Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/IlTzFIyg7BPTOPWnuFBxfH2_RR8.roa
File: IlTzFIyg7BPTOPWnuFBxfH2_RR8.roa (raw, json)
Hash identifier: 1eFwX7VApr/o7fca+I0oQ8tYdtuZ4nYHnzWx2Y8u8aU=
Subject key identifier: 22:54:F3:14:8C:A0:EC:13:D3:38:F5:A7:B8:50:71:7C:7D:BF:45:1F
Certificate issuer: /CN=1afba38a8707fd231c3887e4a52bdcdedab20323
Certificate serial: 01928E02A89756714247BF6CFAE529B58079
Authority key identifier: 1A:FB:A3:8A:87:07:FD:23:1C:38:87:E4:A5:2B:DC:DE:DA:B2:03:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GvujiocH_SMcOIfkpSvc3tqyAyM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/IlTzFIyg7BPTOPWnuFBxfH2_RR8.roa
Signing time: Tue 15 Oct 2024 02:29:51 +0000
ROA not before: Tue 15 Oct 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207369
IP address blocks: 185.39.79.0/24 maxlen: 24
185.138.184.0/22 maxlen: 22
185.138.184.0/23 maxlen: 23
185.138.184.0/24 maxlen: 24
185.138.186.0/23 maxlen: 23
185.138.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/GvujiocH_SMcOIfkpSvc3tqyAyM.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/GvujiocH_SMcOIfkpSvc3tqyAyM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GvujiocH_SMcOIfkpSvc3tqyAyM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8e:02:a8:97:56:71:42:47:bf:6c:fa:e5:29:b5:80:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1afba38a8707fd231c3887e4a52bdcdedab20323
Validity
Not Before: Oct 15 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2254f3148ca0ec13d338f5a7b850717c7dbf451f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4e:b5:11:5a:39:fc:16:6d:c9:f3:0f:d5:6e:
d5:f6:f6:20:f1:0f:6c:40:48:10:19:63:c8:c1:3d:
60:da:aa:39:bb:d9:05:70:38:89:37:a3:2c:ff:04:
83:cc:ca:c2:01:8a:74:1f:d8:b9:16:c0:37:d7:a5:
fb:65:84:45:7b:2b:4e:97:bf:2e:c8:83:17:83:72:
69:70:af:bc:a7:9f:3a:a1:fe:67:2f:81:8f:ab:ca:
dd:8f:0d:b6:50:09:50:ed:62:29:98:06:c4:1d:97:
85:5b:4c:b3:a0:cf:65:bb:c9:c6:cf:b0:ba:e6:fb:
0f:f3:55:7d:92:03:5a:2c:92:f3:51:fc:45:06:2c:
0a:a4:fc:91:0b:d1:7c:16:e2:67:4e:b8:b3:cf:9a:
75:dc:87:72:d6:75:5c:46:2f:33:6b:0d:fd:4b:aa:
b3:af:e2:15:22:e6:7e:7f:ff:99:d1:1f:64:93:9f:
87:bd:74:79:1f:5b:ac:9d:29:77:a5:7d:e6:1a:01:
ac:6c:26:78:de:8f:8e:aa:54:e9:af:9b:df:ae:47:
c4:07:ae:54:1f:54:b0:8a:b5:48:cb:ae:b9:ae:61:
03:ac:3d:2f:a8:a1:a4:9e:07:7a:5f:be:5b:99:3a:
84:14:5a:fd:b9:00:a4:d5:2a:45:8b:3e:a4:26:b3:
8e:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:54:F3:14:8C:A0:EC:13:D3:38:F5:A7:B8:50:71:7C:7D:BF:45:1F
X509v3 Authority Key Identifier:
keyid:1A:FB:A3:8A:87:07:FD:23:1C:38:87:E4:A5:2B:DC:DE:DA:B2:03:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GvujiocH_SMcOIfkpSvc3tqyAyM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/IlTzFIyg7BPTOPWnuFBxfH2_RR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/GvujiocH_SMcOIfkpSvc3tqyAyM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.79.0/24
