Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/iaXJ_u2DVKwl831-maG2U9ABlPE.roa
File: iaXJ_u2DVKwl831-maG2U9ABlPE.roa (raw, json)
Hash identifier: eTQCLLEaLGv6ktHB6hlnJL6AA7MuxU5yu7dVNLjsXXA=
Subject key identifier: 89:A5:C9:FE:ED:83:54:AC:25:F3:7D:7E:99:A1:B6:53:D0:01:94:F1
Certificate issuer: /CN=c8d5e37178d8524c72660a1d796165999e586622
Certificate serial: 018CC3B67DD17C08E14F6D6618D7AF309971
Authority key identifier: C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/iaXJ_u2DVKwl831-maG2U9ABlPE.roa
Signing time: Mon 01 Jan 2024 06:29:26 +0000
ROA not before: Mon 01 Jan 2024 06:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59456
IP address blocks: 195.244.18.0/24 maxlen: 24
91.239.15.0/24 maxlen: 24
45.152.40.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.mft
rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:7d:d1:7c:08:e1:4f:6d:66:18:d7:af:30:99:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8d5e37178d8524c72660a1d796165999e586622
Validity
Not Before: Jan 1 06:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89a5c9feed8354ac25f37d7e99a1b653d00194f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:e2:a3:8f:48:67:ec:e0:5c:ef:19:e1:24:84:
75:98:b4:64:cf:db:e9:f9:dd:80:10:49:0b:da:61:
b9:80:e4:96:fa:62:15:2c:d8:52:11:d0:d4:32:3e:
5d:37:70:a9:9c:c8:09:f0:fc:49:73:da:05:a5:fd:
58:66:1a:23:00:7f:ed:57:17:fb:74:43:d5:89:f0:
cc:6f:f3:1a:43:1b:d2:c9:88:69:7b:05:81:26:74:
10:2b:f3:62:1d:1e:d9:81:a9:b9:55:14:ff:38:a2:
c5:cd:2b:7a:9e:7d:34:9f:92:c2:08:e9:7c:a8:7c:
d9:59:6f:7d:df:21:f5:3a:5b:2c:da:8c:99:e1:75:
6d:a3:e7:00:03:8e:7b:5f:a5:dc:6b:84:a3:f0:3d:
81:c7:53:aa:e9:26:84:5c:65:04:02:4a:c2:f6:f9:
72:14:e1:af:52:3d:06:bd:79:48:65:ec:f3:dd:7c:
c7:bd:7c:08:2e:6a:38:b8:de:e1:06:36:62:6b:90:
5f:59:40:7a:bb:b4:43:09:36:90:92:25:6a:d0:62:
4e:64:07:e9:6b:5a:f9:ba:d9:c4:c0:94:03:d2:ad:
9a:d9:68:4e:64:67:b2:45:25:80:7f:5c:63:4d:61:
18:72:54:6c:60:61:16:78:ab:48:9d:34:e7:70:5e:
ef:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A5:C9:FE:ED:83:54:AC:25:F3:7D:7E:99:A1:B6:53:D0:01:94:F1
X509v3 Authority Key Identifier:
keyid:C8:D5:E3:71:78:D8:52:4C:72:66:0A:1D:79:61:65:99:9E:58:66:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yNXjcXjYUkxyZgodeWFlmZ5YZiI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/iaXJ_u2DVKwl831-maG2U9ABlPE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7e/b54ca3-73d5-4984-8782-9e0aed2fb8ec/1/yNXjcXjYUkxyZgodeWFlmZ5YZiI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.152.40.0/22
