Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/564bd0-7b52-44dd-b56b-8eaa6bf40357/1/IitFlexYZfX-UU71f3XpZrGvWsM.roa
File: IitFlexYZfX-UU71f3XpZrGvWsM.roa (raw, json)
Hash identifier: tylWdlOxFACp9bND59PH/ucvG9vvleDVIVW12I3eErQ=
Subject key identifier: 22:2B:45:95:EC:58:65:F5:FE:51:4E:F5:7F:75:E9:66:B1:AF:5A:C3
Certificate issuer: /CN=e1856c3082ab2fc8dd1b359a7b3991368538b4d0
Certificate serial: 018CC424FD25B2C0F2AE909FA84A3784E55D
Authority key identifier: E1:85:6C:30:82:AB:2F:C8:DD:1B:35:9A:7B:39:91:36:85:38:B4:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4YVsMIKrL8jdGzWaezmRNoU4tNA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/564bd0-7b52-44dd-b56b-8eaa6bf40357/1/IitFlexYZfX-UU71f3XpZrGvWsM.roa
Signing time: Mon 01 Jan 2024 08:30:07 +0000
ROA not before: Mon 01 Jan 2024 08:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44486
IP address blocks: 37.44.215.0/24 maxlen: 24
176.116.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/564bd0-7b52-44dd-b56b-8eaa6bf40357/1/4YVsMIKrL8jdGzWaezmRNoU4tNA.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/564bd0-7b52-44dd-b56b-8eaa6bf40357/1/4YVsMIKrL8jdGzWaezmRNoU4tNA.mft
rsync://rpki.ripe.net/repository/DEFAULT/4YVsMIKrL8jdGzWaezmRNoU4tNA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:fd:25:b2:c0:f2:ae:90:9f:a8:4a:37:84:e5:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e1856c3082ab2fc8dd1b359a7b3991368538b4d0
Validity
Not Before: Jan 1 08:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=222b4595ec5865f5fe514ef57f75e966b1af5ac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:d2:91:fb:0e:4f:cb:26:31:15:ae:2e:67:cb:
c8:bc:b5:26:d2:83:08:93:32:ac:a1:b0:06:7c:a1:
66:fc:84:9b:4c:9b:3a:b0:73:35:d9:33:5c:40:cb:
61:c4:db:3c:68:15:4d:43:31:d9:e6:ec:58:be:24:
ab:04:df:cf:ba:10:a3:96:1e:08:f4:ec:ec:fb:d2:
e3:77:38:cc:f1:91:96:ab:67:00:36:1d:04:d5:1a:
01:e3:68:86:41:50:b7:e4:d9:53:d2:4f:db:e3:04:
44:f5:ce:f9:9e:11:be:b8:68:c1:2a:58:7b:1d:7c:
ff:32:c7:d8:86:98:e9:38:2b:6a:4a:e6:d9:cd:24:
cf:ce:a1:6d:d7:7f:fa:e3:2d:a6:01:d6:08:bb:08:
fb:a0:d8:3b:75:6b:f0:63:f7:53:90:fd:de:8b:2b:
01:df:be:8b:5a:7f:48:72:6d:75:e9:01:6b:70:f0:
13:b9:5c:38:fc:d9:e7:6d:5e:de:91:27:01:65:34:
84:0d:22:33:e4:65:18:00:24:14:cc:6f:a0:f4:6f:
ed:08:46:2b:1f:87:fb:27:f8:22:3d:20:60:cc:b4:
1a:d2:e7:ee:74:ef:e5:d8:73:44:11:48:35:64:5b:
7b:05:42:2b:66:2d:af:9f:6d:3a:6f:f8:46:47:25:
40:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:2B:45:95:EC:58:65:F5:FE:51:4E:F5:7F:75:E9:66:B1:AF:5A:C3
X509v3 Authority Key Identifier:
keyid:E1:85:6C:30:82:AB:2F:C8:DD:1B:35:9A:7B:39:91:36:85:38:B4:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4YVsMIKrL8jdGzWaezmRNoU4tNA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/564bd0-7b52-44dd-b56b-8eaa6bf40357/1/IitFlexYZfX-UU71f3XpZrGvWsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/564bd0-7b52-44dd-b56b-8eaa6bf40357/1/4YVsMIKrL8jdGzWaezmRNoU4tNA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.215.0/24