185.138.184.0/22
Signature Algorithm: sha256WithRSAEncryption
b5:35:8e:d9:87:a5:c9:e8:9b:91:58:43:75:39:2b:9b:e5:cc:
83:7d:de:2a:96:b3:60:7a:2b:0e:ad:70:30:dd:48:c0:df:60:
c8:51:a3:5f:5e:20:66:92:bf:d8:22:3a:7a:2d:64:02:ca:b3:
e6:1d:c9:b4:fd:3f:3e:53:df:70:cd:9b:7e:13:01:51:8c:3a:
72:d3:e6:15:a4:24:16:15:d0:cd:32:7f:bf:a4:c9:4f:c9:bc:
f1:ed:b8:ac:6f:53:ce:47:6f:92:b8:f6:73:f2:2c:6f:15:30:
1e:ef:09:d0:2b:88:40:21:10:9a:97:ab:42:c8:f7:cf:47:81:
83:17:3c:63:69:d6:07:7c:d9:00:46:d6:16:98:e9:0d:c9:ef:
1d:8e:fc:29:c5:c9:6e:d5:50:db:06:d8:15:13:59:71:2d:08:
49:bf:fa:c6:d7:b1:03:e0:89:22:0f:42:90:e8:ab:51:43:ce:
1a:a2:1a:da:89:f1:68:fc:bb:62:31:36:67:54:ee:31:85:91:
67:56:58:74:5a:2c:02:31:77:4d:0e:30:46:05:24:63:1e:36:
96:37:77:31:c6:06:a4:a5:47:71:39:6d:75:37:69:a1:e3:31:
39:ab:73:cc:80:3e:09:47:28:6a:da:dd:e6:c5:52:8b:19:1f:
70:e9:d1:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZKOAqiXVnFCR79s+uUptYB5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmJhMzhhODcwN2ZkMjMxYzM4ODdlNGE1MmJkY2RlZGFi
MjAzMjMwHhcNMjQxMDE1MDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjU0ZjMxNDhjYTBlYzEzZDMzOGY1YTdiODUwNzE3YzdkYmY0NTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0U61EVo5/BZtyfMP1W7V9vYg8Q9s
QEgQGWPIwT1g2qo5u9kFcDiJN6Ms/wSDzMrCAYp0H9i5FsA316X7ZYRFeytOl78u
yIMXg3JpcK+8p586of5nL4GPq8rdjw22UAlQ7WIpmAbEHZeFW0yzoM9lu8nGz7C6
5vsP81V9kgNaLJLzUfxFBiwKpPyRC9F8FuJnTrizz5p13Idy1nVcRi8zaw39S6qz
r+IVIuZ+f/+Z0R9kk5+HvXR5H1usnSl3pX3mGgGsbCZ43o+OqlTpr5vfrkfEB65U
H1SwirVIy665rmEDrD0vqKGkngd6X75bmTqEFFr9uQCk1SpFiz6kJrOO8wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCJU8xSMoOwT0zj1p7hQcXx9v0UfMB8GA1UdIwQY
MBaAFBr7o4qHB/0jHDiH5KUr3N7asgMjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3Z1amlvY0hfU01jT0lma3BTdmMzdHF5QXlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83YTliYTItNmE2YS00YzdjLTg4MmEt
MDk5NmFlZDMyZjNiLzEvSWxUekZJeWc3QlBUT1BXbnVGQnhmSDJfUlI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83YTliYTItNmE2YS00YzdjLTg4MmEtMDk5NmFlZDMyZjNi
LzEvR3Z1amlvY0hfU01jT0lma3BTdmMzdHF5QXlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuSdPAwQC
uYq4MA0GCSqGSIb3DQEBCwUAA4IBAQC1NY7Zh6XJ6JuRWEN1OSub5cyDfd4qlrNg
eisOrXAw3UjA32DIUaNfXiBmkr/YIjp6LWQCyrPmHcm0/T8+U99wzZt+EwFRjDpy
0+YVpCQWFdDNMn+/pMlPybzx7bisb1POR2+SuPZz8ixvFTAe7wnQK4hAIRCal6tC
yPfPR4GDFzxjadYHfNkARtYWmOkNye8djvwpxclu1VDbBtgVE1lxLQhJv/rG17ED
4IkiD0KQ6KtRQ84aohraifFo/LtiMTZnVO4xhZFnVlh0WiwCMXdNDjBGBSRjHjaW
N3cxxgakpUdxOW11N2mh4zE5q3PMgD4JRyhq2t3mxVKLGR9w6dGC
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:40:15 2024 by rpki-client on console-ams.rpki-client.org