Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/I9zbCBBqRLba6MmtJwhoO9Izhig.roa
File: I9zbCBBqRLba6MmtJwhoO9Izhig.roa (raw, json)
Hash identifier: YISzebivKr/Wkb9YYx8N+vHI90UOlBkHRnrc9GS6srY=
Subject key identifier: 23:DC:DB:08:10:6A:44:B6:DA:E8:C9:AD:27:08:68:3B:D2:33:86:28
Certificate issuer: /CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268
Certificate serial: 018CC794BC6E5C8143EE84EF6DB71FAF8C6C
Authority key identifier: A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/I9zbCBBqRLba6MmtJwhoO9Izhig.roa
Signing time: Tue 02 Jan 2024 00:31:02 +0000
ROA not before: Tue 02 Jan 2024 00:31:02 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 185.69.118.0/24 maxlen: 24
185.69.116.0/24 maxlen: 24
194.35.1.0/24 maxlen: 24
194.35.8.0/24 maxlen: 24
194.35.5.0/24 maxlen: 24
194.35.9.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.mft
rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:bc:6e:5c:81:43:ee:84:ef:6d:b7:1f:af:8c:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a65046d85ecf201fbef51e8bea1c4ed33f95b268
Validity
Not Before: Jan 2 00:31:02 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23dcdb08106a44b6dae8c9ad2708683bd2338628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:9b:fe:25:8a:5d:64:3d:5f:5a:e7:84:77:2e:
96:af:a4:4b:49:65:be:94:29:c9:40:6d:08:5c:67:
28:c3:30:d2:41:6c:2b:24:3d:e6:16:f8:35:79:c3:
6a:a4:d9:94:b6:1e:6d:32:49:06:a0:27:89:9b:0d:
1a:8a:73:02:7a:df:ff:d4:74:1b:cd:76:80:ff:df:
2d:1f:6c:c0:9f:69:68:ab:7d:3d:9b:2b:cb:09:b6:
d0:2a:8e:66:2a:d0:97:4a:3f:64:ec:4a:b0:fa:e8:
8d:fc:96:b4:c2:01:6c:6e:65:72:9a:a7:ac:85:cf:
fb:b0:a3:fb:97:c8:c4:ef:69:41:ee:78:05:35:a1:
d6:1a:1b:55:49:0e:74:65:d7:9d:f0:a4:73:97:6d:
94:5d:84:e4:08:9b:73:8b:99:67:73:bf:e1:95:80:
49:f5:77:d2:2d:7e:be:50:02:19:ea:b2:ae:3d:6e:
d4:e5:0a:21:de:33:1d:18:9d:1a:4b:60:45:a3:a4:
1d:5f:d8:b4:c0:63:84:c9:f2:9e:29:e4:d1:ee:d4:
db:48:39:f0:43:8b:31:8f:df:9f:79:5f:92:26:c8:
b9:78:c0:6e:89:56:43:13:21:55:11:a3:ae:cb:ec:
36:14:1b:ae:07:a2:b2:47:61:98:73:b6:e5:b9:1d:
f3:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:DC:DB:08:10:6A:44:B6:DA:E8:C9:AD:27:08:68:3B:D2:33:86:28
X509v3 Authority Key Identifier:
keyid:A6:50:46:D8:5E:CF:20:1F:BE:F5:1E:8B:EA:1C:4E:D3:3F:95:B2:68
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/plBG2F7PIB--9R6L6hxO0z-Vsmg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/I9zbCBBqRLba6MmtJwhoO9Izhig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3bd7c1-81fa-4553-8505-bccd32af97fe/1/plBG2F7PIB--9R6L6hxO0z-Vsmg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.69.116.0/24
