Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/I0oAxDxSLp0kYIJPzmSmAbm_pC0.roa
File: I0oAxDxSLp0kYIJPzmSmAbm_pC0.roa (raw, json)
Hash identifier: y5GzuisJisO10LjhFbKQRkgOHB9toSy6woSqQLas3GU=
Subject key identifier: 23:4A:00:C4:3C:52:2E:9D:24:60:82:4F:CE:64:A6:01:B9:BF:A4:2D
Certificate issuer: /CN=4f2d30b015ec4ef1b0d3c64347c8d1b598293f81
Certificate serial: 018CC6B927D532E14D614296E0CCB4DA38FA
Authority key identifier: 4F:2D:30:B0:15:EC:4E:F1:B0:D3:C6:43:47:C8:D1:B5:98:29:3F:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/I0oAxDxSLp0kYIJPzmSmAbm_pC0.roa
Signing time: Mon 01 Jan 2024 20:31:12 +0000
ROA not before: Mon 01 Jan 2024 20:31:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198178
IP address blocks: 185.157.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:27:d5:32:e1:4d:61:42:96:e0:cc:b4:da:38:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f2d30b015ec4ef1b0d3c64347c8d1b598293f81
Validity
Not Before: Jan 1 20:31:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=234a00c43c522e9d2460824fce64a601b9bfa42d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:d0:61:64:aa:99:15:af:e5:77:85:4d:67:21:
2d:6e:2b:4a:9c:94:83:3e:4c:aa:33:1c:80:e2:22:
21:f7:66:54:1d:b0:49:45:17:99:fe:3b:da:c0:db:
f1:d7:95:54:84:df:3b:13:9d:2f:0b:e4:96:a1:56:
07:e2:7f:5a:e1:eb:3b:04:dd:31:00:5e:a9:62:8c:
7d:fe:c3:8e:18:62:fa:53:b1:b8:62:8e:5a:4a:58:
58:7e:64:7b:df:1d:3b:32:be:b9:3a:9e:23:aa:d7:
35:dd:55:76:52:f2:4d:58:83:53:51:7d:bc:23:04:
84:2f:65:09:25:60:58:2d:1a:f5:7d:eb:b7:a5:ec:
02:c3:2f:b8:e3:f4:93:79:2b:5e:03:a9:29:87:7d:
a0:ee:e2:8d:cd:1a:ed:1c:1c:71:9b:48:c2:e2:c7:
bb:0e:4f:5d:bc:8f:72:6f:da:3a:8e:96:2d:b3:64:
b4:c7:fe:47:43:f8:40:bc:b4:e1:cb:4e:b3:00:07:
8c:8a:b1:a4:69:59:80:c8:8b:26:2e:3f:e5:b7:13:
3f:a2:34:c5:25:f1:01:46:41:00:46:7d:a1:69:c5:
0a:9d:af:b1:1d:fb:61:cc:cb:59:19:30:8c:ba:6f:
ec:8d:42:32:67:f9:da:3e:67:cd:a5:e3:73:c0:8d:
91:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:4A:00:C4:3C:52:2E:9D:24:60:82:4F:CE:64:A6:01:B9:BF:A4:2D
X509v3 Authority Key Identifier:
keyid:4F:2D:30:B0:15:EC:4E:F1:B0:D3:C6:43:47:C8:D1:B5:98:29:3F:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/I0oAxDxSLp0kYIJPzmSmAbm_pC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/9668b5-5e92-4c18-9bb9-4351bbf74c0c/1/Ty0wsBXsTvGw08ZDR8jRtZgpP4E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.157.120.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:15:81:2b:05:00:01:47:bc:66:5d:7a:37:74:8b:33:a1:73:
