Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/IuOISKZmqKTeC7vPWni8DXOhA8A.roa
File: IuOISKZmqKTeC7vPWni8DXOhA8A.roa (raw, json)
Hash identifier: ObHgWL4nLXU8LOmAbCnUaarWdh6zHeXkPiqJGtqO+K4=
Subject key identifier: 22:E3:88:48:A6:66:A8:A4:DE:0B:BB:CF:5A:78:BC:0D:73:A1:03:C0
Certificate issuer: /CN=f0a32d2129a386c9a0afdbb915e0dbf130ba70d5
Certificate serial: 018DA826A702248A25296AE94CB5FC4F6E27
Authority key identifier: F0:A3:2D:21:29:A3:86:C9:A0:AF:DB:B9:15:E0:DB:F1:30:BA:70:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8KMtISmjhsmgr9u5FeDb8TC6cNU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/IuOISKZmqKTeC7vPWni8DXOhA8A.roa
Signing time: Wed 14 Feb 2024 15:05:21 +0000
ROA not before: Wed 14 Feb 2024 15:05:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207829
IP address blocks: 91.198.170.0/23 maxlen: 23
2a0b:c140::/32 maxlen: 32
2a0b:c140:aa::/48 maxlen: 48
2a0b:c140:ab::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/8KMtISmjhsmgr9u5FeDb8TC6cNU.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/8KMtISmjhsmgr9u5FeDb8TC6cNU.mft
rsync://rpki.ripe.net/repository/DEFAULT/8KMtISmjhsmgr9u5FeDb8TC6cNU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a8:26:a7:02:24:8a:25:29:6a:e9:4c:b5:fc:4f:6e:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0a32d2129a386c9a0afdbb915e0dbf130ba70d5
Validity
Not Before: Feb 14 15:05:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22e38848a666a8a4de0bbbcf5a78bc0d73a103c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:5a:39:a1:b5:5e:3d:be:d6:9d:6f:9b:3a:88:
e3:23:c2:ee:1a:4f:11:25:99:e8:ef:5a:47:b1:5e:
27:86:d5:67:aa:79:6c:80:f7:36:2b:cf:20:e8:9d:
c6:4f:4e:f7:48:39:de:ad:a5:05:d1:a1:cd:1b:d7:
26:38:a3:d1:2f:99:bb:90:ef:a0:43:07:91:69:5e:
be:f8:cc:ae:52:83:67:8f:31:05:a1:cc:e5:03:e4:
17:53:46:3a:b3:af:87:f3:ab:f7:5c:60:a7:a1:f0:
d9:a5:6c:62:a0:b2:0d:8b:82:82:8f:22:74:23:5a:
61:09:41:02:89:b8:cb:54:90:12:1a:77:7b:a5:cd:
52:2f:5b:fe:d1:d5:9c:c1:d7:3c:f9:f5:b6:a6:90:
46:98:ec:62:34:5c:0e:4d:f6:99:f7:b4:86:44:3f:
f2:4e:35:7f:3d:2c:96:92:af:ae:f8:a5:bd:e9:26:
3f:e3:37:3e:55:b8:ca:9e:8c:f6:aa:f1:f3:ab:ae:
0a:00:2e:05:0e:0f:70:02:91:73:9d:f1:46:04:b1:
36:d1:07:cc:ff:8b:98:0e:f8:a1:7b:83:f8:29:54:
b8:34:de:0c:7a:92:77:ae:43:63:b4:04:d8:ad:33:
8c:e9:e9:24:f5:44:5d:9f:fe:c5:f4:33:ca:a1:c0:
ad:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:E3:88:48:A6:66:A8:A4:DE:0B:BB:CF:5A:78:BC:0D:73:A1:03:C0
X509v3 Authority Key Identifier:
keyid:F0:A3:2D:21:29:A3:86:C9:A0:AF:DB:B9:15:E0:DB:F1:30:BA:70:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8KMtISmjhsmgr9u5FeDb8TC6cNU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/IuOISKZmqKTeC7vPWni8DXOhA8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/58b8e2-1215-4bb0-96df-2f08380ae6c7/1/8KMtISmjhsmgr9u5FeDb8TC6cNU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.170.0/23
