Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/IjhLTKFpbhLloZovDPIjnmPpnOo.roa
File: IjhLTKFpbhLloZovDPIjnmPpnOo.roa (raw, json)
Hash identifier: HNp1w8RkAmohoFssuWoxPfqcNtA409ECw1lN5mVeii4=
Subject key identifier: 22:38:4B:4C:A1:69:6E:12:E5:A1:9A:2F:0C:F2:23:9E:63:E9:9C:EA
Certificate issuer: /CN=7af6779e62b4612887fe6f8d4e9c0e3731f6e108
Certificate serial: 018CC9BBF4F6EF32FA7119C42B7DDA508CA2
Authority key identifier: 7A:F6:77:9E:62:B4:61:28:87:FE:6F:8D:4E:9C:0E:37:31:F6:E1:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/evZ3nmK0YSiH_m-NTpwONzH24Qg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/IjhLTKFpbhLloZovDPIjnmPpnOo.roa
Signing time: Tue 02 Jan 2024 10:33:07 +0000
ROA not before: Tue 02 Jan 2024 10:33:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208236
IP address blocks: 45.150.152.0/22 maxlen: 24
2a0f:d600::/29 maxlen: 48
2a0f:d606::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/evZ3nmK0YSiH_m-NTpwONzH24Qg.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/evZ3nmK0YSiH_m-NTpwONzH24Qg.mft
rsync://rpki.ripe.net/repository/DEFAULT/evZ3nmK0YSiH_m-NTpwONzH24Qg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:f4:f6:ef:32:fa:71:19:c4:2b:7d:da:50:8c:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7af6779e62b4612887fe6f8d4e9c0e3731f6e108
Validity
Not Before: Jan 2 10:33:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22384b4ca1696e12e5a19a2f0cf2239e63e99cea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:fb:b6:da:ea:b8:ce:50:9d:9a:b8:06:54:90:
f8:8e:17:87:1b:2c:a7:b4:e0:77:6d:f3:c9:b8:0d:
01:ae:43:17:bf:5d:fb:2a:2e:b0:ba:d5:86:36:50:
30:30:e7:03:e8:23:b9:69:27:c2:81:73:ce:97:01:
d0:87:0b:3c:26:c1:81:63:82:ab:e8:c0:eb:b1:5e:
60:e8:f8:a7:99:63:77:88:07:33:84:5c:b7:ed:d0:
b0:71:83:5c:6a:7d:8b:04:79:31:76:cb:d0:57:0f:
63:72:49:b8:f9:33:6d:52:e9:ad:99:ca:72:5d:88:
e3:b3:c0:2b:3f:72:02:f7:11:65:ce:99:7c:e3:86:
bd:54:1e:6b:d5:27:d9:8a:fd:df:01:99:e6:c1:d8:
65:7d:71:c2:82:b2:1c:bf:d8:51:f5:9b:23:9d:c3:
79:ad:2e:a2:10:2b:8e:59:c1:43:b9:81:60:b8:c0:
ef:4a:67:f0:76:6a:92:95:4f:48:6a:76:8e:cf:61:
46:40:b3:f5:fd:14:a0:d1:f1:62:fb:5b:4e:19:8d:
e3:c9:38:3a:40:e2:ea:64:c3:dc:4c:52:4c:f0:45:
b6:74:00:3b:f2:e1:e8:76:ae:81:19:9a:17:75:be:
fe:82:7b:0c:be:90:33:3b:ac:b4:54:18:f8:21:96:
30:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:38:4B:4C:A1:69:6E:12:E5:A1:9A:2F:0C:F2:23:9E:63:E9:9C:EA
X509v3 Authority Key Identifier:
keyid:7A:F6:77:9E:62:B4:61:28:87:FE:6F:8D:4E:9C:0E:37:31:F6:E1:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/evZ3nmK0YSiH_m-NTpwONzH24Qg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/IjhLTKFpbhLloZovDPIjnmPpnOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/30b124-87f2-4c7a-bc0e-790775c779c5/1/evZ3nmK0YSiH_m-NTpwONzH24Qg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.152.0/22
