Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/1Ij3ODIg43QOb3_6MwnbAvH0Zro.roa
File: 1Ij3ODIg43QOb3_6MwnbAvH0Zro.roa (raw, json)
Hash identifier: ZAvm2/GGuCF/2DOqMjlfNEHxU1byWE0waG3sJ3nisUM=
Subject key identifier: D4:88:F7:38:32:20:E3:74:0E:6F:7F:FA:33:09:DB:02:F1:F4:66:BA
Certificate issuer: /CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Certificate serial: 018CC9BCEF355F186394436E4D9603DEE36F
Authority key identifier: 59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/1Ij3ODIg43QOb3_6MwnbAvH0Zro.roa
Signing time: Tue 02 Jan 2024 10:34:11 +0000
ROA not before: Tue 02 Jan 2024 10:34:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201387
IP address blocks: 185.89.240.0/22 maxlen: 22
84.47.146.0/24 maxlen: 24
84.47.167.0/24 maxlen: 24
84.47.166.0/23 maxlen: 24
85.91.124.0/22 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.mft
rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:ef:35:5f:18:63:94:43:6e:4d:96:03:de:e3:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=59dd542781851c0bce5a3ea5cc387650ffc8277e
Validity
Not Before: Jan 2 10:34:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d488f7383220e3740e6f7ffa3309db02f1f466ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:82:91:34:1c:35:4e:b3:0a:ca:5b:1c:bf:b2:
47:72:58:6e:b1:3b:d1:b0:0a:ea:73:33:06:1c:03:
cc:57:7a:2c:72:74:7c:3f:8f:72:19:37:95:d5:ff:
68:29:5f:8f:55:4a:1e:01:d5:38:b0:1f:42:df:93:
ba:85:b8:3a:9c:c1:34:06:73:c8:1b:61:d6:83:72:
78:3d:65:0d:93:cc:8d:fc:5f:3e:c9:ef:d3:b8:6e:
9f:b7:5f:7e:14:38:87:eb:31:a2:eb:71:16:02:e9:
39:55:70:86:65:b1:7b:7e:42:45:a5:a7:d4:87:00:
8b:e1:85:81:1a:b5:f7:11:9a:f7:f2:33:55:ca:30:
7f:d4:0d:3a:d6:15:3a:18:a4:0a:95:a3:fe:25:a9:
7e:dd:34:00:ec:2c:fc:9f:1e:b3:aa:1b:b6:64:96:
ee:78:0b:ca:65:67:e3:e3:68:54:f4:00:a2:78:88:
8e:19:c3:e5:90:a6:e3:7c:b5:47:64:87:14:dd:71:
32:43:8e:4c:47:1b:14:c8:ae:d1:2b:2c:6f:73:d8:
f3:6c:f2:f8:c3:d6:fd:2c:80:fe:49:4f:14:a2:0c:
71:af:fc:d6:7d:42:94:22:50:f3:15:d7:3c:6a:42:
37:0e:96:a8:83:20:06:2a:30:4a:7a:38:e1:d6:1b:
50:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:88:F7:38:32:20:E3:74:0E:6F:7F:FA:33:09:DB:02:F1:F4:66:BA
X509v3 Authority Key Identifier:
keyid:59:DD:54:27:81:85:1C:0B:CE:5A:3E:A5:CC:38:76:50:FF:C8:27:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/1Ij3ODIg43QOb3_6MwnbAvH0Zro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/79c4ba-38e2-4f5a-959f-47e0937989a8/1/Wd1UJ4GFHAvOWj6lzDh2UP_IJ34.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.47.146.0/24
84.47.166.0/23
