Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/2901ce-67e7-44f5-99ea-2373a1ba6d0b/1/IBM46FcmfJlMzij8xekEce_fDCQ.roa
File: IBM46FcmfJlMzij8xekEce_fDCQ.roa (raw, json)
Hash identifier: vNOo2rJtV5C+MS8xUPSpgHUE4OwGjp8YyhxvL1szikQ=
Subject key identifier: 20:13:38:E8:57:26:7C:99:4C:CE:28:FC:C5:E9:04:71:EF:DF:0C:24
Certificate issuer: /CN=c062e6aa59466fe561a93abcd4dcdf3dea4dc267
Certificate serial: 018EE25FA5BB3F9EC5C39579F84264B093DF
Authority key identifier: C0:62:E6:AA:59:46:6F:E5:61:A9:3A:BC:D4:DC:DF:3D:EA:4D:C2:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wGLmqllGb-VhqTq81NzfPepNwmc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/2901ce-67e7-44f5-99ea-2373a1ba6d0b/1/IBM46FcmfJlMzij8xekEce_fDCQ.roa
Signing time: Mon 15 Apr 2024 15:28:22 +0000
ROA not before: Mon 15 Apr 2024 15:28:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198371
IP address blocks: 176.104.104.0/24 maxlen: 24
176.104.105.0/24 maxlen: 24
176.104.106.0/24 maxlen: 24
176.104.107.0/24 maxlen: 24
176.104.108.0/24 maxlen: 24
176.104.109.0/24 maxlen: 24
176.104.110.0/24 maxlen: 24
176.104.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/2901ce-67e7-44f5-99ea-2373a1ba6d0b/1/wGLmqllGb-VhqTq81NzfPepNwmc.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/2901ce-67e7-44f5-99ea-2373a1ba6d0b/1/wGLmqllGb-VhqTq81NzfPepNwmc.mft
rsync://rpki.ripe.net/repository/DEFAULT/wGLmqllGb-VhqTq81NzfPepNwmc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e2:5f:a5:bb:3f:9e:c5:c3:95:79:f8:42:64:b0:93:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c062e6aa59466fe561a93abcd4dcdf3dea4dc267
Validity
Not Before: Apr 15 15:28:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=201338e857267c994cce28fcc5e90471efdf0c24
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:09:23:8a:69:33:0e:8c:8b:f2:33:1a:4a:6a:
38:21:6e:e7:2e:34:32:fd:54:5e:c2:d1:43:f6:49:
d0:35:61:7b:c1:59:7b:94:f6:e4:ae:6a:f1:77:a7:
9c:2a:2a:4c:ea:a0:19:c0:3a:7f:d2:7d:36:7b:38:
b7:7a:16:5e:67:88:07:e5:ea:65:72:46:b0:a3:e9:
24:d5:dc:3e:5d:0e:ec:36:6a:0f:f3:7c:66:59:ff:
f0:17:49:10:0e:5a:a4:3c:ce:f4:12:f2:d5:3b:1e:
ae:15:2b:89:ce:19:5b:94:ff:7c:58:84:f8:53:36:
a4:e7:55:e9:6f:6c:6d:a0:1b:b9:ff:ae:d9:06:6d:
3c:da:2f:93:a2:7f:a2:b7:ba:d7:2e:f0:98:7d:ea:
07:40:cc:38:ed:63:44:3f:cc:5e:32:3a:b2:b7:e9:
c1:02:d7:66:26:e8:e2:f9:3f:4c:f0:f7:f5:6b:46:
bd:8a:d9:6d:3f:a8:62:02:5e:42:e9:7d:09:c1:fe:
68:cc:1b:70:4c:2b:a3:90:ea:e5:33:5f:93:25:a9:
23:45:97:ec:77:46:a5:6c:79:07:af:bf:e0:7e:39:
9f:a2:5d:15:a4:c1:2d:7a:c5:fe:7b:ed:6e:b0:a0:
c1:ed:07:2a:48:dd:f1:02:4f:90:59:fc:c7:ab:49:
80:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:13:38:E8:57:26:7C:99:4C:CE:28:FC:C5:E9:04:71:EF:DF:0C:24
X509v3 Authority Key Identifier:
