Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/IJXpFtfjCdRQVY4jh11gmIAN0ak.roa
File: IJXpFtfjCdRQVY4jh11gmIAN0ak.roa (raw, json)
Hash identifier: cdgcjKSXoeps12eUYZcADC/w8kq4lrcPVQ27/oW0EnY=
Subject key identifier: 20:95:E9:16:D7:E3:09:D4:50:55:8E:23:87:5D:60:98:80:0D:D1:A9
Certificate issuer: /CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Certificate serial: 018CC86F19EC25CF83FDAD6DA72C659B55E1
Authority key identifier: 34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/IJXpFtfjCdRQVY4jh11gmIAN0ak.roa
Signing time: Tue 02 Jan 2024 04:29:33 +0000
ROA not before: Tue 02 Jan 2024 04:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201986
IP address blocks: 178.219.56.0/21 maxlen: 21
178.219.58.0/23 maxlen: 23
109.68.127.0/24 maxlen: 24
194.61.88.0/22 maxlen: 24
185.150.164.0/22 maxlen: 22
185.150.166.0/24 maxlen: 24
185.150.164.0/23 maxlen: 23
185.150.167.0/24 maxlen: 24
185.57.68.0/22 maxlen: 22
45.153.212.0/23 maxlen: 23
45.153.214.0/23 maxlen: 23
2a02:5960::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/NNDsesTDkeTsup0KN0kZGxjr-TQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/NNDsesTDkeTsup0KN0kZGxjr-TQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:19:ec:25:cf:83:fd:ad:6d:a7:2c:65:9b:55:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Validity
Not Before: Jan 2 04:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2095e916d7e309d450558e23875d6098800dd1a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3d:33:53:a0:bd:b1:8e:a4:e7:e5:14:a8:97:
b1:03:12:ba:56:76:3d:47:14:24:9b:aa:d4:f5:0c:
19:b7:2e:ec:3e:b4:10:fa:01:6f:9e:4b:4f:f2:3d:
af:93:46:f7:d4:5d:ac:e9:ca:0b:6f:17:d6:9e:d8:
aa:9c:82:b3:e8:93:a8:be:80:05:89:5a:e7:a0:80:
3c:41:69:4a:33:71:e6:d9:67:f2:ef:e2:98:a5:1f:
b4:b8:f7:9d:c3:26:ca:c3:50:fe:26:e4:f9:13:65:
f7:72:24:9e:2d:2d:c0:01:77:ac:29:fd:db:ae:47:
15:66:d5:01:27:c2:c9:cf:09:c3:a8:cf:20:e2:ea:
52:4e:5d:30:30:84:d0:5f:73:5c:90:75:e3:12:87:
db:bf:d9:f6:4d:46:8d:5c:a6:bf:b8:a0:8a:f9:30:
66:a0:0e:84:83:9b:1d:bc:dc:fd:60:97:4b:e9:16:
96:69:2a:92:fd:16:bb:0b:2e:29:e7:9e:7a:7a:a1:
1b:1c:86:64:c9:f5:ed:f2:23:6a:a3:ed:ca:56:e2:
6b:04:b7:1f:2c:cd:b0:df:63:50:a7:07:e2:d4:4c:
68:d0:e6:6a:40:4a:9b:fc:97:f4:23:40:89:e0:68:
ab:1d:86:8f:07:84:ae:e6:01:f4:75:88:e3:43:f9:
60:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:95:E9:16:D7:E3:09:D4:50:55:8E:23:87:5D:60:98:80:0D:D1:A9
X509v3 Authority Key Identifier:
keyid:34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/IJXpFtfjCdRQVY4jh11gmIAN0ak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/NNDsesTDkeTsup0KN0kZGxjr-TQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.212.0/22
