Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/IXIeMJZxqVdh14FS9WnIqrXyB0A.roa
File: IXIeMJZxqVdh14FS9WnIqrXyB0A.roa (raw, json)
Hash identifier: GqmAr/fi11YL5VMSoLszvVUj2fHU88DXXr2bDgReudA=
Subject key identifier: 21:72:1E:30:96:71:A9:57:61:D7:81:52:F5:69:C8:AA:B5:F2:07:40
Certificate issuer: /CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Certificate serial: 018F064759C597E44A9F6947D05366623C0C
Authority key identifier: 4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/IXIeMJZxqVdh14FS9WnIqrXyB0A.roa
Signing time: Mon 22 Apr 2024 14:48:10 +0000
ROA not before: Mon 22 Apr 2024 14:48:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212609
IP address blocks: 185.239.245.0/24 maxlen: 24
185.254.19.0/24 maxlen: 24
194.15.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 11 Dec 2024 16:33:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:06:47:59:c5:97:e4:4a:9f:69:47:d0:53:66:62:3c:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f14112d05e9d876149d2778d48edaaa324db0a5
Validity
Not Before: Apr 22 14:48:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21721e309671a95761d78152f569c8aab5f20740
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:74:cc:ef:7b:ee:19:0e:22:f5:7d:2f:f4:d2:
f8:70:e5:88:a9:0b:b0:55:b7:0f:03:11:ee:fb:93:
ae:fa:d4:11:95:2b:84:b2:d7:79:df:dd:b1:c2:0d:
66:8b:91:20:05:7f:ae:fd:00:f0:79:bd:8d:c5:5f:
95:7b:17:9e:8b:e2:1e:3e:96:04:f1:5d:5a:13:0e:
76:93:21:e0:5f:dd:bd:d8:0b:28:2c:2a:bb:49:5a:
45:18:b6:eb:6d:e6:51:21:eb:dd:eb:52:69:fb:d6:
46:6e:fd:c0:32:30:11:fc:0e:53:84:90:79:e1:b0:
ab:cb:2f:a9:8f:c4:d6:de:06:10:1e:38:77:bb:a2:
f8:00:d6:1d:47:ac:b4:3c:3e:fb:7c:4a:ce:16:26:
42:4f:e3:be:32:4f:f0:71:a6:c0:19:53:16:75:60:
92:32:dd:52:b3:ae:b5:6c:61:cb:5b:d2:27:53:cf:
0b:48:95:4a:a4:b6:0f:c1:3b:ea:f4:a9:b8:f7:3d:
0a:a9:0d:4c:fb:db:a2:0b:fe:8f:50:ff:94:7a:e5:
55:d2:2c:81:e1:68:79:31:26:6c:3e:2b:90:64:06:
8d:2a:f5:a2:07:ee:23:1e:b9:51:38:e1:9a:55:5b:
53:ec:22:91:ee:98:47:61:03:47:2e:73:d0:17:81:
39:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:72:1E:30:96:71:A9:57:61:D7:81:52:F5:69:C8:AA:B5:F2:07:40
X509v3 Authority Key Identifier:
keyid:4F:14:11:2D:05:E9:D8:76:14:9D:27:78:D4:8E:DA:AA:32:4D:B0:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TxQRLQXp2HYUnSd41I7aqjJNsKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/IXIeMJZxqVdh14FS9WnIqrXyB0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1e/3caa51-7a21-499d-a545-bafbdfc8132a/1/TxQRLQXp2HYUnSd41I7aqjJNsKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.245.0/24
