Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/50e780-eca7-458e-b6aa-9dbc35672329/1/IUV5-kGGlh5DxjRjhIOAS4M_qNs.roa
File: IUV5-kGGlh5DxjRjhIOAS4M_qNs.roa (raw, json)
Hash identifier: bU0MccGsaA4o+ckpQPfrtuXVSEfuCEHt1pgy583SMaM=
Subject key identifier: 21:45:79:FA:41:86:96:1E:43:C6:34:63:84:83:80:4B:83:3F:A8:DB
Certificate issuer: /CN=ca329ced8efb41f3b4a2078d94bbb0a3aab4fb02
Certificate serial: 018CC6B7A8C7F7C3E5F45909EBE7888212E8
Authority key identifier: CA:32:9C:ED:8E:FB:41:F3:B4:A2:07:8D:94:BB:B0:A3:AA:B4:FB:02
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yjKc7Y77QfO0ogeNlLuwo6q0-wI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/50e780-eca7-458e-b6aa-9dbc35672329/1/IUV5-kGGlh5DxjRjhIOAS4M_qNs.roa
Signing time: Mon 01 Jan 2024 20:29:34 +0000
ROA not before: Mon 01 Jan 2024 20:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211055
IP address blocks: 185.233.130.0/24 maxlen: 24
2a11:3400::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/50e780-eca7-458e-b6aa-9dbc35672329/1/yjKc7Y77QfO0ogeNlLuwo6q0-wI.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/50e780-eca7-458e-b6aa-9dbc35672329/1/yjKc7Y77QfO0ogeNlLuwo6q0-wI.mft
rsync://rpki.ripe.net/repository/DEFAULT/yjKc7Y77QfO0ogeNlLuwo6q0-wI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:a8:c7:f7:c3:e5:f4:59:09:eb:e7:88:82:12:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca329ced8efb41f3b4a2078d94bbb0a3aab4fb02
Validity
Not Before: Jan 1 20:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=214579fa4186961e43c634638483804b833fa8db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:b4:43:e9:a2:cf:1c:e3:66:a1:88:a8:85:96:
37:9f:9e:a1:e7:aa:1d:b0:74:cb:d1:00:6e:d1:31:
35:f4:20:45:35:62:80:cf:24:3d:49:8a:79:0f:1a:
64:c1:a8:63:33:9e:4b:63:7e:58:30:dd:b0:78:5c:
b6:87:d7:38:36:ae:4f:7a:69:3f:32:a5:a0:11:20:
a7:77:8b:fc:2a:d6:b8:fd:ad:57:92:13:34:82:d8:
2e:5b:d3:e8:19:4b:c9:79:b5:3a:dd:5a:ae:07:9a:
a7:d1:0a:0a:c0:9f:a0:65:cc:83:e4:26:d6:f8:26:
de:64:da:c5:74:93:70:21:6a:f3:d1:b5:44:2d:1b:
6b:0e:fa:0a:81:25:e4:89:6b:6f:44:97:a4:78:27:
f2:07:c6:a6:8c:14:5d:ff:32:b9:5b:69:aa:5b:e6:
c7:5b:b8:bf:f8:5d:bd:7e:12:8e:a2:db:2f:5f:fc:
b3:6f:87:7c:08:0a:72:0a:23:01:88:59:6c:4f:ae:
1b:9a:98:f3:06:9d:a0:e8:4f:cb:36:7c:2c:d5:c4:
a6:f6:9c:8c:5e:d1:ae:7c:e6:10:47:f5:cd:ac:0e:
c0:94:6c:7c:85:1d:6a:3f:0a:10:b9:3c:27:da:7f:
60:5b:07:c3:de:c1:36:dc:78:7e:63:aa:1e:c8:85:
a3:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:45:79:FA:41:86:96:1E:43:C6:34:63:84:83:80:4B:83:3F:A8:DB
X509v3 Authority Key Identifier:
keyid:CA:32:9C:ED:8E:FB:41:F3:B4:A2:07:8D:94:BB:B0:A3:AA:B4:FB:02
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yjKc7Y77QfO0ogeNlLuwo6q0-wI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/50e780-eca7-458e-b6aa-9dbc35672329/1/IUV5-kGGlh5DxjRjhIOAS4M_qNs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/50e780-eca7-458e-b6aa-9dbc35672329/1/yjKc7Y77QfO0ogeNlLuwo6q0-wI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.233.130.0/24
