Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/48/2884aa-0ccb-49f2-90c5-3385d9bf1d80/1/ISA7Fi_8EPILLsJB0J9PrmmWlpI.roa
File: ISA7Fi_8EPILLsJB0J9PrmmWlpI.roa (raw, json)
Hash identifier: B1oyP4xQ1ahkycpde0xeBz1xm15mDWWi+QVLWNADchk=
Subject key identifier: 21:20:3B:16:2F:FC:10:F2:0B:2E:C2:41:D0:9F:4F:AE:69:96:96:92
Certificate issuer: /CN=41690e2390e90bbd8de40218ad221e093bccecbf
Certificate serial: 018CCA284BBF16C2638FC85E204FC94BD66E
Authority key identifier: 41:69:0E:23:90:E9:0B:BD:8D:E4:02:18:AD:22:1E:09:3B:CC:EC:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QWkOI5DpC72N5AIYrSIeCTvM7L8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/48/2884aa-0ccb-49f2-90c5-3385d9bf1d80/1/ISA7Fi_8EPILLsJB0J9PrmmWlpI.roa
Signing time: Tue 02 Jan 2024 12:31:27 +0000
ROA not before: Tue 02 Jan 2024 12:31:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196890
IP address blocks: 5.149.192.0/21 maxlen: 21
193.19.124.0/23 maxlen: 23
193.25.222.0/24 maxlen: 24
194.28.104.0/22 maxlen: 22
2a00:d5c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/48/2884aa-0ccb-49f2-90c5-3385d9bf1d80/1/QWkOI5DpC72N5AIYrSIeCTvM7L8.crl
rsync://rpki.ripe.net/repository/DEFAULT/48/2884aa-0ccb-49f2-90c5-3385d9bf1d80/1/QWkOI5DpC72N5AIYrSIeCTvM7L8.mft
rsync://rpki.ripe.net/repository/DEFAULT/QWkOI5DpC72N5AIYrSIeCTvM7L8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:28:4b:bf:16:c2:63:8f:c8:5e:20:4f:c9:4b:d6:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=41690e2390e90bbd8de40218ad221e093bccecbf
Validity
Not Before: Jan 2 12:31:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21203b162ffc10f20b2ec241d09f4fae69969692
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:b1:33:14:6d:42:4e:e2:61:5d:bc:69:0b:94:
dc:9a:a0:e1:6b:3f:d5:97:fe:a2:b2:aa:a1:05:2b:
b4:a2:3d:0d:bd:c2:7d:cb:7f:b5:b9:dd:2f:20:65:
33:0b:42:a6:81:ee:f0:34:86:48:30:c8:20:a3:d3:
98:c0:86:5f:02:50:8d:fe:16:7b:28:aa:70:25:73:
d1:31:4e:0f:14:b3:fe:5b:6e:5b:fe:95:11:e1:10:
12:d2:f0:88:f0:5a:af:e2:00:1f:0c:c6:b3:00:89:
25:8a:e5:8b:aa:1a:b1:8d:d6:82:20:e5:05:df:66:
14:17:87:c1:05:68:ce:d7:4a:af:03:bd:5d:7e:a9:
cc:09:97:85:03:e8:91:d9:55:7c:da:37:46:4b:06:
c5:dc:6a:c0:6e:9b:3d:f0:06:aa:4e:fa:ef:d9:25:
47:9e:17:4b:06:cf:ef:a8:d0:e8:59:9f:a7:62:63:
dd:2d:82:fe:19:c3:15:b8:20:48:2d:92:a3:71:8f:
65:cf:8e:b8:31:e3:20:1d:b7:71:af:6b:e0:65:50:
77:e4:3c:da:44:e0:d1:a8:25:64:e4:f9:e3:0c:de:
1d:36:24:a5:ab:37:f6:9b:dc:88:92:fb:b0:e9:06:
fa:04:42:f2:76:e5:92:d4:a3:00:a5:8b:37:55:a0:
f5:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:20:3B:16:2F:FC:10:F2:0B:2E:C2:41:D0:9F:4F:AE:69:96:96:92
X509v3 Authority Key Identifier:
keyid:41:69:0E:23:90:E9:0B:BD:8D:E4:02:18:AD:22:1E:09:3B:CC:EC:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QWkOI5DpC72N5AIYrSIeCTvM7L8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/48/2884aa-0ccb-49f2-90c5-3385d9bf1d80/1/ISA7Fi_8EPILLsJB0J9PrmmWlpI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/48/2884aa-0ccb-49f2-90c5-3385d9bf1d80/1/QWkOI5DpC72N5AIYrSIeCTvM7L8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.192.0/21
