Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IuIzliGkx7ZByy47Yqp3jAZVLXM.roa
File: IuIzliGkx7ZByy47Yqp3jAZVLXM.roa (raw, json)
Hash identifier: AZPZwqoN7CG7Ykmc5zemDdSz7usDc+Ir661+Pqdr6U4=
Subject key identifier: 22:E2:33:96:21:A4:C7:B6:41:CB:2E:3B:62:AA:77:8C:06:55:2D:73
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCF82DC2A8BD6CB1E8CD9BB5A6A8AA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IuIzliGkx7ZByy47Yqp3jAZVLXM.roa
Signing time: Tue 02 Jan 2024 06:29:33 +0000
ROA not before: Tue 02 Jan 2024 06:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196945
IP address blocks: 185.221.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:f8:2d:c2:a8:bd:6c:b1:e8:cd:9b:b5:a6:a8:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22e2339621a4c7b641cb2e3b62aa778c06552d73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e5:7c:9e:ea:26:5b:20:4b:7c:e2:09:00:4c:
18:f5:44:36:9a:8b:9b:11:85:b4:e7:e9:8d:9e:b4:
10:63:00:6d:13:63:9e:1f:5c:02:99:ff:85:c8:eb:
92:a9:41:1b:d7:03:33:21:eb:3e:e1:a1:5e:d7:13:
87:01:76:52:9e:cf:53:97:12:17:70:1b:46:ec:84:
1f:da:18:fc:1a:53:93:bd:84:0a:5a:22:44:e7:8d:
36:8b:be:85:3c:85:e8:4f:96:45:b1:51:cf:89:14:
ff:a7:04:d2:7e:18:27:c6:e9:aa:e7:57:37:67:64:
aa:63:b2:e9:10:56:05:b9:ab:25:48:2a:c9:dc:55:
f0:a5:11:88:a9:50:9e:3b:34:d4:be:5c:54:51:c3:
b4:aa:03:47:75:5c:4a:4f:e5:18:e1:ad:5f:6b:63:
08:66:31:40:00:93:59:95:08:e9:aa:64:06:a2:0b:
6c:da:ba:09:a1:69:42:cb:f6:e0:4b:97:90:98:29:
02:cc:e3:f8:c8:dd:7c:5a:5e:c4:f4:6d:04:a2:38:
9f:2f:dc:f9:7e:6e:e9:b1:eb:f6:d8:20:7e:a4:47:
27:4e:ce:78:9a:f8:f2:3d:27:c1:88:4e:e5:7e:a6:
96:e7:be:64:f5:e9:1b:ee:61:12:a2:69:1f:59:4f:
d5:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E2:33:96:21:A4:C7:B6:41:CB:2E:3B:62:AA:77:8C:06:55:2D:73
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IuIzliGkx7ZByy47Yqp3jAZVLXM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.65.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:bb:a5:28:44:bd:6b:57:65:b5:0e:b4:8d:be:5e:86:ac:e9:
d1:e1:61:6b:19:62:56:46:ce:59:31:a6:59:ba:f9:c1:74:c9:
68:37:62:0c:2d:bd:2c:97:29:64:02:7b:62:71:94:31:7a:f7:
f6:fc:20:b6:8b:73:3c:dc:71:77:17:35:5f:6e:b2:42:bb:0e:
72:49:69:56:e3:ac:11:0c:43:01:6c:97:40:24:c5:d2:50:23:
05:75:cd:77:fb:bd:a6:e0:69:1c:6d:b9:f7:1e:cb:26:e9:e6:
cf:45:8d:13:cc:00:b5:bf:ce:78:14:59:db:f1:aa:b7:c7:79:
96:f3:05:7d:59:af:b2:8f:2e:65:92:04:05:7c:8c:d0:72:8f:
94:a1:e9:26:69:8f:aa:8f:d9:41:8b:e8:67:13:8a:13:83:1c:
32:ce:83:55:ad:9c:5f:2e:97:b1:d4:3c:d6:f2:e6:29:3d:24:
55:2d:ad:2f:89:7a:37:89:8c:24:42:a9:4b:40:20:3d:a9:cb:
a4:85:7a:3a:35:c3:f2:87:42:2d:48:7d:20:c2:3a:6f:a7:87:
2f:d1:e7:1f:43:14:f7:7c:10:ab:d0:95:d0:1d:68:0e:3d:7d:
e5:a1:69:ec:18:d5:82:10:94:b7:5f:af:8e:9e:6a:d0:e1:b3:
60:81:c2:55
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzI3Pgtwqi9bLHozZu1pqiqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmUyMzM5NjIxYTRjN2I2NDFjYjJlM2I2MmFhNzc4YzA2NTUyZDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+V8nuomWyBLfOIJAEwY9UQ2moub
EYW05+mNnrQQYwBtE2OeH1wCmf+FyOuSqUEb1wMzIes+4aFe1xOHAXZSns9TlxIX
cBtG7IQf2hj8GlOTvYQKWiJE5402i76FPIXoT5ZFsVHPiRT/pwTSfhgnxumq51c3
Z2SqY7LpEFYFuaslSCrJ3FXwpRGIqVCeOzTUvlxUUcO0qgNHdVxKT+UY4a1fa2MI
ZjFAAJNZlQjpqmQGogts2roJoWlCy/bgS5eQmCkCzOP4yN18Wl7E9G0EojifL9z5
fm7psev22CB+pEcnTs54mvjyPSfBiE7lfqaW575k9ekb7mESomkfWU/VQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCLiM5YhpMe2QcsuO2Kqd4wGVS1zMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSXVJemxpR2t4N1pCeXk0N1lxcDNqQVpWTFhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAud1BMA0G
CSqGSIb3DQEBCwUAA4IBAQCeu6UoRL1rV2W1DrSNvl6GrOnR4WFrGWJWRs5ZMaZZ
uvnBdMloN2IMLb0slylkAnticZQxevf2/CC2i3M83HF3FzVfbrJCuw5ySWlW46wR
DEMBbJdAJMXSUCMFdc13+72m4Gkcbbn3Hssm6ebPRY0TzAC1v854FFnb8aq3x3mW
8wV9Wa+yjy5lkgQFfIzQco+UoekmaY+qj9lBi+hnE4oTgxwyzoNVrZxfLpex1DzW
8uYpPSRVLa0viXo3iYwkQqlLQCA9qcukhXo6NcPyh0ItSH0gwjpvp4cv0ecfQxT3
fBCr0JXQHWgOPX3loWnsGNWCEJS3X6+OnmrQ4bNggcJV
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:21:14 2024 by rpki-client on console-ams.rpki-client.org