Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0dd668-9725-48bc-80f6-15b0185e7a79/1/I4t16C7u7T7BG-ogta_e9HBuOKg.roa
File: I4t16C7u7T7BG-ogta_e9HBuOKg.roa (raw, json)
Hash identifier: hhr67NWZyblRD0n2psvyQYHXRzjapmaa7P2lwuZmgiU=
Subject key identifier: 23:8B:75:E8:2E:EE:ED:3E:C1:1B:EA:20:B5:AF:DE:F4:70:6E:38:A8
Certificate issuer: /CN=8c48dcecbbcc052c659f971609229e3656a3d956
Certificate serial: 018E6C77F6830EA20C08C50BF9F626227764
Authority key identifier: 8C:48:DC:EC:BB:CC:05:2C:65:9F:97:16:09:22:9E:36:56:A3:D9:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jEjc7LvMBSxln5cWCSKeNlaj2VY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0dd668-9725-48bc-80f6-15b0185e7a79/1/I4t16C7u7T7BG-ogta_e9HBuOKg.roa
Signing time: Sat 23 Mar 2024 17:59:44 +0000
ROA not before: Sat 23 Mar 2024 17:59:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197295
IP address blocks: 91.231.168.0/23 maxlen: 23
178.159.160.0/20 maxlen: 20
185.157.164.0/22 maxlen: 22
194.156.16.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0dd668-9725-48bc-80f6-15b0185e7a79/1/jEjc7LvMBSxln5cWCSKeNlaj2VY.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0dd668-9725-48bc-80f6-15b0185e7a79/1/jEjc7LvMBSxln5cWCSKeNlaj2VY.mft
rsync://rpki.ripe.net/repository/DEFAULT/jEjc7LvMBSxln5cWCSKeNlaj2VY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:6c:77:f6:83:0e:a2:0c:08:c5:0b:f9:f6:26:22:77:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8c48dcecbbcc052c659f971609229e3656a3d956
Validity
Not Before: Mar 23 17:59:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=238b75e82eeeed3ec11bea20b5afdef4706e38a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:0a:0d:ef:90:e2:f0:05:e0:4e:40:d7:0c:15:
25:08:91:b6:32:a2:0f:82:9a:5f:f6:6e:1b:c4:ea:
8b:e5:51:b1:0d:80:05:a9:cd:df:0d:05:cb:e9:01:
7f:9e:2d:14:db:38:aa:56:75:0d:3e:44:62:64:3b:
d1:c4:54:84:47:09:02:f7:7a:75:b8:06:e4:ea:d5:
77:bd:c7:e7:f4:e5:9f:66:29:f4:bf:2a:a4:fd:e5:
35:5c:b6:1e:44:69:ac:a9:57:e6:09:b8:11:3b:ed:
f1:61:de:a2:e3:0b:3d:5e:ee:a7:14:1f:e4:9a:0d:
a3:15:5a:ee:27:bb:4a:46:44:67:2e:7b:f8:5d:71:
40:9c:31:ec:b6:2d:27:a2:d1:16:e1:0b:20:da:fe:
ca:90:42:1f:e2:7a:8b:9a:30:35:67:be:f4:d8:cb:
0a:cc:13:c2:50:1e:d8:fb:e4:09:1d:af:7c:1f:11:
68:40:c9:05:a5:0c:c7:19:af:54:27:35:d8:c3:18:
77:32:21:36:df:cd:ef:a0:1b:a5:82:ab:b9:41:67:
af:f5:84:19:29:ec:f4:ff:0d:11:78:92:b7:c9:7b:
d1:f8:34:23:d3:21:b5:f6:0c:7c:73:e8:b6:a4:7f:
13:c5:a1:f9:a0:0b:e7:00:10:76:d5:ec:28:c3:fd:
a3:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:8B:75:E8:2E:EE:ED:3E:C1:1B:EA:20:B5:AF:DE:F4:70:6E:38:A8
X509v3 Authority Key Identifier:
keyid:8C:48:DC:EC:BB:CC:05:2C:65:9F:97:16:09:22:9E:36:56:A3:D9:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jEjc7LvMBSxln5cWCSKeNlaj2VY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0dd668-9725-48bc-80f6-15b0185e7a79/1/I4t16C7u7T7BG-ogta_e9HBuOKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0dd668-9725-48bc-80f6-15b0185e7a79/1/jEjc7LvMBSxln5cWCSKeNlaj2VY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.231.168.0/23