176.116.18.0/24
Signature Algorithm: sha256WithRSAEncryption
ab:c3:b1:0c:aa:78:be:41:c6:5b:6e:3e:cf:fe:9d:68:46:79:
27:a7:92:bd:02:7e:e6:45:22:60:07:02:3e:4b:57:94:e6:a2:
8d:9d:a9:75:3b:cc:79:bb:e7:1e:0d:6d:36:dd:e9:24:0f:3d:
2d:4c:d4:5b:da:76:c7:32:cf:88:ac:2b:bc:57:9f:ad:78:f4:
fc:10:30:0b:bb:18:7e:4a:e3:42:d8:3b:68:3a:7a:11:c9:9e:
06:43:1e:ad:d3:f8:11:62:4b:6b:0b:7f:b5:56:67:cd:81:1c:
ce:96:8c:8f:4c:d0:4f:dc:5e:5b:29:fe:82:ce:da:61:b2:99:
ad:a6:38:fc:bb:5b:86:83:e6:c7:b5:91:e9:bb:21:b7:26:f3:
6c:c0:a3:87:38:bf:b2:fc:ce:a8:37:ce:ca:46:0c:56:e2:c3:
18:5e:4c:f9:7b:13:a1:9f:35:fe:16:31:87:21:fe:4e:39:ea:
a9:0e:20:b4:ff:4e:3c:3d:4b:b6:f0:18:d2:f9:30:15:d3:1a:
de:75:ae:7a:a5:19:a2:1e:8e:6e:2a:2e:3d:a9:f7:07:44:df:
e0:2d:6f:05:7e:91:47:9b:95:4e:c9:44:12:b9:6f:9f:e8:83:
6d:c7:20:c1:91:71:fc:30:73:92:cb:e3:1e:0c:42:09:79:c8:
43:0e:d0:06
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzEJP0lssDyrpCfqEo3hOVdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxODU2YzMwODJhYjJmYzhkZDFiMzU5YTdiMzk5MTM2ODUz
OGI0ZDAwHhcNMjQwMTAxMDgzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjJiNDU5NWVjNTg2NWY1ZmU1MTRlZjU3Zjc1ZTk2NmIxYWY1YWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAldKR+w5PyyYxFa4uZ8vIvLUm0oMI
kzKsobAGfKFm/ISbTJs6sHM12TNcQMthxNs8aBVNQzHZ5uxYviSrBN/PuhCjlh4I
9Ozs+9LjdzjM8ZGWq2cANh0E1RoB42iGQVC35NlT0k/b4wRE9c75nhG+uGjBKlh7
HXz/MsfYhpjpOCtqSubZzSTPzqFt13/64y2mAdYIuwj7oNg7dWvwY/dTkP3eiysB
376LWn9Icm116QFrcPATuVw4/NnnbV7ekScBZTSEDSIz5GUYACQUzG+g9G/tCEYr
H4f7J/giPSBgzLQa0ufudO/l2HNEEUg1ZFt7BUIrZi2vn206b/hGRyVAOQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCIrRZXsWGX1/lFO9X916Waxr1rDMB8GA1UdIwQY
MBaAFOGFbDCCqy/I3Rs1mns5kTaFOLTQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFlWc01JS3JMOGpkR3pXYWV6bVJOb1U0dE5BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC81NjRiZDAtN2I1Mi00NGRkLWI1NmIt
OGVhYTZiZjQwMzU3LzEvSWl0RmxleFlaZlgtVVU3MWYzWHBackd2V3NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC81NjRiZDAtN2I1Mi00NGRkLWI1NmItOGVhYTZiZjQwMzU3
LzEvNFlWc01JS3JMOGpkR3pXYWV6bVJOb1U0dE5BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAJSzXAwQA
sHQSMA0GCSqGSIb3DQEBCwUAA4IBAQCrw7EMqni+QcZbbj7P/p1oRnknp5K9An7m
RSJgBwI+S1eU5qKNnal1O8x5u+ceDW023ekkDz0tTNRb2nbHMs+IrCu8V5+tePT8
EDALuxh+SuNC2DtoOnoRyZ4GQx6t0/gRYktrC3+1VmfNgRzOloyPTNBP3F5bKf6C
ztphspmtpjj8u1uGg+bHtZHpuyG3JvNswKOHOL+y/M6oN87KRgxW4sMYXkz5exOh
nzX+FjGHIf5OOeqpDiC0/048PUu28BjS+TAV0xreda56pRmiHo5uKi49qfcHRN/g
LW8FfpFHm5VOyUQSuW+f6INtxyDBkXH8MHOSy+MeDEIJechDDtAG
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:22:55 2024 by rpki-client on console-ams.rpki-client.org