Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/IwRoG8IXerjM3Cbz6ppWziFTtOk.roa
File: IwRoG8IXerjM3Cbz6ppWziFTtOk.roa (raw, json)
Hash identifier: 5FD3pTpShOBjKMGz1+/SccwUEeXKCprpRQmems+BpC0=
Subject key identifier: 23:04:68:1B:C2:17:7A:B8:CC:DC:26:F3:EA:9A:56:CE:21:53:B4:E9
Certificate issuer: /CN=0bac82804700ad36538bf86f34c073e971430da5
Certificate serial: 018CC56E40D64B052A180E15A41AFC8FD879
Authority key identifier: 0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/IwRoG8IXerjM3Cbz6ppWziFTtOk.roa
Signing time: Mon 01 Jan 2024 14:29:46 +0000
ROA not before: Mon 01 Jan 2024 14:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 0
IP address blocks: 185.1.230.0/25 maxlen: 25
185.1.230.128/25 maxlen: 25
212.237.192.0/24 maxlen: 24
212.237.193.0/24 maxlen: 24
195.69.118.0/24 maxlen: 24
195.69.117.0/24 maxlen: 24
195.69.116.0/24 maxlen: 24
195.69.119.0/24 maxlen: 24
195.245.240.0/24 maxlen: 24
2001:7f8:122::/49 maxlen: 49
2001:7f8:d::/48 maxlen: 64
2001:7f8:122:8000::/49 maxlen: 49
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.mft
rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:40:d6:4b:05:2a:18:0e:15:a4:1a:fc:8f:d8:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0bac82804700ad36538bf86f34c073e971430da5
Validity
Not Before: Jan 1 14:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2304681bc2177ab8ccdc26f3ea9a56ce2153b4e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:4a:27:e6:90:9d:aa:7b:22:ff:fd:97:fe:96:
02:95:9f:34:f6:2c:bf:26:bf:3d:a3:c2:c3:c9:0d:
a3:85:fa:4b:6d:dc:2f:f8:7b:77:4d:4f:aa:c5:52:
1b:bc:d1:b3:36:46:0c:fa:b4:33:4a:42:be:0e:47:
ce:7d:17:ca:47:54:a5:4f:e7:d9:bb:b5:e8:1e:c3:
9d:34:e2:20:f4:11:a7:2f:f0:90:53:f5:b3:77:cb:
af:45:1e:c1:f9:57:66:4e:89:19:cf:0f:67:03:6f:
e3:02:31:19:91:55:79:17:9e:09:d4:29:97:02:5f:
e4:7e:da:7f:8c:3f:46:4f:eb:58:bf:6b:61:05:c4:
e9:1b:fb:a2:17:76:fe:4a:4b:00:b0:69:30:94:98:
cb:43:6a:9d:f8:23:f5:e8:03:85:08:d4:35:80:31:
9a:4a:9c:0e:b4:17:e7:b7:46:64:6d:b1:bb:67:3d:
58:49:a4:f4:6c:e3:ad:d6:b7:13:ff:73:be:76:85:
bb:76:f6:6f:72:50:09:93:82:93:58:39:32:35:5b:
9d:d6:2a:f2:fd:7c:f7:02:03:bc:26:ba:20:42:b3:
ee:3b:8c:47:80:91:c2:8e:e4:dc:9b:9e:f4:7d:69:
86:c3:1c:70:9a:36:51:1e:b7:a9:47:af:26:1c:11:
f2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:04:68:1B:C2:17:7A:B8:CC:DC:26:F3:EA:9A:56:CE:21:53:B4:E9
X509v3 Authority Key Identifier:
keyid:0B:AC:82:80:47:00:AD:36:53:8B:F8:6F:34:C0:73:E9:71:43:0D:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6yCgEcArTZTi_hvNMBz6XFDDaU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/IwRoG8IXerjM3Cbz6ppWziFTtOk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/a72891-de2f-4156-a011-43f64bcea99d/1/C6yCgEcArTZTi_hvNMBz6XFDDaU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.1.230.0/24
