Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-UVYy4DCmWQcXDa1hJhHOLO84WE.roa
File: 1-UVYy4DCmWQcXDa1hJhHOLO84WE.roa (raw, json)
Hash identifier: saYcnKKil6KCHLAkz/q+SIu7HrRqEaOlOEXKwDykv98=
Subject key identifier: F9:45:58:CB:80:C2:99:64:1C:5C:36:B5:84:98:47:38:B3:BC:E1:61
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018EE6A3A2C023985775C0453AE706D06C1A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-UVYy4DCmWQcXDa1hJhHOLO84WE.roa
Signing time: Tue 16 Apr 2024 11:21:07 +0000
ROA not before: Tue 16 Apr 2024 11:21:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 87.120.68.0/23 maxlen: 24
87.121.60.0/24 maxlen: 24
93.123.74.0/23 maxlen: 23
93.123.74.0/24 maxlen: 24
93.123.75.0/24 maxlen: 24
185.252.160.0/23 maxlen: 24
193.148.253.0/24 maxlen: 24
212.87.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 21 Apr 2024 20:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e6:a3:a2:c0:23:98:57:75:c0:45:3a:e7:06:d0:6c:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 16 11:21:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f94558cb80c299641c5c36b584984738b3bce161
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:3b:b6:a6:aa:bd:75:49:d5:cb:29:7a:ba:d0:
71:77:31:7d:58:55:c2:4a:0e:a7:56:44:e0:f5:83:
87:bf:9a:f1:80:e7:b3:e7:b2:61:6e:d7:f5:c4:c5:
2c:e4:30:47:b0:a0:6b:90:fe:99:47:7d:44:0a:7b:
97:29:7a:ab:ee:b7:93:e9:e5:24:07:dc:d2:99:20:
5a:95:0f:83:c9:ed:4a:35:22:e4:e1:d9:56:eb:b8:
58:cc:06:ab:bc:ee:79:67:ef:84:07:8a:4d:48:b8:
e9:40:01:8d:12:6e:5c:0e:38:71:64:e9:ad:97:dd:
bb:a1:ef:6c:60:78:43:ff:4c:ad:36:57:2c:4e:d7:
8f:7a:0b:7c:b4:14:17:bc:0b:cf:2f:d1:e2:79:84:
00:c1:5f:66:bb:5b:87:d5:e1:f0:bd:68:66:18:82:
37:2d:a3:17:32:dc:df:98:97:2b:8e:97:20:f1:4c:
ee:f0:e7:64:e7:ba:1d:de:d4:ce:f6:62:8a:f3:85:
8d:2e:bd:af:08:7d:7a:4d:c1:eb:33:b0:a9:46:8f:
c8:f4:6e:f6:7d:cf:af:3f:76:34:b9:5f:e3:c1:50:
57:a7:a0:95:53:2a:4b:32:49:52:3a:6e:23:16:fb:
f1:a1:ae:9b:b8:e4:34:ae:55:fb:bf:80:13:19:a2:
71:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:45:58:CB:80:C2:99:64:1C:5C:36:B5:84:98:47:38:B3:BC:E1:61
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/1-UVYy4DCmWQcXDa1hJhHOLO84WE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.68.0/23
87.121.60.0/24
93.123.74.0/23
185.252.160.0/23
193.148.253.0/24
212.87.205.0/24
Signature Algorithm: sha256WithRSAEncryption
