Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/10ce73-3d4f-43ef-b685-250a4d777ba6/1/IHzO3fWW2IP2vM83Kq6Zi5SsknI.roa
File: IHzO3fWW2IP2vM83Kq6Zi5SsknI.roa (raw, json)
Hash identifier: 7iEdVdP2+hAZhO/YuL04yGJN/ibOJV3eDK2ucHj9T+o=
Subject key identifier: 20:7C:CE:DD:F5:96:D8:83:F6:BC:CF:37:2A:AE:99:8B:94:AC:92:72
Certificate issuer: /CN=d130117ae1cdc2df1c58816e00e5451f87efb370
Certificate serial: 018F61FCED1C7C2A66871C2A2280BA6E9867
Authority key identifier: D1:30:11:7A:E1:CD:C2:DF:1C:58:81:6E:00:E5:45:1F:87:EF:B3:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0TAReuHNwt8cWIFuAOVFH4fvs3A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/10ce73-3d4f-43ef-b685-250a4d777ba6/1/IHzO3fWW2IP2vM83Kq6Zi5SsknI.roa
Signing time: Fri 10 May 2024 10:11:56 +0000
ROA not before: Fri 10 May 2024 10:11:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8351
IP address blocks: 194.59.16.0/23 maxlen: 24
195.98.192.0/19 maxlen: 24
213.254.32.0/19 maxlen: 24
2a02:320::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/10ce73-3d4f-43ef-b685-250a4d777ba6/1/0TAReuHNwt8cWIFuAOVFH4fvs3A.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/10ce73-3d4f-43ef-b685-250a4d777ba6/1/0TAReuHNwt8cWIFuAOVFH4fvs3A.mft
rsync://rpki.ripe.net/repository/DEFAULT/0TAReuHNwt8cWIFuAOVFH4fvs3A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 07:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:61:fc:ed:1c:7c:2a:66:87:1c:2a:22:80:ba:6e:98:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d130117ae1cdc2df1c58816e00e5451f87efb370
Validity
Not Before: May 10 10:11:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=207cceddf596d883f6bccf372aae998b94ac9272
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ae:be:d0:e4:dc:58:3c:3d:36:04:45:8e:35:
8d:ed:96:22:dc:9b:0a:63:45:72:90:fe:c9:73:b2:
e3:52:8c:2c:3c:d4:32:ff:9d:e6:db:e7:fd:51:1b:
40:ef:27:54:b8:f6:73:68:47:ed:f0:96:77:7e:85:
9b:03:b6:89:ed:2a:26:b4:4f:c7:98:22:cb:70:82:
2c:c0:90:4b:66:ff:38:0c:0f:36:7d:56:c3:1e:12:
35:7f:9c:53:85:55:b5:82:59:cc:98:4c:f2:18:77:
a1:1c:76:60:97:6d:4e:ab:86:2f:2f:8e:f9:10:9b:
63:f4:be:ff:a5:57:ec:99:9d:50:72:90:1f:c0:15:
20:04:59:b7:18:28:e9:6d:c3:77:94:3b:2c:1d:61:
d3:c1:8b:6f:e4:72:3c:26:3f:c3:78:e1:60:ef:ae:
b7:5b:bb:0d:a4:01:13:ec:0e:ca:48:ba:70:c6:6f:
2b:2c:ab:3b:02:52:d6:c4:29:da:e3:13:df:a0:61:
5f:68:ba:37:56:7e:57:0a:a1:4f:2f:3d:ee:2f:87:
d3:57:7f:97:70:0c:c5:94:ea:a0:61:20:f5:29:0a:
88:65:f9:69:64:25:33:44:5a:35:c6:a7:ea:06:52:
b3:75:48:07:d0:87:2c:86:ef:d8:55:21:cc:fc:67:
84:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:7C:CE:DD:F5:96:D8:83:F6:BC:CF:37:2A:AE:99:8B:94:AC:92:72
X509v3 Authority Key Identifier:
keyid:D1:30:11:7A:E1:CD:C2:DF:1C:58:81:6E:00:E5:45:1F:87:EF:B3:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0TAReuHNwt8cWIFuAOVFH4fvs3A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/10ce73-3d4f-43ef-b685-250a4d777ba6/1/IHzO3fWW2IP2vM83Kq6Zi5SsknI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/10ce73-3d4f-43ef-b685-250a4d777ba6/1/0TAReuHNwt8cWIFuAOVFH4fvs3A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.59.16.0/23