91.239.15.0/24
195.244.18.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:5c:48:a0:79:21:3e:0a:91:87:58:a5:52:63:04:a3:cf:ab:
39:2b:ae:59:ad:18:d6:d3:ee:ef:ff:ed:27:e6:bc:2f:15:88:
5b:f5:a5:f9:0e:9a:95:fc:36:19:37:9e:97:75:1d:0d:7d:cd:
2f:94:26:00:8b:19:fe:31:41:4f:aa:1a:07:3c:3a:93:78:b6:
85:e9:b3:58:e5:9d:ed:b8:7b:51:bb:05:23:75:68:00:d6:2e:
7d:9d:73:00:e5:0b:b9:40:9c:82:69:3a:9c:83:10:7e:ac:ad:
46:f9:20:73:7f:f7:ef:8e:61:d6:35:45:c6:f8:01:88:2d:02:
4b:7c:8f:d5:26:47:e5:84:0f:d1:c5:50:ca:13:8f:44:8c:07:
01:ea:39:4e:10:c9:e9:0c:f0:68:8b:c2:d1:4f:e5:c3:ce:67:
c1:fa:ee:48:53:34:98:d6:7d:e5:32:2c:4b:f9:11:55:96:bd:
2d:a4:0a:d9:1f:7d:f8:09:8c:cb:75:4c:76:7a:ee:cf:8a:ec:
81:0e:18:01:5e:12:34:83:12:9d:a4:71:0d:d9:70:85:54:c5:
e8:8b:61:8c:31:45:13:18:bd:79:9a:6a:82:9e:ed:82:29:0d:
14:38:ec:1c:90:44:5c:fc:f0:6e:3d:60:86:ac:9b:12:45:ac:
5d:43:04:00
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzDtn3RfAjhT21mGNevMJlxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4ZDVlMzcxNzhkODUyNGM3MjY2MGExZDc5NjE2NTk5OWU1
ODY2MjIwHhcNMjQwMTAxMDYyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWE1YzlmZWVkODM1NGFjMjVmMzdkN2U5OWExYjY1M2QwMDE5NGYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwOKjj0hn7OBc7xnhJIR1mLRkz9vp
+d2AEEkL2mG5gOSW+mIVLNhSEdDUMj5dN3CpnMgJ8PxJc9oFpf1YZhojAH/tVxf7
dEPVifDMb/MaQxvSyYhpewWBJnQQK/NiHR7Zgam5VRT/OKLFzSt6nn00n5LCCOl8
qHzZWW993yH1Olss2oyZ4XVto+cAA457X6Xca4Sj8D2Bx1Oq6SaEXGUEAkrC9vly
FOGvUj0GvXlIZezz3XzHvXwILmo4uN7hBjZia5BfWUB6u7RDCTaQkiVq0GJOZAfp
a1r5utnEwJQD0q2a2WhOZGeyRSWAf1xjTWEYclRsYGEWeKtInTTncF7vbwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFImlyf7tg1SsJfN9fpmhtlPQAZTxMB8GA1UdIwQY
MBaAFMjV43F42FJMcmYKHXlhZZmeWGYiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODIt
OWUwYWVkMmZiOGVjLzEvaWFYSl91MkRWS3dsODMxLW1hRzJVOUFCbFBFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZS9iNTRjYTMtNzNkNS00OTg0LTg3ODItOWUwYWVkMmZiOGVj
LzEveU5YamNYallVa3h5WmdvZGVXRmxtWjVZWmlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLZgoAwQA
W+8PAwQAw/QSMA0GCSqGSIb3DQEBCwUAA4IBAQA7XEigeSE+CpGHWKVSYwSjz6s5
K65ZrRjW0+7v/+0n5rwvFYhb9aX5DpqV/DYZN56XdR0Nfc0vlCYAixn+MUFPqhoH
PDqTeLaF6bNY5Z3tuHtRuwUjdWgA1i59nXMA5Qu5QJyCaTqcgxB+rK1G+SBzf/fv
jmHWNUXG+AGILQJLfI/VJkflhA/RxVDKE49EjAcB6jlOEMnpDPBoi8LRT+XDzmfB
+u5IUzSY1n3lMixL+RFVlr0tpArZH334CYzLdUx2eu7PiuyBDhgBXhI0gxKdpHEN
2XCFVMXoi2GMMUUTGL15mmqCnu2CKQ0UOOwckERc/PBuPWCGrJsSRaxdQwQA
-----END CERTIFICATE-----
Generated at Mon May 20 04:54:48 2024 by rpki-client on console-fra.rpki-client.org