25:af:27:d9:ac:c2:c4:9c:43:76:3e:26:39:02:d6:ea:e3:f7:
97:02:9f:a1:a4:37:03:3b:e3:29:65:76:cd:ac:b1:af:8f:9e:
85:f5:ed:ae:9d:9c:ee:f4:e0:41:3f:17:f9:a8:64:72:0a:4d:
80:2b:e3:39:e8:e0:f8:26:32:94:46:35:2d:4d:2b:f7:45:c7:
57:72:43:0c:ec:cb:28:4c:5f:39:f2:4a:2d:36:39:b2:86:1f:
8e:f7:23:cb:e5:31:2b:c0:c3:9f:66:b7:ab:4e:5d:73:be:07:
b6:52:7e:49:86:ae:77:23:89:86:e8:74:bf:e3:dc:11:f2:4e:
03:0c:6a:cd:9d:3e:68:bb:98:82:34:a1:15:e7:43:7b:b5:74:
52:03:db:15:f7:8c:c3:ff:ca:16:e2:ee:bc:6e:ae:f6:53:c2:
cb:1a:58:e1:b7:d5:56:87:5e:ee:3c:b6:49:f1:dd:63:9c:8a:
be:83:13:88:4d:e4:c9:d9:68:b8:74:c3:66:a9:9b:b0:1b:f0:
52:78:e5:45:fb:6c:81:b9:91:e0:6b:82:08:c9:3b:84:88:aa:
4f:fc:94:93:8f:52:a7:16:d1:46:03:1c:c5:b9:6d:c9:37:85:
10:d8:26:c6:b3:b5:02:b1:f0:05:09:72:49:03:e4:c9:59:2b:
bd:76:c0:fb
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAY7mo6LAI5hXdcBFOucG0GwaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDE2MTEyMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTQ1NThjYjgwYzI5OTY0MWM1YzM2YjU4NDk4NDczOGIzYmNlMTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTu2pqq9dUnVyyl6utBxdzF9WFXC
Sg6nVkTg9YOHv5rxgOez57Jhbtf1xMUs5DBHsKBrkP6ZR31ECnuXKXqr7reT6eUk
B9zSmSBalQ+Dye1KNSLk4dlW67hYzAarvO55Z++EB4pNSLjpQAGNEm5cDjhxZOmt
l927oe9sYHhD/0ytNlcsTtePegt8tBQXvAvPL9HieYQAwV9mu1uH1eHwvWhmGII3
LaMXMtzfmJcrjpcg8Uzu8Odk57od3tTO9mKK84WNLr2vCH16TcHrM7CpRo/I9G72
fc+vP3Y0uV/jwVBXp6CVUypLMklSOm4jFvvxoa6buOQ0rlX7v4ATGaJx8wIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFPlFWMuAwplkHFw2tYSYRzizvOFhMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvMS1VVll5NERDbVdRY1hEYTFoSmhIT0xPODRXRS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDMvOTEzYTNhLWY1NTAtNDZmMC1hY2M3LWNkM2NhNTk3NTcx
Mi8xL0lzU3NQanhEMXcwRk5KeUJXNnJkT0sxM1hwMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA9BggrBgEFBQcBBwEB/wQuMCwwKgQCAAEwJAMEAVd4RAME
AFd5PAMEAV17SgMEAbn8oAMEAMGU/QMEANRXzTANBgkqhkiG9w0BAQsFAAOCAQEA
Ja8n2azCxJxDdj4mOQLW6uP3lwKfoaQ3AzvjKWV2zayxr4+ehfXtrp2c7vTgQT8X
+ahkcgpNgCvjOejg+CYylEY1LU0r90XHV3JDDOzLKExfOfJKLTY5soYfjvcjy+Ux
K8DDn2a3q05dc74HtlJ+SYaudyOJhuh0v+PcEfJOAwxqzZ0+aLuYgjShFedDe7V0
UgPbFfeMw//KFuLuvG6u9lPCyxpY4bfVVode7jy2SfHdY5yKvoMTiE3kydlouHTD
ZqmbsBvwUnjlRftsgbmR4GuCCMk7hIiqT/yUk49SpxbRRgMcxbltyTeFENgmxrO1
ArHwBQlySQPkyVkrvXbA+w==
-----END CERTIFICATE-----
Generated at Sun Apr 21 03:43:36 2024 by rpki-client on console-fra.rpki-client.org