185.69.118.0/24
194.35.1.0/24
194.35.5.0/24
194.35.8.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:94:2a:b4:41:0d:5c:b8:22:0b:7c:89:c8:18:5e:14:88:64:
38:35:29:a7:ea:4a:9c:09:e3:59:65:9a:ae:da:c2:57:7b:7c:
23:e3:cd:a4:53:b0:c8:cb:94:54:2a:47:e8:c8:e9:ff:f2:99:
28:6d:24:72:06:5f:92:4a:ec:cd:c0:83:2d:85:75:56:d0:3e:
c5:76:37:37:4f:36:8f:fb:24:ab:ea:33:93:89:7b:8c:39:b5:
06:55:0a:f3:f2:69:a0:04:c3:55:c8:ad:96:28:63:12:4a:0b:
20:27:3e:31:23:7e:be:cc:e2:66:91:d6:ab:15:89:ef:58:a0:
f8:ac:97:c1:ad:ff:de:7f:17:24:94:80:ce:16:e1:c4:f1:b5:
07:67:07:d8:a7:9b:7e:84:e7:a4:fd:f7:23:db:c0:e7:9a:50:
0b:25:ce:10:3a:44:86:e0:73:a7:be:f2:75:22:4b:72:eb:08:
a1:7c:55:da:08:b1:9a:3e:d8:5a:c8:ef:46:fb:df:b7:da:95:
cb:b1:b3:1f:0f:5b:e9:e3:56:91:fe:08:46:3e:1c:8b:07:4f:
32:22:b6:85:3d:cf:f8:3a:0e:e6:94:1f:9e:0f:9f:5f:b7:7c:
15:75:d3:20:be:cd:09:42:ed:fe:65:54:20:f3:29:1f:cf:cb:
a3:1c:9d:ae
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzHlLxuXIFD7oTvbbcfr4xsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2NTA0NmQ4NWVjZjIwMWZiZWY1MWU4YmVhMWM0ZWQzM2Y5
NWIyNjgwHhcNMjQwMTAyMDAzMTAyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2RjZGIwODEwNmE0NGI2ZGFlOGM5YWQyNzA4NjgzYmQyMzM4NjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlZv+JYpdZD1fWueEdy6Wr6RLSWW+
lCnJQG0IXGcowzDSQWwrJD3mFvg1ecNqpNmUth5tMkkGoCeJmw0ainMCet//1HQb
zXaA/98tH2zAn2loq309myvLCbbQKo5mKtCXSj9k7Eqw+uiN/Ja0wgFsbmVymqes
hc/7sKP7l8jE72lB7ngFNaHWGhtVSQ50Zded8KRzl22UXYTkCJtzi5lnc7/hlYBJ
9XfSLX6+UAIZ6rKuPW7U5Qoh3jMdGJ0aS2BFo6QdX9i0wGOEyfKeKeTR7tTbSDnw
Q4sxj9+feV+SJsi5eMBuiVZDEyFVEaOuy+w2FBuuB6KyR2GYc7bluR3zGwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCPc2wgQakS22ujJrScIaDvSM4YoMB8GA1UdIwQY
MBaAFKZQRthezyAfvvUei+ocTtM/lbJoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUt
YmNjZDMyYWY5N2ZlLzEvSTl6YkNCQnFSTGJhNk1tdEp3aG9POUl6aGlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYmQ3YzEtODFmYS00NTUzLTg1MDUtYmNjZDMyYWY5N2Zl
LzEvcGxCRzJGN1BJQi0tOVI2TDZoeE8wei1Wc21nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAuUV0AwQA
uUV2AwQAwiMBAwQAwiMFAwQBwiMIMA0GCSqGSIb3DQEBCwUAA4IBAQAdlCq0QQ1c
uCILfInIGF4UiGQ4NSmn6kqcCeNZZZqu2sJXe3wj482kU7DIy5RUKkfoyOn/8pko
bSRyBl+SSuzNwIMthXVW0D7Fdjc3TzaP+ySr6jOTiXuMObUGVQrz8mmgBMNVyK2W
KGMSSgsgJz4xI36+zOJmkdarFYnvWKD4rJfBrf/efxcklIDOFuHE8bUHZwfYp5t+
hOek/fcj28DnmlALJc4QOkSG4HOnvvJ1Ikty6wihfFXaCLGaPthayO9G+9+32pXL
sbMfD1vp41aR/ghGPhyLB08yIraFPc/4Og7mlB+eD59ft3wVddMgvs0JQu3+ZVQg
8ykfz8ujHJ2u
-----END CERTIFICATE-----
Generated at Thu May 2 15:25:58 2024 by rpki-client on console-fra.rpki-client.org