Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/IIWZMRQadMlDPwZL6d3Er5pdAfc.roa
File: IIWZMRQadMlDPwZL6d3Er5pdAfc.roa (raw, json)
Hash identifier: 2HzKuOFH5a74FiZlhhrRWAvlkxxJIVz7pGi/qtUBPvE=
Subject key identifier: 20:85:99:31:14:1A:74:C9:43:3F:06:4B:E9:DD:C4:AF:9A:5D:01:F7
Certificate issuer: /CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
Certificate serial: 018CCA9A145E2FA59C0989684C5F15CB7B24
Authority key identifier: 7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/IIWZMRQadMlDPwZL6d3Er5pdAfc.roa
Signing time: Tue 02 Jan 2024 14:35:44 +0000
ROA not before: Tue 02 Jan 2024 14:35:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34309
IP address blocks: 185.181.116.0/22 maxlen: 24
91.197.228.0/22 maxlen: 24
2a0a:cb80::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.mft
rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:9a:14:5e:2f:a5:9c:09:89:68:4c:5f:15:cb:7b:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7ba289ebe93351236a5580eb5b70102cf3f11dfc
Validity
Not Before: Jan 2 14:35:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=20859931141a74c9433f064be9ddc4af9a5d01f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:aa:ca:fa:dd:9a:ab:88:4b:d4:41:79:12:1e:
d5:96:76:b6:64:d2:95:41:90:46:8d:bc:12:0b:37:
aa:88:61:68:76:b8:21:d5:66:28:94:8d:7a:7e:68:
6d:59:03:fd:4b:9a:ea:19:86:c8:cc:02:17:f7:9d:
ab:16:4f:58:2d:b2:08:ee:d1:84:d1:64:38:97:65:
9e:66:3c:9b:0e:c3:e7:ba:fc:4b:63:5c:39:9b:35:
e3:31:ea:24:0d:76:b8:17:ca:61:a4:28:32:bf:aa:
f3:5d:77:3a:71:d9:4e:8a:39:25:3c:06:5c:83:86:
5e:ae:54:de:bf:8b:1d:44:37:6d:70:43:43:b2:5f:
ec:14:c8:b5:e6:66:d0:16:58:cd:f0:3b:08:62:1b:
c5:62:0b:d3:68:ae:4f:9c:1c:cd:de:ee:e9:12:6c:
77:fd:aa:92:2f:4e:13:df:a5:0f:ca:ef:16:fd:3a:
0c:1b:65:b2:72:8a:07:19:ab:ed:57:5a:60:1e:d3:
40:a6:89:2b:56:40:5f:3e:0c:d5:2e:e6:63:52:dd:
fb:52:0c:d5:65:e9:cd:df:97:9f:0c:db:27:66:3f:
1d:77:d7:c1:7a:75:af:fc:4f:c8:c0:3c:89:ae:0e:
ad:a6:09:9e:49:f6:79:f7:f8:de:08:ff:2b:13:41:
7c:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:85:99:31:14:1A:74:C9:43:3F:06:4B:E9:DD:C4:AF:9A:5D:01:F7
X509v3 Authority Key Identifier:
keyid:7B:A2:89:EB:E9:33:51:23:6A:55:80:EB:5B:70:10:2C:F3:F1:1D:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/IIWZMRQadMlDPwZL6d3Er5pdAfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/de1e7c-7d74-4ccc-9c6c-d163b5499e68/1/e6KJ6-kzUSNqVYDrW3AQLPPxHfw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.197.228.0/22
185.181.116.0/22
IPv6:
2a0a:cb80::/32
