Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/IWkosv1oceI1aAT6MuaBeykPnDE.roa
File: IWkosv1oceI1aAT6MuaBeykPnDE.roa (raw, json)
Hash identifier: Zt1zR/MujgpAImrsB9MGSD/MhSE58xHF3n6xOhC/j7E=
Subject key identifier: 21:69:28:B2:FD:68:71:E2:35:68:04:FA:32:E6:81:7B:29:0F:9C:31
Certificate issuer: /CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Certificate serial: 018D796C4636F40FBFD2EA9B78882E29C882
Authority key identifier: 62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/IWkosv1oceI1aAT6MuaBeykPnDE.roa
Signing time: Mon 05 Feb 2024 13:19:15 +0000
ROA not before: Mon 05 Feb 2024 13:19:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39134
IP address blocks: 85.8.185.0/24 maxlen: 24
185.184.53.0/24 maxlen: 24
193.47.42.0/24 maxlen: 24
193.47.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:79:6c:46:36:f4:0f:bf:d2:ea:9b:78:88:2e:29:c8:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6222e1c2a5315334b66d80f78d5b50b42e480b9c
Validity
Not Before: Feb 5 13:19:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=216928b2fd6871e2356804fa32e6817b290f9c31
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9e:81:01:55:b4:90:20:81:54:a3:88:30:36:
2d:cd:02:83:5b:4e:c8:7e:22:7b:6a:22:0b:9d:f5:
bd:53:01:13:d0:48:d1:91:4e:59:6a:c1:fd:76:90:
a9:36:27:80:b0:02:d0:9f:0c:90:89:8a:62:53:7b:
c0:44:92:0c:f9:59:b3:5c:4e:6b:a2:7e:11:ff:d5:
a1:39:8b:b2:3e:64:bb:72:0f:b8:ee:4f:c8:93:14:
af:d7:6c:78:01:a3:17:c6:b3:82:ea:2b:43:e6:71:
1f:7b:6e:a7:fe:be:c3:60:3e:99:af:b3:3b:6a:44:
b3:90:76:d4:77:f9:da:e0:21:24:97:4e:fc:cd:fe:
82:ca:c3:be:f3:57:48:6c:72:3b:6e:a7:be:2a:75:
d5:7e:00:69:ae:22:53:91:ed:5b:ed:fb:6a:77:5f:
3e:5a:7c:59:7e:3d:6d:6e:b4:58:a8:66:d9:68:6c:
82:31:b8:5a:33:6a:83:17:d6:f0:4d:59:0e:79:77:
a6:a4:85:83:0b:fc:9b:cc:c6:fe:73:e4:49:f7:9d:
3e:af:ab:93:ce:73:07:02:f0:6c:72:e5:88:ad:18:
a6:d0:6b:89:31:55:16:0b:e9:2c:42:66:ba:94:5e:
48:51:0c:b2:47:ca:b8:dc:6f:f5:85:f0:b7:d9:0b:
6c:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:69:28:B2:FD:68:71:E2:35:68:04:FA:32:E6:81:7B:29:0F:9C:31
X509v3 Authority Key Identifier:
keyid:62:22:E1:C2:A5:31:53:34:B6:6D:80:F7:8D:5B:50:B4:2E:48:0B:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiLhwqUxUzS2bYD3jVtQtC5IC5w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/IWkosv1oceI1aAT6MuaBeykPnDE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/999b97-c731-4192-85f1-573701c84833/1/YiLhwqUxUzS2bYD3jVtQtC5IC5w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.8.185.0/24
185.184.53.0/24