keyid:C0:62:E6:AA:59:46:6F:E5:61:A9:3A:BC:D4:DC:DF:3D:EA:4D:C2:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wGLmqllGb-VhqTq81NzfPepNwmc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/2901ce-67e7-44f5-99ea-2373a1ba6d0b/1/IBM46FcmfJlMzij8xekEce_fDCQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/2901ce-67e7-44f5-99ea-2373a1ba6d0b/1/wGLmqllGb-VhqTq81NzfPepNwmc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.104.104.0/21
Signature Algorithm: sha256WithRSAEncryption
79:0c:f2:5e:91:e8:14:a4:58:b6:30:ab:8f:b8:57:9c:21:21:
2e:9a:03:3e:d8:28:6a:41:54:4d:ca:4d:30:79:e5:8c:11:3b:
dd:79:d4:83:09:e0:5f:ae:2e:70:aa:86:2c:77:09:c6:70:1c:
e6:ed:e7:e6:e4:93:ea:70:38:e9:a4:d3:55:8a:b0:63:01:5e:
3d:11:58:7f:da:55:6b:6b:b1:90:a4:f0:ed:cf:0b:b1:e7:23:
0d:86:73:d0:fd:8e:32:1a:03:ee:21:d4:dd:95:3e:7f:e8:36:
b0:e1:33:50:d2:ce:74:b3:ce:48:f1:66:22:50:60:2c:6a:cf:
26:73:33:f8:c7:00:20:e9:8e:38:83:db:6a:86:4c:b4:30:51:
4e:91:6a:b9:b9:de:06:21:23:31:08:44:ac:13:89:d2:f3:3d:
4d:b3:88:e6:69:5f:a6:40:75:e3:e2:fb:bb:80:bd:28:80:d7:
ac:df:4c:bf:23:8c:b2:6f:1d:8c:1d:6f:b9:b8:c4:bb:c9:5d:
f5:68:f7:78:dc:d4:78:e2:0d:e4:dd:29:76:e7:89:58:46:16:
54:93:7a:cf:5a:86:b8:5b:29:2e:22:55:3e:1e:b9:0d:1c:74:
d2:b4:31:5a:9f:ee:75:ac:09:bf:76:45:c6:54:9f:8b:b2:38:
9b:a6:0d:b9
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY7iX6W7P57Fw5V5+EJksJPfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwNjJlNmFhNTk0NjZmZTU2MWE5M2FiY2Q0ZGNkZjNkZWE0
ZGMyNjcwHhcNMjQwNDE1MTUyODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDEzMzhlODU3MjY3Yzk5NGNjZTI4ZmNjNWU5MDQ3MWVmZGYwYzI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAkjimkzDoyL8jMaSmo4IW7nLjQy
/VRewtFD9knQNWF7wVl7lPbkrmrxd6ecKipM6qAZwDp/0n02ezi3ehZeZ4gH5epl
ckawo+kk1dw+XQ7sNmoP83xmWf/wF0kQDlqkPM70EvLVOx6uFSuJzhlblP98WIT4
Uzak51Xpb2xtoBu5/67ZBm082i+Ton+it7rXLvCYfeoHQMw47WNEP8xeMjqyt+nB
AtdmJuji+T9M8Pf1a0a9itltP6hiAl5C6X0Jwf5ozBtwTCujkOrlM1+TJakjRZfs
d0albHkHr7/gfjmfol0VpMEtesX+e+1usKDB7QcqSN3xAk+QWfzHq0mAMQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCATOOhXJnyZTM4o/MXpBHHv3wwkMB8GA1UdIwQY
MBaAFMBi5qpZRm/lYak6vNTc3z3qTcJnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd0dMbXFsbEdiLVZocVRxODFOemZQZXBOd21jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yOTAxY2UtNjdlNy00NGY1LTk5ZWEt
MjM3M2ExYmE2ZDBiLzEvSUJNNDZGY21mSmxNemlqOHhla0VjZV9mRENRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yOTAxY2UtNjdlNy00NGY1LTk5ZWEtMjM3M2ExYmE2ZDBi
LzEvd0dMbXFsbEdiLVZocVRxODFOemZQZXBOd21jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDsGhoMA0G
CSqGSIb3DQEBCwUAA4IBAQB5DPJekegUpFi2MKuPuFecISEumgM+2ChqQVRNyk0w
eeWMETvdedSDCeBfri5wqoYsdwnGcBzm7efm5JPqcDjppNNVirBjAV49EVh/2lVr
a7GQpPDtzwux5yMNhnPQ/Y4yGgPuIdTdlT5/6Daw4TNQ0s50s85I8WYiUGAsas8m
czP4xwAg6Y44g9tqhky0MFFOkWq5ud4GISMxCESsE4nS8z1Ns4jmaV+mQHXj4vu7
gL0ogNes30y/I4yybx2MHW+5uMS7yV31aPd43NR44g3k3Sl254lYRhZUk3rPWoa4
WykuIlU+HrkNHHTStDFan+51rAm/dkXGVJ+Lsjibpg25
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:39:28 2024 by rpki-client on console-ams.rpki-client.org