Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/IjqgYgZhmkJN1FFTKOB2q8MXn60.roa
File: IjqgYgZhmkJN1FFTKOB2q8MXn60.roa (raw, json)
Hash identifier: 8ROufLNEuQUDrf/HTDr+Nr2BDTIc7TPKcCmE1UewAcI=
Subject key identifier: 22:3A:A0:62:06:61:9A:42:4D:D4:51:53:28:E0:76:AB:C3:17:9F:AD
Certificate issuer: /CN=84db747b289717a0684cd6ac82307aa67bb2d7bb
Certificate serial: 018CC56DEE1F22B154DFB86864E82A345DD7
Authority key identifier: 84:DB:74:7B:28:97:17:A0:68:4C:D6:AC:82:30:7A:A6:7B:B2:D7:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hNt0eyiXF6BoTNasgjB6pnuy17s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/IjqgYgZhmkJN1FFTKOB2q8MXn60.roa
Signing time: Mon 01 Jan 2024 14:29:25 +0000
ROA not before: Mon 01 Jan 2024 14:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39729
IP address blocks: 195.110.100.0/23 maxlen: 24
195.110.102.0/23 maxlen: 24
195.110.104.0/23 maxlen: 24
195.110.112.0/24 maxlen: 24
195.110.107.0/24 maxlen: 24
195.110.118.0/23 maxlen: 24
195.110.120.0/23 maxlen: 24
195.110.122.0/23 maxlen: 24
195.110.124.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/hNt0eyiXF6BoTNasgjB6pnuy17s.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/hNt0eyiXF6BoTNasgjB6pnuy17s.mft
rsync://rpki.ripe.net/repository/DEFAULT/hNt0eyiXF6BoTNasgjB6pnuy17s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:ee:1f:22:b1:54:df:b8:68:64:e8:2a:34:5d:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84db747b289717a0684cd6ac82307aa67bb2d7bb
Validity
Not Before: Jan 1 14:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=223aa06206619a424dd4515328e076abc3179fad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:b3:51:69:e9:03:34:8f:f0:57:8a:24:15:02:
12:67:69:51:37:99:5d:f4:20:cd:fe:27:87:d6:5b:
3d:f6:90:76:62:b7:b8:e8:7d:1f:72:16:e1:95:a5:
44:ce:64:68:60:bf:5b:8e:c2:08:2e:37:ad:e2:49:
97:fe:58:d5:08:6b:33:e2:2c:89:01:f3:b0:78:42:
73:27:2f:3c:7c:46:b1:1f:91:e5:4b:fb:b5:55:59:
42:06:18:1e:39:63:d5:b1:a9:91:3b:aa:e6:49:8e:
c4:94:f5:b2:1d:93:5f:7e:cd:a3:15:2b:0f:73:f6:
e9:96:78:23:b1:71:d3:55:9f:ab:01:35:3c:02:dc:
dc:ba:95:b8:20:61:9a:c9:1c:45:f7:ec:24:5a:a0:
82:c7:4c:a4:1b:29:79:e9:b9:00:26:21:da:3a:51:
f7:57:6d:49:16:53:d0:4a:9e:bd:37:ec:dd:8d:13:
ad:18:9b:21:bd:0f:4a:0a:1a:dd:b4:bc:8f:31:4f:
a9:33:c5:28:90:de:54:05:df:4e:03:33:f8:da:c2:
be:f0:76:50:36:3f:62:7f:3e:fe:e0:dd:ef:45:70:
19:7f:f9:1c:58:73:12:4b:72:6e:26:75:bd:98:3d:
b9:bf:07:12:40:ae:ad:54:20:37:5b:dc:90:86:95:
6e:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:3A:A0:62:06:61:9A:42:4D:D4:51:53:28:E0:76:AB:C3:17:9F:AD
X509v3 Authority Key Identifier:
keyid:84:DB:74:7B:28:97:17:A0:68:4C:D6:AC:82:30:7A:A6:7B:B2:D7:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hNt0eyiXF6BoTNasgjB6pnuy17s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/IjqgYgZhmkJN1FFTKOB2q8MXn60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/7142b1-7091-4d3a-bd6d-9fe7ee9c0368/1/hNt0eyiXF6BoTNasgjB6pnuy17s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.110.100.0-195.110.105.255
