Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/f93db8-0e7d-4ea6-891d-70c67f126bf2/1/Igp-XRgFPdB7MLBmpAim-ynteNg.roa
File: Igp-XRgFPdB7MLBmpAim-ynteNg.roa (raw, json)
Hash identifier: NSX11KLTdwHYpTga/1YWWYCEFatoM/6SJjeYgbCGcqk=
Subject key identifier: 22:0A:7E:5D:18:05:3D:D0:7B:30:B0:66:A4:08:A6:FB:29:ED:78:D8
Certificate issuer: /CN=d7f6f4827c58cb28f996a9aaeb348f1fd26a0ca5
Certificate serial: 018CC2DB33FD5EF4A2DEA0088F14544E9B43
Authority key identifier: D7:F6:F4:82:7C:58:CB:28:F9:96:A9:AA:EB:34:8F:1F:D2:6A:0C:A5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1_b0gnxYyyj5lqmq6zSPH9JqDKU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/f93db8-0e7d-4ea6-891d-70c67f126bf2/1/Igp-XRgFPdB7MLBmpAim-ynteNg.roa
Signing time: Mon 01 Jan 2024 02:29:54 +0000
ROA not before: Mon 01 Jan 2024 02:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34906
IP address blocks: 193.189.94.0/24 maxlen: 24
193.189.94.0/23 maxlen: 23
193.189.95.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/f93db8-0e7d-4ea6-891d-70c67f126bf2/1/1_b0gnxYyyj5lqmq6zSPH9JqDKU.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/f93db8-0e7d-4ea6-891d-70c67f126bf2/1/1_b0gnxYyyj5lqmq6zSPH9JqDKU.mft
rsync://rpki.ripe.net/repository/DEFAULT/1_b0gnxYyyj5lqmq6zSPH9JqDKU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:33:fd:5e:f4:a2:de:a0:08:8f:14:54:4e:9b:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7f6f4827c58cb28f996a9aaeb348f1fd26a0ca5
Validity
Not Before: Jan 1 02:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=220a7e5d18053dd07b30b066a408a6fb29ed78d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:9b:cb:05:fd:0f:00:58:39:6a:89:95:01:ee:
92:82:c2:17:d5:4a:05:77:07:cc:cd:9e:f6:28:1c:
11:2b:f4:8b:6c:31:ff:d0:8d:31:97:67:d4:95:6a:
b4:2b:b6:cb:aa:d2:d6:85:b2:da:5f:b6:90:32:6e:
24:94:ed:b8:6c:17:40:d4:3d:81:b4:10:4d:fa:be:
24:7b:7d:12:5b:53:56:f2:58:1e:6e:1d:65:d6:30:
4a:25:f4:7c:35:f6:9c:bb:2a:75:7a:e1:76:b0:ef:
54:91:97:92:cc:11:7f:1f:6d:bf:d5:ae:44:44:fa:
21:09:19:d4:e3:bf:0c:17:cf:ca:cb:9f:89:3e:f5:
6e:47:1e:29:be:9d:af:4b:ae:44:99:4e:a7:35:ce:
fb:72:b5:0d:0a:ac:48:08:cc:a2:57:41:72:3c:91:
53:33:ac:0c:57:e7:26:75:01:7b:9d:85:91:fb:2c:
e2:ff:f4:af:be:08:a1:e6:04:9a:08:b3:2e:23:da:
56:6a:5a:78:67:5c:96:e3:ae:39:5e:a7:4c:11:39:
85:eb:47:2e:36:b4:30:c3:b9:02:2d:28:1b:d0:76:
18:40:78:b8:85:be:d0:7d:9c:16:1f:38:a0:56:86:
40:57:ec:2c:79:77:cd:29:3a:71:22:5c:6b:2f:b6:
d5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:0A:7E:5D:18:05:3D:D0:7B:30:B0:66:A4:08:A6:FB:29:ED:78:D8
X509v3 Authority Key Identifier:
keyid:D7:F6:F4:82:7C:58:CB:28:F9:96:A9:AA:EB:34:8F:1F:D2:6A:0C:A5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1_b0gnxYyyj5lqmq6zSPH9JqDKU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/f93db8-0e7d-4ea6-891d-70c67f126bf2/1/Igp-XRgFPdB7MLBmpAim-ynteNg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/f93db8-0e7d-4ea6-891d-70c67f126bf2/1/1_b0gnxYyyj5lqmq6zSPH9JqDKU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.189.94.0/23
