Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/b3f825-da38-4989-9629-382920155ffb/1/IZLKju0sJ0JBXaP_Y5iCeJcNJDQ.roa
File: IZLKju0sJ0JBXaP_Y5iCeJcNJDQ.roa (raw, json)
Hash identifier: pULORW3W+OJnPxCB+xBDeRSUbmeC8GFCotseXQLeRAk=
Subject key identifier: 21:92:CA:8E:ED:2C:27:42:41:5D:A3:FF:63:98:82:78:97:0D:24:34
Certificate issuer: /CN=cfd3a3f1069fcd512da514f66d6ee34ba3debb0f
Certificate serial: 018CC56F0269A144574ADECA800F38229745
Authority key identifier: CF:D3:A3:F1:06:9F:CD:51:2D:A5:14:F6:6D:6E:E3:4B:A3:DE:BB:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/z9Oj8QafzVEtpRT2bW7jS6Peuw8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/b3f825-da38-4989-9629-382920155ffb/1/IZLKju0sJ0JBXaP_Y5iCeJcNJDQ.roa
Signing time: Mon 01 Jan 2024 14:30:35 +0000
ROA not before: Mon 01 Jan 2024 14:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59975
IP address blocks: 176.107.230.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/b3f825-da38-4989-9629-382920155ffb/1/z9Oj8QafzVEtpRT2bW7jS6Peuw8.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/b3f825-da38-4989-9629-382920155ffb/1/z9Oj8QafzVEtpRT2bW7jS6Peuw8.mft
rsync://rpki.ripe.net/repository/DEFAULT/z9Oj8QafzVEtpRT2bW7jS6Peuw8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 13 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6f:02:69:a1:44:57:4a:de:ca:80:0f:38:22:97:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cfd3a3f1069fcd512da514f66d6ee34ba3debb0f
Validity
Not Before: Jan 1 14:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2192ca8eed2c2742415da3ff63988278970d2434
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0c:88:f9:ba:e8:8d:ed:5f:2e:20:5b:08:a5:
a7:ad:1f:63:2f:e8:ba:05:ce:bd:88:e1:cd:2d:cf:
db:c9:81:3d:57:4d:86:13:6b:51:39:8e:bc:cc:5e:
63:5c:22:12:0c:b5:aa:d4:74:10:53:5c:5c:e4:b2:
a8:2a:fe:93:9c:89:16:00:62:82:48:e2:13:19:c4:
0c:00:7d:e4:01:5b:4e:2c:e9:e4:e6:54:6f:16:23:
bb:4f:f7:9e:44:1e:33:a5:cd:d8:34:11:96:5a:3a:
d0:c8:4a:f6:6a:50:00:51:8c:fa:32:30:d9:ef:08:
22:66:1c:24:64:14:52:bc:26:4c:4f:c7:b3:7d:d8:
14:c1:c6:2a:97:1d:0b:b2:f6:d4:23:2f:7a:65:19:
58:63:6e:24:33:f8:d0:ed:a8:2f:bf:77:b6:4c:30:
e9:15:04:ce:98:92:25:55:99:7d:42:21:1a:97:39:
09:76:9e:dc:bd:3b:eb:6c:ba:ac:51:c4:3a:a1:7f:
5f:a0:ab:f9:0a:f3:f8:d9:3f:d8:2c:f8:d7:00:ee:
da:c9:3d:de:76:c8:ce:c5:86:b7:be:07:21:99:42:
6e:3d:a9:35:9a:9e:9c:0f:b6:9c:24:79:96:98:c9:
ed:bb:da:ea:4a:64:8d:41:da:3f:cd:99:d3:c6:00:
b9:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:92:CA:8E:ED:2C:27:42:41:5D:A3:FF:63:98:82:78:97:0D:24:34
X509v3 Authority Key Identifier:
keyid:CF:D3:A3:F1:06:9F:CD:51:2D:A5:14:F6:6D:6E:E3:4B:A3:DE:BB:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/z9Oj8QafzVEtpRT2bW7jS6Peuw8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/b3f825-da38-4989-9629-382920155ffb/1/IZLKju0sJ0JBXaP_Y5iCeJcNJDQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/b3f825-da38-4989-9629-382920155ffb/1/z9Oj8QafzVEtpRT2bW7jS6Peuw8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.107.230.0/23
