Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/Ix59-aqzSlSxQ3zEHddocyGucTQ.roa
File: Ix59-aqzSlSxQ3zEHddocyGucTQ.roa (raw, json)
Hash identifier: sJ1OFnu78VlTD8d4LQ0nWyTuN30/DjQy9FLMJz59L7Y=
Subject key identifier: 23:1E:7D:F9:AA:B3:4A:54:B1:43:7C:C4:1D:D7:68:73:21:AE:71:34
Certificate issuer: /CN=c784128505f7f99c7570442980adeb8af90cc270
Certificate serial: 019242B19A8A5928383984026DEEB246A7A4
Authority key identifier: C7:84:12:85:05:F7:F9:9C:75:70:44:29:80:AD:EB:8A:F9:0C:C2:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/x4QShQX3-Zx1cEQpgK3rivkMwnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/Ix59-aqzSlSxQ3zEHddocyGucTQ.roa
Signing time: Mon 30 Sep 2024 11:29:48 +0000
ROA not before: Mon 30 Sep 2024 11:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205184
IP address blocks: 23.19.48.0/22 maxlen: 22
185.84.200.0/23 maxlen: 23
185.129.40.0/22 maxlen: 22
185.151.204.0/24 maxlen: 24
185.230.36.0/23 maxlen: 23
185.230.38.0/24 maxlen: 24
2a0b:14c0:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/x4QShQX3-Zx1cEQpgK3rivkMwnA.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/x4QShQX3-Zx1cEQpgK3rivkMwnA.mft
rsync://rpki.ripe.net/repository/DEFAULT/x4QShQX3-Zx1cEQpgK3rivkMwnA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 08:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:42:b1:9a:8a:59:28:38:39:84:02:6d:ee:b2:46:a7:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c784128505f7f99c7570442980adeb8af90cc270
Validity
Not Before: Sep 30 11:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=231e7df9aab34a54b1437cc41dd7687321ae7134
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:88:8c:3a:eb:72:47:0b:a5:ae:5f:74:94:36:
00:59:78:1b:98:07:2c:f8:8b:6e:8a:1d:99:4f:06:
ee:71:c1:63:73:4e:69:cd:df:91:39:80:b0:67:3f:
aa:39:25:9e:cf:05:60:6e:39:0e:66:5d:51:56:d5:
67:d9:55:cf:ff:8d:9d:d7:97:dc:14:01:77:6f:e6:
84:b5:d5:86:f1:5c:2b:83:cd:15:d9:07:f7:68:10:
27:cd:bf:47:7c:5c:f6:69:ce:77:80:d0:1a:1e:bf:
1d:9c:cd:8c:1e:3a:fc:15:e3:2b:7a:de:9f:41:8e:
30:23:53:b7:2b:26:73:31:11:0d:ca:67:fb:44:e5:
42:2e:c2:6c:55:5e:93:5b:b1:e3:13:e1:f4:98:73:
c9:28:55:54:39:b2:64:9e:95:09:fc:3b:cc:a7:ae:
07:6a:43:53:cd:95:f2:20:ba:bc:0c:b9:14:d6:2f:
04:cd:af:87:b2:01:ea:70:79:cd:39:58:be:8c:64:
ae:f6:6f:ff:1a:c7:99:8f:4d:48:ec:5f:e7:9a:f3:
0b:4a:9d:4a:b0:67:75:14:1f:a1:f2:8e:6a:e9:97:
ff:e8:27:93:26:cd:77:59:4c:eb:18:c2:2c:41:24:
58:12:b8:cc:f2:0c:0e:ab:96:58:fd:b6:0a:27:e6:
ab:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:1E:7D:F9:AA:B3:4A:54:B1:43:7C:C4:1D:D7:68:73:21:AE:71:34
X509v3 Authority Key Identifier:
keyid:C7:84:12:85:05:F7:F9:9C:75:70:44:29:80:AD:EB:8A:F9:0C:C2:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/x4QShQX3-Zx1cEQpgK3rivkMwnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/Ix59-aqzSlSxQ3zEHddocyGucTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/4c5c3d-21b0-4058-89fd-6c1b4471f7ee/1/x4QShQX3-Zx1cEQpgK3rivkMwnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.19.48.0/22