IPv6:
2a0b:c140::/32
Signature Algorithm: sha256WithRSAEncryption
8c:63:6f:ac:9f:21:e3:9c:40:a8:63:22:fe:ab:3b:98:b0:f1:
ae:b5:72:32:13:09:8e:76:0d:33:ae:38:43:72:ae:c6:e2:fd:
8f:71:47:f5:64:91:18:55:98:cf:74:2d:b1:25:d5:bd:81:4e:
66:25:af:0c:5e:20:8b:cb:36:df:97:28:f4:e6:b2:f1:23:f0:
a4:0d:19:e7:2f:73:53:94:ae:40:c1:dc:e7:40:38:0d:02:50:
c3:d8:1a:e7:bf:83:52:03:37:09:87:a4:a1:37:51:12:d9:e1:
6e:70:b1:c8:d0:bc:51:ac:51:e2:ae:7e:01:f8:73:55:69:7f:
24:93:d7:76:45:7a:1c:78:63:5e:61:8e:3e:e1:39:ac:fb:b2:
5b:67:d1:a6:7f:7a:1b:63:9c:74:e4:a8:ab:89:df:db:7a:7d:
41:9e:f9:a6:42:ce:08:cc:69:47:d9:86:31:32:84:51:a7:2f:
e4:37:14:a8:7f:e5:b9:a4:ea:20:ed:ed:97:df:60:75:5b:86:
83:3a:b1:5c:75:b9:84:53:f3:c3:03:81:59:e5:44:6f:b5:07:
19:d3:97:78:a2:30:ef:9f:f6:64:0a:38:d8:b1:1e:6c:c3:0d:
a7:d7:52:98:5f:c1:03:2a:5b:13:c9:22:0f:c0:5c:af:62:23:
ec:36:22:01
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY2oJqcCJIolKWrpTLX8T24nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYTMyZDIxMjlhMzg2YzlhMGFmZGJiOTE1ZTBkYmYxMzBi
YTcwZDUwHhcNMjQwMjE0MTUwNTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmUzODg0OGE2NjZhOGE0ZGUwYmJiY2Y1YTc4YmMwZDczYTEwM2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj1o5obVePb7WnW+bOojjI8LuGk8R
JZno71pHsV4nhtVnqnlsgPc2K88g6J3GT073SDneraUF0aHNG9cmOKPRL5m7kO+g
QweRaV6++MyuUoNnjzEFoczlA+QXU0Y6s6+H86v3XGCnofDZpWxioLINi4KCjyJ0
I1phCUECibjLVJASGnd7pc1SL1v+0dWcwdc8+fW2ppBGmOxiNFwOTfaZ97SGRD/y
TjV/PSyWkq+u+KW96SY/4zc+VbjKnoz2qvHzq64KAC4FDg9wApFznfFGBLE20QfM
/4uYDvihe4P4KVS4NN4MepJ3rkNjtATYrTOM6ekk9URdn/7F9DPKocCt3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCLjiEimZqik3gu7z1p4vA1zoQPAMB8GA1UdIwQY
MBaAFPCjLSEpo4bJoK/buRXg2/EwunDVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEtNdElTbWpoc21ncjl1NUZlRGI4VEM2Y05VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy81OGI4ZTItMTIxNS00YmIwLTk2ZGYt
MmYwODM4MGFlNmM3LzEvSXVPSVNLWm1xS1RlQzd2UFduaThEWE9oQThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy81OGI4ZTItMTIxNS00YmIwLTk2ZGYtMmYwODM4MGFlNmM3
LzEvOEtNdElTbWpoc21ncjl1NUZlRGI4VEM2Y05VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBW8aqMA0E
AgACMAcDBQAqC8FAMA0GCSqGSIb3DQEBCwUAA4IBAQCMY2+snyHjnECoYyL+qzuY
sPGutXIyEwmOdg0zrjhDcq7G4v2PcUf1ZJEYVZjPdC2xJdW9gU5mJa8MXiCLyzbf
lyj05rLxI/CkDRnnL3NTlK5AwdznQDgNAlDD2Brnv4NSAzcJh6ShN1ES2eFucLHI
0LxRrFHirn4B+HNVaX8kk9d2RXoceGNeYY4+4Tms+7JbZ9Gmf3obY5x05Kirid/b
en1BnvmmQs4IzGlH2YYxMoRRpy/kNxSof+W5pOog7e2X32B1W4aDOrFcdbmEU/PD
A4FZ5URvtQcZ05d4ojDvn/ZkCjjYsR5sww2n11KYX8EDKlsTySIPwFyvYiPsNiIB
-----END CERTIFICATE-----
Generated at Fri Jun 7 22:11:38 2024 by rpki-client on console-ams.rpki-client.org