Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/35b1df-78cf-4818-b33a-cda7fc7eb092/1/IUBJvFS27qrECyNF00KRX1aVGN4.roa
File: IUBJvFS27qrECyNF00KRX1aVGN4.roa (raw, json)
Hash identifier: gNWeJSJuWyE542A9KLKMArXuJs54XHfxngFgSJDFLGo=
Subject key identifier: 21:40:49:BC:54:B6:EE:AA:C4:0B:23:45:D3:42:91:5F:56:95:18:DE
Certificate issuer: /CN=d777943b341188e9cd2e93de288b33ffe041c7d2
Certificate serial: 018CC2DAC267E6E8DADE2A841484949E7C7A
Authority key identifier: D7:77:94:3B:34:11:88:E9:CD:2E:93:DE:28:8B:33:FF:E0:41:C7:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/13eUOzQRiOnNLpPeKIsz_-BBx9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/35b1df-78cf-4818-b33a-cda7fc7eb092/1/IUBJvFS27qrECyNF00KRX1aVGN4.roa
Signing time: Mon 01 Jan 2024 02:29:25 +0000
ROA not before: Mon 01 Jan 2024 02:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201077
IP address blocks: 185.86.196.0/22 maxlen: 24
2a05:bb40::/29 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/35b1df-78cf-4818-b33a-cda7fc7eb092/1/13eUOzQRiOnNLpPeKIsz_-BBx9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/35b1df-78cf-4818-b33a-cda7fc7eb092/1/13eUOzQRiOnNLpPeKIsz_-BBx9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/13eUOzQRiOnNLpPeKIsz_-BBx9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 14:15:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c2:67:e6:e8:da:de:2a:84:14:84:94:9e:7c:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d777943b341188e9cd2e93de288b33ffe041c7d2
Validity
Not Before: Jan 1 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=214049bc54b6eeaac40b2345d342915f569518de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:bb:77:1c:80:07:0b:10:0d:29:dc:ee:40:b6:
43:67:12:09:76:3b:63:3a:06:00:08:e9:0d:bb:a0:
ef:4d:f5:d9:03:4f:da:f4:fa:0a:2f:d7:42:97:96:
2b:1a:1e:5f:be:7d:cd:2f:49:d7:65:33:64:29:4f:
1e:66:46:de:0c:32:b2:9e:e9:6b:11:ea:86:6d:79:
89:26:98:a3:f5:55:05:ba:51:ee:65:61:83:3c:50:
e7:9c:80:02:2e:20:f6:e9:45:18:bc:ae:ce:9f:4a:
65:5d:57:71:61:97:cb:bb:e2:1f:f6:51:ca:91:67:
8d:34:2d:fb:46:e4:2d:56:ac:31:6d:4b:1e:d8:15:
dd:e2:6a:9a:26:2c:d0:f1:5e:a7:fb:5e:70:dc:78:
95:5b:9f:ef:25:7f:95:3e:b9:ce:6f:be:ae:9c:7b:
6e:f7:86:f9:f8:f8:09:23:bf:59:de:c3:e5:2e:61:
d2:8b:bd:be:c4:01:c5:c8:86:9e:5d:06:b5:d0:ef:
0f:e5:32:02:ca:8f:01:c9:38:22:40:94:a9:0a:82:
bc:b4:69:8d:20:35:02:39:dd:4f:5e:4e:a3:41:37:
98:f5:5d:0d:2b:05:51:01:94:d6:6f:2e:74:e5:92:
ba:82:ef:47:97:c2:b7:87:1b:25:38:de:c3:46:ad:
44:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:40:49:BC:54:B6:EE:AA:C4:0B:23:45:D3:42:91:5F:56:95:18:DE
X509v3 Authority Key Identifier:
keyid:D7:77:94:3B:34:11:88:E9:CD:2E:93:DE:28:8B:33:FF:E0:41:C7:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/13eUOzQRiOnNLpPeKIsz_-BBx9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/35b1df-78cf-4818-b33a-cda7fc7eb092/1/IUBJvFS27qrECyNF00KRX1aVGN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/35b1df-78cf-4818-b33a-cda7fc7eb092/1/13eUOzQRiOnNLpPeKIsz_-BBx9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.86.196.0/22