IPv6:
2a11:3400::/29
Signature Algorithm: sha256WithRSAEncryption
85:8d:06:4f:8f:64:45:29:89:91:37:72:29:52:97:8c:b1:34:
f2:57:8c:50:7a:e6:56:74:5b:12:f7:be:80:59:9c:08:9a:f4:
69:01:bc:32:b2:ad:30:19:43:4c:18:25:d1:39:ce:6a:60:9d:
1e:cc:e5:30:08:25:cf:77:f7:11:3e:6f:f9:8b:e2:e1:3f:a9:
80:d6:7d:0b:21:f0:4c:e4:aa:b6:74:fc:c6:21:c6:9c:70:ea:
49:a7:00:e7:27:67:32:29:c8:8c:85:34:e9:8a:e1:71:1c:36:
c1:0e:e2:ec:fb:1a:16:a1:a3:d1:79:be:35:91:36:99:55:6e:
06:b9:ce:e1:f0:c0:da:f9:f1:f4:ed:6b:26:e3:67:fc:b2:d1:
6e:2c:e7:2f:f9:f6:b3:8b:ca:9c:d9:e5:75:34:28:b1:61:98:
5a:58:db:8f:4f:dc:bd:26:fc:07:cd:ca:c6:a3:f3:35:e7:d7:
8c:28:0a:36:a8:bb:c5:d3:84:82:76:9c:71:e6:46:db:e8:58:
42:19:e8:93:9e:be:62:d6:e0:d9:8a:2d:14:0a:12:55:92:65:
0b:d2:30:89:43:24:37:4a:49:99:2e:34:36:d6:2c:4a:d0:3c:
ca:30:77:fc:c4:03:61:39:57:ab:78:6d:13:8f:1c:cf:b3:c4:
63:4b:c8:42
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGt6jH98Pl9FkJ6+eIghLoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMzI5Y2VkOGVmYjQxZjNiNGEyMDc4ZDk0YmJiMGEzYWFi
NGZiMDIwHhcNMjQwMTAxMjAyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTQ1NzlmYTQxODY5NjFlNDNjNjM0NjM4NDgzODA0YjgzM2ZhOGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjLRD6aLPHONmoYiohZY3n56h56od
sHTL0QBu0TE19CBFNWKAzyQ9SYp5DxpkwahjM55LY35YMN2weFy2h9c4Nq5Pemk/
MqWgESCnd4v8Kta4/a1XkhM0gtguW9PoGUvJebU63VquB5qn0QoKwJ+gZcyD5CbW
+CbeZNrFdJNwIWrz0bVELRtrDvoKgSXkiWtvRJekeCfyB8amjBRd/zK5W2mqW+bH
W7i/+F29fhKOotsvX/yzb4d8CApyCiMBiFlsT64bmpjzBp2g6E/LNnws1cSm9pyM
XtGufOYQR/XNrA7AlGx8hR1qPwoQuTwn2n9gWwfD3sE23Hh+Y6oeyIWjzwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCFFefpBhpYeQ8Y0Y4SDgEuDP6jbMB8GA1UdIwQY
MBaAFMoynO2O+0HztKIHjZS7sKOqtPsCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWpLYzdZNzdRZk8wb2dlTmxMdXdvNnEwLXdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My81MGU3ODAtZWNhNy00NThlLWI2YWEt
OWRiYzM1NjcyMzI5LzEvSVVWNS1rR0dsaDVEeGpSamhJT0FTNE1fcU5zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My81MGU3ODAtZWNhNy00NThlLWI2YWEtOWRiYzM1NjcyMzI5
LzEveWpLYzdZNzdRZk8wb2dlTmxMdXdvNnEwLXdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuemCMA0E
AgACMAcDBQMqETQAMA0GCSqGSIb3DQEBCwUAA4IBAQCFjQZPj2RFKYmRN3IpUpeM
sTTyV4xQeuZWdFsS976AWZwImvRpAbwysq0wGUNMGCXROc5qYJ0ezOUwCCXPd/cR
Pm/5i+LhP6mA1n0LIfBM5Kq2dPzGIcaccOpJpwDnJ2cyKciMhTTpiuFxHDbBDuLs
+xoWoaPReb41kTaZVW4Guc7h8MDa+fH07Wsm42f8stFuLOcv+fazi8qc2eV1NCix
YZhaWNuPT9y9JvwHzcrGo/M159eMKAo2qLvF04SCdpxx5kbb6FhCGeiTnr5i1uDZ
ii0UChJVkmUL0jCJQyQ3SkmZLjQ21ixK0DzKMHf8xANhOVereG0TjxzPs8RjS8hC
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:58:06 2024 by rpki-client on console-fra.rpki-client.org