Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/iTL_pGRYTAc4j8ouGY1LLxgqxAc.roa
File: iTL_pGRYTAc4j8ouGY1LLxgqxAc.roa (raw, json)
Hash identifier: a01W3anHPw/vx9LhEDwWCq1b6+17QW2gsHoR9dWQTvU=
Subject key identifier: 89:32:FF:A4:64:58:4C:07:38:8F:CA:2E:19:8D:4B:2F:18:2A:C4:07
Certificate issuer: /CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Certificate serial: 018CC86FF17EFE8501DC4C4D1778F3A7058F
Authority key identifier: 8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/iTL_pGRYTAc4j8ouGY1LLxgqxAc.roa
Signing time: Tue 02 Jan 2024 04:30:28 +0000
ROA not before: Tue 02 Jan 2024 04:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 52117
IP address blocks: 195.33.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.mft
rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:f1:7e:fe:85:01:dc:4c:4d:17:78:f3:a7:05:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d59c4323f767ce4ffc85daad208b90c04fbd3e9
Validity
Not Before: Jan 2 04:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8932ffa464584c07388fca2e198d4b2f182ac407
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:17:63:8c:f0:0c:2a:bb:91:7f:2e:d6:a6:60:
14:db:1e:17:cd:4b:d7:ce:63:42:fa:90:78:10:b9:
4c:ca:24:8e:0e:c1:c5:67:e2:41:65:5e:25:86:bb:
23:c8:82:1e:1e:26:ee:1d:93:03:04:9f:98:ac:f7:
84:68:96:a6:83:d9:49:74:f7:46:72:af:a3:0b:f8:
c5:f7:a6:24:88:1d:10:9d:48:96:a4:8a:2d:54:fc:
73:c2:e8:6e:b2:d4:9b:e6:ec:79:52:8d:f8:63:80:
d9:fa:f7:71:d1:2c:c0:8b:ca:02:65:6d:5c:2c:ac:
be:de:ff:19:26:fc:46:61:64:1f:48:f6:7f:3c:a5:
ab:cd:d0:41:14:aa:dd:87:f9:77:2c:ec:24:1f:c8:
b1:b3:fd:f9:3a:48:fa:9a:b1:bf:00:4b:f2:2c:47:
40:cc:43:08:9a:47:c3:f0:f9:c4:5f:3b:f0:bf:cb:
f4:3b:8d:f6:2e:80:ea:1b:a8:26:80:a2:e0:bf:6e:
d1:c6:43:a0:90:9e:83:64:5f:69:c0:03:43:d0:1d:
25:80:c5:7f:aa:42:04:a3:03:6e:20:8e:86:66:2b:
e4:4a:f7:ce:65:3d:11:b3:7b:ee:71:62:57:d7:0b:
4e:35:d7:4d:06:59:30:09:d9:19:ab:75:6c:63:4c:
2b:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:32:FF:A4:64:58:4C:07:38:8F:CA:2E:19:8D:4B:2F:18:2A:C4:07
X509v3 Authority Key Identifier:
keyid:8D:59:C4:32:3F:76:7C:E4:FF:C8:5D:AA:D2:08:B9:0C:04:FB:D3:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jVnEMj92fOT_yF2q0gi5DAT70-k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/iTL_pGRYTAc4j8ouGY1LLxgqxAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/f09ecf-e805-4158-b315-f2be9f6c664c/1/jVnEMj92fOT_yF2q0gi5DAT70-k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.33.239.0/24
