Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/1f68a8-49dd-412b-bba9-0bf539b3b714/1/IW-TGfri_dG_RNekiIHn5eFtDGc.roa
File: IW-TGfri_dG_RNekiIHn5eFtDGc.roa (raw, json)
Hash identifier: fVaLb48sN2XlE68xvOgdEJuU6nOCuSKE8OIkXluQaXM=
Subject key identifier: 21:6F:93:19:FA:E2:FD:D1:BF:44:D7:A4:88:81:E7:E5:E1:6D:0C:67
Certificate issuer: /CN=e0812bdddbb239be639dc75dcd2e296c4fcf4a97
Certificate serial: 018CC64B5D569D983DAE009A582D0D7CB648
Authority key identifier: E0:81:2B:DD:DB:B2:39:BE:63:9D:C7:5D:CD:2E:29:6C:4F:CF:4A:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4IEr3duyOb5jncddzS4pbE_PSpc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/1f68a8-49dd-412b-bba9-0bf539b3b714/1/IW-TGfri_dG_RNekiIHn5eFtDGc.roa
Signing time: Mon 01 Jan 2024 18:31:17 +0000
ROA not before: Mon 01 Jan 2024 18:31:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39444
IP address blocks: 185.204.106.0/24 maxlen: 24
46.30.200.0/21 maxlen: 24
185.204.104.0/22 maxlen: 24
2a03:2680::/32 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/1f68a8-49dd-412b-bba9-0bf539b3b714/1/4IEr3duyOb5jncddzS4pbE_PSpc.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/1f68a8-49dd-412b-bba9-0bf539b3b714/1/4IEr3duyOb5jncddzS4pbE_PSpc.mft
rsync://rpki.ripe.net/repository/DEFAULT/4IEr3duyOb5jncddzS4pbE_PSpc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 04:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:5d:56:9d:98:3d:ae:00:9a:58:2d:0d:7c:b6:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0812bdddbb239be639dc75dcd2e296c4fcf4a97
Validity
Not Before: Jan 1 18:31:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=216f9319fae2fdd1bf44d7a48881e7e5e16d0c67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:0a:fe:c7:f9:f5:4d:99:1a:1f:c9:df:c3:a8:
5c:38:a0:06:63:f6:db:b1:a2:85:d5:07:63:73:17:
83:a9:d0:f2:6e:86:0e:cd:ae:f3:72:96:12:dc:f0:
d3:24:e5:1c:43:9d:67:f1:9c:9b:d7:85:92:b5:e3:
02:79:ac:2e:86:05:c7:81:eb:f3:8a:10:c3:e6:02:
c4:4b:04:de:6c:d0:d1:48:e8:cc:82:5b:74:7d:59:
67:74:2a:dc:70:dd:30:94:99:d4:ef:36:cf:d8:2c:
7e:eb:a6:b4:fa:bd:ca:cc:ba:09:99:7f:87:d4:31:
6d:04:fe:9f:5b:98:04:2d:22:14:06:5a:07:10:57:
78:4e:cd:60:2b:ac:dd:0f:f9:90:4e:09:df:ec:94:
e6:a2:a3:c3:d4:ee:48:a5:8b:95:06:19:42:05:50:
17:ec:67:8d:ef:7b:58:b0:1c:b6:27:bc:bd:c4:7b:
f7:5c:30:42:3b:56:86:96:80:b9:a7:b8:50:1b:83:
d2:d4:a2:bb:9f:43:67:f1:fb:23:8c:2e:ae:3c:8f:
94:42:75:de:49:9d:01:38:6b:26:1c:42:8f:a8:4d:
6c:d2:59:80:81:43:8a:34:aa:51:b8:a2:85:9f:4d:
14:b4:84:ce:08:cc:38:01:f4:ad:09:07:3d:69:ce:
4f:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:6F:93:19:FA:E2:FD:D1:BF:44:D7:A4:88:81:E7:E5:E1:6D:0C:67
X509v3 Authority Key Identifier:
