Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/3a7e49-9d27-4e4e-aa36-6f6ccb6e2cda/1/IS87LO2FLY_eRcW5-8b7bd4mFQE.roa
File: IS87LO2FLY_eRcW5-8b7bd4mFQE.roa (raw, json)
Hash identifier: oUHXQl6UmB9sdqXhE+LHeLdJ05lLPM4K0UR1vNNdlII=
Subject key identifier: 21:2F:3B:2C:ED:85:2D:8F:DE:45:C5:B9:FB:C6:FB:6D:DE:26:15:01
Certificate issuer: /CN=4ddd0f9dcd88949b8f3a3771063562a057679290
Certificate serial: 018CC7265203B1DDEBFC5E1371F286A3767D
Authority key identifier: 4D:DD:0F:9D:CD:88:94:9B:8F:3A:37:71:06:35:62:A0:57:67:92:90
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Td0Pnc2IlJuPOjdxBjVioFdnkpA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/3a7e49-9d27-4e4e-aa36-6f6ccb6e2cda/1/IS87LO2FLY_eRcW5-8b7bd4mFQE.roa
Signing time: Mon 01 Jan 2024 22:30:26 +0000
ROA not before: Mon 01 Jan 2024 22:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197991
IP address blocks: 185.239.56.0/22 maxlen: 24
2a0c:4b80::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/3a7e49-9d27-4e4e-aa36-6f6ccb6e2cda/1/Td0Pnc2IlJuPOjdxBjVioFdnkpA.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/3a7e49-9d27-4e4e-aa36-6f6ccb6e2cda/1/Td0Pnc2IlJuPOjdxBjVioFdnkpA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Td0Pnc2IlJuPOjdxBjVioFdnkpA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 16:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:52:03:b1:dd:eb:fc:5e:13:71:f2:86:a3:76:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ddd0f9dcd88949b8f3a3771063562a057679290
Validity
Not Before: Jan 1 22:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=212f3b2ced852d8fde45c5b9fbc6fb6dde261501
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:78:34:1e:3c:5c:50:a4:7d:03:d4:4a:c6:2f:
67:02:b2:a1:ad:5e:a7:00:9c:c0:57:1c:7d:0c:0d:
90:58:4c:ab:d2:f1:8b:eb:86:93:fc:a0:40:9d:46:
21:cd:af:ba:87:83:ee:58:6a:eb:c5:87:60:f6:d4:
69:ad:f9:40:c4:02:a8:a6:d9:c7:8e:87:bb:01:fc:
4a:cf:4f:86:c3:d2:38:b1:be:48:24:bb:0c:7f:fb:
1b:93:52:58:b2:4f:64:1e:21:5a:fd:8e:8a:33:34:
f9:bc:34:aa:b0:43:3b:03:5e:b3:2a:c8:ee:41:8e:
1e:72:18:a6:1e:3d:a6:51:46:63:39:f7:11:40:bc:
96:6a:88:29:61:5d:dd:97:06:c6:0f:fb:03:a1:51:
ab:27:10:f2:f6:00:92:3d:33:76:fc:30:8e:7e:22:
d1:e7:1c:2f:f6:b6:b5:a7:07:21:5e:8d:e2:0b:f9:
3e:dc:83:dd:11:bd:e1:7e:c5:17:c3:36:e6:90:51:
34:1b:e5:23:d8:3e:d4:4e:cd:38:8e:5d:10:5f:77:
e1:29:b1:df:d1:16:a5:af:cd:fe:b5:93:48:bc:77:
09:52:5d:a9:74:db:eb:01:88:31:b3:4c:67:bf:60:
08:04:6e:54:a5:5f:1b:82:88:b3:26:dc:b9:4c:1b:
22:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:2F:3B:2C:ED:85:2D:8F:DE:45:C5:B9:FB:C6:FB:6D:DE:26:15:01
X509v3 Authority Key Identifier:
keyid:4D:DD:0F:9D:CD:88:94:9B:8F:3A:37:71:06:35:62:A0:57:67:92:90