195.98.192.0/19
213.254.32.0/19
IPv6:
2a02:320::/29
Signature Algorithm: sha256WithRSAEncryption
6f:d5:6f:4d:c5:ef:cb:11:4f:9e:29:68:88:d5:a9:db:51:8a:
ab:77:8e:84:bc:84:5f:0e:24:2a:e6:54:c2:f5:67:79:16:f2:
24:b1:a8:a1:d0:99:f0:2d:8c:61:db:20:85:d0:63:4a:fd:8b:
c5:f3:82:10:a8:f7:7f:80:12:f4:69:08:17:1b:ea:c8:e2:0f:
6e:c3:a3:85:14:b0:e1:31:50:aa:3a:b1:d8:ff:e2:a9:11:18:
84:1a:1c:b8:ed:e9:a6:8c:81:22:13:47:14:37:a7:4e:0d:26:
79:e5:10:76:f3:97:0b:f5:01:db:5d:0d:ba:84:cb:09:66:1b:
db:40:70:a6:c5:58:23:db:ed:20:bf:c6:83:87:9d:0a:db:50:
cc:4a:e5:fd:ea:c6:4d:a1:31:5c:1f:64:2d:1c:02:ae:14:84:
88:12:3b:f8:15:bc:3b:52:8d:c3:11:29:e7:89:ba:da:30:e9:
8e:2d:d5:84:ff:22:c5:69:1a:f3:bc:40:99:ab:e0:ac:fc:8e:
27:9b:dc:17:60:b7:5c:ba:42:20:b2:2b:8f:74:62:ef:f5:95:
e4:58:79:23:01:8d:8f:0e:e8:1b:d2:aa:12:79:d9:12:8b:cb:
8d:b6:6d:a1:64:43:d5:61:56:50:e0:89:5e:35:4c:88:b9:b6:
a3:f4:5e:90
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY9h/O0cfCpmhxwqIoC6bphnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxMzAxMTdhZTFjZGMyZGYxYzU4ODE2ZTAwZTU0NTFmODdl
ZmIzNzAwHhcNMjQwNTEwMTAxMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDdjY2VkZGY1OTZkODgzZjZiY2NmMzcyYWFlOTk4Yjk0YWM5MjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAra6+0OTcWDw9NgRFjjWN7ZYi3JsK
Y0VykP7Jc7LjUowsPNQy/53m2+f9URtA7ydUuPZzaEft8JZ3foWbA7aJ7SomtE/H
mCLLcIIswJBLZv84DA82fVbDHhI1f5xThVW1glnMmEzyGHehHHZgl21Oq4YvL475
EJtj9L7/pVfsmZ1QcpAfwBUgBFm3GCjpbcN3lDssHWHTwYtv5HI8Jj/DeOFg7663
W7sNpAET7A7KSLpwxm8rLKs7AlLWxCna4xPfoGFfaLo3Vn5XCqFPLz3uL4fTV3+X
cAzFlOqgYSD1KQqIZflpZCUzRFo1xqfqBlKzdUgH0Icshu/YVSHM/GeEKQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCB8zt31ltiD9rzPNyqumYuUrJJyMB8GA1UdIwQY
MBaAFNEwEXrhzcLfHFiBbgDlRR+H77NwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMFRBUmV1SE53dDhjV0lGdUFPVkZINGZ2czNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8xMGNlNzMtM2Q0Zi00M2VmLWI2ODUt
MjUwYTRkNzc3YmE2LzEvSUh6TzNmV1cySVAydk04M0txNlppNVNza25JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8xMGNlNzMtM2Q0Zi00M2VmLWI2ODUtMjUwYTRkNzc3YmE2
LzEvMFRBUmV1SE53dDhjV0lGdUFPVkZINGZ2czNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBwjsQAwQF
w2LAAwQF1f4gMA0EAgACMAcDBQMqAgMgMA0GCSqGSIb3DQEBCwUAA4IBAQBv1W9N
xe/LEU+eKWiI1anbUYqrd46EvIRfDiQq5lTC9Wd5FvIksaih0JnwLYxh2yCF0GNK
/YvF84IQqPd/gBL0aQgXG+rI4g9uw6OFFLDhMVCqOrHY/+KpERiEGhy47emmjIEi
E0cUN6dODSZ55RB285cL9QHbXQ26hMsJZhvbQHCmxVgj2+0gv8aDh50K21DMSuX9
6sZNoTFcH2QtHAKuFISIEjv4Fbw7Uo3DESnnibraMOmOLdWE/yLFaRrzvECZq+Cs
/I4nm9wXYLdcukIgsiuPdGLv9ZXkWHkjAY2PDugb0qoSedkSi8uNtm2hZEPVYVZQ
4IleNUyIubaj9F6Q
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:13:58 2024 by rpki-client on console-ams.rpki-client.org