Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/iJO7dm9bQ_JxPAusxalsAi5t7u8.roa
File: iJO7dm9bQ_JxPAusxalsAi5t7u8.roa (raw, json)
Hash identifier: eTbvGjNmJ2siDzJMaXzRtql2bxPWtBGi85burvPHAho=
Subject key identifier: 88:93:BB:76:6F:5B:43:F2:71:3C:0B:AC:C5:A9:6C:02:2E:6D:EE:EF
Certificate issuer: /CN=11e2a78ddc7f139f0c22a2a63662b4812ae5132e
Certificate serial: 018CC72748B728E2BE8F089F9EAB27E9D117
Authority key identifier: 11:E2:A7:8D:DC:7F:13:9F:0C:22:A2:A6:36:62:B4:81:2A:E5:13:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EeKnjdx_E58MIqKmNmK0gSrlEy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/iJO7dm9bQ_JxPAusxalsAi5t7u8.roa
Signing time: Mon 01 Jan 2024 22:31:29 +0000
ROA not before: Mon 01 Jan 2024 22:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 193.32.92.0/24 maxlen: 24
2a13:1000::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/EeKnjdx_E58MIqKmNmK0gSrlEy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/EeKnjdx_E58MIqKmNmK0gSrlEy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/EeKnjdx_E58MIqKmNmK0gSrlEy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 16:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:48:b7:28:e2:be:8f:08:9f:9e:ab:27:e9:d1:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11e2a78ddc7f139f0c22a2a63662b4812ae5132e
Validity
Not Before: Jan 1 22:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8893bb766f5b43f2713c0bacc5a96c022e6deeef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:c2:51:fb:09:4d:3f:ce:1c:e1:ec:2b:37:a3:
c8:65:02:73:7f:15:3f:36:28:f2:f3:5b:cb:e9:54:
ee:63:87:ea:5b:49:74:6b:99:27:da:d2:6b:f9:cb:
39:a7:46:c3:78:bc:8c:e4:64:fd:86:4e:e5:0b:f4:
c8:ed:f0:39:37:9a:50:6a:8a:8b:f5:b6:8d:e1:d9:
c1:1c:87:f0:9a:60:c9:02:cd:32:25:b0:b6:59:24:
fe:fc:bb:38:b3:41:d2:ae:85:89:01:37:58:f6:c4:
c4:fb:d4:96:31:90:45:b9:a1:86:de:d2:4e:2d:3e:
cb:2e:bd:fd:15:ee:60:d9:78:be:88:30:fb:01:bd:
06:7f:df:27:37:3e:71:05:35:42:00:85:6c:a7:ed:
84:7e:bd:25:a9:6c:c7:3a:71:7f:68:9c:d6:df:98:
aa:77:fb:b2:b0:61:f3:94:16:f6:ee:44:c7:66:f5:
cd:08:d0:c8:10:8c:f8:a0:84:01:89:c9:24:dd:28:
42:58:b6:96:9b:52:14:bb:ce:d2:04:1c:75:9e:9b:
c4:10:4c:45:6c:e1:22:f5:70:cb:3b:d1:b4:57:15:
40:cc:5f:aa:0b:7b:98:01:a4:3c:02:83:1d:8b:24:
b2:7b:54:a4:16:17:9d:cb:ab:55:e6:61:b4:b6:ea:
c7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:93:BB:76:6F:5B:43:F2:71:3C:0B:AC:C5:A9:6C:02:2E:6D:EE:EF
X509v3 Authority Key Identifier:
keyid:11:E2:A7:8D:DC:7F:13:9F:0C:22:A2:A6:36:62:B4:81:2A:E5:13:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EeKnjdx_E58MIqKmNmK0gSrlEy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/iJO7dm9bQ_JxPAusxalsAi5t7u8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/cd15c7-476a-4c57-baf4-de5f7bf59839/1/EeKnjdx_E58MIqKmNmK0gSrlEy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.32.92.0/24