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Td0Pnc2IlJuPOjdxBjVioFdnkpA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/3a7e49-9d27-4e4e-aa36-6f6ccb6e2cda/1/IS87LO2FLY_eRcW5-8b7bd4mFQE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/3a7e49-9d27-4e4e-aa36-6f6ccb6e2cda/1/Td0Pnc2IlJuPOjdxBjVioFdnkpA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.239.56.0/22
IPv6:
2a0c:4b80::/34
Signature Algorithm: sha256WithRSAEncryption
19:9e:e0:01:97:c5:c9:dc:12:90:97:47:ee:40:c5:2f:2a:5d:
0b:51:57:1e:09:51:48:c8:48:75:09:79:56:32:0f:cc:50:54:
71:88:72:99:b5:19:21:30:80:48:8d:11:8a:7f:4b:b5:cd:48:
34:fd:6a:46:b5:81:c6:59:59:57:66:a0:8e:06:32:50:20:ab:
f9:41:d3:85:44:55:45:7c:a9:d5:90:51:1a:cc:30:5b:d2:b8:
a8:59:3d:97:b2:ac:02:16:51:30:90:f4:4e:4b:34:e7:0e:c6:
a8:ea:7a:da:86:52:07:91:12:d6:07:7e:22:04:80:b9:26:00:
50:90:1e:68:be:2b:13:23:1a:39:c6:d8:cf:b6:4c:79:83:53:
78:41:ac:5a:56:1d:d3:91:7f:ba:4e:4c:b9:a2:4f:ed:06:0d:
5b:98:05:e9:36:bb:d5:ec:d9:fc:82:74:cb:63:99:f0:34:a6:
25:25:72:12:fb:13:1e:9f:e7:5d:4e:40:e1:b8:5f:ab:5b:79:
dd:fa:55:98:1c:6b:c0:fd:c5:16:b7:4d:57:ee:a9:73:bb:41:
c1:af:fa:b4:29:75:51:16:21:5f:42:d4:ed:4e:6e:88:c9:7c:
11:8a:ec:16:af:06:0d:a6:90:e1:b1:eb:2b:1a:e8:b0:5f:eb:
78:c0:4c:24
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzHJlIDsd3r/F4TcfKGo3Z9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRkZGQwZjlkY2Q4ODk0OWI4ZjNhMzc3MTA2MzU2MmEwNTc2
NzkyOTAwHhcNMjQwMTAxMjIzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTJmM2IyY2VkODUyZDhmZGU0NWM1YjlmYmM2ZmI2ZGRlMjYxNTAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXg0HjxcUKR9A9RKxi9nArKhrV6n
AJzAVxx9DA2QWEyr0vGL64aT/KBAnUYhza+6h4PuWGrrxYdg9tRprflAxAKoptnH
joe7AfxKz0+Gw9I4sb5IJLsMf/sbk1JYsk9kHiFa/Y6KMzT5vDSqsEM7A16zKsju
QY4echimHj2mUUZjOfcRQLyWaogpYV3dlwbGD/sDoVGrJxDy9gCSPTN2/DCOfiLR
5xwv9ra1pwchXo3iC/k+3IPdEb3hfsUXwzbmkFE0G+Uj2D7UTs04jl0QX3fhKbHf
0Ralr83+tZNIvHcJUl2pdNvrAYgxs0xnv2AIBG5UpV8bgoizJty5TBsiGwIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFCEvOyzthS2P3kXFufvG+23eJhUBMB8GA1UdIwQY
MBaAFE3dD53NiJSbjzo3cQY1YqBXZ5KQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGQwUG5jMklsSnVQT2pkeEJqVmlvRmRua3BBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC8zYTdlNDktOWQyNy00ZTRlLWFhMzYt
NmY2Y2NiNmUyY2RhLzEvSVM4N0xPMkZMWV9lUmNXNS04YjdiZDRtRlFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC8zYTdlNDktOWQyNy00ZTRlLWFhMzYtNmY2Y2NiNmUyY2Rh
LzEvVGQwUG5jMklsSnVQT2pkeEJqVmlvRmRua3BBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQCue84MA4E
AgACMAgDBgYqDEuAADANBgkqhkiG9w0BAQsFAAOCAQEAGZ7gAZfFydwSkJdH7kDF
LypdC1FXHglRSMhIdQl5VjIPzFBUcYhymbUZITCASI0Rin9Ltc1INP1qRrWBxllZ
V2agjgYyUCCr+UHThURVRXyp1ZBRGswwW9K4qFk9l7KsAhZRMJD0Tks05w7GqOp6
2oZSB5ES1gd+IgSAuSYAUJAeaL4rEyMaOcbYz7ZMeYNTeEGsWlYd05F/uk5MuaJP
7QYNW5gF6Ta71ezZ/IJ0y2OZ8DSmJSVyEvsTHp/nXU5A4bhfq1t53fpVmBxrwP3F
FrdNV+6pc7tBwa/6tCl1URYhX0LU7U5uiMl8EYrsFq8GDaaQ4bHrKxrosF/reMBM
JA==
-----END CERTIFICATE-----
Generated at Thu Nov 21 23:54:01 2024 by rpki-client on console-ams.rpki-client.org