Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/hI0-3juKbWSTNTtJhqSZIT57Bsk.roa
File: hI0-3juKbWSTNTtJhqSZIT57Bsk.roa (raw, json)
Hash identifier: eIAkP0Uzycgi0Ba4bB5DY/m7VNtESfBhHWi8Hxc2yLU=
Subject key identifier: 84:8D:3E:DE:3B:8A:6D:64:93:35:3B:49:86:A4:99:21:3E:7B:06:C9
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 018CC56E2F0309C0C74B081F52C13E52A0E9
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/hI0-3juKbWSTNTtJhqSZIT57Bsk.roa
Signing time: Mon 01 Jan 2024 14:29:41 +0000
ROA not before: Mon 01 Jan 2024 14:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8491
IP address blocks: 82.194.224.0/19 maxlen: 19
82.194.232.0/24 maxlen: 24
82.194.237.0/24 maxlen: 24
81.95.32.0/20 maxlen: 20
81.95.41.0/24 maxlen: 24
81.95.42.0/24 maxlen: 24
89.188.160.0/19 maxlen: 19
81.95.46.0/24 maxlen: 24
87.238.96.0/21 maxlen: 21
87.238.101.0/24 maxlen: 24
2a03:8640::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.mft
rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:2f:03:09:c0:c7:4b:08:1f:52:c1:3e:52:a0:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Jan 1 14:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=848d3ede3b8a6d6493353b4986a499213e7b06c9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:1a:d5:1d:32:d3:70:52:e0:1a:af:34:eb:39:
0d:9d:34:00:9e:2f:f2:d6:67:7c:9e:d4:72:47:69:
2d:9e:80:fa:15:ab:8f:a4:77:dd:74:60:64:15:9b:
4d:4f:55:a5:20:3e:d9:75:92:e6:b4:72:53:ea:60:
40:dd:76:cc:c9:ec:50:16:bc:27:72:95:53:23:34:
5b:ac:15:05:b9:52:99:ad:27:4f:bb:0a:25:5e:69:
bf:53:3b:48:1e:81:d0:71:c3:9f:2c:83:e4:47:7e:
f4:00:ab:ba:de:36:e0:d2:7a:12:60:97:f7:d0:f4:
8c:f9:92:29:39:4b:61:26:2c:33:52:8d:a1:fd:6f:
62:9b:c3:73:2d:68:47:91:e9:84:e7:31:19:2f:39:
4e:74:0e:aa:a1:a9:ad:c5:cf:ba:c9:18:6f:12:75:
17:61:42:2c:08:b4:8d:7f:c4:7f:1f:0b:2b:89:25:
79:e6:91:36:fe:cc:11:e7:4d:6b:5b:e8:a8:14:0d:
50:2d:f9:d0:7d:ec:40:73:c7:90:56:a2:77:1c:59:
81:be:b8:27:d3:54:e5:13:a9:aa:7b:71:e2:26:9d:
0a:35:72:e0:1c:81:3f:90:30:37:83:9a:1f:6a:78:
2d:28:f2:72:41:7c:f6:5f:d6:37:24:4a:c3:de:f8:
d6:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:8D:3E:DE:3B:8A:6D:64:93:35:3B:49:86:A4:99:21:3E:7B:06:C9
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/hI0-3juKbWSTNTtJhqSZIT57Bsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.32.0/20
82.194.224.0/19
87.238.96.0/21
89.188.160.0/19
IPv6:
2a03:8640::/32
Signature Algorithm: sha256WithRSAEncryption
9d:d8:9a:a8:07:a2:b0:ad:df:40:b0:b1:b6:0e:9a:c7:54:c0:
48:b3:08:16:9a:03:53:26:be:85:3f:24:cf:4f:7d:4b:3a:55:
aa:95:0f:9d:68:73:10:90:89:e3:98:4e:cb:a2:7d:a8:d6:0f:
8e:e8:76:cd:2a:de:29:7f:b4:3e:92:82:16:18:f7:3b:fc:9a:
03:bb:bb:78:06:03:97:ec:7e:5c:48:04:17:af:a7:91:3d:94:
b6:52:8c:45:31:de:7e:94:d6:fe:23:10:75:64:19:d4:64:43:
bc:d1:2c:74:c9:cc:39:cd:94:d6:90:b8:4e:54:e9:a2:24:89:
e7:23:b7:82:49:c1:b8:f8:47:3e:ba:73:ce:ab:4c:e7:81:5a:
7e:7a:b6:a2:c8:48:02:34:dd:3b:29:36:67:01:9e:b8:4c:6d:
b1:95:5a:27:eb:97:75:7b:d3:d3:44:59:3f:ff:aa:1c:61:73:
39:10:6f:b6:3f:42:e3:16:18:2a:d8:5d:8b:d8:8d:25:97:9a:
37:f3:90:e2:35:86:61:e7:91:8f:c4:09:58:af:d6:ed:2d:d6:
c4:20:e9:f5:3d:2c:17:85:6a:dd:cb:37:a4:48:a6:36:f7:8b:
61:35:2d:1a:9d:a9:41:af:7e:73:8d:ad:05:8f:24:69:44:5a:
92:b0:ca:90
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzFbi8DCcDHSwgfUsE+UqDpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjQwMTAxMTQyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NDhkM2VkZTNiOGE2ZDY0OTMzNTNiNDk4NmE0OTkyMTNlN2IwNmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5RrVHTLTcFLgGq806zkNnTQAni/y
1md8ntRyR2ktnoD6FauPpHfddGBkFZtNT1WlID7ZdZLmtHJT6mBA3XbMyexQFrwn
cpVTIzRbrBUFuVKZrSdPuwolXmm/UztIHoHQccOfLIPkR370AKu63jbg0noSYJf3
0PSM+ZIpOUthJiwzUo2h/W9im8NzLWhHkemE5zEZLzlOdA6qoamtxc+6yRhvEnUX
YUIsCLSNf8R/HwsriSV55pE2/swR501rW+ioFA1QLfnQfexAc8eQVqJ3HFmBvrgn
01TlE6mqe3HiJp0KNXLgHIE/kDA3g5ofangtKPJyQXz2X9Y3JErD3vjWgwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFISNPt47im1kkzU7SYakmSE+ewbJMB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvaEkwLTNqdUtiV1NUTlR0SmhxU1pJVDU3QnNrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUV8gAwQF
UsLgAwQDV+5gAwQFWbygMA0EAgACMAcDBQAqA4ZAMA0GCSqGSIb3DQEBCwUAA4IB
AQCd2JqoB6Kwrd9AsLG2DprHVMBIswgWmgNTJr6FPyTPT31LOlWqlQ+daHMQkInj
mE7Lon2o1g+O6HbNKt4pf7Q+koIWGPc7/JoDu7t4BgOX7H5cSAQXr6eRPZS2UoxF
Md5+lNb+IxB1ZBnUZEO80Sx0ycw5zZTWkLhOVOmiJInnI7eCScG4+Ec+unPOq0zn
gVp+eraiyEgCNN07KTZnAZ64TG2xlVon65d1e9PTRFk//6ocYXM5EG+2P0LjFhgq
2F2L2I0ll5o385DiNYZh55GPxAlYr9btLdbEIOn1PSwXhWrdyzekSKY294thNS0a
nalBr35zja0FjyRpRFqSsMqQ
-----END CERTIFICATE-----
Generated at Fri May 17 06:26:03 2024 by rpki-client on console-fra.rpki-client.org