Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Iyjor4yoUKDR5fLCAXaUKRclObc.roa
File: Iyjor4yoUKDR5fLCAXaUKRclObc.roa (raw, json)
Hash identifier: UTy7kwFsXXPfcnKFLqClCb652ezRZ+GN7GSVJmhGmfA=
Subject key identifier: 23:28:E8:AF:8C:A8:50:A0:D1:E5:F2:C2:01:76:94:29:17:25:39:B7
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0191CD90C5300412BF77CFF9749C91D1F963
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Iyjor4yoUKDR5fLCAXaUKRclObc.roa
Signing time: Sat 07 Sep 2024 17:38:22 +0000
ROA not before: Sat 07 Sep 2024 17:38:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211750
IP address blocks: 45.128.157.0/24 maxlen: 24
45.128.158.0/24 maxlen: 24
185.228.81.0/24 maxlen: 24
185.228.82.0/24 maxlen: 24
195.88.190.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:cd:90:c5:30:04:12:bf:77:cf:f9:74:9c:91:d1:f9:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Sep 7 17:38:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2328e8af8ca850a0d1e5f2c201769429172539b7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:c6:82:46:e3:b0:07:d9:41:62:c9:e0:44:d6:
5d:29:21:47:cc:d9:d5:3b:7c:1d:ff:f8:61:f3:72:
05:3a:0a:d2:e8:bd:71:09:f9:01:83:72:99:ee:bb:
7b:d7:ff:2a:3d:0a:60:8f:d7:15:95:c7:3d:be:64:
85:90:10:b1:bf:ef:49:d7:21:63:d7:1a:c9:68:68:
82:64:68:fc:95:6f:d3:48:ef:5f:c1:12:8b:36:a3:
a8:1b:cf:5b:c7:10:8a:79:3e:39:e4:6b:3d:39:a6:
f4:82:2b:8d:38:30:6f:88:cc:9c:2a:be:51:ca:6a:
3b:68:40:88:92:89:54:d7:9e:8d:81:a1:f8:3c:df:
72:52:54:a5:0e:26:50:ee:53:91:0e:15:71:af:02:
9d:fd:1f:bc:c7:ef:06:0d:01:e6:97:28:ce:4f:ba:
57:c0:fb:7d:83:cd:ef:db:08:61:fc:22:fb:c9:00:
ae:d6:c4:4f:a4:77:92:c7:22:63:bc:85:f2:ab:2a:
18:18:97:a0:5e:7e:e5:cc:f9:1f:91:fe:66:2e:8c:
07:ee:9b:2b:d7:13:d0:c7:98:b6:a3:98:9f:67:88:
e2:99:32:b9:b2:fa:d4:89:1d:9e:91:0e:d5:6e:df:
a0:2c:ed:c6:d9:13:be:b3:5e:8f:72:60:bf:51:dd:
e6:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:28:E8:AF:8C:A8:50:A0:D1:E5:F2:C2:01:76:94:29:17:25:39:B7
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/Iyjor4yoUKDR5fLCAXaUKRclObc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.157.0-45.128.158.255
185.228.81.0-185.228.82.255
195.88.190.0/24
Signature Algorithm: sha256WithRSAEncryption
21:64:92:f6:2b:6a:33:40:dd:27:12:a0:14:a2:cf:32:73:e1:
e5:03:66:b7:ea:38:99:02:da:5b:cc:b3:b7:c0:57:2d:05:21:
5d:11:eb:67:9d:86:3b:18:04:7d:fe:df:2b:8e:d7:2a:b4:b2:
c4:c8:23:0e:9e:1c:b3:f0:b9:96:c2:e0:bb:45:97:5e:4e:5c:
1b:32:5a:79:ac:10:ad:e0:79:27:fb:d1:88:28:d2:04:1c:0d:
10:b1:63:a7:4c:9d:b4:35:fd:0b:49:53:46:76:df:8e:ec:d4:
2a:76:23:62:ea:c0:50:af:27:dd:aa:a6:d4:50:08:cc:08:67:
b5:53:2a:40:3b:65:99:45:34:d4:5d:b0:30:80:27:5d:6d:3f:
98:41:a3:63:69:2e:56:46:b3:11:f5:8b:e2:3d:0d:27:80:42:
43:00:6f:98:05:0f:e1:55:74:95:2a:44:c5:e7:36:56:cf:7b:
a8:ed:2b:95:95:d4:11:63:f3:e9:1f:dd:8d:dc:43:be:9c:78:
fb:1c:0d:ec:5f:a2:47:da:7b:2a:7e:ca:5e:f1:fc:ea:12:7d:
2a:14:10:6c:44:2f:ea:47:50:2a:68:b0:86:5f:4d:45:82:f5:
17:9e:86:8c:a5:2c:b0:0c:19:8b:14:c4:15:1b:07:ac:be:b9:
dd:8c:33:20
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZHNkMUwBBK/d8/5dJyR0fljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjQwOTA3MTczODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzI4ZThhZjhjYTg1MGEwZDFlNWYyYzIwMTc2OTQyOTE3MjUzOWI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi8aCRuOwB9lBYsngRNZdKSFHzNnV
O3wd//hh83IFOgrS6L1xCfkBg3KZ7rt71/8qPQpgj9cVlcc9vmSFkBCxv+9J1yFj
1xrJaGiCZGj8lW/TSO9fwRKLNqOoG89bxxCKeT455Gs9Oab0giuNODBviMycKr5R
ymo7aECIkolU156NgaH4PN9yUlSlDiZQ7lORDhVxrwKd/R+8x+8GDQHmlyjOT7pX
wPt9g83v2whh/CL7yQCu1sRPpHeSxyJjvIXyqyoYGJegXn7lzPkfkf5mLowH7psr
1xPQx5i2o5ifZ4jimTK5svrUiR2ekQ7Vbt+gLO3G2RO+s16PcmC/Ud3mXQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCMo6K+MqFCg0eXywgF2lCkXJTm3MB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvSXlqb3I0eW9VS0RSNWZMQ0FYYVVLUmNsT2JjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiMAwDBAAtgJ0D
BAAtgJ4wDAMEALnkUQMEALnkUgMEAMNYvjANBgkqhkiG9w0BAQsFAAOCAQEAIWSS
9itqM0DdJxKgFKLPMnPh5QNmt+o4mQLaW8yzt8BXLQUhXRHrZ52GOxgEff7fK47X
KrSyxMgjDp4cs/C5lsLgu0WXXk5cGzJaeawQreB5J/vRiCjSBBwNELFjp0ydtDX9
C0lTRnbfjuzUKnYjYurAUK8n3aqm1FAIzAhntVMqQDtlmUU01F2wMIAnXW0/mEGj
Y2kuVkazEfWL4j0NJ4BCQwBvmAUP4VV0lSpExec2Vs97qO0rlZXUEWPz6R/djdxD
vpx4+xwN7F+iR9p7Kn7KXvH86hJ9KhQQbEQv6kdQKmiwhl9NRYL1F56GjKUssAwZ
ixTEFRsHrL653YwzIA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:39:17 2024 by rpki-client on console-fra.rpki-client.org