Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/1IKKl5D129PR13tfH9EnAc5gTB8.roa
File: 1IKKl5D129PR13tfH9EnAc5gTB8.roa (raw, json)
Hash identifier: iA0vJ5ZLHSEXsbjJNTdpZXCajP0Jec7WUNXBiOI06g8=
Subject key identifier: D4:82:8A:97:90:F5:DB:D3:D1:D7:7B:5F:1F:D1:27:01:CE:60:4C:1F
Certificate issuer: /CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Certificate serial: 018CC4938E5E7DEB1EE7770FF5B3000C3C18
Authority key identifier: 20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/1IKKl5D129PR13tfH9EnAc5gTB8.roa
Signing time: Mon 01 Jan 2024 10:30:53 +0000
ROA not before: Mon 01 Jan 2024 10:30:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31477
IP address blocks: 82.150.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:53:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:8e:5e:7d:eb:1e:e7:77:0f:f5:b3:00:0c:3c:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=201fe30fc6b4b0d0f6db4e1bfbbd50195dca575c
Validity
Not Before: Jan 1 10:30:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d4828a9790f5dbd3d1d77b5f1fd12701ce604c1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:bb:eb:8f:a7:96:b7:0f:73:1d:d1:78:8f:76:
83:57:6a:78:73:7c:a6:77:86:4f:26:b4:55:1c:06:
19:36:b7:2f:d3:ae:96:73:11:5e:b8:2c:77:c0:3c:
c8:df:09:80:d5:d0:c9:51:d4:01:2d:23:b3:7f:cb:
0c:a1:1c:3d:13:d9:27:c5:36:1f:8d:0e:a0:d6:96:
c7:16:1d:6a:a8:11:2e:8b:cd:c3:c0:ab:cb:0c:c1:
5f:64:a4:2b:dc:b4:ff:0c:71:13:4b:68:92:23:a4:
62:88:f7:bf:2a:6d:9f:94:6b:9c:03:bc:a7:c0:d3:
df:20:da:87:52:07:2f:34:28:ec:0c:6b:45:b1:c8:
7c:87:8f:35:cd:6a:29:1c:46:bf:42:c8:3d:13:e0:
9f:b1:10:3e:6e:aa:19:17:63:84:fa:ce:ae:83:cb:
bf:ca:ef:51:8d:d1:a0:e2:34:7b:52:e1:e8:c2:a3:
58:9b:12:e7:40:5a:be:31:cf:c7:fe:9d:c2:be:81:
39:67:c2:46:f6:42:fa:45:26:a9:35:b3:d2:48:7d:
0a:b4:f0:fb:46:70:9f:ea:89:b4:6a:df:3f:02:e3:
27:37:c8:05:db:bd:ed:ad:e6:74:1c:e8:d6:66:90:
60:25:fb:44:50:61:58:a2:ac:1e:1d:78:21:2e:d8:
0b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:82:8A:97:90:F5:DB:D3:D1:D7:7B:5F:1F:D1:27:01:CE:60:4C:1F
X509v3 Authority Key Identifier:
keyid:20:1F:E3:0F:C6:B4:B0:D0:F6:DB:4E:1B:FB:BD:50:19:5D:CA:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IB_jD8a0sND2204b-71QGV3KV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/1IKKl5D129PR13tfH9EnAc5gTB8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/8d80f9-494e-4abb-9956-fc121c800b30/1/IB_jD8a0sND2204b-71QGV3KV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.150.139.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:ba:cd:a9:27:b6:99:a7:0f:89:89:29:1c:3c:ac:fe:f7:24:
