Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iab1qz6itiyYhhSpoj-JZw5nkAc.roa
File: iab1qz6itiyYhhSpoj-JZw5nkAc.roa (raw, json)
Hash identifier: mSoxHRMsSulvt3MX4jNq7/N8Wk7y0QqzTrsh4N2nmQY=
Subject key identifier: 89:A6:F5:AB:3E:A2:B6:2C:98:86:14:A9:A2:3F:89:67:0E:67:90:07
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018CC8DCD74376A53EA56187EA3E840A29BA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iab1qz6itiyYhhSpoj-JZw5nkAc.roa
Signing time: Tue 02 Jan 2024 06:29:25 +0000
ROA not before: Tue 02 Jan 2024 06:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26506
IP address blocks: 185.207.13.0/24 maxlen: 24
2a00:1728:2c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 11:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:dc:d7:43:76:a5:3e:a5:61:87:ea:3e:84:0a:29:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jan 2 06:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89a6f5ab3ea2b62c988614a9a23f89670e679007
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:cf:54:d6:52:47:12:ff:0a:3b:2d:f9:be:fb:
7c:80:d3:2d:f2:8f:c7:51:e9:b1:89:5d:4e:86:11:
d3:cf:7c:8d:49:7f:f8:4c:8d:48:fc:f5:b1:70:7c:
9b:1c:18:a5:1a:24:b2:6f:f9:19:dd:b6:2e:a8:17:
d0:77:0e:98:c9:30:ac:07:7d:05:5c:bf:ba:f9:be:
17:15:66:4a:27:23:4a:bf:77:fc:bd:0e:60:fb:10:
81:c7:e3:80:72:a9:a0:57:36:51:b3:1b:4e:4c:38:
62:80:b4:49:78:3e:ba:d2:f3:10:ed:30:9d:6b:6b:
5a:cc:08:10:39:69:65:39:6f:2c:c8:db:73:b0:6d:
61:e6:4b:96:09:c4:93:11:19:93:2e:1e:e1:c8:19:
c4:77:b5:5f:49:ac:4d:42:38:3b:e0:a2:69:d2:0d:
96:56:21:39:8d:28:f7:47:98:57:38:47:3d:80:c8:
33:af:7d:64:87:68:5a:5d:53:30:8a:eb:57:56:b2:
3e:fb:3b:0e:03:2f:04:60:f3:6c:3d:98:4a:4a:93:
94:81:d8:2a:a8:3e:0f:5d:cb:b5:07:37:9d:66:11:
cf:8b:09:73:47:03:33:20:97:8b:5f:0f:64:0f:7b:
8c:01:06:8d:c6:c6:84:7a:7a:f5:db:f9:85:4c:25:
e4:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A6:F5:AB:3E:A2:B6:2C:98:86:14:A9:A2:3F:89:67:0E:67:90:07
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/iab1qz6itiyYhhSpoj-JZw5nkAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.207.13.0/24
IPv6:
2a00:1728:2c::/48
Signature Algorithm: sha256WithRSAEncryption
62:62:ab:cc:f9:80:3c:ac:28:8a:73:5f:5f:3c:8c:cc:ed:f5:
61:9f:af:6a:1b:45:6b:c0:c8:93:d2:e8:4b:9f:3c:b1:a0:91:
80:99:4e:76:a4:d7:41:e4:47:a9:bf:7a:d3:82:7d:21:e7:10:
3b:83:2f:8a:3f:76:4b:95:e0:54:8c:6f:e6:27:20:ec:00:d5:
29:9f:62:70:a1:16:e7:49:d2:3b:30:41:8e:9e:82:2d:25:8f:
71:af:4d:03:b8:cc:4d:22:a0:cb:f5:bb:61:08:09:97:19:e5:
d8:27:45:c9:1a:30:4f:d7:90:8a:6d:9c:eb:a4:f0:91:c5:9a:
28:e1:a1:6d:a4:b7:bf:65:b0:9a:3a:45:41:fa:5b:84:19:12:
cc:19:55:9a:cb:7e:90:18:40:1e:3f:1d:4b:76:64:3b:d2:2d:
fc:b8:3d:b4:a3:59:d0:8f:41:2e:28:83:e3:f4:53:29:cd:bb:
14:81:0d:16:51:81:cd:8e:2b:d8:7f:c9:28:18:b8:78:af:25:
ff:cd:fe:15:84:93:15:e2:58:fc:11:e0:de:92:12:7d:15:2c:
62:03:25:cc:de:70:79:fa:52:ad:e3:24:3c:d3:fb:17:19:15:
51:36:04:d5:c6:09:6c:0d:be:0a:c6:0c:43:6e:eb:50:c6:71:
af:32:98:0e
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzI3NdDdqU+pWGH6j6ECim6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwMTAyMDYyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWE2ZjVhYjNlYTJiNjJjOTg4NjE0YTlhMjNmODk2NzBlNjc5MDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgc9U1lJHEv8KOy35vvt8gNMt8o/H
UemxiV1OhhHTz3yNSX/4TI1I/PWxcHybHBilGiSyb/kZ3bYuqBfQdw6YyTCsB30F
XL+6+b4XFWZKJyNKv3f8vQ5g+xCBx+OAcqmgVzZRsxtOTDhigLRJeD660vMQ7TCd
a2tazAgQOWllOW8syNtzsG1h5kuWCcSTERmTLh7hyBnEd7VfSaxNQjg74KJp0g2W
ViE5jSj3R5hXOEc9gMgzr31kh2haXVMwiutXVrI++zsOAy8EYPNsPZhKSpOUgdgq
qD4PXcu1BzedZhHPiwlzRwMzIJeLXw9kD3uMAQaNxsaEenr12/mFTCXkkQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFImm9as+orYsmIYUqaI/iWcOZ5AHMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvaWFiMXF6Nml0aXlZaGhTcG9qLUpadzVua0FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAuc8NMA8E
AgACMAkDBwAqABcoACwwDQYJKoZIhvcNAQELBQADggEBAGJiq8z5gDysKIpzX188
jMzt9WGfr2obRWvAyJPS6EufPLGgkYCZTnak10HkR6m/etOCfSHnEDuDL4o/dkuV
4FSMb+YnIOwA1SmfYnChFudJ0jswQY6egi0lj3GvTQO4zE0ioMv1u2EICZcZ5dgn
RckaME/XkIptnOuk8JHFmijhoW2kt79lsJo6RUH6W4QZEswZVZrLfpAYQB4/HUt2
ZDvSLfy4PbSjWdCPQS4og+P0UynNuxSBDRZRgc2OK9h/ySgYuHivJf/N/hWEkxXi
WPwR4N6SEn0VLGIDJczecHn6Uq3jJDzT+xcZFVE2BNXGCWwNvgrGDENu61DGca8y
mA4=
-----END CERTIFICATE-----
Generated at Sat Apr 27 17:58:07 2024 by rpki-client on console-ams.rpki-client.org