109.68.127.0/24
178.219.56.0/21
185.57.68.0/22
185.150.164.0/22
194.61.88.0/22
IPv6:
2a02:5960::/32
Signature Algorithm: sha256WithRSAEncryption
22:01:6e:4e:2c:0e:e5:92:a7:63:a9:b4:91:cf:d9:59:2a:64:
15:a7:de:f2:11:59:ec:43:0b:03:fa:6f:f2:db:f3:a1:de:28:
0a:7c:84:64:fa:11:a2:1d:f4:67:2a:d2:98:d4:72:9a:90:f8:
cc:19:d3:f2:b2:77:20:89:5e:d5:d6:42:3f:f4:ae:4f:6f:5d:
1e:2e:24:b3:46:fb:d0:88:1d:c2:51:50:80:61:58:b9:9f:30:
b0:cc:51:94:81:ce:de:af:96:0c:a9:87:d7:3d:09:08:5f:f1:
f1:4b:3d:6e:a0:1b:c3:00:80:fe:8f:81:b9:71:2b:bd:8c:de:
6e:c3:72:3f:6e:76:34:51:39:7b:3d:b3:1c:28:f7:59:12:bc:
00:ae:b9:69:ca:aa:0f:85:e1:23:9c:32:fb:25:78:52:1e:35:
97:00:28:9e:d1:79:85:75:17:b5:24:29:17:c4:56:5d:78:63:
52:1c:96:78:db:f3:bc:98:c4:c0:9a:17:28:3a:75:46:08:8d:
3b:54:ba:16:87:28:10:18:e9:2c:39:66:25:a8:80:6c:1e:29:
79:9b:5c:61:f4:6f:66:ca:2e:a8:7a:96:c2:8e:ca:b0:c2:0c:
26:9c:35:65:50:b9:f0:ed:95:b2:b7:23:f8:b3:b7:44:d0:da:
85:fe:61:a2
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzIbxnsJc+D/a1tpyxlm1XhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZDBlYzdhYzRjMzkxZTRlY2JhOWQwYTM3NDkxOTFiMThl
YmY5MzQwHhcNMjQwMTAyMDQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDk1ZTkxNmQ3ZTMwOWQ0NTA1NThlMjM4NzVkNjA5ODgwMGRkMWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApT0zU6C9sY6k5+UUqJexAxK6VnY9
RxQkm6rU9QwZty7sPrQQ+gFvnktP8j2vk0b31F2s6coLbxfWntiqnIKz6JOovoAF
iVrnoIA8QWlKM3Hm2Wfy7+KYpR+0uPedwybKw1D+JuT5E2X3ciSeLS3AAXesKf3b
rkcVZtUBJ8LJzwnDqM8g4upSTl0wMITQX3NckHXjEofbv9n2TUaNXKa/uKCK+TBm
oA6Eg5sdvNz9YJdL6RaWaSqS/Ra7Cy4p5556eqEbHIZkyfXt8iNqo+3KVuJrBLcf
LM2w32NQpwfi1Exo0OZqQEqb/Jf0I0CJ4GirHYaPB4Su5gH0dYjjQ/lg1wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFCCV6RbX4wnUUFWOI4ddYJiADdGpMB8GA1UdIwQY
MBaAFDTQ7HrEw5Hk7LqdCjdJGRsY6/k0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUt
YjdjMjY5NmJhZTUwLzEvSUpYcEZ0ZmpDZFJRVlk0amgxMWdtSUFOMGFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUtYjdjMjY5NmJhZTUw
LzEvTk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQCLZnUAwQA
bUR/AwQDsts4AwQCuTlEAwQCuZakAwQCwj1YMA0EAgACMAcDBQAqAllgMA0GCSqG
SIb3DQEBCwUAA4IBAQAiAW5OLA7lkqdjqbSRz9lZKmQVp97yEVnsQwsD+m/y2/Oh
3igKfIRk+hGiHfRnKtKY1HKakPjMGdPysncgiV7V1kI/9K5Pb10eLiSzRvvQiB3C
UVCAYVi5nzCwzFGUgc7er5YMqYfXPQkIX/HxSz1uoBvDAID+j4G5cSu9jN5uw3I/
bnY0UTl7PbMcKPdZErwArrlpyqoPheEjnDL7JXhSHjWXACie0XmFdRe1JCkXxFZd
eGNSHJZ42/O8mMTAmhcoOnVGCI07VLoWhygQGOksOWYlqIBsHil5m1xh9G9myi6o
epbCjsqwwgwmnDVlULnw7ZWytyP4s7dE0NqF/mGi
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:34:05 2024 by rpki-client on console-ams.rpki-client.org