81:e2:29:d8:ae:a6:71:5a:c8:6d:fb:c6:7e:6b:fb:58:15:80:
3a:2b:4e:b1:9b:69:84:73:20:2f:16:48:14:b0:28:87:8f:cf:
ef:19:01:15:4d:41:47:6c:d3:a1:db:2b:98:6c:11:5e:54:b6:
7b:64:fa:4b:0c:0e:70:cb:8a:17:68:b4:77:e9:cb:0e:01:56:
06:0d:45:96:b2:e4:13:9d:3c:37:4a:93:0e:30:41:8f:7d:5d:
4b:5c:38:64:44:52:82:4a:4a:25:94:cc:c3:71:0a:ba:7b:6c:
33:58:6d:42:30:7b:dd:48:09:52:e1:e4:e4:77:c5:b4:40:b1:
ff:b6:0b:21:38:0f:90:40:ce:a4:a3:42:92:2b:52:18:01:e0:
36:f9:cb:2d:e9:df:0c:64:6f:e0:8c:a3:40:11:4d:3c:06:1a:
aa:c7:63:c4:6a:21:cd:66:53:1a:81:29:fb:fb:23:22:2e:59:
fb:06:7d:01:be:15:4b:19:80:d8:44:90:b6:66:f3:b7:67:6e:
7e:73:a8:16:b4:fe:e0:8d:4b:18:07:c7:1a:b0:94:25:d2:e8:
c6:96:88:d4:eb:26:3e:fd:92:bb:2a:c7:58:10:a0:2c:63:e6:
81:41:b3:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk45efese53cP9bMADDwYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMWZlMzBmYzZiNGIwZDBmNmRiNGUxYmZiYmQ1MDE5NWRj
YTU3NWMwHhcNMjQwMTAxMTAzMDUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDgyOGE5NzkwZjVkYmQzZDFkNzdiNWYxZmQxMjcwMWNlNjA0YzFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo7vrj6eWtw9zHdF4j3aDV2p4c3ym
d4ZPJrRVHAYZNrcv066WcxFeuCx3wDzI3wmA1dDJUdQBLSOzf8sMoRw9E9knxTYf
jQ6g1pbHFh1qqBEui83DwKvLDMFfZKQr3LT/DHETS2iSI6RiiPe/Km2flGucA7yn
wNPfINqHUgcvNCjsDGtFsch8h481zWopHEa/Qsg9E+CfsRA+bqoZF2OE+s6ug8u/
yu9RjdGg4jR7UuHowqNYmxLnQFq+Mc/H/p3CvoE5Z8JG9kL6RSapNbPSSH0KtPD7
RnCf6om0at8/AuMnN8gF273treZ0HOjWZpBgJftEUGFYoqweHXghLtgL1wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNSCipeQ9dvT0dd7Xx/RJwHOYEwfMB8GA1UdIwQY
MBaAFCAf4w/GtLDQ9ttOG/u9UBldyldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYt
ZmMxMjFjODAwYjMwLzEvMUlLS2w1RDEyOVBSMTN0Zkg5RW5BYzVnVEI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My84ZDgwZjktNDk0ZS00YWJiLTk5NTYtZmMxMjFjODAwYjMw
LzEvSUJfakQ4YTBzTkQyMjA0Yi03MVFHVjNLVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAUpaLMA0G
CSqGSIb3DQEBCwUAA4IBAQBeus2pJ7aZpw+JiSkcPKz+9ySB4inYrqZxWsht+8Z+
a/tYFYA6K06xm2mEcyAvFkgUsCiHj8/vGQEVTUFHbNOh2yuYbBFeVLZ7ZPpLDA5w
y4oXaLR36csOAVYGDUWWsuQTnTw3SpMOMEGPfV1LXDhkRFKCSkollMzDcQq6e2wz
WG1CMHvdSAlS4eTkd8W0QLH/tgshOA+QQM6ko0KSK1IYAeA2+cst6d8MZG/gjKNA
EU08Bhqqx2PEaiHNZlMagSn7+yMiLln7Bn0BvhVLGYDYRJC2ZvO3Z25+c6gWtP7g
jUsYB8casJQl0ujGlojU6yY+/ZK7KsdYEKAsY+aBQbO9
-----END CERTIFICATE-----
Generated at Sun May 19 07:45:17 2024 by rpki-client on console-fra.rpki-client.org