Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/9ICC--YdWRIF62BM8E7AfkuhT6s.roa
File: 9ICC--YdWRIF62BM8E7AfkuhT6s.roa (raw, json)
Hash identifier: oZ27qWcRbIiT8Oxk0jfgCs9WgM5O9e5XQsgChMHEgQs=
Subject key identifier: F4:80:82:FB:E6:1D:59:12:05:EB:60:4C:F0:4E:C0:7E:4B:A1:4F:AB
Certificate issuer: /CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Certificate serial: 018CCA2BB7B0A65AE3F55917745F9C60C60C
Authority key identifier: E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/9ICC--YdWRIF62BM8E7AfkuhT6s.roa
Signing time: Tue 02 Jan 2024 12:35:11 +0000
ROA not before: Tue 02 Jan 2024 12:35:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58328
IP address blocks: 188.123.96.0/21 maxlen: 21
188.123.104.0/23 maxlen: 23
188.123.106.0/23 maxlen: 23
188.123.108.0/22 maxlen: 22
188.123.116.0/23 maxlen: 23
188.123.118.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 19:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2b:b7:b0:a6:5a:e3:f5:59:17:74:5f:9c:60:c6:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e7f881401abacc88c941fdf740f1ab1536f05dba
Validity
Not Before: Jan 2 12:35:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f48082fbe61d591205eb604cf04ec07e4ba14fab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:c9:9f:3f:56:f7:a4:17:5a:3b:2d:b2:a8:ce:
6a:ed:9e:aa:30:b0:3c:af:51:7c:6e:14:43:86:01:
ac:06:ee:10:94:84:f3:30:ea:d5:ef:21:cb:5e:2f:
aa:bb:10:1d:38:06:de:1e:6c:74:97:cd:f1:4f:18:
50:fa:e7:64:90:ba:0a:3b:0c:a8:7e:f6:04:17:60:
91:90:cd:44:7b:b7:5b:49:9a:12:01:59:98:8b:10:
25:d2:bf:75:bf:75:f7:d6:dc:d5:46:42:71:1a:06:
59:60:47:4b:40:03:c5:84:54:d6:e2:cd:59:37:fe:
1e:ef:40:4f:17:5f:87:8e:7d:c0:56:3a:29:61:23:
16:e7:67:32:9f:3c:c5:69:50:dd:72:d7:f2:98:15:
a7:9b:d0:9b:a8:d0:dc:6e:b4:ec:f7:ff:f2:10:98:
af:86:43:b8:bc:5d:64:e0:db:65:fe:84:a2:e8:7a:
9d:85:8e:29:fa:1b:32:16:52:38:99:de:24:dc:70:
8f:26:a6:e3:c6:61:d1:c8:4a:a7:54:f8:25:95:fe:
c7:87:67:c7:f1:31:f6:b0:4a:29:54:19:44:8f:a3:
01:ab:2f:42:1e:12:ed:48:ab:ba:e5:a7:66:e6:b5:
20:80:32:61:c8:d1:eb:47:08:c7:9e:34:e3:a0:13:
7b:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:80:82:FB:E6:1D:59:12:05:EB:60:4C:F0:4E:C0:7E:4B:A1:4F:AB
X509v3 Authority Key Identifier:
keyid:E7:F8:81:40:1A:BA:CC:88:C9:41:FD:F7:40:F1:AB:15:36:F0:5D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5_iBQBq6zIjJQf33QPGrFTbwXbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/9ICC--YdWRIF62BM8E7AfkuhT6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/f5534a-a613-47be-b42b-e2fbc3a68800/1/5_iBQBq6zIjJQf33QPGrFTbwXbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.123.96.0/20