keyid:E0:81:2B:DD:DB:B2:39:BE:63:9D:C7:5D:CD:2E:29:6C:4F:CF:4A:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4IEr3duyOb5jncddzS4pbE_PSpc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/1f68a8-49dd-412b-bba9-0bf539b3b714/1/IW-TGfri_dG_RNekiIHn5eFtDGc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/1f68a8-49dd-412b-bba9-0bf539b3b714/1/4IEr3duyOb5jncddzS4pbE_PSpc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.30.200.0/21
185.204.104.0/22
IPv6:
2a03:2680::/32
Signature Algorithm: sha256WithRSAEncryption
9c:0d:39:26:41:4a:bf:b6:df:7d:1d:55:6d:09:1a:83:8e:f5:
31:d5:2d:fd:6a:28:68:6c:d5:8b:44:e8:0a:5b:ae:a2:6b:af:
b8:59:57:82:d7:84:4a:9d:c7:e6:0b:05:1c:47:34:9f:92:6c:
32:08:8a:74:db:2c:ce:f0:27:ff:ae:8b:b1:40:f2:a9:72:0c:
78:ba:71:b5:0d:d3:60:21:dd:09:ce:f8:08:48:d9:16:cd:6e:
84:44:53:04:c3:0b:79:40:9e:e9:45:a9:5d:81:e6:02:c2:cc:
03:4c:03:0e:04:9d:d6:a7:2d:5c:99:f0:c3:ec:07:d5:d0:cc:
c7:75:f0:10:77:7d:36:99:96:f9:37:34:8e:21:3c:46:60:92:
82:f8:f9:43:39:30:d1:bc:41:f6:23:35:07:c1:d3:b8:39:5a:
e7:85:30:14:26:27:90:44:bd:99:11:f5:ce:07:57:cd:0d:f9:
a2:a6:90:1c:1f:45:4d:c1:14:6d:f8:09:df:21:7c:f2:5c:11:
ec:2b:f8:f7:45:7c:9d:61:e9:88:63:db:ab:c2:e7:ce:58:25:
35:07:af:16:70:88:76:19:5b:96:18:fa:cc:a9:7c:58:9c:89:
e8:f1:fb:5a:f6:7e:b2:6d:92:6f:20:be:d8:a5:92:f3:ab:44:
ea:d7:5a:50
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGS11WnZg9rgCaWC0NfLZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwODEyYmRkZGJiMjM5YmU2MzlkYzc1ZGNkMmUyOTZjNGZj
ZjRhOTcwHhcNMjQwMTAxMTgzMTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTZmOTMxOWZhZTJmZGQxYmY0NGQ3YTQ4ODgxZTdlNWUxNmQwYzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjAr+x/n1TZkaH8nfw6hcOKAGY/bb
saKF1QdjcxeDqdDyboYOza7zcpYS3PDTJOUcQ51n8Zyb14WSteMCeawuhgXHgevz
ihDD5gLESwTebNDRSOjMglt0fVlndCrccN0wlJnU7zbP2Cx+66a0+r3KzLoJmX+H
1DFtBP6fW5gELSIUBloHEFd4Ts1gK6zdD/mQTgnf7JTmoqPD1O5IpYuVBhlCBVAX
7GeN73tYsBy2J7y9xHv3XDBCO1aGloC5p7hQG4PS1KK7n0Nn8fsjjC6uPI+UQnXe
SZ0BOGsmHEKPqE1s0lmAgUOKNKpRuKKFn00UtITOCMw4AfStCQc9ac5PNwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCFvkxn64v3Rv0TXpIiB5+XhbQxnMB8GA1UdIwQY
MBaAFOCBK93bsjm+Y53HXc0uKWxPz0qXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNElFcjNkdXlPYjVqbmNkZHpTNHBiRV9QU3BjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8xZjY4YTgtNDlkZC00MTJiLWJiYTkt
MGJmNTM5YjNiNzE0LzEvSVctVEdmcmlfZEdfUk5la2lJSG41ZUZ0REdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8xZjY4YTgtNDlkZC00MTJiLWJiYTktMGJmNTM5YjNiNzE0
LzEvNElFcjNkdXlPYjVqbmNkZHpTNHBiRV9QU3BjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLh7IAwQC
ucxoMA0EAgACMAcDBQAqAyaAMA0GCSqGSIb3DQEBCwUAA4IBAQCcDTkmQUq/tt99
HVVtCRqDjvUx1S39aihobNWLROgKW66ia6+4WVeC14RKncfmCwUcRzSfkmwyCIp0
2yzO8Cf/rouxQPKpcgx4unG1DdNgId0JzvgISNkWzW6ERFMEwwt5QJ7pRaldgeYC
wswDTAMOBJ3Wpy1cmfDD7AfV0MzHdfAQd302mZb5NzSOITxGYJKC+PlDOTDRvEH2
IzUHwdO4OVrnhTAUJieQRL2ZEfXOB1fNDfmippAcH0VNwRRt+AnfIXzyXBHsK/j3
RXydYemIY9urwufOWCU1B68WcIh2GVuWGPrMqXxYnIno8fta9n6ybZJvIL7YpZLz
q0Tq11pQ
-----END CERTIFICATE-----
Generated at Sun May 19 06:10:58 2024 by rpki-client on console-fra.rpki-client.org