IPv6:
2a05:bb40::/29
Signature Algorithm: sha256WithRSAEncryption
2b:8f:94:23:cc:87:bf:9c:d9:c5:4c:f8:eb:77:ac:c8:0f:32:
62:7e:df:0c:12:b2:ae:94:b0:8d:41:c4:43:77:d9:68:3e:88:
1b:59:94:86:38:3b:54:3f:8d:7b:ce:42:69:79:bc:3a:5c:f8:
d2:c6:de:eb:8b:7d:25:01:22:3d:72:7b:5a:84:dc:bf:d3:67:
d0:b0:d8:f0:e8:f1:15:a4:d5:f7:a4:b2:4e:75:2c:18:97:74:
33:97:fb:3c:ab:8c:7d:64:6e:69:1f:e9:d8:f4:17:df:8b:21:
2e:95:99:cf:c8:8c:bf:31:c9:ef:ac:81:ff:33:16:ab:0b:51:
4f:09:f8:41:ff:c4:bf:ac:d3:8d:d2:f5:48:65:d2:62:79:a8:
38:d8:1c:d3:ed:74:a0:96:d1:4a:e0:dc:05:28:ef:fc:09:2f:
0d:c8:87:6d:14:98:03:14:5a:7d:f3:ad:df:ca:a0:70:83:bc:
39:e2:69:e4:36:bd:93:ef:59:c7:b7:c2:28:24:0a:59:cf:15:
23:50:67:6a:c8:ad:f7:5a:13:33:9b:58:18:ec:b8:0b:7b:a0:
84:3e:56:af:01:8b:d2:28:5c:b9:32:9a:91:a4:60:55:26:cd:
55:de:ef:d7:3d:7c:e1:21:54:59:61:ef:17:61:8c:6c:cc:54:
bb:a2:9e:1a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzC2sJn5uja3iqEFISUnnx6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3Nzc5NDNiMzQxMTg4ZTljZDJlOTNkZTI4OGIzM2ZmZTA0
MWM3ZDIwHhcNMjQwMTAxMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTQwNDliYzU0YjZlZWFhYzQwYjIzNDVkMzQyOTE1ZjU2OTUxOGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkrt3HIAHCxANKdzuQLZDZxIJdjtj
OgYACOkNu6DvTfXZA0/a9PoKL9dCl5YrGh5fvn3NL0nXZTNkKU8eZkbeDDKynulr
EeqGbXmJJpij9VUFulHuZWGDPFDnnIACLiD26UUYvK7On0plXVdxYZfLu+If9lHK
kWeNNC37RuQtVqwxbUse2BXd4mqaJizQ8V6n+15w3HiVW5/vJX+VPrnOb76unHtu
94b5+PgJI79Z3sPlLmHSi72+xAHFyIaeXQa10O8P5TICyo8ByTgiQJSpCoK8tGmN
IDUCOd1PXk6jQTeY9V0NKwVRAZTWby505ZK6gu9Hl8K3hxslON7DRq1EwwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCFASbxUtu6qxAsjRdNCkV9WlRjeMB8GA1UdIwQY
MBaAFNd3lDs0EYjpzS6T3iiLM//gQcfSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTNlVU96UVJpT25OTHBQZUtJc3pfLUJCeDlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8zNWIxZGYtNzhjZi00ODE4LWIzM2Et
Y2RhN2ZjN2ViMDkyLzEvSVVCSnZGUzI3cXJFQ3lORjAwS1JYMWFWR040LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8zNWIxZGYtNzhjZi00ODE4LWIzM2EtY2RhN2ZjN2ViMDky
LzEvMTNlVU96UVJpT25OTHBQZUtJc3pfLUJCeDlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVbEMA0E
AgACMAcDBQMqBbtAMA0GCSqGSIb3DQEBCwUAA4IBAQArj5QjzIe/nNnFTPjrd6zI
DzJift8MErKulLCNQcRDd9loPogbWZSGODtUP417zkJpebw6XPjSxt7ri30lASI9
cntahNy/02fQsNjw6PEVpNX3pLJOdSwYl3Qzl/s8q4x9ZG5pH+nY9BffiyEulZnP
yIy/McnvrIH/MxarC1FPCfhB/8S/rNON0vVIZdJieag42BzT7XSgltFK4NwFKO/8
CS8NyIdtFJgDFFp9863fyqBwg7w54mnkNr2T71nHt8IoJApZzxUjUGdqyK33WhMz
m1gY7LgLe6CEPlavAYvSKFy5MpqRpGBVJs1V3u/XPXzhIVRZYe8XYYxszFS7op4a
-----END CERTIFICATE-----
Generated at Wed May 22 23:48:01 2024 by rpki-client on console-ams.rpki-client.org