Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1-IKAS2JRVoaUnnlyUkIHRJ9oSIg.roa
File: 1-IKAS2JRVoaUnnlyUkIHRJ9oSIg.roa (raw, json)
Hash identifier: yXTdd3xKE/tdnY4rFBusIzP0y9RwJqSdWl4IDCr/dpo=
Subject key identifier: F8:82:80:4B:62:51:56:86:94:9E:79:72:52:42:07:44:9F:68:48:88
Certificate issuer: /CN=d6c269f9e93b0fb8bc4b1c947abc5b21f21f2305
Certificate serial: 0191B71D1D3BED6AD86CA2D07F52238DA25E
Authority key identifier: D6:C2:69:F9:E9:3B:0F:B8:BC:4B:1C:94:7A:BC:5B:21:F2:1F:23:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1sJp-ek7D7i8SxyUerxbIfIfIwU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1-IKAS2JRVoaUnnlyUkIHRJ9oSIg.roa
Signing time: Tue 03 Sep 2024 09:00:23 +0000
ROA not before: Tue 03 Sep 2024 09:00:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12480
IP address blocks: 185.149.156.0/22 maxlen: 24
194.45.22.0/24 maxlen: 24
212.86.192.0/19 maxlen: 32
2a00:1970::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1sJp-ek7D7i8SxyUerxbIfIfIwU.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1sJp-ek7D7i8SxyUerxbIfIfIwU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1sJp-ek7D7i8SxyUerxbIfIfIwU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:1d:1d:3b:ed:6a:d8:6c:a2:d0:7f:52:23:8d:a2:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6c269f9e93b0fb8bc4b1c947abc5b21f21f2305
Validity
Not Before: Sep 3 09:00:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f882804b62515686949e7972524207449f684888
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:e1:69:3a:ce:17:ae:fa:1e:ed:ce:75:72:f7:
05:5d:62:2b:57:bd:77:86:96:2d:28:6d:6c:0f:03:
cb:19:4b:68:53:39:22:07:ca:1a:3a:f8:db:6c:02:
ab:b9:db:0d:03:6a:94:fd:4f:8d:54:53:0a:36:3e:
7d:f4:62:c4:7d:4c:56:b5:6b:33:6d:df:45:ff:d6:
92:48:fd:c5:df:c3:a7:81:57:c7:6d:36:fa:0e:1c:
4d:ff:be:1c:f4:47:dc:da:eb:8a:83:fc:3a:3b:97:
a3:71:5c:8b:34:6b:3c:2c:9b:e7:e5:59:21:23:a4:
97:82:07:6a:5b:39:3d:e0:e8:10:05:c1:ee:8c:63:
d2:8e:f5:95:13:8c:06:67:58:93:33:c3:66:a9:de:
97:cb:c5:6f:10:fb:4c:7b:df:eb:06:1f:ea:68:b1:
81:9b:52:81:c0:76:8d:9d:7b:dc:66:a9:28:39:49:
66:ba:63:66:8b:c6:13:0e:f1:2f:2e:3f:cc:25:af:
96:03:f2:83:c6:3b:22:5d:80:33:c0:7d:9b:97:32:
34:b1:9c:d0:db:e8:b6:34:5a:1d:02:30:d6:a3:ed:
72:31:d6:ce:31:d3:c0:f0:88:9f:35:6f:26:cb:e7:
e9:31:af:8b:b4:57:cf:ed:ef:6a:9b:96:62:7f:0d:
eb:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:82:80:4B:62:51:56:86:94:9E:79:72:52:42:07:44:9F:68:48:88
X509v3 Authority Key Identifier:
keyid:D6:C2:69:F9:E9:3B:0F:B8:BC:4B:1C:94:7A:BC:5B:21:F2:1F:23:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1sJp-ek7D7i8SxyUerxbIfIfIwU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1-IKAS2JRVoaUnnlyUkIHRJ9oSIg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/c253e3-4133-4a16-9061-b79cfc24d3b7/1/1sJp-ek7D7i8SxyUerxbIfIfIwU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.149.156.0/22
