Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/51ba27-25e2-4727-a4b5-3fbc9759eb6a/1/IZQT-OryzqFuiMDGSAuqqXnkUXk.roa
File: IZQT-OryzqFuiMDGSAuqqXnkUXk.roa (raw, json)
Hash identifier: ljn+fZmiZu9qPFVwnWH3/Qit/V8AJA+y5L2HzIzpLvo=
Subject key identifier: 21:94:13:F8:EA:F2:CE:A1:6E:88:C0:C6:48:0B:AA:A9:79:E4:51:79
Certificate issuer: /CN=6c32dc9e5249fb41c47df4914121a9b1a6aef1ff
Certificate serial: 018CC26D37966821F784BF9698550EEB0FCE
Authority key identifier: 6C:32:DC:9E:52:49:FB:41:C4:7D:F4:91:41:21:A9:B1:A6:AE:F1:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bDLcnlJJ-0HEffSRQSGpsaau8f8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/51ba27-25e2-4727-a4b5-3fbc9759eb6a/1/IZQT-OryzqFuiMDGSAuqqXnkUXk.roa
Signing time: Mon 01 Jan 2024 00:29:46 +0000
ROA not before: Mon 01 Jan 2024 00:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210377
IP address blocks: 93.93.224.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/51ba27-25e2-4727-a4b5-3fbc9759eb6a/1/bDLcnlJJ-0HEffSRQSGpsaau8f8.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/51ba27-25e2-4727-a4b5-3fbc9759eb6a/1/bDLcnlJJ-0HEffSRQSGpsaau8f8.mft
rsync://rpki.ripe.net/repository/DEFAULT/bDLcnlJJ-0HEffSRQSGpsaau8f8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:37:96:68:21:f7:84:bf:96:98:55:0e:eb:0f:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c32dc9e5249fb41c47df4914121a9b1a6aef1ff
Validity
Not Before: Jan 1 00:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=219413f8eaf2cea16e88c0c6480baaa979e45179
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:53:52:0b:93:f8:17:0f:7a:10:7c:b4:98:71:
03:46:a4:a0:dd:84:cb:2a:f9:16:01:0f:ab:91:73:
0c:57:8d:18:47:24:bf:b8:56:de:de:56:6d:d8:2d:
6f:1f:2f:90:cc:1b:1d:b2:c0:39:91:b6:d4:40:9e:
9f:a1:c7:98:71:70:94:de:87:06:4d:bb:62:52:e3:
a1:97:f5:e5:70:bd:7e:52:95:4d:c0:62:bb:7c:62:
41:b6:d1:56:e1:c1:19:1e:33:69:a9:d7:aa:89:78:
0d:83:dd:71:da:6a:ee:f7:28:8e:af:1a:96:ed:bd:
7c:0b:d6:33:ef:a2:8c:4e:d9:27:e7:a1:88:c2:c5:
78:0f:80:40:7d:b6:f7:f7:45:34:d8:f4:b0:45:a5:
ac:ff:9d:08:b5:01:1b:82:7c:be:6b:af:6a:75:64:
da:b4:0e:8f:3a:f9:58:cb:f0:05:ee:6d:bb:f1:c5:
4b:a8:7e:62:0f:3e:be:0e:04:f9:ed:10:58:7a:d1:
9d:99:92:dc:66:93:d1:03:f8:6e:23:6d:9c:da:1c:
43:7b:97:a9:b1:58:aa:6d:5e:b4:c3:f5:b2:37:4b:
4c:15:e8:c9:f3:f8:0c:20:39:8b:58:bb:89:3d:7d:
e2:8d:5f:55:44:4c:17:53:46:77:2a:ee:7e:c5:fe:
0d:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:94:13:F8:EA:F2:CE:A1:6E:88:C0:C6:48:0B:AA:A9:79:E4:51:79
X509v3 Authority Key Identifier:
keyid:6C:32:DC:9E:52:49:FB:41:C4:7D:F4:91:41:21:A9:B1:A6:AE:F1:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bDLcnlJJ-0HEffSRQSGpsaau8f8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/51ba27-25e2-4727-a4b5-3fbc9759eb6a/1/IZQT-OryzqFuiMDGSAuqqXnkUXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/51ba27-25e2-4727-a4b5-3fbc9759eb6a/1/bDLcnlJJ-0HEffSRQSGpsaau8f8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.93.224.0/21
