D8:6D:11:AE:AB:AD:4D:19:E0:6A:5D:07:0D:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oVHP748-2G0RrqutTRngal0HDTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/iJxGrYvIz1tVmLswoPXEYDhiMvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/95/959b9f-1408-4cf7-8e75-4046a32d27a4/1/oVHP748-2G0RrqutTRngal0HDTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.203.32.0/22
Signature Algorithm: sha256WithRSAEncryption
b2:bb:24:7e:e5:84:af:c2:e0:74:f5:15:f4:56:e5:bc:15:0b:
8d:a1:21:1d:d9:47:be:c9:62:cb:7a:c5:60:3b:75:67:09:ab:
43:18:b2:75:63:e5:50:d5:de:b8:cd:c0:7e:1d:07:f7:0a:57:
ea:28:51:6c:4f:89:dd:15:1b:53:c6:31:7a:8e:06:22:a2:81:
63:ee:3b:a3:ab:f4:27:09:1e:11:38:84:79:59:ac:5a:17:f9:
9d:d7:95:c8:86:b9:06:43:9b:c0:21:76:c3:74:6f:15:39:0f:
7b:28:14:17:8f:d2:0b:ed:96:4c:9c:54:ca:2c:b3:54:c1:2a:
04:9d:91:c3:af:98:fb:63:03:34:3b:29:cc:ed:6d:d9:9c:0b:
a4:f9:34:5a:47:84:63:41:9b:71:7e:93:3d:5c:2d:7d:f9:58:
99:9d:88:7d:6b:bc:42:e8:76:08:45:69:08:3c:c2:20:29:07:
1b:2a:3b:84:59:4d:28:e7:ba:21:de:42:78:eb:be:7c:2c:81:
ff:8e:31:09:ba:92:d1:5b:34:20:4d:ee:3d:ff:50:20:2d:fe:
df:c4:97:71:5f:82:88:fa:14:bf:d7:fe:86:76:f4:fd:4e:d1:
36:42:82:3a:6a:48:a6:51:5a:f7:fb:f9:a4:e8:b4:77:c2:5a:
a0:fa:7e:10
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3h6c7ycyUNgBlsP2nXFHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGExNTFjZmVmOGYzZWQ4NmQxMWFlYWJhZDRkMTllMDZhNWQw
NzBkMzAwHhcNMjQwMTAyMDYzMDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODljNDZhZDhiYzhjZjViNTU5OGJiMzBhMGY1YzQ2MDM4NjIzMmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsljjkYcAYmjtfdVXjbnhHiameUzu
BqsLupcyVbJVukptg0mEJfeucAWLg0qLtn8IKQxIMlTle6cvJOQ4IOIZ/gobahua
r+Q3XQsxG/8qt3PIH2Bu00Duu2w7s/GOuQdaRD8aA35I6+qz4NEU8LEpLM10x35P
vHHIqoq7TVb+5rU3u2tR+WtTRlbt4NLxOIu787YfocdkrjJ0dWDZkMJ9VP5T7/hh
uoZoRPZBJJbeDtJVluyPu83BWVR3O0qDdKoIgovopUCyEc+ox4g7bNb/jDSqHJrX
uoC04K+TJt+caLNymYs20sJuEkKwus1GyD60djnpGTUForKE1E/daejhGQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIicRq2LyM9bVZi7MKD1xGA4YjL3MB8GA1UdIwQY
MBaAFKFRz++PPthtEa6rrU0Z4GpdBw0wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb1ZIUDc0OC0yRzBScnF1dFRSbmdhbDBIRFRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85NS85NTliOWYtMTQwOC00Y2Y3LThlNzUt
NDA0NmEzMmQyN2E0LzEvaUp4R3JZdkl6MXRWbUxzd29QWEVZRGhpTXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85NS85NTliOWYtMTQwOC00Y2Y3LThlNzUtNDA0NmEzMmQyN2E0
LzEvb1ZIUDc0OC0yRzBScnF1dFRSbmdhbDBIRFRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCW8sgMA0G
CSqGSIb3DQEBCwUAA4IBAQCyuyR+5YSvwuB09RX0VuW8FQuNoSEd2Ue+yWLLesVg
O3VnCatDGLJ1Y+VQ1d64zcB+HQf3ClfqKFFsT4ndFRtTxjF6jgYiooFj7jujq/Qn
CR4ROIR5WaxaF/md15XIhrkGQ5vAIXbDdG8VOQ97KBQXj9IL7ZZMnFTKLLNUwSoE
nZHDr5j7YwM0OynM7W3ZnAuk+TRaR4RjQZtxfpM9XC19+ViZnYh9a7xC6HYIRWkI
PMIgKQcbKjuEWU0o57oh3kJ46758LIH/jjEJupLRWzQgTe49/1AgLf7fxJdxX4KI
+hS/1/6GdvT9TtE2QoI6akimUVr3+/mk6LR3wlqg+n4Q
-----END CERTIFICATE-----
Generated at Sat Jun 22 09:10:17 2024 by rpki-client on console-ams.rpki-client.org