Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/Ie4KlPBWxYcWzDVpNdF3YIsitGQ.roa
File: Ie4KlPBWxYcWzDVpNdF3YIsitGQ.roa (raw, json)
Hash identifier: itqmoJoc7l9j8v6UyOMjK8Yfx/I5KqtlDE9UC79dbr0=
Subject key identifier: 21:EE:0A:94:F0:56:C5:87:16:CC:35:69:35:D1:77:60:8B:22:B4:64
Certificate issuer: /CN=c20e65caddbecd48d2f87787993113842bdfce5d
Certificate serial: 018D7F2D5C4F51EAF235BD7032F1E4AD747B
Authority key identifier: C2:0E:65:CA:DD:BE:CD:48:D2:F8:77:87:99:31:13:84:2B:DF:CE:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wg5lyt2-zUjS-HeHmTEThCvfzl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/Ie4KlPBWxYcWzDVpNdF3YIsitGQ.roa
Signing time: Tue 06 Feb 2024 16:08:15 +0000
ROA not before: Tue 06 Feb 2024 16:08:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197726
IP address blocks: 91.231.84.0/23 maxlen: 23
91.231.86.0/23 maxlen: 23
195.64.154.0/23 maxlen: 23
195.88.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/wg5lyt2-zUjS-HeHmTEThCvfzl0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/wg5lyt2-zUjS-HeHmTEThCvfzl0.mft
rsync://rpki.ripe.net/repository/DEFAULT/wg5lyt2-zUjS-HeHmTEThCvfzl0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7f:2d:5c:4f:51:ea:f2:35:bd:70:32:f1:e4:ad:74:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c20e65caddbecd48d2f87787993113842bdfce5d
Validity
Not Before: Feb 6 16:08:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21ee0a94f056c58716cc356935d177608b22b464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:f5:c2:1d:76:60:ff:5d:ce:8a:83:e6:6b:e5:
33:f6:37:27:b3:d5:fa:2c:00:3f:75:33:c2:70:5e:
76:a2:56:a3:19:0d:ef:cb:54:a3:d5:c1:e1:39:b7:
26:36:4c:c4:ac:96:e3:e9:f6:3c:96:69:d1:3e:47:
41:b6:1f:0f:59:a6:64:e0:2f:35:cd:da:e5:c3:3c:
ae:86:32:52:20:3b:31:e1:e6:58:8f:c8:6b:7f:8b:
fb:16:5d:8e:86:f6:b3:9f:af:b4:63:04:1e:c4:bb:
ec:c5:22:8f:e2:72:05:af:28:ba:6b:3d:46:ff:22:
57:47:12:35:98:2f:dc:05:d3:7d:6f:ea:e5:34:5a:
fa:0b:ec:52:55:13:11:a5:24:de:bf:ec:24:5f:d8:
26:8e:da:e8:9c:82:31:37:a5:af:79:97:af:c7:0b:
10:e6:18:f3:1f:d0:5a:46:55:2f:2e:61:69:43:98:
a8:35:05:b6:a7:94:bf:29:9c:52:bb:e6:ad:6c:1f:
4f:d5:2b:81:81:95:75:95:88:28:87:fd:4b:34:45:
6c:e8:0f:27:6d:d4:19:5b:be:71:6b:a0:9c:47:fc:
3f:c1:9a:08:43:50:e6:55:07:ae:1a:60:b6:2d:7f:
9b:dc:3d:07:af:68:ac:6a:f2:59:24:e5:73:4b:a8:
bc:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:EE:0A:94:F0:56:C5:87:16:CC:35:69:35:D1:77:60:8B:22:B4:64
X509v3 Authority Key Identifier:
keyid:C2:0E:65:CA:DD:BE:CD:48:D2:F8:77:87:99:31:13:84:2B:DF:CE:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wg5lyt2-zUjS-HeHmTEThCvfzl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/Ie4KlPBWxYcWzDVpNdF3YIsitGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/35ead2-4aa4-4ff0-b5cb-7efaa4a74f97/1/wg5lyt2-zUjS-HeHmTEThCvfzl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.84.0/22
