Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/e4e057-c698-4933-9d05-7c0a94ae1719/1/irSh9fXMM_qvQ3TaZLF-0ZlKXYc.roa
File: irSh9fXMM_qvQ3TaZLF-0ZlKXYc.roa (raw, json)
Hash identifier: esaCIJ7PB+HIN62sNP4t5ZnTufU4u+TEECieXPkkOrU=
Subject key identifier: 8A:B4:A1:F5:F5:CC:33:FA:AF:43:74:DA:64:B1:7E:D1:99:4A:5D:87
Certificate issuer: /CN=267e595ab226cbfc53c0b89650f1b39670ff0b4e
Certificate serial: 018CC80160DC1D82C84BB9D69A415C52F849
Authority key identifier: 26:7E:59:5A:B2:26:CB:FC:53:C0:B8:96:50:F1:B3:96:70:FF:0B:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Jn5ZWrImy_xTwLiWUPGzlnD_C04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/e4e057-c698-4933-9d05-7c0a94ae1719/1/irSh9fXMM_qvQ3TaZLF-0ZlKXYc.roa
Signing time: Tue 02 Jan 2024 02:29:42 +0000
ROA not before: Tue 02 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212778
IP address blocks: 145.87.0.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/e4e057-c698-4933-9d05-7c0a94ae1719/1/Jn5ZWrImy_xTwLiWUPGzlnD_C04.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/e4e057-c698-4933-9d05-7c0a94ae1719/1/Jn5ZWrImy_xTwLiWUPGzlnD_C04.mft
rsync://rpki.ripe.net/repository/DEFAULT/Jn5ZWrImy_xTwLiWUPGzlnD_C04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:60:dc:1d:82:c8:4b:b9:d6:9a:41:5c:52:f8:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=267e595ab226cbfc53c0b89650f1b39670ff0b4e
Validity
Not Before: Jan 2 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ab4a1f5f5cc33faaf4374da64b17ed1994a5d87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:63:99:ea:84:f2:ec:11:1f:d8:59:cf:c0:e0:
5d:ab:33:ed:8a:33:c6:62:af:7d:e9:89:b5:d9:d4:
10:b9:b0:08:12:49:7e:59:40:2b:2a:42:81:ed:bb:
db:4e:32:59:5d:4f:1d:e7:59:fb:53:a1:63:03:88:
47:29:ee:9d:70:96:83:12:a8:da:0f:c4:08:e8:36:
bd:1d:70:e8:16:63:64:0a:8a:40:65:36:3e:7d:4c:
fb:b6:55:dd:0b:12:26:74:a7:45:4d:78:63:64:bc:
53:d3:f7:ea:ed:4a:d6:26:6a:39:6f:27:bc:f1:f1:
fc:3a:54:2e:bb:1a:82:ad:68:28:03:a6:a3:93:a9:
f6:da:bf:49:ba:5d:f2:e4:95:5f:17:6d:30:d5:e8:
ed:9e:28:e3:e1:c8:94:98:8e:4d:6c:69:e3:b5:a0:
27:60:86:92:b7:ab:d4:67:6d:a9:2b:14:d4:87:73:
b7:e9:05:b5:b9:aa:62:54:0c:18:b3:4c:60:c8:ba:
92:5e:7d:02:4b:bd:80:bd:1d:08:88:71:33:41:38:
68:15:34:b4:27:bb:63:78:c2:73:33:5b:77:a6:3a:
d1:f4:61:98:5b:44:85:ed:51:17:6f:53:68:02:f6:
74:82:62:6b:f4:2e:aa:57:43:b3:e3:28:c7:b2:d8:
9c:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:B4:A1:F5:F5:CC:33:FA:AF:43:74:DA:64:B1:7E:D1:99:4A:5D:87
X509v3 Authority Key Identifier:
keyid:26:7E:59:5A:B2:26:CB:FC:53:C0:B8:96:50:F1:B3:96:70:FF:0B:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Jn5ZWrImy_xTwLiWUPGzlnD_C04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e4e057-c698-4933-9d05-7c0a94ae1719/1/irSh9fXMM_qvQ3TaZLF-0ZlKXYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/e4e057-c698-4933-9d05-7c0a94ae1719/1/Jn5ZWrImy_xTwLiWUPGzlnD_C04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.87.0.0/22
