Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/Im9XUlP9g4m4-KIs05ONK-ercS8.roa
File: Im9XUlP9g4m4-KIs05ONK-ercS8.roa (raw, json)
Hash identifier: HzsC17A7ZLX3q7qGezfD83Z97Pca5MGN+MCLP4nEcVk=
Subject key identifier: 22:6F:57:52:53:FD:83:89:B8:F8:A2:2C:D3:93:8D:2B:E7:AB:71:2F
Certificate issuer: /CN=4181c22eb7b32d901d125700e140eb6009dcc6da
Certificate serial: 018CC72646F30A27F4BDD7813AD7D4E9A957
Authority key identifier: 41:81:C2:2E:B7:B3:2D:90:1D:12:57:00:E1:40:EB:60:09:DC:C6:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QYHCLrezLZAdElcA4UDrYAncxto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/Im9XUlP9g4m4-KIs05ONK-ercS8.roa
Signing time: Mon 01 Jan 2024 22:30:23 +0000
ROA not before: Mon 01 Jan 2024 22:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44460
IP address blocks: 92.43.200.0/21 maxlen: 21
185.68.72.0/24 maxlen: 24
185.68.72.0/22 maxlen: 22
185.68.75.0/24 maxlen: 24
185.68.73.0/24 maxlen: 24
185.68.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/QYHCLrezLZAdElcA4UDrYAncxto.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/QYHCLrezLZAdElcA4UDrYAncxto.mft
rsync://rpki.ripe.net/repository/DEFAULT/QYHCLrezLZAdElcA4UDrYAncxto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:46:f3:0a:27:f4:bd:d7:81:3a:d7:d4:e9:a9:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4181c22eb7b32d901d125700e140eb6009dcc6da
Validity
Not Before: Jan 1 22:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=226f575253fd8389b8f8a22cd3938d2be7ab712f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:16:4f:3e:d4:40:2c:7b:0d:bc:bd:f8:f0:8e:
46:fa:14:ad:1f:09:c0:40:8b:ec:09:07:22:18:36:
18:13:e9:a9:be:d0:8b:81:a3:08:3e:f5:1c:69:ed:
b1:de:44:f7:a6:50:84:6f:4b:b6:59:65:45:3a:d8:
1d:71:d8:e5:1e:4a:7f:b8:ac:f3:f7:2e:8c:f7:3c:
df:8d:32:e4:49:e0:8b:e7:f3:35:dd:7f:df:bf:c6:
34:59:5b:9b:0b:a2:69:47:3e:92:45:49:b4:fb:69:
7f:21:87:b7:f7:fa:5f:3f:53:58:31:77:bd:42:ce:
66:97:41:16:25:a4:e2:48:8e:60:84:f2:05:1d:5f:
91:7a:2f:db:ff:04:92:3f:da:a2:d6:65:71:f5:de:
00:b8:87:25:c5:b4:4a:a3:aa:72:95:61:df:2e:4d:
b7:7a:85:4f:2b:9b:dc:15:53:a9:d8:4c:75:e3:28:
de:5a:bd:e4:70:20:37:31:f0:4d:98:a7:52:34:54:
60:3f:8b:9f:28:bf:18:21:c1:79:fe:a2:eb:58:4e:
58:5b:f3:0b:d8:d4:ce:42:aa:0d:16:54:36:ad:85:
2d:ba:ec:fd:63:7e:df:2d:0e:79:45:33:09:ee:f4:
25:0a:c0:4a:76:97:c6:1c:10:78:5b:56:8c:0b:ef:
a9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:6F:57:52:53:FD:83:89:B8:F8:A2:2C:D3:93:8D:2B:E7:AB:71:2F
X509v3 Authority Key Identifier:
keyid:41:81:C2:2E:B7:B3:2D:90:1D:12:57:00:E1:40:EB:60:09:DC:C6:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QYHCLrezLZAdElcA4UDrYAncxto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/Im9XUlP9g4m4-KIs05ONK-ercS8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/ffdaf5-acaa-4df3-9e6c-c21409442fac/1/QYHCLrezLZAdElcA4UDrYAncxto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.43.200.0/21