Signature Algorithm: sha256WithRSAEncryption
09:f3:30:61:83:f6:9a:d6:f6:3e:99:c8:5b:4d:03:cb:c2:f0:
04:92:1b:4e:f1:2e:36:7b:ab:7f:da:f2:2a:43:ec:7e:82:63:
77:17:53:c7:39:21:fa:0f:03:01:fc:6e:65:04:d8:6b:76:67:
35:f7:49:f3:d7:5a:0a:64:c3:65:33:0f:30:53:13:99:81:d4:
0a:d0:9d:39:bd:0c:d9:16:81:e8:f1:31:a0:da:4f:6e:50:53:
f8:35:8b:5c:82:d8:ba:1e:24:86:35:e0:c9:d3:31:d9:de:75:
56:bc:c4:30:d0:49:82:aa:dd:55:b5:ac:c3:0f:75:03:c2:a3:
6f:8b:58:48:7b:a2:97:55:b8:5e:ea:a5:c9:00:8a:20:84:95:
84:c9:7c:65:a1:d0:0d:43:73:9e:82:2d:40:cb:21:74:bc:6b:
59:a5:20:7f:3b:56:2f:78:5f:d6:ca:f9:53:af:28:52:53:58:
ce:84:ec:bd:0c:50:4a:2b:46:a6:ff:60:07:98:e1:62:9d:94:
c0:bf:59:0c:8b:47:c4:50:26:49:95:15:8a:ec:b5:05:a7:24:
43:c1:c8:ca:cc:f0:ea:c2:45:6c:cc:84:6f:2a:71:72:84:89:
cc:bb:4c:89:46:e4:00:52:b6:a0:67:ff:e2:4f:a8:2b:34:25:
03:8c:07:02
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb/F+/oUB3ExNF3jzpwWPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkNTljNDMyM2Y3NjdjZTRmZmM4NWRhYWQyMDhiOTBjMDRm
YmQzZTkwHhcNMjQwMTAyMDQzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTMyZmZhNDY0NTg0YzA3Mzg4ZmNhMmUxOThkNGIyZjE4MmFjNDA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBdjjPAMKruRfy7WpmAU2x4XzUvX
zmNC+pB4ELlMyiSODsHFZ+JBZV4lhrsjyIIeHibuHZMDBJ+YrPeEaJamg9lJdPdG
cq+jC/jF96YkiB0QnUiWpIotVPxzwuhustSb5ux5Uo34Y4DZ+vdx0SzAi8oCZW1c
LKy+3v8ZJvxGYWQfSPZ/PKWrzdBBFKrdh/l3LOwkH8ixs/35Okj6mrG/AEvyLEdA
zEMImkfD8PnEXzvwv8v0O432LoDqG6gmgKLgv27RxkOgkJ6DZF9pwAND0B0lgMV/
qkIEowNuII6GZivkSvfOZT0Rs3vucWJX1wtONddNBlkwCdkZq3VsY0wrPwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIky/6RkWEwHOI/KLhmNSy8YKsQHMB8GA1UdIwQY
MBaAFI1ZxDI/dnzk/8hdqtIIuQwE+9PpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUt
ZjJiZTlmNmM2NjRjLzEvaVRMX3BHUllUQWM0ajhvdUdZMUxMeGdxeEFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9mMDllY2YtZTgwNS00MTU4LWIzMTUtZjJiZTlmNmM2NjRj
LzEvalZuRU1qOTJmT1RfeUYycTBnaTVEQVQ3MC1rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwyHvMA0G
CSqGSIb3DQEBCwUAA4IBAQAJ8zBhg/aa1vY+mchbTQPLwvAEkhtO8S42e6t/2vIq
Q+x+gmN3F1PHOSH6DwMB/G5lBNhrdmc190nz11oKZMNlMw8wUxOZgdQK0J05vQzZ
FoHo8TGg2k9uUFP4NYtcgti6HiSGNeDJ0zHZ3nVWvMQw0EmCqt1VtazDD3UDwqNv
i1hIe6KXVbhe6qXJAIoghJWEyXxlodANQ3Oegi1AyyF0vGtZpSB/O1YveF/WyvlT
ryhSU1jOhOy9DFBKK0am/2AHmOFinZTAv1kMi0fEUCZJlRWK7LUFpyRDwcjKzPDq
wkVszIRvKnFyhInMu0yJRuQAUragZ//iT6grNCUDjAcC
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:00:03 2024 by rpki-client on console-ams.rpki-client.org