Signature Algorithm: sha256WithRSAEncryption
95:39:c7:04:78:75:76:9d:35:f3:fc:44:ed:3a:6c:c9:28:10:
41:e0:ec:04:4b:52:0c:44:1a:da:0a:a3:ab:9d:ae:aa:a9:0c:
98:bd:a2:3d:8a:ae:cd:c1:94:d7:cf:cf:ad:65:c6:5d:28:05:
7b:88:4b:75:d2:ec:30:df:5b:b6:4c:37:f8:f0:73:4e:58:84:
2b:f1:59:e8:73:c8:60:a7:bd:b4:fa:a5:b0:26:9d:37:cd:de:
01:4c:cb:21:dd:d3:b5:c4:91:c6:9f:e3:95:17:6a:09:15:2e:
5b:df:d4:c5:a3:30:fd:7f:41:b4:59:a3:db:80:9f:e7:fa:5e:
aa:37:80:9f:2b:7a:d5:a3:ac:0f:32:83:8f:4e:c4:65:b2:bc:
c3:86:53:c7:cc:6f:ae:71:aa:f9:b7:21:95:35:15:0a:73:a2:
56:91:3f:ee:d8:a1:44:4f:6b:bb:a6:1e:49:13:68:fc:e3:43:
86:e3:17:9c:d8:5e:55:28:e6:0b:8a:dc:f4:8b:6f:fc:c2:1f:
0f:f6:c1:9c:1f:2d:ce:fc:3e:41:e2:43:5c:28:eb:3a:86:b4:
27:d8:91:2e:fd:2c:c3:c0:7f:21:a1:25:d3:f5:92:a3:7b:f9:
44:2d:23:eb:bd:c6:d1:07:a6:a8:19:5b:20:d8:a8:ac:a7:83:
75:e9:0e:c1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAWDcHYLIS7nWmkFcUvhJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2N2U1OTVhYjIyNmNiZmM1M2MwYjg5NjUwZjFiMzk2NzBm
ZjBiNGUwHhcNMjQwMTAyMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWI0YTFmNWY1Y2MzM2ZhYWY0Mzc0ZGE2NGIxN2VkMTk5NGE1ZDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgGOZ6oTy7BEf2FnPwOBdqzPtijPG
Yq996Ym12dQQubAIEkl+WUArKkKB7bvbTjJZXU8d51n7U6FjA4hHKe6dcJaDEqja
D8QI6Da9HXDoFmNkCopAZTY+fUz7tlXdCxImdKdFTXhjZLxT0/fq7UrWJmo5bye8
8fH8OlQuuxqCrWgoA6ajk6n22r9Jul3y5JVfF20w1ejtnijj4ciUmI5NbGnjtaAn
YIaSt6vUZ22pKxTUh3O36QW1uapiVAwYs0xgyLqSXn0CS72AvR0IiHEzQThoFTS0
J7tjeMJzM1t3pjrR9GGYW0SF7VEXb1NoAvZ0gmJr9C6qV0Oz4yjHsticVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIq0ofX1zDP6r0N02mSxftGZSl2HMB8GA1UdIwQY
MBaAFCZ+WVqyJsv8U8C4llDxs5Zw/wtOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm41WldySW15X3hUd0xpV1VQR3psbkRfQzA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi9lNGUwNTctYzY5OC00OTMzLTlkMDUt
N2MwYTk0YWUxNzE5LzEvaXJTaDlmWE1NX3F2UTNUYVpMRi0wWmxLWFljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi9lNGUwNTctYzY5OC00OTMzLTlkMDUtN2MwYTk0YWUxNzE5
LzEvSm41WldySW15X3hUd0xpV1VQR3psbkRfQzA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCkVcAMA0G
CSqGSIb3DQEBCwUAA4IBAQCVOccEeHV2nTXz/ETtOmzJKBBB4OwES1IMRBraCqOr
na6qqQyYvaI9iq7NwZTXz8+tZcZdKAV7iEt10uww31u2TDf48HNOWIQr8Vnoc8hg
p720+qWwJp03zd4BTMsh3dO1xJHGn+OVF2oJFS5b39TFozD9f0G0WaPbgJ/n+l6q
N4CfK3rVo6wPMoOPTsRlsrzDhlPHzG+ucar5tyGVNRUKc6JWkT/u2KFET2u7ph5J
E2j840OG4xec2F5VKOYLitz0i2/8wh8P9sGcHy3O/D5B4kNcKOs6hrQn2JEu/SzD
wH8hoSXT9ZKje/lELSPrvcbRB6aoGVsg2Kisp4N16Q7B
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:07:54 2024 by rpki-client on console-fra.rpki-client.org