IPv6:
2a0f:d600::/29
Signature Algorithm: sha256WithRSAEncryption
12:9d:a4:4a:30:25:d9:bb:53:3e:d4:c3:70:d2:c3:96:c9:f0:
7a:67:5f:ee:85:ad:04:68:c1:bf:81:62:1f:20:f4:e7:43:74:
22:60:90:d2:0a:9a:e0:03:c3:da:79:31:28:b1:37:00:10:02:
c6:b3:3f:71:48:e2:c1:6b:01:e5:6f:f0:9c:62:77:e0:26:2a:
46:f3:cd:f4:52:04:5f:34:63:7f:84:96:40:49:3d:c8:c4:af:
f9:78:b5:32:43:f6:a6:d7:18:1f:a8:e7:b9:0a:71:23:8f:80:
68:19:89:f3:cc:3a:ef:65:a0:74:35:3c:8c:3b:ac:60:30:52:
48:a1:c8:a2:04:4f:8c:a1:86:cb:40:ac:e3:e7:a7:ab:17:8e:
60:b8:87:7a:da:6f:e3:6d:f4:c9:3b:16:d9:e2:25:2a:87:16:
38:5e:2f:34:d3:b1:bc:da:04:ab:af:fb:f1:25:90:5f:74:ca:
f6:82:62:19:63:63:d6:b2:88:73:4f:a4:c7:e3:c5:b5:85:6a:
7a:cc:b0:a3:f2:64:de:0f:9f:00:f1:5e:f8:03:fc:b4:4f:da:
19:a7:10:af:3f:23:72:73:ca:f2:62:0e:89:19:94:ae:c2:2b:
57:82:7c:51:1e:68:6e:59:81:09:83:a2:07:85:63:eb:f0:a1:
62:b6:1c:25
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJu/T27zL6cRnEK33aUIyiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdhZjY3NzllNjJiNDYxMjg4N2ZlNmY4ZDRlOWMwZTM3MzFm
NmUxMDgwHhcNMjQwMTAyMTAzMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjM4NGI0Y2ExNjk2ZTEyZTVhMTlhMmYwY2YyMjM5ZTYzZTk5Y2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/u22uq4zlCdmrgGVJD4jheHGyyn
tOB3bfPJuA0BrkMXv137Ki6wutWGNlAwMOcD6CO5aSfCgXPOlwHQhws8JsGBY4Kr
6MDrsV5g6PinmWN3iAczhFy37dCwcYNcan2LBHkxdsvQVw9jckm4+TNtUumtmcpy
XYjjs8ArP3IC9xFlzpl844a9VB5r1SfZiv3fAZnmwdhlfXHCgrIcv9hR9ZsjncN5
rS6iECuOWcFDuYFguMDvSmfwdmqSlU9IanaOz2FGQLP1/RSg0fFi+1tOGY3jyTg6
QOLqZMPcTFJM8EW2dAA78uHodq6BGZoXdb7+gnsMvpAzO6y0VBj4IZYwDQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCI4S0yhaW4S5aGaLwzyI55j6ZzqMB8GA1UdIwQY
MBaAFHr2d55itGEoh/5vjU6cDjcx9uEIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZXZaM25tSzBZU2lIX20tTlRwd09OekgyNFFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS8zMGIxMjQtODdmMi00YzdhLWJjMGUt
NzkwNzc1Yzc3OWM1LzEvSWpoTFRLRnBiaExsb1pvdkRQSWpubVBwbk9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS8zMGIxMjQtODdmMi00YzdhLWJjMGUtNzkwNzc1Yzc3OWM1
LzEvZXZaM25tSzBZU2lIX20tTlRwd09OekgyNFFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCLZaYMA0E
AgACMAcDBQMqD9YAMA0GCSqGSIb3DQEBCwUAA4IBAQASnaRKMCXZu1M+1MNw0sOW
yfB6Z1/uha0EaMG/gWIfIPTnQ3QiYJDSCprgA8PaeTEosTcAEALGsz9xSOLBawHl
b/CcYnfgJipG8830UgRfNGN/hJZAST3IxK/5eLUyQ/am1xgfqOe5CnEjj4BoGYnz
zDrvZaB0NTyMO6xgMFJIociiBE+MoYbLQKzj56erF45guId62m/jbfTJOxbZ4iUq
hxY4Xi8007G82gSrr/vxJZBfdMr2gmIZY2PWsohzT6TH48W1hWp6zLCj8mTeD58A
8V74A/y0T9oZpxCvPyNyc8ryYg6JGZSuwitXgnxRHmhuWYEJg6IHhWPr8KFithwl
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:38:25 2024 by rpki-client on console-ams.rpki-client.org