194.45.22.0/24
212.86.192.0/19
IPv6:
2a00:1970::/32
Signature Algorithm: sha256WithRSAEncryption
35:02:ab:23:e1:e8:ae:ee:6b:40:08:ac:08:35:d7:fa:44:66:
60:6d:02:58:d8:ad:f9:35:84:1e:71:13:8f:22:63:b4:86:13:
34:62:fd:29:35:ba:2a:16:77:d3:aa:61:e8:c8:8d:f7:cd:67:
89:d6:f9:6b:84:9a:8e:a0:01:e3:36:dd:93:b7:57:14:34:4b:
08:c3:26:57:99:c1:81:bd:9e:95:90:63:46:ce:55:2d:e3:a6:
b1:7d:41:aa:77:57:29:9a:50:a7:be:2f:2a:ac:3c:70:eb:63:
4c:bc:28:69:3b:f9:9b:5e:8e:72:21:a3:83:3a:d5:03:e2:1d:
03:ba:33:39:d6:59:50:fc:c2:cd:0a:82:c7:40:86:99:b8:58:
d2:41:75:74:8c:b8:05:fe:8e:01:cd:5e:d2:42:e2:0d:a1:63:
f8:6a:dc:98:e0:f9:b6:2b:d7:01:70:e9:4f:d5:67:9e:0f:80:
30:f8:43:4f:e6:1e:e4:1a:9f:b5:c1:72:e1:bc:8a:ca:bf:24:
de:f4:c8:e6:a9:1d:98:80:54:a5:fd:4a:46:1d:64:b3:bf:dd:
e7:b2:3f:aa:cb:89:2b:d5:6d:28:1f:4a:74:76:f4:e6:55:31:
e6:0a:91:01:69:e7:df:2e:73:77:ba:dd:87:bd:42:f0:a8:7b:
ca:3c:5a:f3
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZG3HR077WrYbKLQf1IjjaJeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2YzI2OWY5ZTkzYjBmYjhiYzRiMWM5NDdhYmM1YjIxZjIx
ZjIzMDUwHhcNMjQwOTAzMDkwMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmODgyODA0YjYyNTE1Njg2OTQ5ZTc5NzI1MjQyMDc0NDlmNjg0ODg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxuFpOs4Xrvoe7c51cvcFXWIrV713
hpYtKG1sDwPLGUtoUzkiB8oaOvjbbAKrudsNA2qU/U+NVFMKNj599GLEfUxWtWsz
bd9F/9aSSP3F38OngVfHbTb6DhxN/74c9Efc2uuKg/w6O5ejcVyLNGs8LJvn5Vkh
I6SXggdqWzk94OgQBcHujGPSjvWVE4wGZ1iTM8Nmqd6Xy8VvEPtMe9/rBh/qaLGB
m1KBwHaNnXvcZqkoOUlmumNmi8YTDvEvLj/MJa+WA/KDxjsiXYAzwH2blzI0sZzQ
2+i2NFodAjDWo+1yMdbOMdPA8IifNW8my+fpMa+LtFfP7e9qm5Zifw3rAwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPiCgEtiUVaGlJ55clJCB0SfaEiIMB8GA1UdIwQY
MBaAFNbCafnpOw+4vEsclHq8WyHyHyMFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXNKcC1lazdEN2k4U3h5VWVyeGJJZklmSXdVLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9jMjUzZTMtNDEzMy00YTE2LTkwNjEt
Yjc5Y2ZjMjRkM2I3LzEvMS1JS0FTMkpSVm9hVW5ubHlVa0lIUko5b1NJZy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNTcvYzI1M2UzLTQxMzMtNGExNi05MDYxLWI3OWNmYzI0ZDNi
Ny8xLzFzSnAtZWs3RDdpOFN4eVVlcnhiSWZJZkl3VS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA6BggrBgEFBQcBBwEB/wQrMCkwGAQCAAEwEgMEArmVnAME
AMItFgMEBdRWwDANBAIAAjAHAwUAKgAZcDANBgkqhkiG9w0BAQsFAAOCAQEANQKr
I+Horu5rQAisCDXX+kRmYG0CWNit+TWEHnETjyJjtIYTNGL9KTW6KhZ306ph6MiN
981nidb5a4SajqAB4zbdk7dXFDRLCMMmV5nBgb2elZBjRs5VLeOmsX1BqndXKZpQ
p74vKqw8cOtjTLwoaTv5m16OciGjgzrVA+IdA7ozOdZZUPzCzQqCx0CGmbhY0kF1
dIy4Bf6OAc1e0kLiDaFj+GrcmOD5tivXAXDpT9Vnng+AMPhDT+Ye5BqftcFy4byK
yr8k3vTI5qkdmIBUpf1KRh1ks7/d57I/qsuJK9VtKB9KdHb05lUx5gqRAWnn3y5z
d7rdh71C8Kh7yjxa8w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:09:35 2024 by rpki-client on console-fra.rpki-client.org