Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iJA2iH_TCHE9gVWq1xDLkdAv4W0.roa
File: iJA2iH_TCHE9gVWq1xDLkdAv4W0.roa (raw, json)
Hash identifier: X7oH0u3DrkvjqsWwICQ8xhxZ1BqE4FtQLtZ8lJTNQaY=
Subject key identifier: 88:90:36:88:7F:D3:08:71:3D:81:55:AA:D7:10:CB:91:D0:2F:E1:6D
Certificate issuer: /CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Certificate serial: 018CC8030108954DE6BB2714EE77530798B2
Authority key identifier: 88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iJA2iH_TCHE9gVWq1xDLkdAv4W0.roa
Signing time: Tue 02 Jan 2024 02:31:29 +0000
ROA not before: Tue 02 Jan 2024 02:31:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3333
IP address blocks: 193.0.0.0/21 maxlen: 21
193.0.10.0/23 maxlen: 23
193.0.12.0/23 maxlen: 23
193.0.20.0/23 maxlen: 23
193.0.18.0/23 maxlen: 23
193.0.22.0/23 maxlen: 23
2a13:27c0::/29 maxlen: 48
2a13:27c0:10::/44 maxlen: 44
2001:67c:2e8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.mft
rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 08:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:03:01:08:95:4d:e6:bb:27:14:ee:77:53:07:98:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8817aafec61c3a6b024b6a9f54ffb764ca3df922
Validity
Not Before: Jan 2 02:31:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=889036887fd308713d8155aad710cb91d02fe16d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:f5:e8:a7:f3:26:fc:b9:a3:9b:dc:3a:a3:73:
21:69:be:a4:b9:42:07:88:d9:1c:fa:9f:2a:83:78:
de:95:22:9e:60:b7:66:4b:69:89:ad:ac:99:18:87:
63:98:48:68:0b:25:1a:37:f7:bc:59:0b:60:29:43:
34:94:71:9c:c7:01:2e:90:0c:1e:d0:b9:e0:1e:a3:
df:e4:3c:51:80:85:3d:b4:93:78:a4:d1:da:da:c4:
61:fe:c0:31:b9:98:88:b3:b1:19:5e:04:46:8d:29:
ad:fe:c5:e1:b8:51:84:41:4c:6d:89:4e:8a:d7:ca:
93:c8:8d:f7:68:51:97:61:29:f2:8a:98:ec:c1:1c:
de:43:b6:e9:1b:17:42:8b:94:0c:f4:b9:e4:7d:d3:
6f:bb:65:c1:ea:b6:10:71:e7:af:da:91:12:cb:8c:
61:15:26:0b:6e:5f:ac:dd:7c:18:57:78:d1:d0:b2:
79:31:b3:6d:ce:2b:d2:95:67:78:a6:47:23:fb:fd:
eb:02:59:e8:d8:b8:3e:fc:6f:25:3d:21:cf:eb:65:
80:d4:ef:ad:0c:68:20:78:ff:18:1f:9c:a5:9c:8b:
77:00:23:c2:0e:9d:a7:ae:80:1f:ff:a7:b4:ed:20:
02:34:10:a8:b2:30:47:2a:44:58:20:90:3b:83:d6:
9a:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:90:36:88:7F:D3:08:71:3D:81:55:AA:D7:10:CB:91:D0:2F:E1:6D
X509v3 Authority Key Identifier:
keyid:88:17:AA:FE:C6:1C:3A:6B:02:4B:6A:9F:54:FF:B7:64:CA:3D:F9:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iJA2iH_TCHE9gVWq1xDLkdAv4W0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/fe2d72-c2dd-46c1-9429-e66369649411/1/iBeq_sYcOmsCS2qfVP-3ZMo9-SI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.0.0.0/21