195.64.154.0/23
195.88.243.0/24
Signature Algorithm: sha256WithRSAEncryption
04:77:2f:f6:b9:35:45:ee:61:5f:b4:10:31:04:45:65:a2:b9:
57:b0:1e:d9:ec:82:67:87:1b:64:e1:aa:96:1c:bd:f1:52:9e:
d6:0a:c8:c2:7d:c4:54:b7:58:fc:d0:19:36:58:42:26:1c:d3:
54:f3:e8:e8:34:8a:59:4b:70:64:c9:99:92:ed:0b:51:d9:72:
ec:1a:a5:a9:59:21:e2:e4:60:48:34:0f:48:7c:6b:f0:5b:ac:
09:e2:1f:47:8b:4f:a4:52:ee:ec:a4:d5:f0:b3:c8:da:bd:f7:
f5:ea:55:87:21:29:fe:05:6f:2a:32:ec:8f:e3:db:0f:4f:71:
53:dc:b3:5c:94:4a:e3:d9:0a:0b:43:b5:cc:81:3e:07:94:23:
49:c9:22:61:69:8b:fb:3e:21:bb:26:a1:bc:0e:59:7c:31:77:
e8:a8:69:b7:c4:d5:1d:9f:c0:9a:d8:9b:07:fa:c1:b7:ba:29:
71:f4:c1:21:75:15:2f:ed:2d:3e:2d:74:47:74:1b:6e:c6:4b:
f5:3f:c3:7b:20:a0:1d:94:af:9f:c5:5b:20:98:dc:2f:49:6b:
21:df:dd:37:7e:82:e5:93:f2:9b:1e:5a:20:3d:be:a0:85:16:
58:44:36:26:dc:13:e8:62:9d:a0:aa:40:79:7e:b8:8e:dc:82:
39:1d:7d:8b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY1/LVxPUeryNb1wMvHkrXR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyMGU2NWNhZGRiZWNkNDhkMmY4Nzc4Nzk5MzExMzg0MmJk
ZmNlNWQwHhcNMjQwMjA2MTYwODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWVlMGE5NGYwNTZjNTg3MTZjYzM1NjkzNWQxNzc2MDhiMjJiNDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsvXCHXZg/13OioPma+Uz9jcns9X6
LAA/dTPCcF52olajGQ3vy1Sj1cHhObcmNkzErJbj6fY8lmnRPkdBth8PWaZk4C81
zdrlwzyuhjJSIDsx4eZYj8hrf4v7Fl2Ohvazn6+0YwQexLvsxSKP4nIFryi6az1G
/yJXRxI1mC/cBdN9b+rlNFr6C+xSVRMRpSTev+wkX9gmjtronIIxN6WveZevxwsQ
5hjzH9BaRlUvLmFpQ5ioNQW2p5S/KZxSu+atbB9P1SuBgZV1lYgoh/1LNEVs6A8n
bdQZW75xa6CcR/w/wZoIQ1DmVQeuGmC2LX+b3D0Hr2isavJZJOVzS6i8KQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCHuCpTwVsWHFsw1aTXRd2CLIrRkMB8GA1UdIwQY
MBaAFMIOZcrdvs1I0vh3h5kxE4Qr385dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2c1bHl0Mi16VWpTLUhlSG1URVRoQ3ZmemwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8zNWVhZDItNGFhNC00ZmYwLWI1Y2It
N2VmYWE0YTc0Zjk3LzEvSWU0S2xQQld4WWNXekRWcE5kRjNZSXNpdEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8zNWVhZDItNGFhNC00ZmYwLWI1Y2ItN2VmYWE0YTc0Zjk3
LzEvd2c1bHl0Mi16VWpTLUhlSG1URVRoQ3ZmemwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW+dUAwQB
w0CaAwQAw1jzMA0GCSqGSIb3DQEBCwUAA4IBAQAEdy/2uTVF7mFftBAxBEVlorlX
sB7Z7IJnhxtk4aqWHL3xUp7WCsjCfcRUt1j80Bk2WEImHNNU8+joNIpZS3BkyZmS
7QtR2XLsGqWpWSHi5GBINA9IfGvwW6wJ4h9Hi0+kUu7spNXws8javff16lWHISn+
BW8qMuyP49sPT3FT3LNclErj2QoLQ7XMgT4HlCNJySJhaYv7PiG7JqG8Dll8MXfo
qGm3xNUdn8Ca2JsH+sG3uilx9MEhdRUv7S0+LXRHdBtuxkv1P8N7IKAdlK+fxVsg
mNwvSWsh3903foLlk/KbHlogPb6ghRZYRDYm3BPoYp2gqkB5friO3II5HX2L
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:00:14 2024 by rpki-client on console-ams.rpki-client.org