Signature Algorithm: sha256WithRSAEncryption
17:b2:1e:a3:13:3a:8e:17:72:34:51:2a:b1:48:fe:48:b4:35:
b0:2a:42:3f:9f:55:05:6b:04:3d:84:43:04:6b:95:76:27:4d:
d1:a3:c8:0b:a9:84:1b:dd:46:de:91:42:61:d7:ea:ac:e6:67:
0b:76:f1:76:7f:9a:2c:a3:cc:a3:e2:99:65:16:35:82:ae:53:
31:78:db:a4:c3:3d:8a:25:e8:45:6b:b4:5e:37:bd:48:8a:a9:
70:b0:1d:56:aa:94:d9:5f:35:01:9d:dd:2b:c2:c0:07:d1:49:
2a:52:11:ee:c4:d5:35:ab:13:c7:11:a7:77:07:20:24:7c:71:
12:bf:81:94:fc:39:5f:c5:bb:91:ba:aa:db:19:50:78:3e:cb:
4e:03:29:2f:b9:df:50:69:cc:99:5e:70:86:d2:bd:03:65:be:
5a:29:5f:7a:8a:19:44:fd:cc:37:25:97:9a:24:d1:7c:e5:83:
b7:bb:f7:bc:34:1f:4e:d2:20:61:a9:d3:eb:aa:0d:90:54:d5:
7f:1d:38:d0:b8:4b:3b:8d:cb:08:87:09:9d:18:df:69:46:5f:
60:07:3d:d3:9d:80:f4:f0:6b:e9:d8:1b:e7:7c:da:69:c7:14:
4d:64:36:12:7b:af:47:af:64:b7:87:eb:f0:92:5e:35:e9:bf:
11:83:3c:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbwJpoURXSt7KgA84IpdFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNmZDNhM2YxMDY5ZmNkNTEyZGE1MTRmNjZkNmVlMzRiYTNk
ZWJiMGYwHhcNMjQwMTAxMTQzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTkyY2E4ZWVkMmMyNzQyNDE1ZGEzZmY2Mzk4ODI3ODk3MGQyNDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAyI+broje1fLiBbCKWnrR9jL+i6
Bc69iOHNLc/byYE9V02GE2tROY68zF5jXCISDLWq1HQQU1xc5LKoKv6TnIkWAGKC
SOITGcQMAH3kAVtOLOnk5lRvFiO7T/eeRB4zpc3YNBGWWjrQyEr2alAAUYz6MjDZ
7wgiZhwkZBRSvCZMT8ezfdgUwcYqlx0LsvbUIy96ZRlYY24kM/jQ7agvv3e2TDDp
FQTOmJIlVZl9QiEalzkJdp7cvTvrbLqsUcQ6oX9foKv5CvP42T/YLPjXAO7ayT3e
dsjOxYa3vgchmUJuPak1mp6cD7acJHmWmMntu9rqSmSNQdo/zZnTxgC5NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCGSyo7tLCdCQV2j/2OYgniXDSQ0MB8GA1UdIwQY
MBaAFM/To/EGn81RLaUU9m1u40uj3rsPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvejlPajhRYWZ6VkV0cFJUMmJXN2pTNlBldXc4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9iM2Y4MjUtZGEzOC00OTg5LTk2Mjkt
MzgyOTIwMTU1ZmZiLzEvSVpMS2p1MHNKMEpCWGFQX1k1aUNlSmNOSkRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9iM2Y4MjUtZGEzOC00OTg5LTk2MjktMzgyOTIwMTU1ZmZi
LzEvejlPajhRYWZ6VkV0cFJUMmJXN2pTNlBldXc4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBsGvmMA0G
CSqGSIb3DQEBCwUAA4IBAQAXsh6jEzqOF3I0USqxSP5ItDWwKkI/n1UFawQ9hEME
a5V2J03Ro8gLqYQb3UbekUJh1+qs5mcLdvF2f5oso8yj4pllFjWCrlMxeNukwz2K
JehFa7ReN71IiqlwsB1WqpTZXzUBnd0rwsAH0UkqUhHuxNU1qxPHEad3ByAkfHES
v4GU/DlfxbuRuqrbGVB4PstOAykvud9QacyZXnCG0r0DZb5aKV96ihlE/cw3JZea
JNF85YO3u/e8NB9O0iBhqdPrqg2QVNV/HTjQuEs7jcsIhwmdGN9pRl9gBz3TnYD0
8Gvp2BvnfNppxxRNZDYSe69Hr2S3h+vwkl416b8Rgzxw
-----END CERTIFICATE-----
Generated at Thu Jun 13 05:32:09 2024 by rpki-client on console-ams.rpki-client.org