193.0.10.0-193.0.13.255
193.0.18.0-193.0.23.255
IPv6:
2001:67c:2e8::/48
2a13:27c0::/29
Signature Algorithm: sha256WithRSAEncryption
6d:b3:a5:81:b9:e3:93:d3:84:53:2c:37:68:28:54:f5:94:fc:
15:5f:e9:12:4c:ac:c9:b3:cd:f4:1e:88:d2:93:90:ce:b2:8d:
69:f8:5b:2a:5c:c7:8b:22:f6:41:48:f3:76:df:c9:62:f2:1e:
b2:26:17:62:21:09:96:2c:45:01:2b:d9:4a:1b:71:81:4e:17:
37:c2:32:bc:84:f4:15:05:0b:ce:81:dc:1b:f3:4e:24:4b:16:
49:8c:a7:56:4f:03:7e:e5:29:08:4d:39:e6:da:bb:9f:b6:92:
9b:47:43:61:13:5d:b7:bb:d2:77:c1:0b:ef:58:23:b3:41:7d:
9b:5f:c4:f9:89:a3:fa:f8:65:85:20:ad:dd:32:dc:3c:2f:a8:
5b:e9:f5:5f:3c:4c:26:b2:50:98:f1:61:b6:68:ee:0a:30:5c:
bd:02:2c:f6:35:c5:92:3e:f7:f5:e5:a3:74:37:98:96:63:aa:
d1:0c:de:b4:d5:f5:4f:e5:91:d3:3c:5d:d0:59:31:1c:d4:53:
3c:06:e1:11:17:c8:02:ba:67:19:62:c5:ad:28:b6:14:b2:e6:
a2:85:ec:fc:06:8b:20:4c:99:fc:7f:6a:c1:43:2f:f9:21:88:
17:92:72:3d:c8:db:73:b6:86:2a:43:54:e7:8d:22:05:2f:98:
a0:0f:2a:f5
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAYzIAwEIlU3muycU7ndTB5iyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4MTdhYWZlYzYxYzNhNmIwMjRiNmE5ZjU0ZmZiNzY0Y2Ez
ZGY5MjIwHhcNMjQwMTAyMDIzMTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODkwMzY4ODdmZDMwODcxM2Q4MTU1YWFkNzEwY2I5MWQwMmZlMTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiPXop/Mm/Lmjm9w6o3Mhab6kuUIH
iNkc+p8qg3jelSKeYLdmS2mJrayZGIdjmEhoCyUaN/e8WQtgKUM0lHGcxwEukAwe
0LngHqPf5DxRgIU9tJN4pNHa2sRh/sAxuZiIs7EZXgRGjSmt/sXhuFGEQUxtiU6K
18qTyI33aFGXYSnyipjswRzeQ7bpGxdCi5QM9LnkfdNvu2XB6rYQceev2pESy4xh
FSYLbl+s3XwYV3jR0LJ5MbNtzivSlWd4pkcj+/3rAlno2Lg+/G8lPSHP62WA1O+t
DGggeP8YH5ylnIt3ACPCDp2nroAf/6e07SACNBCosjBHKkRYIJA7g9aaewIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFIiQNoh/0whxPYFVqtcQy5HQL+FtMB8GA1UdIwQY
MBaAFIgXqv7GHDprAktqn1T/t2TKPfkiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0Mjkt
ZTY2MzY5NjQ5NDExLzEvaUpBMmlIX1RDSEU5Z1ZXcTF4RExrZEF2NFcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My9mZTJkNzItYzJkZC00NmMxLTk0MjktZTY2MzY5NjQ5NDEx
LzEvaUJlcV9zWWNPbXNDUzJxZlZQLTNaTW85LVNJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAoBAIAATAiAwQDwQAAMAwD
BAHBAAoDBAHBAAwwDAMEAcEAEgMEA8EAEDAWBAIAAjAQAwcAIAEGfALoAwUDKhMn
wDANBgkqhkiG9w0BAQsFAAOCAQEAbbOlgbnjk9OEUyw3aChU9ZT8FV/pEkysybPN
9B6I0pOQzrKNafhbKlzHiyL2QUjzdt/JYvIesiYXYiEJlixFASvZShtxgU4XN8Iy
vIT0FQULzoHcG/NOJEsWSYynVk8DfuUpCE055tq7n7aSm0dDYRNdt7vSd8EL71gj
s0F9m1/E+Ymj+vhlhSCt3TLcPC+oW+n1XzxMJrJQmPFhtmjuCjBcvQIs9jXFkj73
9eWjdDeYlmOq0QzetNX1T+WR0zxd0FkxHNRTPAbhERfIArpnGWLFrSi2FLLmooXs
/AaLIEyZ/H9qwUMv+SGIF5JyPcjbc7aGKkNU540iBS+YoA8q9Q==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:01:01 2024 by rpki-client on console-ams.rpki-client.org