178.159.160.0/20
185.157.164.0/22
194.156.16.0/22
Signature Algorithm: sha256WithRSAEncryption
63:2f:6b:07:98:98:df:d6:90:64:a9:1c:e1:46:2d:30:e1:1a:
d2:c9:22:67:9f:d4:53:06:ae:aa:23:59:a6:58:6c:da:0f:d3:
f4:d3:3b:fe:04:80:19:9f:b8:88:ca:ba:33:4b:e1:c1:20:99:
5b:06:24:8c:90:c5:06:fb:4f:6c:fb:86:fb:6b:39:80:87:af:
4c:bd:03:47:f6:51:51:64:27:5b:6d:76:7f:ce:a2:b3:ff:10:
0a:fe:1b:a3:04:1a:cd:1d:3d:28:9b:14:99:f1:fa:6c:51:b7:
89:1c:8d:0a:28:7a:3e:cb:6c:75:e4:ca:87:de:4b:fe:be:14:
31:c2:dd:c6:8e:ed:bc:5b:83:7e:d2:cd:d1:f4:7a:90:11:fc:
ee:bf:0e:51:52:11:12:c9:5e:6b:6d:ef:93:45:c7:c3:34:6e:
b3:61:34:00:4b:3c:2d:9e:79:74:47:4b:ec:c6:36:e4:12:09:
dc:13:b9:1e:53:ee:5d:c3:c0:32:4b:5e:10:27:e4:5a:f0:5f:
38:69:79:c0:69:d6:4c:95:93:9b:32:31:8a:8a:fe:aa:bf:37:
90:2a:1a:a4:56:5c:7b:13:fc:99:bc:7e:01:bd:8c:50:af:fc:
72:89:7f:1a:89:84:95:d7:be:c2:14:34:82:76:74:f9:77:d2:
a1:02:42:2f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY5sd/aDDqIMCMUL+fYmIndkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhjNDhkY2VjYmJjYzA1MmM2NTlmOTcxNjA5MjI5ZTM2NTZh
M2Q5NTYwHhcNMjQwMzIzMTc1OTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzhiNzVlODJlZWVlZDNlYzExYmVhMjBiNWFmZGVmNDcwNmUzOGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwoN75Di8AXgTkDXDBUlCJG2MqIP
gppf9m4bxOqL5VGxDYAFqc3fDQXL6QF/ni0U2ziqVnUNPkRiZDvRxFSERwkC93p1
uAbk6tV3vcfn9OWfZin0vyqk/eU1XLYeRGmsqVfmCbgRO+3xYd6i4ws9Xu6nFB/k
mg2jFVruJ7tKRkRnLnv4XXFAnDHsti0notEW4Qsg2v7KkEIf4nqLmjA1Z7702MsK
zBPCUB7Y++QJHa98HxFoQMkFpQzHGa9UJzXYwxh3MiE2383voBulgqu5QWev9YQZ
Kez0/w0ReJK3yXvR+DQj0yG19gx8c+i2pH8TxaH5oAvnABB21ewow/2jwQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCOLdegu7u0+wRvqILWv3vRwbjioMB8GA1UdIwQY
MBaAFIxI3Oy7zAUsZZ+XFgkinjZWo9lWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvakVqYzdMdk1CU3hsbjVjV0NTS2VObGFqMlZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wZGQ2NjgtOTcyNS00OGJjLTgwZjYt
MTViMDE4NWU3YTc5LzEvSTR0MTZDN3U3VDdCRy1vZ3RhX2U5SEJ1T0tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wZGQ2NjgtOTcyNS00OGJjLTgwZjYtMTViMDE4NWU3YTc5
LzEvakVqYzdMdk1CU3hsbjVjV0NTS2VObGFqMlZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBW+eoAwQE
sp+gAwQCuZ2kAwQCwpwQMA0GCSqGSIb3DQEBCwUAA4IBAQBjL2sHmJjf1pBkqRzh
Ri0w4RrSySJnn9RTBq6qI1mmWGzaD9P00zv+BIAZn7iIyrozS+HBIJlbBiSMkMUG
+09s+4b7azmAh69MvQNH9lFRZCdbbXZ/zqKz/xAK/hujBBrNHT0omxSZ8fpsUbeJ
HI0KKHo+y2x15MqH3kv+vhQxwt3Gju28W4N+0s3R9HqQEfzuvw5RUhESyV5rbe+T
RcfDNG6zYTQASzwtnnl0R0vsxjbkEgncE7keU+5dw8AyS14QJ+Ra8F84aXnAadZM
lZObMjGKiv6qvzeQKhqkVlx7E/yZvH4BvYxQr/xyiX8aiYSV177CFDSCdnT5d9Kh
AkIv
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:58:43 2024 by rpki-client on console-fra.rpki-client.org