Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/a8efdf-5cee-494b-be48-a371f2889138/1/IiLauL0ZABJIfJsW0ysDF1yPkSk.roa
File: IiLauL0ZABJIfJsW0ysDF1yPkSk.roa (raw, json)
Hash identifier: 2dSS9LHJRv79sSaSs3OG0Q18ftFux3F7aHcbWrtUM24=
Subject key identifier: 22:22:DA:B8:BD:19:00:12:48:7C:9B:16:D3:2B:03:17:5C:8F:91:29
Certificate issuer: /CN=34919204b7ac47424baabfb291bd3fc8fa9e05f6
Certificate serial: 018CC50083DEC969CB96838ACEFCA757BE85
Authority key identifier: 34:91:92:04:B7:AC:47:42:4B:AA:BF:B2:91:BD:3F:C8:FA:9E:05:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJGSBLesR0JLqr-ykb0_yPqeBfY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/a8efdf-5cee-494b-be48-a371f2889138/1/IiLauL0ZABJIfJsW0ysDF1yPkSk.roa
Signing time: Mon 01 Jan 2024 12:29:54 +0000
ROA not before: Mon 01 Jan 2024 12:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 680
IP address blocks: 194.49.61.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/a8efdf-5cee-494b-be48-a371f2889138/1/NJGSBLesR0JLqr-ykb0_yPqeBfY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/a8efdf-5cee-494b-be48-a371f2889138/1/NJGSBLesR0JLqr-ykb0_yPqeBfY.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJGSBLesR0JLqr-ykb0_yPqeBfY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Nov 2024 14:00:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:83:de:c9:69:cb:96:83:8a:ce:fc:a7:57:be:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34919204b7ac47424baabfb291bd3fc8fa9e05f6
Validity
Not Before: Jan 1 12:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2222dab8bd190012487c9b16d32b03175c8f9129
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:3c:54:23:65:8f:9a:cb:71:d7:cb:07:26:d2:
7a:9e:28:4e:90:a2:f3:5f:a6:5e:18:f8:c1:03:45:
19:2c:48:17:55:c2:b0:13:e3:5a:93:60:8a:da:29:
fe:f7:98:02:c1:27:a5:38:db:54:5e:2b:89:01:48:
64:4f:58:1f:5a:95:f9:32:3d:73:f5:80:af:ad:ef:
16:d8:7e:07:69:cb:65:8b:e1:8e:1b:10:9b:da:65:
88:b8:09:70:d4:a0:2c:bc:5f:1e:fe:ef:cf:c6:22:
e9:49:ef:74:05:04:05:f3:07:cb:7d:d8:92:cb:fe:
37:8a:20:d8:dd:6b:3a:d7:49:ae:b7:c4:6c:dd:63:
d1:e7:20:a5:18:95:57:62:92:b8:1e:fe:4c:ac:0f:
22:5e:c7:75:f2:a5:9f:06:b8:92:5c:60:ac:40:03:
78:51:cb:fb:07:3c:38:c6:2b:a6:af:bf:7f:8d:ab:
d1:a3:e7:21:54:bf:64:b1:40:eb:ab:2b:dd:1c:ec:
e1:96:3d:57:8b:2d:6d:39:15:63:df:be:8d:b1:e3:
6c:57:08:79:bf:f5:39:94:78:ca:5a:25:5d:2c:e4:
3e:c1:f0:bb:49:df:9e:a8:95:df:17:5e:79:90:47:
cd:e5:9c:b6:14:bd:53:f5:29:ff:57:1e:48:70:10:
2b:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:22:DA:B8:BD:19:00:12:48:7C:9B:16:D3:2B:03:17:5C:8F:91:29
X509v3 Authority Key Identifier:
keyid:34:91:92:04:B7:AC:47:42:4B:AA:BF:B2:91:BD:3F:C8:FA:9E:05:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJGSBLesR0JLqr-ykb0_yPqeBfY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a8efdf-5cee-494b-be48-a371f2889138/1/IiLauL0ZABJIfJsW0ysDF1yPkSk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/a8efdf-5cee-494b-be48-a371f2889138/1/NJGSBLesR0JLqr-ykb0_yPqeBfY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.61.0/24
Signature Algorithm: sha256WithRSAEncryption
c3:ff:93:6d:1e:85:56:3c:ae:7a:63:f6:6b:82:5c:49:16:b1:
c2:b3:3f:ff:1b:42:a9:68:4a:f9:15:7d:dc:cc:02:8c:03:7b:
b8:7d:33:28:58:9e:21:a1:2b:83:1b:a8:25:1c:23:fb:b1:f0:
96:ce:6f:98:a5:5e:57:72:c4:ac:3c:a0:08:50:f9:4f:da:3d:
40:00:bc:51:26:2c:c5:92:02:1d:25:03:cb:f1:94:24:a0:01:
51:b7:b9:cc:5a:36:fd:c5:af:98:e2:b6:45:8e:18:c6:8e:17:
38:b2:35:e5:be:40:b2:fb:e1:d8:75:3a:2c:e6:1e:f5:1c:ec:
69:10:c0:ce:52:ba:de:46:00:c7:f2:3a:c7:52:fe:32:e5:c0:
64:9b:74:57:f0:e3:a5:d2:ed:42:4e:ba:33:ea:f9:8d:be:89:
b0:e1:7c:38:70:d5:9c:c0:79:a2:96:1b:a7:48:fd:44:a7:4e:
54:e4:52:d2:16:d0:ec:08:44:dc:4c:e2:90:dc:54:d7:91:47:
53:18:3c:06:b6:d9:b9:3a:08:f2:2f:5b:49:a1:a9:ee:af:e0:
b8:a3:b7:ac:f6:40:60:7b:cd:ac:78:d5:11:37:c0:84:8b:cb:
9e:34:a3:2c:00:fd:49:4f:c7:4f:b3:62:b9:9f:9a:a6:08:00:
c6:1b:c2:b3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAIPeyWnLloOKzvynV76FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OTE5MjA0YjdhYzQ3NDI0YmFhYmZiMjkxYmQzZmM4ZmE5
ZTA1ZjYwHhcNMjQwMTAxMTIyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjIyZGFiOGJkMTkwMDEyNDg3YzliMTZkMzJiMDMxNzVjOGY5MTI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgjxUI2WPmstx18sHJtJ6nihOkKLz
X6ZeGPjBA0UZLEgXVcKwE+Nak2CK2in+95gCwSelONtUXiuJAUhkT1gfWpX5Mj1z
9YCvre8W2H4Hactli+GOGxCb2mWIuAlw1KAsvF8e/u/PxiLpSe90BQQF8wfLfdiS
y/43iiDY3Ws610mut8Rs3WPR5yClGJVXYpK4Hv5MrA8iXsd18qWfBriSXGCsQAN4
Ucv7Bzw4xiumr79/javRo+chVL9ksUDrqyvdHOzhlj1Xiy1tORVj376NseNsVwh5
v/U5lHjKWiVdLOQ+wfC7Sd+eqJXfF155kEfN5Zy2FL1T9Sn/Vx5IcBArwQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCIi2ri9GQASSHybFtMrAxdcj5EpMB8GA1UdIwQY
MBaAFDSRkgS3rEdCS6q/spG9P8j6ngX2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkpHU0JMZXNSMEpMcXIteWtiMF95UHFlQmZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9hOGVmZGYtNWNlZS00OTRiLWJlNDgt
YTM3MWYyODg5MTM4LzEvSWlMYXVMMFpBQkpJZkpzVzB5c0RGMXlQa1NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9hOGVmZGYtNWNlZS00OTRiLWJlNDgtYTM3MWYyODg5MTM4
LzEvTkpHU0JMZXNSMEpMcXIteWtiMF95UHFlQmZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwjE9MA0G
CSqGSIb3DQEBCwUAA4IBAQDD/5NtHoVWPK56Y/ZrglxJFrHCsz//G0KpaEr5FX3c
zAKMA3u4fTMoWJ4hoSuDG6glHCP7sfCWzm+YpV5XcsSsPKAIUPlP2j1AALxRJizF
kgIdJQPL8ZQkoAFRt7nMWjb9xa+Y4rZFjhjGjhc4sjXlvkCy++HYdTos5h71HOxp
EMDOUrreRgDH8jrHUv4y5cBkm3RX8OOl0u1CTroz6vmNvomw4Xw4cNWcwHmilhun
SP1Ep05U5FLSFtDsCETcTOKQ3FTXkUdTGDwGttm5OgjyL1tJoanur+C4o7es9kBg
e82seNURN8CEi8ueNKMsAP1JT8dPs2K5n5qmCADGG8Kz
-----END CERTIFICATE-----
Generated at Sun Nov 10 19:34:15 2024 by rpki-client on console-fra.rpki-client.org