Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Ix2F0ZmTcz8kMhklkqK5L83vJFw.roa
File: Ix2F0ZmTcz8kMhklkqK5L83vJFw.roa (raw, json)
Hash identifier: rU5LWINQDiZV1VWAPFavPeY/Jj96agDzE5grFILS7iU=
Subject key identifier: 23:1D:85:D1:99:93:73:3F:24:32:19:25:92:A2:B9:2F:CD:EF:24:5C
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCF9851A3C266A6E258A4D2B3FC44D
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Ix2F0ZmTcz8kMhklkqK5L83vJFw.roa
Signing time: Tue 02 Jan 2024 06:29:34 +0000
ROA not before: Tue 02 Jan 2024 06:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198228
IP address blocks: 94.156.3.0/24 maxlen: 24
87.121.35.0/24 maxlen: 24
87.121.34.0/24 maxlen: 24
87.121.35.1/32 maxlen: 32
91.92.194.0/24 maxlen: 24
2a00:1728:24::/48 maxlen: 48
2a00:1728:d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:f9:85:1a:3c:26:6a:6e:25:8a:4d:2b:3f:c4:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=231d85d19993733f2432192592a2b92fcdef245c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:5f:d8:ef:78:65:2b:a8:5a:1e:cf:1b:d2:35:
e6:74:6f:e1:5d:e3:95:bb:8d:14:68:60:aa:ce:dd:
17:da:54:b0:48:c7:ea:c1:fa:d3:e5:72:98:f8:33:
a6:37:04:03:4d:9f:a7:55:10:00:0b:c0:23:41:53:
5d:ba:ba:1d:ee:05:c4:28:44:f3:2e:35:70:73:40:
64:b5:30:00:8b:93:72:90:b3:b7:d2:81:7d:59:f3:
08:60:10:5f:d6:bd:22:be:bd:37:ae:5b:5f:e9:6a:
b3:22:22:c3:bc:41:f1:29:9c:25:b3:7b:79:ba:04:
6a:3d:b0:9e:da:9c:a6:42:e1:ac:7a:e2:9a:4e:ac:
01:6b:97:88:5d:78:77:9b:f9:a6:06:8f:17:4b:6a:
84:0a:33:8a:9d:ef:54:67:8b:23:66:c8:28:a1:d8:
11:c1:ff:a9:3f:9f:ac:a6:29:6f:4b:b9:b5:19:36:
2a:08:40:34:a0:78:36:5b:26:73:32:5a:f5:3c:af:
50:3e:06:03:a3:27:7f:0b:d7:6d:90:62:41:3c:1d:
c1:e0:6a:8c:33:c5:5c:81:5d:ac:a9:80:b2:78:19:
d0:ff:e5:fd:6b:db:0b:54:73:a9:d8:5d:f8:bf:7b:
7a:9f:8f:e1:1f:11:64:c5:e0:13:82:c5:27:f6:28:
a7:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:1D:85:D1:99:93:73:3F:24:32:19:25:92:A2:B9:2F:CD:EF:24:5C
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/Ix2F0ZmTcz8kMhklkqK5L83vJFw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.121.34.0/23
91.92.194.0/24
94.156.3.0/24
IPv6:
2a00:1728:d::/48
2a00:1728:24::/48
Signature Algorithm: sha256WithRSAEncryption
36:fd:03:eb:28:11:80:37:48:de:cf:bc:98:6a:ae:f7:66:e9:
3d:b7:ca:c4:af:1c:7a:c4:cb:5f:2e:a7:2b:b0:26:7a:14:02:
33:62:47:a4:42:e0:26:f7:d5:2e:b4:4a:4d:ee:44:b5:66:8d:
4b:f4:f2:0d:e0:31:da:fa:e1:94:3f:70:70:14:7a:ab:78:20:
7d:54:7a:1e:b1:e6:5e:75:19:f2:f2:da:9b:16:d4:7d:30:8e:
3e:69:8d:6b:e8:1b:36:aa:f2:cd:8a:3d:97:7b:4f:3e:6a:c1:
35:66:05:4c:c9:aa:bf:0d:3d:57:08:6e:d3:ff:a5:a1:9c:94:
bf:77:d2:1b:3d:80:c0:09:02:01:8c:e2:4f:98:25:eb:93:47:
e2:8c:d9:b0:46:1d:2e:0f:62:cf:1a:a8:99:49:30:9d:23:fc:
4a:d8:e2:81:c0:a3:7b:5a:02:94:87:11:b1:73:5d:36:7d:eb:
da:40:58:a5:4b:ee:33:90:dc:69:34:5b:1e:4e:d8:43:28:2d:
f7:1d:51:64:75:fd:1f:b9:00:16:32:95:87:cc:eb:40:fd:b4:
5e:22:d7:ff:8b:d1:c2:03:68:25:ce:88:ea:5c:30:6b:46:ac:
5f:0a:77:2a:0e:67:5d:ac:db:49:6e:90:ff:b1:ef:7d:a1:57:
67:72:68:a5
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzI3PmFGjwmam4lik0rP8RNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzFkODVkMTk5OTM3MzNmMjQzMjE5MjU5MmEyYjkyZmNkZWYyNDVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwV/Y73hlK6haHs8b0jXmdG/hXeOV
u40UaGCqzt0X2lSwSMfqwfrT5XKY+DOmNwQDTZ+nVRAAC8AjQVNdurod7gXEKETz
LjVwc0BktTAAi5NykLO30oF9WfMIYBBf1r0ivr03rltf6WqzIiLDvEHxKZwls3t5
ugRqPbCe2pymQuGseuKaTqwBa5eIXXh3m/mmBo8XS2qECjOKne9UZ4sjZsgoodgR
wf+pP5+spilvS7m1GTYqCEA0oHg2WyZzMlr1PK9QPgYDoyd/C9dtkGJBPB3B4GqM
M8VcgV2sqYCyeBnQ/+X9a9sLVHOp2F34v3t6n4/hHxFkxeATgsUn9iin/wIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFCMdhdGZk3M/JDIZJZKiuS/N7yRcMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvSXgyRjBabVRjejhrTWhrbGtxSzVMODN2SkZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQBV3kiAwQA
W1zCAwQAXpwDMBgEAgACMBIDBwAqABcoAA0DBwAqABcoACQwDQYJKoZIhvcNAQEL
BQADggEBADb9A+soEYA3SN7PvJhqrvdm6T23ysSvHHrEy18upyuwJnoUAjNiR6RC
4Cb31S60Sk3uRLVmjUv08g3gMdr64ZQ/cHAUeqt4IH1Ueh6x5l51GfLy2psW1H0w
jj5pjWvoGzaq8s2KPZd7Tz5qwTVmBUzJqr8NPVcIbtP/paGclL930hs9gMAJAgGM
4k+YJeuTR+KM2bBGHS4PYs8aqJlJMJ0j/ErY4oHAo3taApSHEbFzXTZ969pAWKVL
7jOQ3Gk0Wx5O2EMoLfcdUWR1/R+5ABYylYfM60D9tF4i1/+L0cIDaCXOiOpcMGtG
rF8KdyoOZ12s20lukP+x732hV2dyaKU=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:38:38 2024 by rpki-client on console-fra.rpki-client.org