Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0f/d23870-74c7-4a84-90ec-c32036750e36/1/IvNPLpHgrmfwftPfFvLuiiuUwxg.roa
File: IvNPLpHgrmfwftPfFvLuiiuUwxg.roa (raw, json)
Hash identifier: nIRXoWFHdSS+2uUBV8KNyzoC84ecb71LXGWPUa7NwxM=
Subject key identifier: 22:F3:4F:2E:91:E0:AE:67:F0:7E:D3:DF:16:F2:EE:8A:2B:94:C3:18
Certificate issuer: /CN=1ad4cccefe55c5e223a9b3205b938a3d1c9e86d5
Certificate serial: 018CC64B185B7169FE5ED083A73685391A21
Authority key identifier: 1A:D4:CC:CE:FE:55:C5:E2:23:A9:B3:20:5B:93:8A:3D:1C:9E:86:D5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GtTMzv5VxeIjqbMgW5OKPRyehtU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0f/d23870-74c7-4a84-90ec-c32036750e36/1/IvNPLpHgrmfwftPfFvLuiiuUwxg.roa
Signing time: Mon 01 Jan 2024 18:30:59 +0000
ROA not before: Mon 01 Jan 2024 18:30:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34979
IP address blocks: 194.24.166.0/24 maxlen: 24
194.24.166.0/23 maxlen: 23
194.24.167.0/24 maxlen: 24
91.204.246.0/24 maxlen: 24
91.204.244.0/24 maxlen: 24
91.204.244.0/22 maxlen: 22
91.204.245.0/24 maxlen: 24
91.204.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0f/d23870-74c7-4a84-90ec-c32036750e36/1/GtTMzv5VxeIjqbMgW5OKPRyehtU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0f/d23870-74c7-4a84-90ec-c32036750e36/1/GtTMzv5VxeIjqbMgW5OKPRyehtU.mft
rsync://rpki.ripe.net/repository/DEFAULT/GtTMzv5VxeIjqbMgW5OKPRyehtU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 13:50:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:18:5b:71:69:fe:5e:d0:83:a7:36:85:39:1a:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ad4cccefe55c5e223a9b3205b938a3d1c9e86d5
Validity
Not Before: Jan 1 18:30:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22f34f2e91e0ae67f07ed3df16f2ee8a2b94c318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:13:cd:79:7a:78:c1:d8:bf:28:3f:24:b1:19:
c5:dc:60:e8:39:cc:62:a7:ac:4c:f4:9a:a9:4a:bc:
e9:37:83:7f:af:11:78:82:e6:a9:0f:24:ca:74:f8:
91:9e:ce:2f:8d:fe:c4:ea:0b:86:57:62:6c:9f:68:
40:fe:df:0d:8f:dd:c1:86:31:84:75:bb:86:5c:aa:
d2:cd:05:5d:03:d2:bf:99:b6:a3:8a:3d:ea:1a:9e:
d3:cc:69:c4:97:1c:7b:9e:de:66:c7:3f:a9:e5:38:
2b:3d:97:77:50:e8:76:32:67:05:e9:65:2f:74:9d:
b2:b4:73:61:e8:61:17:88:30:5b:1c:2f:47:de:c6:
90:99:5c:5b:c8:e0:55:89:06:d1:1b:73:b7:09:de:
56:ad:79:72:6f:39:56:03:de:e2:46:57:46:ed:9c:
fb:2d:91:df:8a:be:b9:e1:3b:81:16:8e:0c:7d:ad:
2e:b9:5b:24:f6:8d:97:62:a5:84:a8:a6:41:03:8a:
04:d7:2a:ad:b3:9d:b8:c5:24:1c:9b:08:0a:a5:5a:
b7:0d:9d:52:96:97:37:ee:9a:da:cd:cc:5e:b0:29:
85:07:c3:fe:e5:69:a9:db:55:a8:f5:44:bb:9c:0e:
f2:5e:dd:9c:a1:6d:9a:e2:cb:f3:fb:eb:99:eb:87:
10:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:F3:4F:2E:91:E0:AE:67:F0:7E:D3:DF:16:F2:EE:8A:2B:94:C3:18
X509v3 Authority Key Identifier:
keyid:1A:D4:CC:CE:FE:55:C5:E2:23:A9:B3:20:5B:93:8A:3D:1C:9E:86:D5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtTMzv5VxeIjqbMgW5OKPRyehtU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d23870-74c7-4a84-90ec-c32036750e36/1/IvNPLpHgrmfwftPfFvLuiiuUwxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0f/d23870-74c7-4a84-90ec-c32036750e36/1/GtTMzv5VxeIjqbMgW5OKPRyehtU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.204.244.0/22
194.24.166.0/23
Signature Algorithm: sha256WithRSAEncryption
ab:c1:77:77:01:fc:00:ca:5c:23:d6:0c:68:63:79:be:55:48:
24:80:d1:96:2c:bd:76:41:f2:ba:ed:a8:96:13:de:1f:1d:98:
05:a2:6e:e9:3f:52:2a:f7:67:33:d1:eb:49:c7:59:6f:63:87:
51:ca:b8:13:9c:fa:43:d4:e9:76:cf:98:64:bf:c0:9f:d1:c4:
34:38:87:af:ef:b1:13:21:62:9b:5c:12:8b:e3:91:c2:bf:a9:
36:f9:21:5b:23:b3:ce:9f:f3:b6:af:06:69:1d:7f:7c:7a:09:
94:13:53:ea:50:82:a1:37:01:02:37:e6:96:72:5c:07:20:c6:
db:64:73:64:64:1b:05:45:33:0a:1f:af:22:32:9b:ee:34:34:
7d:8a:ba:e3:3f:95:aa:9b:b9:b2:e7:26:2d:17:ab:c3:8c:82:
0e:f5:f0:f1:b4:67:a8:f6:b4:05:0d:6c:2f:95:99:6c:bb:0c:
55:63:8c:db:f4:9e:93:33:bc:fb:47:97:dd:e5:11:eb:e5:56:
26:9c:55:d9:ce:79:2c:75:59:e4:c5:90:5a:48:22:df:88:f1:
21:7e:36:48:54:8a:ba:7f:ed:09:fd:6f:29:8c:fa:11:89:6c:
4e:e9:5f:40:97:e1:3a:ad:cb:0c:f6:4f:71:2d:0d:8e:ba:40:
ae:8b:36:26
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSxhbcWn+XtCDpzaFORohMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZDRjY2NlZmU1NWM1ZTIyM2E5YjMyMDViOTM4YTNkMWM5
ZTg2ZDUwHhcNMjQwMTAxMTgzMDU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmYzNGYyZTkxZTBhZTY3ZjA3ZWQzZGYxNmYyZWU4YTJiOTRjMzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxPNeXp4wdi/KD8ksRnF3GDoOcxi
p6xM9JqpSrzpN4N/rxF4guapDyTKdPiRns4vjf7E6guGV2Jsn2hA/t8Nj93BhjGE
dbuGXKrSzQVdA9K/mbajij3qGp7TzGnElxx7nt5mxz+p5TgrPZd3UOh2MmcF6WUv
dJ2ytHNh6GEXiDBbHC9H3saQmVxbyOBViQbRG3O3Cd5WrXlybzlWA97iRldG7Zz7
LZHfir654TuBFo4Mfa0uuVsk9o2XYqWEqKZBA4oE1yqts524xSQcmwgKpVq3DZ1S
lpc37prazcxesCmFB8P+5Wmp21Wo9US7nA7yXt2coW2a4svz++uZ64cQXwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCLzTy6R4K5n8H7T3xby7oorlMMYMB8GA1UdIwQY
MBaAFBrUzM7+VcXiI6mzIFuTij0cnobVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3RUTXp2NVZ4ZUlqcWJNZ1c1T0tQUnllaHRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZi9kMjM4NzAtNzRjNy00YTg0LTkwZWMt
YzMyMDM2NzUwZTM2LzEvSXZOUExwSGdybWZ3ZnRQZkZ2THVpaXVVd3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZi9kMjM4NzAtNzRjNy00YTg0LTkwZWMtYzMyMDM2NzUwZTM2
LzEvR3RUTXp2NVZ4ZUlqcWJNZ1c1T0tQUnllaHRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW8z0AwQB
whimMA0GCSqGSIb3DQEBCwUAA4IBAQCrwXd3AfwAylwj1gxoY3m+VUgkgNGWLL12
QfK67aiWE94fHZgFom7pP1Iq92cz0etJx1lvY4dRyrgTnPpD1Ol2z5hkv8Cf0cQ0
OIev77ETIWKbXBKL45HCv6k2+SFbI7POn/O2rwZpHX98egmUE1PqUIKhNwECN+aW
clwHIMbbZHNkZBsFRTMKH68iMpvuNDR9irrjP5Wqm7my5yYtF6vDjIIO9fDxtGeo
9rQFDWwvlZlsuwxVY4zb9J6TM7z7R5fd5RHr5VYmnFXZznksdVnkxZBaSCLfiPEh
fjZIVIq6f+0J/W8pjPoRiWxO6V9Al+E6rcsM9k9xLQ2OukCuizYm
-----END CERTIFICATE-----
Generated at Mon Jul 1 17:14:28 2024 by rpki-client on console-fra.rpki-client.org