IPv6:
2a13:1000::/29
Signature Algorithm: sha256WithRSAEncryption
73:4e:5c:f4:a5:e6:df:fe:a1:44:2c:47:0c:2b:69:9e:05:5d:
dd:b0:a8:f4:8a:66:a1:5f:04:57:e0:ea:e9:b6:9e:cf:e3:1f:
39:dc:e4:00:8b:fe:99:ec:e4:41:28:9f:43:43:f6:48:c3:4c:
54:b5:21:1f:f9:55:0c:59:df:c3:b1:41:4f:30:70:dd:55:94:
2b:9a:a6:fe:62:2d:21:2c:46:75:d3:f6:f7:12:31:62:06:9e:
9a:b0:98:61:79:d4:7e:e6:7c:f1:e4:fc:82:d4:83:de:c2:d0:
cc:f7:28:02:41:a4:dc:68:fe:9b:41:37:4b:20:9e:9e:58:a6:
da:0f:85:7e:f4:e4:c2:b1:0b:45:3e:fd:1a:b7:61:04:68:89:
fe:70:9a:f0:67:0d:11:5d:91:dd:ba:6d:a8:0a:5e:6c:9b:b5:
44:02:b7:37:02:79:3f:b5:9c:8d:02:d6:db:fa:ae:a4:61:a4:
af:c1:ac:f2:bc:47:ef:f6:de:8a:11:4e:52:d0:9f:5b:08:86:
64:ad:96:d3:7c:04:3e:cc:79:65:d3:04:0e:c1:c4:ef:d1:ca:
a2:8b:7f:53:00:ba:62:c2:2d:85:31:b1:6a:df:41:7a:d6:75:
a1:7d:59:9e:87:7d:bb:96:12:19:5a:5a:81:89:4a:ed:b1:4d:
fd:8c:b5:ec
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHJ0i3KOK+jwifnqsn6dEXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExZTJhNzhkZGM3ZjEzOWYwYzIyYTJhNjM2NjJiNDgxMmFl
NTEzMmUwHhcNMjQwMTAxMjIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODkzYmI3NjZmNWI0M2YyNzEzYzBiYWNjNWE5NmMwMjJlNmRlZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8JR+wlNP84c4ewrN6PIZQJzfxU/
Nijy81vL6VTuY4fqW0l0a5kn2tJr+cs5p0bDeLyM5GT9hk7lC/TI7fA5N5pQaoqL
9baN4dnBHIfwmmDJAs0yJbC2WST+/Ls4s0HSroWJATdY9sTE+9SWMZBFuaGG3tJO
LT7LLr39Fe5g2Xi+iDD7Ab0Gf98nNz5xBTVCAIVsp+2Efr0lqWzHOnF/aJzW35iq
d/uysGHzlBb27kTHZvXNCNDIEIz4oIQBickk3ShCWLaWm1IUu87SBBx1npvEEExF
bOEi9XDLO9G0VxVAzF+qC3uYAaQ8AoMdiySye1SkFhedy6tV5mG0turHjwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIiTu3ZvW0PycTwLrMWpbAIube7vMB8GA1UdIwQY
MBaAFBHip43cfxOfDCKipjZitIEq5RMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWVLbmpkeF9FNThNSXFLbU5tSzBnU3JsRXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9jZDE1YzctNDc2YS00YzU3LWJhZjQt
ZGU1ZjdiZjU5ODM5LzEvaUpPN2RtOWJRX0p4UEF1c3hhbHNBaTV0N3U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9jZDE1YzctNDc2YS00YzU3LWJhZjQtZGU1ZjdiZjU5ODM5
LzEvRWVLbmpkeF9FNThNSXFLbU5tSzBnU3JsRXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwSBcMA0E
AgACMAcDBQMqExAAMA0GCSqGSIb3DQEBCwUAA4IBAQBzTlz0pebf/qFELEcMK2me
BV3dsKj0imahXwRX4Orptp7P4x853OQAi/6Z7ORBKJ9DQ/ZIw0xUtSEf+VUMWd/D
sUFPMHDdVZQrmqb+Yi0hLEZ10/b3EjFiBp6asJhhedR+5nzx5PyC1IPewtDM9ygC
QaTcaP6bQTdLIJ6eWKbaD4V+9OTCsQtFPv0at2EEaIn+cJrwZw0RXZHdum2oCl5s
m7VEArc3Ank/tZyNAtbb+q6kYaSvwazyvEfv9t6KEU5S0J9bCIZkrZbTfAQ+zHll
0wQOwcTv0cqii39TALpiwi2FMbFq30F61nWhfVmeh327lhIZWlqBiUrtsU39jLXs
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:12:38 2024 by rpki-client on console-ams.rpki-client.org