Signature Algorithm: sha256WithRSAEncryption
8b:23:ac:35:bf:b0:36:bb:a3:d4:7e:6c:99:30:42:e9:44:d0:
db:16:dd:a6:f8:81:30:b9:bd:33:33:5a:d3:45:c8:d5:d5:8f:
2c:1c:25:be:be:3f:1d:91:84:a2:76:34:0d:8a:1b:75:e3:d3:
ce:05:2f:38:5f:64:ab:cc:24:ea:57:2b:86:65:a0:11:c2:a4:
c6:f8:a5:4d:ed:f5:2f:9a:58:85:f5:32:fe:b0:06:59:0c:5e:
9f:ee:22:5f:72:3d:26:d2:5a:46:1a:44:77:e5:df:c9:9f:4d:
b1:33:f0:7f:ed:2c:04:82:a2:59:56:55:7b:83:43:7a:d6:bb:
6c:8d:88:5e:9e:4d:75:8c:8e:a4:39:d2:a3:cc:eb:27:96:69:
11:5a:43:26:94:1a:c6:13:db:bf:16:04:3f:6e:7b:e7:fd:e0:
4a:c2:da:c3:47:1d:6c:d6:ae:52:4f:c6:15:fe:cb:78:26:fc:
8e:73:2d:93:ad:2b:5f:9b:25:f5:82:3f:56:b8:06:ba:ab:ad:
79:92:4f:c1:4b:81:03:a8:14:f1:a6:5d:5f:03:4f:8d:60:9e:
71:c4:8a:46:be:e8:2d:47:91:3b:86:75:c0:0d:27:42:9a:a7:
57:db:a3:46:d8:b0:51:f8:d6:ca:de:1a:b6:57:f8:19:aa:29:
40:25:5f:c6
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbTeWaCH3hL+WmFUO6w/OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjMzJkYzllNTI0OWZiNDFjNDdkZjQ5MTQxMjFhOWIxYTZh
ZWYxZmYwHhcNMjQwMTAxMDAyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTk0MTNmOGVhZjJjZWExNmU4OGMwYzY0ODBiYWFhOTc5ZTQ1MTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl1NSC5P4Fw96EHy0mHEDRqSg3YTL
KvkWAQ+rkXMMV40YRyS/uFbe3lZt2C1vHy+QzBsdssA5kbbUQJ6foceYcXCU3ocG
TbtiUuOhl/XlcL1+UpVNwGK7fGJBttFW4cEZHjNpqdeqiXgNg91x2mru9yiOrxqW
7b18C9Yz76KMTtkn56GIwsV4D4BAfbb390U02PSwRaWs/50ItQEbgny+a69qdWTa
tA6POvlYy/AF7m278cVLqH5iDz6+DgT57RBYetGdmZLcZpPRA/huI22c2hxDe5ep
sViqbV60w/WyN0tMFejJ8/gMIDmLWLuJPX3ijV9VREwXU0Z3Ku5+xf4N2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCGUE/jq8s6hbojAxkgLqql55FF5MB8GA1UdIwQY
MBaAFGwy3J5SSftBxH30kUEhqbGmrvH/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYkRMY25sSkotMEhFZmZTUlFTR3BzYWF1OGY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS81MWJhMjctMjVlMi00NzI3LWE0YjUt
M2ZiYzk3NTllYjZhLzEvSVpRVC1Pcnl6cUZ1aU1ER1NBdXFxWG5rVVhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS81MWJhMjctMjVlMi00NzI3LWE0YjUtM2ZiYzk3NTllYjZh
LzEvYkRMY25sSkotMEhFZmZTUlFTR3BzYWF1OGY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXV3gMA0G
CSqGSIb3DQEBCwUAA4IBAQCLI6w1v7A2u6PUfmyZMELpRNDbFt2m+IEwub0zM1rT
RcjV1Y8sHCW+vj8dkYSidjQNiht149POBS84X2SrzCTqVyuGZaARwqTG+KVN7fUv
mliF9TL+sAZZDF6f7iJfcj0m0lpGGkR35d/Jn02xM/B/7SwEgqJZVlV7g0N61rts
jYhenk11jI6kOdKjzOsnlmkRWkMmlBrGE9u/FgQ/bnvn/eBKwtrDRx1s1q5ST8YV
/st4JvyOcy2TrStfmyX1gj9WuAa6q615kk/BS4EDqBTxpl1fA0+NYJ5xxIpGvugt
R5E7hnXADSdCmqdX26NG2LBR+NbK3hq2V/gZqilAJV/G
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:35:23 2024 by rpki-client on console-ams.rpki-client.org