Signature Algorithm: sha256WithRSAEncryption
65:79:77:e8:1a:6e:9a:41:7f:9a:84:d9:3b:63:81:33:f5:fc:
e9:52:23:5e:3d:65:13:17:e8:e0:4d:05:d4:c2:34:13:cd:f3:
39:92:86:42:85:97:de:1f:8a:1e:4c:55:a0:cd:32:3d:3c:59:
1c:9b:fd:64:86:2b:6e:1e:3f:ef:28:91:7b:d4:d7:a5:d6:13:
e2:02:08:79:e8:50:84:86:29:f5:d8:e0:7a:5b:2b:95:f5:d1:
d9:e9:aa:64:cd:c2:37:16:ff:6f:15:88:5e:d9:55:e7:d9:df:
df:cb:1e:f2:f7:de:97:df:52:b7:14:e0:5b:65:1a:29:30:0e:
7e:e9:33:e0:d5:a2:3c:16:50:b3:e5:5e:0f:98:67:c5:60:9f:
a7:d0:b0:fb:01:1e:98:4c:e3:61:15:61:1e:59:bd:27:50:91:
40:14:60:d7:9e:ba:5b:4f:76:e0:43:26:6e:d7:5f:6e:86:c3:
f8:06:b1:07:3c:b2:85:51:c2:44:15:96:25:c3:d3:4d:5b:16:
56:8c:b1:0a:c2:5b:b7:df:dd:72:15:0e:19:46:22:eb:1c:57:
12:48:ce:fe:07:96:b0:3a:94:4b:2b:e0:9e:02:6d:51:97:77:
49:ef:fc:c9:9d:db:6b:bd:6e:ae:73:8d:8d:18:96:47:38:2f:
b0:83:e9:92
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzKmhReL6WcCYloTF8Vy3skMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiYTI4OWViZTkzMzUxMjM2YTU1ODBlYjViNzAxMDJjZjNm
MTFkZmMwHhcNMjQwMTAyMTQzNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDg1OTkzMTE0MWE3NGM5NDMzZjA2NGJlOWRkYzRhZjlhNWQwMWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhKrK+t2aq4hL1EF5Eh7Vlna2ZNKV
QZBGjbwSCzeqiGFodrgh1WYolI16fmhtWQP9S5rqGYbIzAIX952rFk9YLbII7tGE
0WQ4l2WeZjybDsPnuvxLY1w5mzXjMeokDXa4F8phpCgyv6rzXXc6cdlOijklPAZc
g4ZerlTev4sdRDdtcENDsl/sFMi15mbQFljN8DsIYhvFYgvTaK5PnBzN3u7pEmx3
/aqSL04T36UPyu8W/ToMG2WycooHGavtV1pgHtNApokrVkBfPgzVLuZjUt37UgzV
ZenN35efDNsnZj8dd9fBenWv/E/IwDyJrg6tpgmeSfZ59/jeCP8rE0F8DwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCCFmTEUGnTJQz8GS+ndxK+aXQH3MB8GA1UdIwQY
MBaAFHuiievpM1EjalWA61twECzz8R38MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMt
ZDE2M2I1NDk5ZTY4LzEvSUlXWk1SUWFkTWxEUHdaTDZkM0VyNXBkQWZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC9kZTFlN2MtN2Q3NC00Y2NjLTljNmMtZDE2M2I1NDk5ZTY4
LzEvZTZLSjYta3pVU05xVllEclczQVFMUFB4SGZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCW8XkAwQC
ubV0MA0EAgACMAcDBQAqCsuAMA0GCSqGSIb3DQEBCwUAA4IBAQBleXfoGm6aQX+a
hNk7Y4Ez9fzpUiNePWUTF+jgTQXUwjQTzfM5koZChZfeH4oeTFWgzTI9PFkcm/1k
hituHj/vKJF71Nel1hPiAgh56FCEhin12OB6WyuV9dHZ6apkzcI3Fv9vFYhe2VXn
2d/fyx7y996X31K3FOBbZRopMA5+6TPg1aI8FlCz5V4PmGfFYJ+n0LD7AR6YTONh
FWEeWb0nUJFAFGDXnrpbT3bgQyZu119uhsP4BrEHPLKFUcJEFZYlw9NNWxZWjLEK
wlu3391yFQ4ZRiLrHFcSSM7+B5awOpRLK+CeAm1Rl3dJ7/zJndtrvW6uc42NGJZH
OC+wg+mS
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:10:34 2024 by rpki-client on console-ams.rpki-client.org