Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/182915-feec-4160-88bf-b210447c07ff/1/Iapo1sYws9xLqN2XQEc3rQAkpIc.roa
File: Iapo1sYws9xLqN2XQEc3rQAkpIc.roa (raw, json)
Hash identifier: S7/ZN5hIHpyL45/AQUxf0+LWc4UGreVTCdNfqS0+UJs=
Subject key identifier: 21:AA:68:D6:C6:30:B3:DC:4B:A8:DD:97:40:47:37:AD:00:24:A4:87
Certificate issuer: /CN=192fc85b01f21a0d685c03001df47ac460937bf1
Certificate serial: 018CC64B2473263B59D5B9D98AD7D349811F
Authority key identifier: 19:2F:C8:5B:01:F2:1A:0D:68:5C:03:00:1D:F4:7A:C4:60:93:7B:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GS_IWwHyGg1oXAMAHfR6xGCTe_E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/182915-feec-4160-88bf-b210447c07ff/1/Iapo1sYws9xLqN2XQEc3rQAkpIc.roa
Signing time: Mon 01 Jan 2024 18:31:02 +0000
ROA not before: Mon 01 Jan 2024 18:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12812
IP address blocks: 185.190.29.0/24 maxlen: 24
185.190.28.0/22 maxlen: 24
185.190.28.0/24 maxlen: 24
193.188.131.0/24 maxlen: 24
193.188.128.0/24 maxlen: 24
193.188.128.0/22 maxlen: 24
193.188.129.0/24 maxlen: 24
193.188.130.0/24 maxlen: 24
2a02:f700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/182915-feec-4160-88bf-b210447c07ff/1/GS_IWwHyGg1oXAMAHfR6xGCTe_E.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/182915-feec-4160-88bf-b210447c07ff/1/GS_IWwHyGg1oXAMAHfR6xGCTe_E.mft
rsync://rpki.ripe.net/repository/DEFAULT/GS_IWwHyGg1oXAMAHfR6xGCTe_E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:01:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:24:73:26:3b:59:d5:b9:d9:8a:d7:d3:49:81:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=192fc85b01f21a0d685c03001df47ac460937bf1
Validity
Not Before: Jan 1 18:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21aa68d6c630b3dc4ba8dd97404737ad0024a487
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:da:68:d4:f0:84:75:43:2a:71:0f:89:b0:1d:
3a:e5:5b:79:c4:a8:9b:6b:87:81:f3:60:f7:d9:05:
75:d8:78:05:2b:2d:e3:d1:a3:82:cb:68:87:81:03:
9b:3d:62:2d:c4:b1:91:ce:35:1b:5b:5d:a5:14:02:
24:48:9b:aa:49:4d:15:76:3a:e6:7e:dd:2b:cd:59:
f7:68:ba:8e:a8:df:f6:92:cb:55:89:de:05:4b:0f:
36:1b:58:b5:6a:d6:7f:2e:fd:fe:5b:99:0c:b3:8c:
b7:4f:3e:d0:2f:1e:d3:37:5e:a9:d6:cd:90:c7:51:
88:e7:5a:03:ce:0a:53:a2:6b:95:32:88:fd:53:2e:
7f:48:0a:ae:25:12:ba:e7:84:4f:8d:52:7b:8f:3d:
2f:76:4e:c1:e6:48:b6:be:8e:94:4f:e1:37:2e:be:
41:2c:f2:b7:50:e4:5e:18:ac:70:9e:92:90:74:26:
eb:59:8a:0b:44:73:96:74:2a:30:6a:af:e6:7b:cc:
b0:9e:b2:fa:c7:2e:c1:e9:be:ae:f9:37:88:ef:7e:
63:f6:75:aa:b6:62:0f:4c:ef:93:f3:7d:a9:da:03:
a6:59:37:0a:78:cb:ee:90:77:79:01:ed:73:b9:c2:
83:f0:06:c8:0c:84:da:be:6d:02:5c:b5:0c:fc:24:
97:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:AA:68:D6:C6:30:B3:DC:4B:A8:DD:97:40:47:37:AD:00:24:A4:87
X509v3 Authority Key Identifier:
keyid:19:2F:C8:5B:01:F2:1A:0D:68:5C:03:00:1D:F4:7A:C4:60:93:7B:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GS_IWwHyGg1oXAMAHfR6xGCTe_E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/182915-feec-4160-88bf-b210447c07ff/1/Iapo1sYws9xLqN2XQEc3rQAkpIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/182915-feec-4160-88bf-b210447c07ff/1/GS_IWwHyGg1oXAMAHfR6xGCTe_E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.190.28.0/22
193.188.128.0/22
IPv6:
2a02:f700::/29
Signature Algorithm: sha256WithRSAEncryption
4c:90:08:ad:18:04:4d:10:c7:9c:23:97:f6:91:65:d4:30:53:
82:bb:b3:cf:30:9e:7d:36:9d:90:fa:2a:d1:4a:32:51:5a:dc:
90:17:63:1d:4b:40:5f:b2:4c:14:54:c9:8a:e5:e2:89:22:6b:
9e:ea:bb:aa:2b:47:c4:ea:c1:fe:eb:89:17:e9:5c:61:8d:b1:
59:e3:f7:10:c1:c6:ed:5c:05:5a:b5:04:6a:5f:81:62:41:6e:
b9:88:09:79:f8:2e:99:98:52:cd:17:9c:80:4f:57:23:26:2b:
32:6b:2a:7f:57:ae:35:d6:f1:2e:cf:47:cf:4b:31:a4:4c:b3:
c5:0f:94:05:db:6c:ec:0d:8f:ab:d4:8a:f4:99:28:12:4e:97:
33:e7:f9:75:fc:a0:d6:cd:bd:7a:0b:19:3b:f1:a1:d3:ab:b5:
c3:30:7a:ed:18:b7:46:e0:8f:3c:24:5e:99:2e:4b:a1:8b:f4:
d0:48:3f:14:99:47:9e:13:67:d2:c5:c2:a5:84:f1:ad:ae:5e:
7b:62:57:96:08:86:d9:9b:f1:94:13:94:7b:99:85:e1:a2:04:
44:75:3b:6f:e1:50:e6:4e:79:d0:e4:d3:68:44:61:da:3b:9f:
6a:05:57:73:c4:59:a6:d8:96:25:26:a6:35:59:7f:17:e5:0b:
60:c1:6b:8b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGSyRzJjtZ1bnZitfTSYEfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MmZjODViMDFmMjFhMGQ2ODVjMDMwMDFkZjQ3YWM0NjA5
MzdiZjEwHhcNMjQwMTAxMTgzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWFhNjhkNmM2MzBiM2RjNGJhOGRkOTc0MDQ3MzdhZDAwMjRhNDg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNpo1PCEdUMqcQ+JsB065Vt5xKib
a4eB82D32QV12HgFKy3j0aOCy2iHgQObPWItxLGRzjUbW12lFAIkSJuqSU0Vdjrm
ft0rzVn3aLqOqN/2kstVid4FSw82G1i1atZ/Lv3+W5kMs4y3Tz7QLx7TN16p1s2Q
x1GI51oDzgpTomuVMoj9Uy5/SAquJRK654RPjVJ7jz0vdk7B5ki2vo6UT+E3Lr5B
LPK3UOReGKxwnpKQdCbrWYoLRHOWdCowaq/me8ywnrL6xy7B6b6u+TeI735j9nWq
tmIPTO+T832p2gOmWTcKeMvukHd5Ae1zucKD8AbIDITavm0CXLUM/CSXVQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCGqaNbGMLPcS6jdl0BHN60AJKSHMB8GA1UdIwQY
MBaAFBkvyFsB8hoNaFwDAB30esRgk3vxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1NfSVd3SHlHZzFvWEFNQUhmUjZ4R0NUZV9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi8xODI5MTUtZmVlYy00MTYwLTg4YmYt
YjIxMDQ0N2MwN2ZmLzEvSWFwbzFzWXdzOXhMcU4yWFFFYzNyUUFrcEljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi8xODI5MTUtZmVlYy00MTYwLTg4YmYtYjIxMDQ0N2MwN2Zm
LzEvR1NfSVd3SHlHZzFvWEFNQUhmUjZ4R0NUZV9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCub4cAwQC
wbyAMA0EAgACMAcDBQMqAvcAMA0GCSqGSIb3DQEBCwUAA4IBAQBMkAitGARNEMec
I5f2kWXUMFOCu7PPMJ59Np2Q+irRSjJRWtyQF2MdS0BfskwUVMmK5eKJImue6ruq
K0fE6sH+64kX6VxhjbFZ4/cQwcbtXAVatQRqX4FiQW65iAl5+C6ZmFLNF5yAT1cj
Jisyayp/V6411vEuz0fPSzGkTLPFD5QF22zsDY+r1Ir0mSgSTpcz5/l1/KDWzb16
Cxk78aHTq7XDMHrtGLdG4I88JF6ZLkuhi/TQSD8UmUeeE2fSxcKlhPGtrl57YleW
CIbZm/GUE5R7mYXhogREdTtv4VDmTnnQ5NNoRGHaO59qBVdzxFmm2JYlJqY1WX8X
5QtgwWuL
-----END CERTIFICATE-----
Generated at Fri May 17 18:07:25 2024 by rpki-client on console-ams.rpki-client.org