195.69.116.0/22
195.245.240.0/24
212.237.192.0/23
IPv6:
2001:7f8:d::/48
2001:7f8:122::/48
Signature Algorithm: sha256WithRSAEncryption
24:42:a5:a0:f6:23:2f:65:63:68:b7:70:8a:e3:1d:47:e7:a1:
e9:96:49:c1:08:99:02:79:6c:bc:4e:4f:13:7c:43:55:9c:67:
39:93:ab:f0:38:8c:f1:c5:fe:4b:65:82:1e:4f:c2:41:f9:8b:
ba:1a:65:15:9a:49:a9:5e:95:93:25:7d:90:03:20:ee:52:0e:
7d:b9:26:46:81:05:5f:fa:11:9d:43:04:59:92:3e:05:cc:b7:
33:1b:f2:04:a5:f5:e5:46:bc:e2:30:6b:10:c2:a1:2e:ab:fc:
0f:e8:3a:0a:21:22:f5:34:34:e5:4f:bf:53:fc:4c:44:63:1a:
6f:89:6a:1e:7b:5e:ea:8c:70:51:f7:4c:54:a6:1c:0e:d3:cb:
68:95:b4:41:a6:5d:d5:2f:93:fa:49:86:ad:12:3d:7d:2b:48:
da:8e:e5:00:ad:cc:2b:23:d7:46:7e:12:f7:07:f0:6a:8a:ee:
20:42:f1:5a:14:47:9f:43:78:19:32:f8:23:a9:0e:bf:a2:be:
89:28:38:a2:c3:e0:fe:b3:3f:e2:b1:e4:9c:dd:92:23:f6:86:
9c:19:b6:c3:f5:70:ef:79:bd:63:60:e6:cf:f7:f3:f4:55:9f:
99:20:5e:ef:94:76:46:95:28:65:d6:07:39:cd:db:5d:cb:29:
a2:a9:b1:c6
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzFbkDWSwUqGA4VpBr8j9h5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWM4MjgwNDcwMGFkMzY1MzhiZjg2ZjM0YzA3M2U5NzE0
MzBkYTUwHhcNMjQwMTAxMTQyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzA0NjgxYmMyMTc3YWI4Y2NkYzI2ZjNlYTlhNTZjZTIxNTNiNGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmkon5pCdqnsi//2X/pYClZ809iy/
Jr89o8LDyQ2jhfpLbdwv+Ht3TU+qxVIbvNGzNkYM+rQzSkK+DkfOfRfKR1SlT+fZ
u7XoHsOdNOIg9BGnL/CQU/Wzd8uvRR7B+VdmTokZzw9nA2/jAjEZkVV5F54J1CmX
Al/kftp/jD9GT+tYv2thBcTpG/uiF3b+SksAsGkwlJjLQ2qd+CP16AOFCNQ1gDGa
SpwOtBfnt0ZkbbG7Zz1YSaT0bOOt1rcT/3O+doW7dvZvclAJk4KTWDkyNVud1iry
/Xz3AgO8JrogQrPuO4xHgJHCjuTcm570fWmGwxxwmjZRHrepR68mHBHy2QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFCMEaBvCF3q4zNwm8+qaVs4hU7TpMB8GA1UdIwQY
MBaAFAusgoBHAK02U4v4bzTAc+lxQw2lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEt
NDNmNjRiY2VhOTlkLzEvSXdSb0c4SVhlcmpNM0NiejZwcFd6aUZUdE9rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9hNzI4OTEtZGUyZi00MTU2LWEwMTEtNDNmNjRiY2VhOTlk
LzEvQzZ5Q2dFY0FyVFpUaV9odk5NQno2WEZERGFVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjAeBAIAATAYAwQAuQHmAwQC
w0V0AwQAw/XwAwQB1O3AMBgEAgACMBIDBwAgAQf4AA0DBwAgAQf4ASIwDQYJKoZI
hvcNAQELBQADggEBACRCpaD2Iy9lY2i3cIrjHUfnoemWScEImQJ5bLxOTxN8Q1Wc
ZzmTq/A4jPHF/ktlgh5PwkH5i7oaZRWaSalelZMlfZADIO5SDn25JkaBBV/6EZ1D
BFmSPgXMtzMb8gSl9eVGvOIwaxDCoS6r/A/oOgohIvU0NOVPv1P8TERjGm+Jah57
XuqMcFH3TFSmHA7Ty2iVtEGmXdUvk/pJhq0SPX0rSNqO5QCtzCsj10Z+EvcH8GqK
7iBC8VoUR59DeBky+COpDr+ivokoOKLD4P6zP+Kx5JzdkiP2hpwZtsP1cO95vWNg
5s/38/RVn5kgXu+UdkaVKGXWBznN213LKaKpscY=
-----END CERTIFICATE-----
Generated at Sat May 4 09:17:52 2024 by rpki-client on console-fra.rpki-client.org