185.84.200.0/23
185.129.40.0/22
185.151.204.0/24
185.230.36.0-185.230.38.255
IPv6:
2a0b:14c0:1::/48
Signature Algorithm: sha256WithRSAEncryption
0a:9c:cf:f4:93:30:e0:41:b1:98:5c:8c:2e:b4:5a:9f:91:93:
e6:c8:2d:cc:d6:01:12:00:6b:09:00:e7:f5:85:11:8b:41:da:
ac:52:76:3e:66:46:e8:47:15:77:52:04:35:59:42:82:78:b4:
e4:dd:4a:2b:d4:b3:6d:3e:4c:76:67:11:bf:f7:59:62:a0:22:
a4:10:5b:44:19:48:29:f1:3d:8e:5b:bb:96:ae:48:cc:60:dd:
0a:eb:6d:8f:83:ec:41:47:22:d0:2d:12:92:60:12:eb:89:d8:
9d:55:86:15:4b:d6:0a:78:a1:6a:44:81:29:35:8c:b0:16:8e:
1b:63:9f:9d:2a:94:67:92:63:4e:fc:c5:96:12:3b:1f:42:f5:
67:e8:06:68:3c:95:ef:f6:0e:9f:80:9a:6c:d0:df:01:ea:7f:
9a:6b:42:f6:f7:86:be:83:93:4b:30:3f:18:e2:ff:66:cb:56:
0b:3c:4d:b9:dc:ba:60:7d:37:3d:a0:1e:39:57:80:0c:3d:2e:
8b:b5:d8:d8:eb:01:0d:db:b5:73:db:fc:de:86:86:66:1e:79:
09:aa:18:3b:87:2e:34:cc:fb:91:69:ff:f4:6c:5a:97:21:cd:
17:1a:be:1c:d8:24:b5:7c:71:53:d3:c5:45:1c:fb:86:ce:c8:
df:83:56:e0
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZJCsZqKWSg4OYQCbe6yRqekMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3ODQxMjg1MDVmN2Y5OWM3NTcwNDQyOTgwYWRlYjhhZjkw
Y2MyNzAwHhcNMjQwOTMwMTEyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzFlN2RmOWFhYjM0YTU0YjE0MzdjYzQxZGQ3Njg3MzIxYWU3MTM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYiMOutyRwulrl90lDYAWXgbmAcs
+Ituih2ZTwbuccFjc05pzd+ROYCwZz+qOSWezwVgbjkOZl1RVtVn2VXP/42d15fc
FAF3b+aEtdWG8Vwrg80V2Qf3aBAnzb9HfFz2ac53gNAaHr8dnM2MHjr8FeMret6f
QY4wI1O3KyZzMRENymf7ROVCLsJsVV6TW7HjE+H0mHPJKFVUObJknpUJ/DvMp64H
akNTzZXyILq8DLkU1i8Eza+HsgHqcHnNOVi+jGSu9m//GseZj01I7F/nmvMLSp1K
sGd1FB+h8o5q6Zf/6CeTJs13WUzrGMIsQSRYErjM8gwOq5ZY/bYKJ+arMQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFCMeffmqs0pUsUN8xB3XaHMhrnE0MB8GA1UdIwQY
MBaAFMeEEoUF9/mcdXBEKYCt64r5DMJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveDRRU2hRWDMtWngxY0VRcGdLM3JpdmtNd25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC80YzVjM2QtMjFiMC00MDU4LTg5ZmQt
NmMxYjQ0NzFmN2VlLzEvSXg1OS1hcXpTbFN4UTN6RUhkZG9jeUd1Y1RRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC80YzVjM2QtMjFiMC00MDU4LTg5ZmQtNmMxYjQ0NzFmN2Vl
LzEveDRRU2hRWDMtWngxY0VRcGdLM3JpdmtNd25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAsBAIAATAmAwQCFxMwAwQB
uVTIAwQCuYEoAwQAuZfMMAwDBAK55iQDBAC55iYwDwQCAAIwCQMHACoLFMAAATAN
BgkqhkiG9w0BAQsFAAOCAQEACpzP9JMw4EGxmFyMLrRan5GT5sgtzNYBEgBrCQDn
9YURi0HarFJ2PmZG6EcVd1IENVlCgni05N1KK9SzbT5MdmcRv/dZYqAipBBbRBlI
KfE9jlu7lq5IzGDdCuttj4PsQUci0C0SkmAS64nYnVWGFUvWCnihakSBKTWMsBaO
G2OfnSqUZ5JjTvzFlhI7H0L1Z+gGaDyV7/YOn4CabNDfAep/mmtC9veGvoOTSzA/
GOL/ZstWCzxNudy6YH03PaAeOVeADD0ui7XY2OsBDdu1c9v83oaGZh55CaoYO4cu
NMz7kWn/9GxalyHNFxq+HNgktXxxU9PFRRz7hs7I34NW4A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:34:52 2024 by rpki-client on console-ams.rpki-client.org