193.47.42.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:6f:b2:46:92:61:a5:80:db:fd:02:4b:1c:6c:7a:f7:1b:38:
f0:8f:69:dd:2b:da:e5:6e:14:55:3c:6a:26:6f:c1:64:50:6e:
f3:88:68:b0:f3:c2:80:fc:44:23:c7:58:59:45:83:80:61:28:
4b:e9:17:1a:ca:71:c1:98:41:8a:74:d4:64:e3:d3:10:7f:4b:
19:af:e5:42:df:11:3b:7c:83:2d:7f:be:df:c1:c3:a2:5f:8c:
45:14:1b:0a:b3:b5:ff:4c:1e:8d:7b:0e:da:01:a7:33:78:a9:
ae:ce:3d:e3:3b:c7:0c:a2:e8:fa:17:f5:58:28:48:3a:70:1f:
ba:42:35:83:85:c1:bf:b3:57:8a:be:e4:f2:97:cf:5a:d4:5a:
2e:f2:e5:67:db:2e:75:e6:59:1e:31:cd:c4:24:17:a5:7f:aa:
6b:a6:69:ac:b4:69:92:dc:65:c0:11:b3:be:17:a5:91:21:24:
c8:17:5b:e4:07:3c:3c:de:9f:e9:1f:0a:e4:ff:b8:24:e9:76:
03:2c:49:5c:4c:6a:03:1a:14:a5:30:9f:b8:6f:01:a3:74:22:
20:b4:10:fc:98:07:a4:05:5d:65:07:0b:9d:85:46:dd:0c:0f:
e9:e0:8b:5c:d0:6d:af:f8:56:ef:85:5c:93:ce:ea:0b:92:1a:
1e:eb:97:a3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY15bEY29A+/0uqbeIguKciCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjJlMWMyYTUzMTUzMzRiNjZkODBmNzhkNWI1MGI0MmU0
ODBiOWMwHhcNMjQwMjA1MTMxOTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTY5MjhiMmZkNjg3MWUyMzU2ODA0ZmEzMmU2ODE3YjI5MGY5YzMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt56BAVW0kCCBVKOIMDYtzQKDW07I
fiJ7aiILnfW9UwET0EjRkU5ZasH9dpCpNieAsALQnwyQiYpiU3vARJIM+VmzXE5r
on4R/9WhOYuyPmS7cg+47k/IkxSv12x4AaMXxrOC6itD5nEfe26n/r7DYD6Zr7M7
akSzkHbUd/na4CEkl078zf6CysO+81dIbHI7bqe+KnXVfgBpriJTke1b7ftqd18+
WnxZfj1tbrRYqGbZaGyCMbhaM2qDF9bwTVkOeXempIWDC/ybzMb+c+RJ950+r6uT
znMHAvBscuWIrRim0GuJMVUWC+ksQma6lF5IUQyyR8q43G/1hfC32QtsbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCFpKLL9aHHiNWgE+jLmgXspD5wxMB8GA1UdIwQY
MBaAFGIi4cKlMVM0tm2A941bULQuSAucMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEt
NTczNzAxYzg0ODMzLzEvSVdrb3N2MW9jZUkxYUFUNk11YUJleWtQbkRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS85OTliOTctYzczMS00MTkyLTg1ZjEtNTczNzAxYzg0ODMz
LzEvWWlMaHdxVXhVelMyYllEM2pWdFF0QzVJQzV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVQi5AwQA
ubg1AwQBwS8qMA0GCSqGSIb3DQEBCwUAA4IBAQAdb7JGkmGlgNv9AkscbHr3Gzjw
j2ndK9rlbhRVPGomb8FkUG7ziGiw88KA/EQjx1hZRYOAYShL6RcaynHBmEGKdNRk
49MQf0sZr+VC3xE7fIMtf77fwcOiX4xFFBsKs7X/TB6New7aAaczeKmuzj3jO8cM
ouj6F/VYKEg6cB+6QjWDhcG/s1eKvuTyl89a1Fou8uVn2y515lkeMc3EJBelf6pr
pmmstGmS3GXAEbO+F6WRISTIF1vkBzw83p/pHwrk/7gk6XYDLElcTGoDGhSlMJ+4
bwGjdCIgtBD8mAekBV1lBwudhUbdDA/p4Itc0G2v+FbvhVyTzuoLkhoe65ej
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:47:27 2024 by rpki-client on console-fra.rpki-client.org