193.19.124.0/23
193.25.222.0/24
194.28.104.0/22
IPv6:
2a00:d5c0::/29
Signature Algorithm: sha256WithRSAEncryption
92:12:84:b2:81:2c:07:fb:ea:06:d9:68:2f:67:18:d0:7d:07:
e8:6d:10:61:95:97:c5:c4:69:3a:4b:20:d5:6a:9a:67:ab:36:
72:08:b4:17:5c:ea:1b:2a:77:cd:cb:0f:88:3a:99:1e:d9:f2:
09:55:d7:49:79:60:ea:29:20:1f:c0:8c:2f:56:1e:da:7e:f3:
69:0e:59:60:4b:2b:1f:30:d4:34:18:32:bb:e3:0a:c0:1e:6d:
ff:92:18:91:49:9a:9a:55:84:c9:16:bb:89:13:79:a9:06:5f:
ac:56:d0:ca:37:cf:60:ac:61:d9:c4:bf:75:bf:e7:e1:e2:ed:
a0:9d:eb:bf:93:e7:83:28:0f:fc:96:ac:51:cc:b1:c6:d8:30:
b7:5c:09:90:5d:eb:73:53:09:7c:1d:03:4a:7a:88:5c:5a:bc:
d9:ad:4d:da:37:14:06:80:04:f9:05:53:c0:c9:f0:ac:ac:66:
46:45:de:48:21:62:aa:68:cb:9b:18:fc:ab:ad:8d:87:0f:ab:
3b:93:46:ec:fa:1d:98:c5:50:55:fe:82:6a:21:9e:d1:f4:dc:
a2:4f:63:fe:db:a7:53:2a:a1:08:e8:ae:5e:d1:55:b6:92:60:
68:26:0b:bc:ec:f4:ec:2d:c2:b3:91:56:9c:7d:94:c2:a3:e7:
b1:bf:ff:b2
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzKKEu/FsJjj8heIE/JS9ZuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxNjkwZTIzOTBlOTBiYmQ4ZGU0MDIxOGFkMjIxZTA5M2Jj
Y2VjYmYwHhcNMjQwMTAyMTIzMTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTIwM2IxNjJmZmMxMGYyMGIyZWMyNDFkMDlmNGZhZTY5OTY5NjkyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjrEzFG1CTuJhXbxpC5TcmqDhaz/V
l/6isqqhBSu0oj0NvcJ9y3+1ud0vIGUzC0Kmge7wNIZIMMggo9OYwIZfAlCN/hZ7
KKpwJXPRMU4PFLP+W25b/pUR4RAS0vCI8Fqv4gAfDMazAIkliuWLqhqxjdaCIOUF
32YUF4fBBWjO10qvA71dfqnMCZeFA+iR2VV82jdGSwbF3GrAbps98AaqTvrv2SVH
nhdLBs/vqNDoWZ+nYmPdLYL+GcMVuCBILZKjcY9lz464MeMgHbdxr2vgZVB35Dza
RODRqCVk5PnjDN4dNiSlqzf2m9yIkvuw6Qb6BELyduWS1KMApYs3VaD1IQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCEgOxYv/BDyCy7CQdCfT65plpaSMB8GA1UdIwQY
MBaAFEFpDiOQ6Qu9jeQCGK0iHgk7zOy/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVdrT0k1RHBDNzJONUFJWXJTSWVDVHZNN0w4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OC8yODg0YWEtMGNjYi00OWYyLTkwYzUt
MzM4NWQ5YmYxZDgwLzEvSVNBN0ZpXzhFUElMTHNKQjBKOVBybW1XbHBJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OC8yODg0YWEtMGNjYi00OWYyLTkwYzUtMzM4NWQ5YmYxZDgw
LzEvUVdrT0k1RHBDNzJONUFJWXJTSWVDVHZNN0w4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDBZXAAwQB
wRN8AwQAwRneAwQCwhxoMA0EAgACMAcDBQMqANXAMA0GCSqGSIb3DQEBCwUAA4IB
AQCSEoSygSwH++oG2WgvZxjQfQfobRBhlZfFxGk6SyDVappnqzZyCLQXXOobKnfN
yw+IOpke2fIJVddJeWDqKSAfwIwvVh7afvNpDllgSysfMNQ0GDK74wrAHm3/khiR
SZqaVYTJFruJE3mpBl+sVtDKN89grGHZxL91v+fh4u2gneu/k+eDKA/8lqxRzLHG
2DC3XAmQXetzUwl8HQNKeohcWrzZrU3aNxQGgAT5BVPAyfCsrGZGRd5IIWKqaMub
GPyrrY2HD6s7k0bs+h2YxVBV/oJqIZ7R9NyiT2P+26dTKqEI6K5e0VW2kmBoJgu8
7PTsLcKzkVacfZTCo+exv/+y
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:57:03 2024 by rpki-client on console-fra.rpki-client.org