Signature Algorithm: sha256WithRSAEncryption
5a:5f:3b:fa:9b:ba:ce:23:97:af:de:92:bb:a6:1a:39:be:27:
38:38:87:c3:12:9b:8a:1e:d0:80:b9:ce:c1:bd:9e:08:73:bf:
e8:6d:ae:e9:a2:a5:d3:8e:dc:5e:60:6f:e6:b1:b1:05:1e:25:
7c:0a:e9:51:bc:98:e6:84:bc:50:8e:0b:48:8f:89:0e:1e:d4:
27:6e:d6:74:8f:3a:cc:d8:77:16:2c:a7:b1:ea:52:6a:31:1a:
8d:d4:1d:91:9a:8b:16:fe:ac:f9:ef:b7:46:77:36:0f:6a:73:
af:48:d1:f0:fa:da:06:6a:14:bb:3c:23:04:f6:d6:97:ed:8f:
20:33:3a:57:b7:db:bc:a4:3b:fd:0d:90:ca:03:03:9e:4c:af:
1f:65:65:a0:70:ad:3d:2a:62:4c:d1:35:17:99:bd:6a:14:75:
d2:3d:95:c2:82:34:1d:3d:d7:fb:b5:1c:10:d4:ea:a2:75:df:
d3:58:f8:c4:0e:fd:18:9e:e0:6e:98:bb:07:ba:a7:12:99:f3:
67:b1:93:e1:cd:70:7e:aa:00:d1:5c:d8:d0:00:f4:2e:e9:40:
4d:90:e7:2a:57:a9:e4:d6:bd:9c:81:26:4f:15:1c:ad:03:ac:
49:aa:33:c5:ab:2a:50:54:1d:22:2d:38:c3:c3:3b:63:dc:13:
ec:e7:b0:62
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC2zP9XvSi3qAIjxRUTptDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZjZmNDgyN2M1OGNiMjhmOTk2YTlhYWViMzQ4ZjFmZDI2
YTBjYTUwHhcNMjQwMTAxMDIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjBhN2U1ZDE4MDUzZGQwN2IzMGIwNjZhNDA4YTZmYjI5ZWQ3OGQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3ZvLBf0PAFg5aomVAe6SgsIX1UoF
dwfMzZ72KBwRK/SLbDH/0I0xl2fUlWq0K7bLqtLWhbLaX7aQMm4klO24bBdA1D2B
tBBN+r4ke30SW1NW8lgebh1l1jBKJfR8Nfacuyp1euF2sO9UkZeSzBF/H22/1a5E
RPohCRnU478MF8/Ky5+JPvVuRx4pvp2vS65EmU6nNc77crUNCqxICMyiV0FyPJFT
M6wMV+cmdQF7nYWR+yzi//Svvgih5gSaCLMuI9pWalp4Z1yW4645XqdMETmF60cu
NrQww7kCLSgb0HYYQHi4hb7QfZwWHzigVoZAV+wseXfNKTpxIlxrL7bV8QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCIKfl0YBT3QezCwZqQIpvsp7XjYMB8GA1UdIwQY
MBaAFNf29IJ8WMso+Zapqus0jx/SagylMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMV9iMGdueFl5eWo1bHFtcTZ6U1BIOUpxREtVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9mOTNkYjgtMGU3ZC00ZWE2LTg5MWQt
NzBjNjdmMTI2YmYyLzEvSWdwLVhSZ0ZQZEI3TUxCbXBBaW0teW50ZU5nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9mOTNkYjgtMGU3ZC00ZWE2LTg5MWQtNzBjNjdmMTI2YmYy
LzEvMV9iMGdueFl5eWo1bHFtcTZ6U1BIOUpxREtVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwb1eMA0G
CSqGSIb3DQEBCwUAA4IBAQBaXzv6m7rOI5ev3pK7pho5vic4OIfDEpuKHtCAuc7B
vZ4Ic7/oba7poqXTjtxeYG/msbEFHiV8CulRvJjmhLxQjgtIj4kOHtQnbtZ0jzrM
2HcWLKex6lJqMRqN1B2RmosW/qz577dGdzYPanOvSNHw+toGahS7PCME9taX7Y8g
MzpXt9u8pDv9DZDKAwOeTK8fZWWgcK09KmJM0TUXmb1qFHXSPZXCgjQdPdf7tRwQ
1Oqidd/TWPjEDv0YnuBumLsHuqcSmfNnsZPhzXB+qgDRXNjQAPQu6UBNkOcqV6nk
1r2cgSZPFRytA6xJqjPFqypQVB0iLTjDwztj3BPs57Bi
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:51:52 2024 by rpki-client on console-fra.rpki-client.org