85.91.124.0/22
185.89.240.0/22
Signature Algorithm: sha256WithRSAEncryption
77:a4:f6:9d:4b:b3:1c:b2:9f:3b:8d:4a:77:d5:18:03:a1:85:
af:5a:31:78:fb:d2:b6:16:5b:65:66:0e:e8:6d:38:eb:85:39:
e4:3b:a3:d8:15:7c:8c:12:94:03:3b:a0:34:63:44:a3:e1:f8:
51:52:2c:bf:9e:75:94:65:44:0e:b9:23:e7:7e:9f:79:d1:ae:
e1:cc:ca:a4:49:a3:13:a6:b4:c2:43:1d:a6:fc:de:28:67:90:
87:f2:7c:2b:20:af:0b:9a:11:1f:69:cc:e4:78:fc:02:52:5d:
c9:93:2a:91:e7:79:f4:2f:e7:fb:f0:17:dc:bd:31:a5:cc:bf:
d6:66:66:54:ad:b3:9e:d7:bf:9e:34:c9:02:7a:0a:d3:22:4c:
7e:bb:26:70:64:2f:79:c6:b1:5d:87:d0:ae:53:d0:93:3d:4e:
08:61:e5:3c:5a:ac:9d:b4:d9:97:fb:1c:0e:86:6e:5d:b4:7a:
8d:38:f6:64:1e:3e:e1:aa:b9:93:9f:da:b6:b3:45:c5:3e:5e:
ab:a1:37:85:0a:34:f6:e6:7b:6f:06:96:9c:c8:26:c8:b1:d2:
f1:3a:67:3d:24:3f:a0:83:bd:a2:86:40:51:cd:bc:bc:c6:1a:
f4:24:e2:13:04:0b:e1:f5:79:d1:3d:73:4a:23:3d:04:ba:24:
6c:96:cf:4a
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJvO81XxhjlENuTZYD3uNvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5ZGQ1NDI3ODE4NTFjMGJjZTVhM2VhNWNjMzg3NjUwZmZj
ODI3N2UwHhcNMjQwMTAyMTAzNDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDg4ZjczODMyMjBlMzc0MGU2ZjdmZmEzMzA5ZGIwMmYxZjQ2NmJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhYKRNBw1TrMKylscv7JHclhusTvR
sArqczMGHAPMV3oscnR8P49yGTeV1f9oKV+PVUoeAdU4sB9C35O6hbg6nME0BnPI
G2HWg3J4PWUNk8yN/F8+ye/TuG6ft19+FDiH6zGi63EWAuk5VXCGZbF7fkJFpafU
hwCL4YWBGrX3EZr38jNVyjB/1A061hU6GKQKlaP+Jal+3TQA7Cz8nx6zqhu2ZJbu
eAvKZWfj42hU9ACieIiOGcPlkKbjfLVHZIcU3XEyQ45MRxsUyK7RKyxvc9jzbPL4
w9b9LID+SU8Uogxxr/zWfUKUIlDzFdc8akI3DpaogyAGKjBKejjh1htQ9wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNSI9zgyION0Dm9/+jMJ2wLx9Ga6MB8GA1UdIwQY
MBaAFFndVCeBhRwLzlo+pcw4dlD/yCd+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYt
NDdlMDkzNzk4OWE4LzEvMUlqM09ESWc0M1FPYjNfNk13bmJBdkgwWnJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi83OWM0YmEtMzhlMi00ZjVhLTk1OWYtNDdlMDkzNzk4OWE4
LzEvV2QxVUo0R0ZIQXZPV2o2bHpEaDJVUF9JSjM0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVC+SAwQB
VC+mAwQCVVt8AwQCuVnwMA0GCSqGSIb3DQEBCwUAA4IBAQB3pPadS7Mcsp87jUp3
1RgDoYWvWjF4+9K2FltlZg7obTjrhTnkO6PYFXyMEpQDO6A0Y0Sj4fhRUiy/nnWU
ZUQOuSPnfp950a7hzMqkSaMTprTCQx2m/N4oZ5CH8nwrIK8LmhEfaczkePwCUl3J
kyqR53n0L+f78BfcvTGlzL/WZmZUrbOe17+eNMkCegrTIkx+uyZwZC95xrFdh9Cu
U9CTPU4IYeU8WqydtNmX+xwOhm5dtHqNOPZkHj7hqrmTn9q2s0XFPl6roTeFCjT2
5ntvBpacyCbIsdLxOmc9JD+gg72ihkBRzby8xhr0JOITBAvh9XnRPXNKIz0EuiRs
ls9K
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:41:03 2024 by rpki-client on console-fra.rpki-client.org