195.110.107.0/24
195.110.112.0/24
195.110.118.0-195.110.127.255
Signature Algorithm: sha256WithRSAEncryption
0c:e2:ce:97:38:40:76:2c:2c:29:ed:49:8b:53:af:2f:be:95:
1b:97:66:f9:b2:87:d8:e7:8d:17:b5:b7:90:07:77:6a:6e:e0:
50:f9:ce:4b:df:bd:72:a5:2a:55:11:f5:e9:3d:2a:b8:87:2c:
6f:50:29:90:ec:93:14:41:ea:86:53:e6:66:ea:f6:69:d3:00:
d1:61:bd:44:a4:d6:32:89:5e:76:82:dd:7c:b5:1f:9b:79:9d:
42:24:48:64:cd:77:7e:ca:33:c1:26:1e:1b:18:32:80:61:8b:
9a:c9:a3:c3:a6:c6:5d:1a:75:a7:e6:21:8e:ff:2f:fa:3f:1b:
7e:6b:4d:c0:09:80:2c:84:2b:66:b5:17:2e:35:16:29:d9:fd:
37:ab:29:32:ca:80:59:df:72:fe:bc:21:b7:d9:31:f4:ae:21:
56:cb:9a:ae:77:4b:32:ea:5c:9f:72:50:f5:19:97:67:3e:fd:
29:c2:5b:45:55:2c:f4:14:ba:4f:ea:66:70:94:a8:fa:78:af:
f9:aa:95:1c:b3:42:fd:b9:f9:a1:02:b2:d5:d1:5a:ac:a7:11:
f0:f8:7b:1e:f6:ae:43:16:04:95:b1:87:18:6a:e9:e3:a9:2a:
af:d8:95:7b:92:dc:6d:ef:af:1f:dc:03:4a:f0:aa:48:7f:56:
85:fa:bd:1e
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzFbe4fIrFU37hoZOgqNF3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZGI3NDdiMjg5NzE3YTA2ODRjZDZhYzgyMzA3YWE2N2Ji
MmQ3YmIwHhcNMjQwMTAxMTQyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjNhYTA2MjA2NjE5YTQyNGRkNDUxNTMyOGUwNzZhYmMzMTc5ZmFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgLNRaekDNI/wV4okFQISZ2lRN5ld
9CDN/ieH1ls99pB2Yre46H0fchbhlaVEzmRoYL9bjsIILjet4kmX/ljVCGsz4iyJ
AfOweEJzJy88fEaxH5HlS/u1VVlCBhgeOWPVsamRO6rmSY7ElPWyHZNffs2jFSsP
c/bplngjsXHTVZ+rATU8AtzcupW4IGGayRxF9+wkWqCCx0ykGyl56bkAJiHaOlH3
V21JFlPQSp69N+zdjROtGJshvQ9KChrdtLyPMU+pM8UokN5UBd9OAzP42sK+8HZQ
Nj9ifz7+4N3vRXAZf/kcWHMSS3JuJnW9mD25vwcSQK6tVCA3W9yQhpVuaQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFCI6oGIGYZpCTdRRUyjgdqvDF5+tMB8GA1UdIwQY
MBaAFITbdHsolxegaEzWrIIweqZ7ste7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaE50MGV5aVhGNkJvVE5hc2dqQjZwbnV5MTdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi83MTQyYjEtNzA5MS00ZDNhLWJkNmQt
OWZlN2VlOWMwMzY4LzEvSWpxZ1lnWmhta0pOMUZGVEtPQjJxOE1YbjYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi83MTQyYjEtNzA5MS00ZDNhLWJkNmQtOWZlN2VlOWMwMzY4
LzEvaE50MGV5aVhGNkJvVE5hc2dqQjZwbnV5MTdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBALDbmQD
BAHDbmgDBADDbmsDBADDbnAwDAMEAcNudgMEB8NuADANBgkqhkiG9w0BAQsFAAOC
AQEADOLOlzhAdiwsKe1Ji1OvL76VG5dm+bKH2OeNF7W3kAd3am7gUPnOS9+9cqUq
VRH16T0quIcsb1ApkOyTFEHqhlPmZur2adMA0WG9RKTWMoledoLdfLUfm3mdQiRI
ZM13fsozwSYeGxgygGGLmsmjw6bGXRp1p+Yhjv8v+j8bfmtNwAmALIQrZrUXLjUW
Kdn9N6spMsqAWd9y/rwht9kx9K4hVsuarndLMupcn3JQ9RmXZz79KcJbRVUs9BS6
T+pmcJSo+niv+aqVHLNC/bn5oQKy1dFarKcR8Ph7HvauQxYElbGHGGrp46kqr9iV
e5Lcbe+vH9wDSvCqSH9Whfq9Hg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:59:08 2024 by rpki-client on console-fra.rpki-client.org