Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/iYD17s3tsaOOMPUOKzORlwDeSQ4.roa
File: iYD17s3tsaOOMPUOKzORlwDeSQ4.roa (raw, json)
Hash identifier: szsX7VfRjs7HlW2zx1S4kNLHyTcMAGc7aCMg7nW3KoE=
Subject key identifier: 89:80:F5:EE:CD:ED:B1:A3:8E:30:F5:0E:2B:33:91:97:00:DE:49:0E
Certificate issuer: /CN=9416fa6a90ed94e221db69d21fcdda7c66d13c91
Certificate serial: 018CC6B7F068E822DC4B7AC58829F60A56CF
Authority key identifier: 94:16:FA:6A:90:ED:94:E2:21:DB:69:D2:1F:CD:DA:7C:66:D1:3C:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lBb6apDtlOIh22nSH83afGbRPJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/iYD17s3tsaOOMPUOKzORlwDeSQ4.roa
Signing time: Mon 01 Jan 2024 20:29:52 +0000
ROA not before: Mon 01 Jan 2024 20:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39180
IP address blocks: 94.231.206.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/lBb6apDtlOIh22nSH83afGbRPJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/lBb6apDtlOIh22nSH83afGbRPJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/lBb6apDtlOIh22nSH83afGbRPJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:f0:68:e8:22:dc:4b:7a:c5:88:29:f6:0a:56:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9416fa6a90ed94e221db69d21fcdda7c66d13c91
Validity
Not Before: Jan 1 20:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8980f5eecdedb1a38e30f50e2b33919700de490e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:60:2b:43:96:e8:74:5b:0e:be:1f:7e:2c:7c:
ba:09:aa:63:65:1f:16:4c:a6:2c:28:de:13:a1:a1:
81:6f:a3:48:92:f5:d2:e3:9a:d3:1f:e7:46:a4:29:
7d:3c:ff:a8:bf:4d:12:af:bf:87:eb:6b:85:53:35:
25:2b:24:8b:4a:a1:6f:81:26:e9:06:f7:f8:72:2d:
76:79:b5:9d:6d:14:0a:a5:3b:92:dd:93:0a:d0:ea:
43:c8:b9:1a:53:ec:29:d3:9f:45:6f:2f:51:ac:2f:
c7:d9:5d:94:16:f1:9b:57:b1:cb:ec:53:a2:c1:74:
fc:cf:92:a6:74:06:00:b7:68:f1:ec:e2:a2:f8:de:
56:7d:e1:94:3d:2e:b6:33:74:13:fd:7f:4d:2d:63:
be:b7:00:05:12:94:a0:d5:8b:3b:74:28:e2:53:45:
7c:d4:b3:53:1c:a9:41:c2:db:d0:83:e4:92:87:f3:
76:12:0e:fd:69:49:ba:81:c1:6d:60:6c:08:58:c8:
fa:50:ca:9e:44:a9:8b:b8:5c:68:9b:c0:96:72:11:
60:f7:79:a9:15:b4:49:03:8a:b2:1b:13:be:ea:44:
d4:9e:0b:f3:0c:75:1c:d5:84:ce:90:6d:f9:fe:11:
c7:02:59:cc:21:90:1f:ec:f8:2e:c9:05:fd:14:88:
88:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:80:F5:EE:CD:ED:B1:A3:8E:30:F5:0E:2B:33:91:97:00:DE:49:0E
X509v3 Authority Key Identifier:
keyid:94:16:FA:6A:90:ED:94:E2:21:DB:69:D2:1F:CD:DA:7C:66:D1:3C:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lBb6apDtlOIh22nSH83afGbRPJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/iYD17s3tsaOOMPUOKzORlwDeSQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/036213-74b1-425c-9e56-7de910e00bed/1/lBb6apDtlOIh22nSH83afGbRPJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.231.206.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:62:77:bd:da:fe:61:12:76:fe:d6:5d:0a:bd:e4:d6:12:59:
17:89:a9:f5:5a:ee:07:84:ca:75:8b:de:e6:b4:4d:b5:3d:2f:
79:4d:92:21:a2:a6:b1:52:d5:91:78:42:f6:57:fd:a8:59:75:
69:4e:3e:c2:88:b2:38:32:80:5f:dd:50:91:d9:98:6f:42:b7:
13:84:3e:0f:87:de:0e:60:f3:e9:8f:de:1d:2c:c3:d0:71:5c:
d9:0b:0a:3f:64:f2:6e:d4:ec:4a:cc:1e:f8:65:13:ef:43:0e:
31:7a:fc:b6:ff:a9:14:ff:a6:76:4d:bb:6e:9b:9b:ce:81:bc:
9d:ac:81:65:a6:88:2d:bd:08:73:ae:0b:68:6f:38:58:62:7b:
2c:40:58:63:85:ac:cd:9f:82:0f:f5:ca:cc:25:e1:5e:f1:9f:
d5:63:73:f5:24:58:7e:14:3e:8a:2c:83:13:10:56:ba:0f:05:
c2:8b:5d:f9:56:bc:2d:1e:6d:ad:2d:c1:2c:48:b6:f2:e4:39:
9a:86:bd:a3:a6:4a:76:7b:e0:7e:8f:f1:ed:e2:a0:3e:d3:00:
ef:68:c2:3c:88:b9:70:75:4d:44:83:8e:f1:95:a0:01:aa:a0:
d9:64:28:d4:e9:38:8c:f9:75:5f:b2:e7:1a:ae:02:28:aa:6e:
cc:ba:c7:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzGt/Bo6CLcS3rFiCn2ClbPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0MTZmYTZhOTBlZDk0ZTIyMWRiNjlkMjFmY2RkYTdjNjZk
MTNjOTEwHhcNMjQwMTAxMjAyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTgwZjVlZWNkZWRiMWEzOGUzMGY1MGUyYjMzOTE5NzAwZGU0OTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmGArQ5bodFsOvh9+LHy6CapjZR8W
TKYsKN4ToaGBb6NIkvXS45rTH+dGpCl9PP+ov00Sr7+H62uFUzUlKySLSqFvgSbp
Bvf4ci12ebWdbRQKpTuS3ZMK0OpDyLkaU+wp059Fby9RrC/H2V2UFvGbV7HL7FOi
wXT8z5KmdAYAt2jx7OKi+N5WfeGUPS62M3QT/X9NLWO+twAFEpSg1Ys7dCjiU0V8
1LNTHKlBwtvQg+SSh/N2Eg79aUm6gcFtYGwIWMj6UMqeRKmLuFxom8CWchFg93mp
FbRJA4qyGxO+6kTUngvzDHUc1YTOkG35/hHHAlnMIZAf7PguyQX9FIiInQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFImA9e7N7bGjjjD1DiszkZcA3kkOMB8GA1UdIwQY
MBaAFJQW+mqQ7ZTiIdtp0h/N2nxm0TyRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEJiNmFwRHRsT0loMjJuU0g4M2FmR2JSUEpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8wMzYyMTMtNzRiMS00MjVjLTllNTYt
N2RlOTEwZTAwYmVkLzEvaVlEMTdzM3RzYU9PTVBVT0t6T1Jsd0RlU1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8wMzYyMTMtNzRiMS00MjVjLTllNTYtN2RlOTEwZTAwYmVk
LzEvbEJiNmFwRHRsT0loMjJuU0g4M2FmR2JSUEpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXufOMA0G
CSqGSIb3DQEBCwUAA4IBAQA9Yne92v5hEnb+1l0KveTWElkXian1Wu4HhMp1i97m
tE21PS95TZIhoqaxUtWReEL2V/2oWXVpTj7CiLI4MoBf3VCR2ZhvQrcThD4Ph94O
YPPpj94dLMPQcVzZCwo/ZPJu1OxKzB74ZRPvQw4xevy2/6kU/6Z2Tbtum5vOgbyd
rIFlpogtvQhzrgtobzhYYnssQFhjhazNn4IP9crMJeFe8Z/VY3P1JFh+FD6KLIMT
EFa6DwXCi135VrwtHm2tLcEsSLby5Dmahr2jpkp2e+B+j/Ht4qA+0wDvaMI8iLlw
dU1Eg47xlaABqqDZZCjU6TiM+XVfsucargIoqm7Musf9
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:10:39 2024 by rpki-client on console-ams.rpki-client.org