Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/i_27lI308EE36dNoET-i8Xx9tCI.roa
File: i_27lI308EE36dNoET-i8Xx9tCI.roa (raw, json)
Hash identifier: Md21Z1ov7xgFI6LWieS78FYqbVhsMfC6nUeV1G7bDzU=
Subject key identifier: 8B:FD:BB:94:8D:F4:F0:41:37:E9:D3:68:11:3F:A2:F1:7C:7D:B4:22
Certificate issuer: /CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Certificate serial: 01931AA24265FBFA094BE4B9497D7DC708C5
Authority key identifier: 83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/i_27lI308EE36dNoET-i8Xx9tCI.roa
Signing time: Mon 11 Nov 2024 09:51:01 +0000
ROA not before: Mon 11 Nov 2024 09:51:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16276
IP address blocks: 62.106.84.0/24 maxlen: 24
89.21.85.0/24 maxlen: 24
89.251.22.0/24 maxlen: 24
91.226.59.0/24 maxlen: 24
176.97.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:a2:42:65:fb:fa:09:4b:e4:b9:49:7d:7d:c7:08:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=833e3f5ef825556b014a085d32565bb0cbc5ac8d
Validity
Not Before: Nov 11 09:51:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8bfdbb948df4f04137e9d368113fa2f17c7db422
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:14:7e:83:5e:4f:ec:79:c6:25:fb:bd:14:8f:
98:39:51:c1:c5:21:db:ef:43:86:9f:3a:bd:0d:48:
5c:43:a8:48:12:01:d0:de:6f:6c:1b:48:81:b9:cf:
80:a0:48:fd:5e:c1:4f:30:aa:7c:e4:5e:5a:08:7a:
95:57:60:fe:f8:a2:91:59:7c:d3:44:1c:37:8e:c7:
fc:5b:31:d3:c6:a8:1d:ed:1a:d5:79:fa:aa:7c:94:
30:44:e6:22:a4:f7:db:ab:0d:c1:de:5c:7f:94:93:
f8:0f:ed:2c:14:08:aa:46:39:0c:a8:7b:85:de:f3:
17:22:6b:67:03:e0:b6:94:82:b5:61:1d:63:3d:72:
c6:09:30:4b:cb:96:10:da:ca:6f:20:4a:ff:c5:29:
fb:0b:af:19:b6:b9:b5:ec:44:15:49:23:6d:12:92:
a5:b2:49:dc:5e:23:b0:69:17:79:bb:2a:6a:54:f0:
85:55:20:ce:1f:e5:41:c4:9d:0e:f9:46:5b:f7:6a:
35:63:71:c6:33:f9:bd:e4:b1:0d:b9:27:4e:b5:47:
eb:d5:74:ac:32:a5:06:4a:3d:94:39:33:51:08:fe:
a6:f9:2d:b6:41:b1:1d:e5:b8:b9:2f:87:92:86:b5:
8a:bc:66:ba:c2:ac:31:c3:e3:d7:9e:ee:23:b8:b8:
56:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:FD:BB:94:8D:F4:F0:41:37:E9:D3:68:11:3F:A2:F1:7C:7D:B4:22
X509v3 Authority Key Identifier:
keyid:83:3E:3F:5E:F8:25:55:6B:01:4A:08:5D:32:56:5B:B0:CB:C5:AC:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gz4_XvglVWsBSghdMlZbsMvFrI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/i_27lI308EE36dNoET-i8Xx9tCI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/d26618-b340-4f50-b330-318a26d4a8c9/1/gz4_XvglVWsBSghdMlZbsMvFrI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.106.84.0/24
89.21.85.0/24
89.251.22.0/24