185.254.19.0/24
194.15.151.0/24
Signature Algorithm: sha256WithRSAEncryption
ce:4f:ba:a6:23:c8:e0:18:3c:3f:dc:03:41:a2:40:67:6f:de:
52:c9:2a:3a:89:24:9a:cc:06:b1:bc:be:60:d9:bb:ed:27:5a:
f4:5f:e6:59:f0:46:74:49:8d:a2:ca:06:40:32:48:fe:0a:39:
c8:9c:9f:06:7d:38:db:7e:d4:c5:b1:fb:ec:bf:4e:18:cb:8f:
28:39:fb:13:27:34:d9:01:4e:1f:0e:fb:1b:fc:fa:74:be:04:
2e:aa:59:37:04:f2:e8:ba:c0:8f:be:88:0e:72:f1:78:42:4c:
60:44:90:db:19:74:06:e2:68:52:af:fc:de:ff:85:1e:03:d8:
3a:e9:83:88:64:6d:74:a3:e3:c1:a0:d2:f1:d3:12:26:e2:5f:
a5:fa:5d:58:cb:5d:99:64:e6:55:36:b0:6d:fd:8f:56:79:b3:
e3:4d:00:6f:b5:8a:4e:49:07:0e:71:98:d6:ca:0a:51:ae:f4:
8e:9e:76:67:f5:ef:92:e4:60:3f:fb:e3:80:02:65:0a:e2:b2:
17:3b:13:06:40:34:9d:5d:f1:9f:5e:36:40:1b:c0:f1:e9:49:
b8:5b:bb:46:ed:57:7d:83:52:35:0a:2c:b4:fb:d6:a2:3d:eb:
41:88:bb:02:ba:d6:c0:b8:3e:d3:4c:b9:2f:a6:fa:c2:80:16:
ad:75:ed:01
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY8GR1nFl+RKn2lH0FNmYjwMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMTQxMTJkMDVlOWQ4NzYxNDlkMjc3OGQ0OGVkYWFhMzI0
ZGIwYTUwHhcNMjQwNDIyMTQ0ODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTcyMWUzMDk2NzFhOTU3NjFkNzgxNTJmNTY5YzhhYWI1ZjIwNzQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHTM73vuGQ4i9X0v9NL4cOWIqQuw
VbcPAxHu+5Ou+tQRlSuEstd5392xwg1mi5EgBX+u/QDweb2NxV+Vexeei+IePpYE
8V1aEw52kyHgX9292AsoLCq7SVpFGLbrbeZRIevd61Jp+9ZGbv3AMjAR/A5ThJB5
4bCryy+pj8TW3gYQHjh3u6L4ANYdR6y0PD77fErOFiZCT+O+Mk/wcabAGVMWdWCS
Mt1Ss661bGHLW9InU88LSJVKpLYPwTvq9Km49z0KqQ1M+9uiC/6PUP+UeuVV0iyB
4Wh5MSZsPiuQZAaNKvWiB+4jHrlROOGaVVtT7CKR7phHYQNHLnPQF4E5JwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCFyHjCWcalXYdeBUvVpyKq18gdAMB8GA1UdIwQY
MBaAFE8UES0F6dh2FJ0neNSO2qoyTbClMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUt
YmFmYmRmYzgxMzJhLzEvSVhJZU1KWnhxVmRoMTRGUzlXbklxclh5QjBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZS8zY2FhNTEtN2EyMS00OTlkLWE1NDUtYmFmYmRmYzgxMzJh
LzEvVHhRUkxRWHAySFlVblNkNDFJN2FxakpOc0tVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAue/1AwQA
uf4TAwQAwg+XMA0GCSqGSIb3DQEBCwUAA4IBAQDOT7qmI8jgGDw/3ANBokBnb95S
ySo6iSSazAaxvL5g2bvtJ1r0X+ZZ8EZ0SY2iygZAMkj+CjnInJ8GfTjbftTFsfvs
v04Yy48oOfsTJzTZAU4fDvsb/Pp0vgQuqlk3BPLousCPvogOcvF4QkxgRJDbGXQG
4mhSr/ze/4UeA9g66YOIZG10o+PBoNLx0xIm4l+l+l1Yy12ZZOZVNrBt/Y9WebPj
TQBvtYpOSQcOcZjWygpRrvSOnnZn9e+S5GA/++OAAmUK4rIXOxMGQDSdXfGfXjZA
G8Dx6Um4W7tG7Vd9g1I1Ciy0+9aiPetBiLsCutbAuD7TTLkvpvrCgBatde0B
-----END CERTIFICATE-----
Generated at Wed Dec 11 02:22:31 2024 by rpki-client on console-ams.rpki-client.org