188.123.116.0/22
Signature Algorithm: sha256WithRSAEncryption
84:33:59:21:57:b5:32:d5:2a:7d:12:39:78:88:d1:47:02:23:
2c:46:45:4f:b4:46:03:34:9c:a8:c7:ca:79:6e:5e:70:c7:1c:
9b:08:7e:5e:b5:ae:fb:ac:88:e8:b0:7c:92:cd:80:a2:f4:16:
8c:c9:e9:57:a9:c3:66:5e:5b:32:86:ba:ef:60:37:79:f0:34:
18:da:0d:82:b5:a4:f6:48:31:9a:7f:cd:0e:fe:17:e3:e7:a7:
d1:19:ee:e7:bd:67:8f:07:46:77:55:ee:fc:b1:1f:1a:25:55:
f7:e0:b5:07:f4:af:1d:24:d9:c9:0a:c4:c9:b5:b4:68:ce:41:
04:5a:94:2c:8f:61:86:bf:31:0f:fa:f2:5d:55:ef:c7:8b:7d:
c1:ef:d5:19:ef:66:d0:e2:fa:67:a6:f8:f0:9b:6a:75:c0:37:
ae:f5:e8:06:18:a3:68:57:1a:ed:2e:9a:3e:34:04:62:da:44:
15:20:4a:cf:a6:06:fd:f4:3f:27:b6:bc:49:f2:a3:c4:60:7c:
3a:7e:98:10:27:3e:88:47:73:e5:b4:94:77:c4:02:c0:40:a8:
ec:0d:f8:a1:97:4f:33:6f:2a:21:65:72:b0:a9:bf:dc:26:57:
9d:05:3b:82:c7:d1:4e:4f:53:60:0c:33:5d:c9:25:f7:28:d3:
b3:30:05:79
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzKK7ewplrj9VkXdF+cYMYMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU3Zjg4MTQwMWFiYWNjODhjOTQxZmRmNzQwZjFhYjE1MzZm
MDVkYmEwHhcNMjQwMTAyMTIzNTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDgwODJmYmU2MWQ1OTEyMDVlYjYwNGNmMDRlYzA3ZTRiYTE0ZmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArsmfP1b3pBdaOy2yqM5q7Z6qMLA8
r1F8bhRDhgGsBu4QlITzMOrV7yHLXi+quxAdOAbeHmx0l83xTxhQ+udkkLoKOwyo
fvYEF2CRkM1Ee7dbSZoSAVmYixAl0r91v3X31tzVRkJxGgZZYEdLQAPFhFTW4s1Z
N/4e70BPF1+Hjn3AVjopYSMW52cynzzFaVDdctfymBWnm9CbqNDcbrTs9//yEJiv
hkO4vF1k4Ntl/oSi6HqdhY4p+hsyFlI4md4k3HCPJqbjxmHRyEqnVPgllf7Hh2fH
8TH2sEopVBlEj6MBqy9CHhLtSKu65adm5rUggDJhyNHrRwjHnjTjoBN7swIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPSAgvvmHVkSBetgTPBOwH5LoU+rMB8GA1UdIwQY
MBaAFOf4gUAausyIyUH990DxqxU28F26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmIt
ZTJmYmMzYTY4ODAwLzEvOUlDQy0tWWRXUklGNjJCTThFN0Fma3VoVDZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS9mNTUzNGEtYTYxMy00N2JlLWI0MmItZTJmYmMzYTY4ODAw
LzEvNV9pQlFCcTZ6SWpKUWYzM1FQR3JGVGJ3WGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEvHtgAwQC
vHt0MA0GCSqGSIb3DQEBCwUAA4IBAQCEM1khV7Uy1Sp9Ejl4iNFHAiMsRkVPtEYD
NJyox8p5bl5wxxybCH5eta77rIjosHySzYCi9BaMyelXqcNmXlsyhrrvYDd58DQY
2g2CtaT2SDGaf80O/hfj56fRGe7nvWePB0Z3Ve78sR8aJVX34LUH9K8dJNnJCsTJ
tbRozkEEWpQsj2GGvzEP+vJdVe/Hi33B79UZ72bQ4vpnpvjwm2p1wDeu9egGGKNo
VxrtLpo+NARi2kQVIErPpgb99D8ntrxJ8qPEYHw6fpgQJz6IR3PltJR3xALAQKjs
Dfihl08zbyohZXKwqb/cJledBTuCx9FOT1NgDDNdySX3KNOzMAV5
-----END CERTIFICATE-----
Generated at Sat May 18 22:48:33 2024 by rpki-client on console-ams.rpki-client.org