91.226.59.0/24
176.97.205.0/24
Signature Algorithm: sha256WithRSAEncryption
47:c3:62:29:af:02:6a:90:9b:43:40:fa:9f:31:70:54:0e:91:
b1:9c:58:05:51:15:99:eb:b1:a9:3f:f2:6d:c8:3a:eb:0d:6d:
bf:b4:3f:2b:84:2e:b5:b9:88:73:64:02:88:14:e9:b1:e2:36:
6a:55:b0:3a:f7:47:3a:3e:d2:18:30:2e:d3:3a:13:76:02:79:
39:1b:c2:78:c0:e7:32:5e:65:2c:c5:ad:4e:b8:20:91:27:62:
78:c0:6a:db:04:f6:54:7b:6b:4c:cb:2a:59:f7:e3:41:19:c6:
c7:49:9d:3b:d4:ad:95:8c:64:3c:ac:7e:07:a6:ae:16:e3:5c:
12:40:2b:40:aa:cb:fa:62:22:b4:8b:c4:69:77:9b:ec:03:dc:
c9:01:cc:03:0a:a9:6a:fb:09:44:6a:78:ae:7b:a9:20:b3:c9:
7d:f9:95:e4:f4:84:68:20:51:e1:0e:2d:01:4f:09:cf:94:73:
9b:4b:f9:f1:17:6e:16:01:3f:5a:e0:eb:ab:be:cc:15:51:33:
e7:59:c9:89:02:1a:95:09:d9:58:47:2f:06:ec:26:d3:13:c3:
fa:17:e6:d9:dc:20:8a:51:13:00:7b:5a:85:4f:b0:a4:ef:91:
c8:4e:12:c5:c2:07:36:ea:dd:0d:a7:ca:9a:f1:38:f8:5c:94:
74:bd:10:36
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZMaokJl+/oJS+S5SX19xwjFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzM2UzZjVlZjgyNTU1NmIwMTRhMDg1ZDMyNTY1YmIwY2Jj
NWFjOGQwHhcNMjQxMTExMDk1MTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YmZkYmI5NDhkZjRmMDQxMzdlOWQzNjgxMTNmYTJmMTdjN2RiNDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzBR+g15P7HnGJfu9FI+YOVHBxSHb
70OGnzq9DUhcQ6hIEgHQ3m9sG0iBuc+AoEj9XsFPMKp85F5aCHqVV2D++KKRWXzT
RBw3jsf8WzHTxqgd7RrVefqqfJQwROYipPfbqw3B3lx/lJP4D+0sFAiqRjkMqHuF
3vMXImtnA+C2lIK1YR1jPXLGCTBLy5YQ2spvIEr/xSn7C68Ztrm17EQVSSNtEpKl
skncXiOwaRd5uypqVPCFVSDOH+VBxJ0O+UZb92o1Y3HGM/m95LENuSdOtUfr1XSs
MqUGSj2UOTNRCP6m+S22QbEd5bi5L4eShrWKvGa6wqwxw+PXnu4juLhWewIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFIv9u5SN9PBBN+nTaBE/ovF8fbQiMB8GA1UdIwQY
MBaAFIM+P174JVVrAUoIXTJWW7DLxayNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAt
MzE4YTI2ZDRhOGM5LzEvaV8yN2xJMzA4RUUzNmROb0VULWk4WHg5dENJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9kMjY2MTgtYjM0MC00ZjUwLWIzMzAtMzE4YTI2ZDRhOGM5
LzEvZ3o0X1h2Z2xWV3NCU2doZE1sWmJzTXZGckkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAPmpUAwQA
WRVVAwQAWfsWAwQAW+I7AwQAsGHNMA0GCSqGSIb3DQEBCwUAA4IBAQBHw2IprwJq
kJtDQPqfMXBUDpGxnFgFURWZ67GpP/JtyDrrDW2/tD8rhC61uYhzZAKIFOmx4jZq
VbA690c6PtIYMC7TOhN2Ank5G8J4wOcyXmUsxa1OuCCRJ2J4wGrbBPZUe2tMyypZ
9+NBGcbHSZ071K2VjGQ8rH4Hpq4W41wSQCtAqsv6YiK0i8Rpd5vsA9zJAcwDCqlq
+wlEaniue6kgs8l9+ZXk9IRoIFHhDi0BTwnPlHObS/nxF24WAT9a4OurvswVUTPn
WcmJAhqVCdlYRy8G7CbTE8P6F+bZ3CCKURMAe1qFT7Ck75HIThLFwgc26t0Np8qa
8Tj4XJR0vRA2
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:35:41 2024 by rpki-client on console-fra.rpki-client.org