185.68.72.0/22
Signature Algorithm: sha256WithRSAEncryption
33:85:56:13:de:d8:5e:b8:e3:21:23:5c:ad:92:e5:03:07:a1:
27:e1:87:9a:5e:a9:d3:77:e0:3d:0d:10:e3:04:bf:62:34:f8:
a3:fa:80:e8:81:d3:b3:de:db:fb:88:55:b2:da:7f:20:f1:e2:
c2:75:68:28:4c:ed:2c:4a:3b:0d:f5:64:a2:57:d5:83:83:85:
02:aa:b1:7d:8e:d9:d5:9b:a6:b5:28:91:d3:5d:74:f2:48:98:
cf:1d:c4:c3:c7:23:45:0a:9a:5d:81:b4:9c:ab:c6:25:c9:d9:
b2:92:8d:e7:0f:ee:84:2c:19:b8:3f:64:6f:0d:56:11:04:d6:
a1:11:44:a3:9b:d1:9e:e4:fa:32:13:88:95:5f:bf:ed:2a:6c:
b0:e2:ed:2f:39:41:84:ef:e8:d0:81:a5:b4:d4:6a:85:cf:62:
3b:3b:c3:90:db:13:a3:5e:b9:6a:6f:54:83:c7:e9:be:4d:1e:
b3:4b:e4:32:b4:ce:45:48:86:44:6d:c9:a9:b9:99:f8:6d:4c:
fd:19:93:01:a1:17:6b:45:3d:4c:70:2d:62:38:7e:82:22:58:
a0:97:95:d9:2b:13:05:af:7e:62:3b:77:62:ea:95:5d:a5:16:
1a:ab:ed:29:84:2f:06:46:af:87:bf:67:8e:a0:ad:11:d4:b7:
3f:22:38:8d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJkbzCif0vdeBOtfU6alXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxODFjMjJlYjdiMzJkOTAxZDEyNTcwMGUxNDBlYjYwMDlk
Y2M2ZGEwHhcNMjQwMTAxMjIzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjZmNTc1MjUzZmQ4Mzg5YjhmOGEyMmNkMzkzOGQyYmU3YWI3MTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhZPPtRALHsNvL348I5G+hStHwnA
QIvsCQciGDYYE+mpvtCLgaMIPvUcae2x3kT3plCEb0u2WWVFOtgdcdjlHkp/uKzz
9y6M9zzfjTLkSeCL5/M13X/fv8Y0WVubC6JpRz6SRUm0+2l/IYe39/pfP1NYMXe9
Qs5ml0EWJaTiSI5ghPIFHV+Rei/b/wSSP9qi1mVx9d4AuIclxbRKo6pylWHfLk23
eoVPK5vcFVOp2Ex14yjeWr3kcCA3MfBNmKdSNFRgP4ufKL8YIcF5/qLrWE5YW/ML
2NTOQqoNFlQ2rYUtuuz9Y37fLQ55RTMJ7vQlCsBKdpfGHBB4W1aMC++p4wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCJvV1JT/YOJuPiiLNOTjSvnq3EvMB8GA1UdIwQY
MBaAFEGBwi63sy2QHRJXAOFA62AJ3MbaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVlIQ0xyZXpMWkFkRWxjQTRVRHJZQW5jeHRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mZmRhZjUtYWNhYS00ZGYzLTllNmMt
YzIxNDA5NDQyZmFjLzEvSW05WFVsUDlnNG00LUtJczA1T05LLWVyY1M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mZmRhZjUtYWNhYS00ZGYzLTllNmMtYzIxNDA5NDQyZmFj
LzEvUVlIQ0xyZXpMWkFkRWxjQTRVRHJZQW5jeHRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDXCvIAwQC
uURIMA0GCSqGSIb3DQEBCwUAA4IBAQAzhVYT3theuOMhI1ytkuUDB6En4YeaXqnT
d+A9DRDjBL9iNPij+oDogdOz3tv7iFWy2n8g8eLCdWgoTO0sSjsN9WSiV9WDg4UC
qrF9jtnVm6a1KJHTXXTySJjPHcTDxyNFCppdgbScq8Ylydmyko3nD+6ELBm4P2Rv
DVYRBNahEUSjm9Ge5PoyE4iVX7/tKmyw4u0vOUGE7+jQgaW01GqFz2I7O8OQ2xOj
Xrlqb1SDx+m+TR6zS+QytM5FSIZEbcmpuZn4bUz9GZMBoRdrRT1McC1iOH6CIlig
l5XZKxMFr35iO3di6pVdpRYaq+0phC8GRq+Hv2eOoK0R1Lc/IjiN
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:02:03 2024 by rpki-client on console-fra.rpki-client.org