79:13:fb:09:9c:90:c2:ac:2b:32:ef:ec:82:63:95:b0:22:2c:
44:fb:14:9a:ba:68:5a:42:50:ef:94:26:f9:a6:16:ae:19:a5:
93:ae:61:84:1c:48:c7:f1:be:4a:bd:9b:fd:be:db:d0:74:ee:
ff:51:07:9e:d7:0b:e9:fb:02:97:da:f2:55:ca:44:ba:f9:0f:
27:cb:44:0c:e0:cc:78:13:d4:9a:40:f0:7a:b3:83:c1:26:ef:
1d:12:43:c5:f6:e5:bb:9f:b6:7d:77:62:2a:45:34:e4:51:87:
fa:30:42:92:a7:ce:ea:b6:75:75:5e:85:e6:50:61:9b:e0:e5:
fd:43:5f:3c:d3:4e:49:b7:b8:cb:2f:e7:e0:df:ad:f3:a3:d6:
31:2d:5e:d1:c6:8d:28:82:46:38:2e:9f:11:34:4d:27:8b:e3:
e4:87:f9:1d:95:30:22:9b:58:9c:35:94:03:ba:4c:25:8c:f1:
dc:dd:b3:ac:b0:5d:a6:26:7a:af:9c:47:f3:db:b7:26:fd:76:
6c:d9:08:3b:34:e3:21:c6:f9:e0:cc:ed:7b:10:fc:b7:4d:be:
91:c7:2b:2e:ba:af:f7:0d:5f:11:53:f3:06:c8:af:9b:46:cc:
8f:99:a3:72
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGuSfVMuFNYUKW4My02jj6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmMmQzMGIwMTVlYzRlZjFiMGQzYzY0MzQ3YzhkMWI1OTgy
OTNmODEwHhcNMjQwMTAxMjAzMTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzRhMDBjNDNjNTIyZTlkMjQ2MDgyNGZjZTY0YTYwMWI5YmZhNDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArdBhZKqZFa/ld4VNZyEtbitKnJSD
PkyqMxyA4iIh92ZUHbBJRReZ/jvawNvx15VUhN87E50vC+SWoVYH4n9a4es7BN0x
AF6pYox9/sOOGGL6U7G4Yo5aSlhYfmR73x07Mr65Op4jqtc13VV2UvJNWINTUX28
IwSEL2UJJWBYLRr1feu3pewCwy+44/STeSteA6kph32g7uKNzRrtHBxxm0jC4se7
Dk9dvI9yb9o6jpYts2S0x/5HQ/hAvLThy06zAAeMirGkaVmAyIsmLj/ltxM/ojTF
JfEBRkEARn2hacUKna+xHfthzMtZGTCMum/sjUIyZ/naPmfNpeNzwI2RVQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCNKAMQ8Ui6dJGCCT85kpgG5v6QtMB8GA1UdIwQY
MBaAFE8tMLAV7E7xsNPGQ0fI0bWYKT+BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHkwd3NCWHNUdkd3MDhaRFI4alJ0WmdwUDRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi85NjY4YjUtNWU5Mi00YzE4LTliYjkt
NDM1MWJiZjc0YzBjLzEvSTBvQXhEeFNMcDBrWUlKUHptU21BYm1fcEMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi85NjY4YjUtNWU5Mi00YzE4LTliYjktNDM1MWJiZjc0YzBj
LzEvVHkwd3NCWHNUdkd3MDhaRFI4alJ0WmdwUDRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZ14MA0G
CSqGSIb3DQEBCwUAA4IBAQAKFYErBQABR7xmXXo3dIszoXN5E/sJnJDCrCsy7+yC
Y5WwIixE+xSaumhaQlDvlCb5phauGaWTrmGEHEjH8b5KvZv9vtvQdO7/UQee1wvp
+wKX2vJVykS6+Q8ny0QM4Mx4E9SaQPB6s4PBJu8dEkPF9uW7n7Z9d2IqRTTkUYf6
MEKSp87qtnV1XoXmUGGb4OX9Q188005Jt7jLL+fg363zo9YxLV7Rxo0ogkY4Lp8R
NE0ni+Pkh/kdlTAim1icNZQDukwljPHc3bOssF2mJnqvnEfz27cm/XZs2Qg7NOMh
xvngzO17EPy3Tb6Rxysuuq/3DV8RU/MGyK+bRsyPmaNy
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:41:19 2024 by rpki-client on console-fra.rpki-client.org