Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/0IeTzmJpmWKZc6xvxa4RlAmm0rI.roa
File: 0IeTzmJpmWKZc6xvxa4RlAmm0rI.roa (raw, json)
Hash identifier: exXD7RfrRpSX/Uur6huQ59W/6TI/6ineX+S84OjGr/k=
Subject key identifier: D0:87:93:CE:62:69:99:62:99:73:AC:6F:C5:AE:11:94:09:A6:D2:B2
Certificate issuer: /CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Certificate serial: 018CC94C94FAD9264FBFAED2F3DA6BBC779A
Authority key identifier: 6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/0IeTzmJpmWKZc6xvxa4RlAmm0rI.roa
Signing time: Tue 02 Jan 2024 08:31:28 +0000
ROA not before: Tue 02 Jan 2024 08:31:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15626
IP address blocks: 185.253.0.0/24 maxlen: 24
195.28.182.0/23 maxlen: 23
2001:67c:2f6c::/48 maxlen: 48
2a0a:8c46::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.mft
rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:94:fa:d9:26:4f:bf:ae:d2:f3:da:6b:bc:77:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6fccdffda6a4c48914b5e8cde7da5d820b9c9718
Validity
Not Before: Jan 2 08:31:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d08793ce626999629973ac6fc5ae119409a6d2b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:c0:8c:57:3d:f9:b1:ca:aa:82:d9:37:a8:8e:
2a:93:a4:5b:82:0a:22:1d:ff:8b:70:99:73:d3:fa:
2b:4a:ed:52:7a:7f:c9:04:08:3c:68:96:8c:d3:1e:
8e:10:4a:d5:6c:4f:17:c7:b8:ef:bb:81:99:75:17:
eb:52:0d:61:d6:16:db:2c:2d:b5:f2:96:39:1a:f8:
3e:48:fe:bc:fb:a3:10:5b:18:47:3d:32:e0:40:c6:
a0:1e:6b:fd:30:c5:34:a9:a8:45:87:46:18:ef:0a:
02:3d:a5:60:22:9a:4d:bc:7a:9a:9c:61:04:08:18:
cc:4e:0b:35:b8:40:b1:39:97:4a:2e:71:93:4d:e7:
2c:91:6c:0f:7d:d9:db:94:0d:72:92:66:a5:0d:0f:
55:bb:59:4c:70:e9:86:7d:f2:12:fb:08:a4:80:1f:
10:16:c2:fd:67:6e:e9:19:27:d0:f5:9d:53:b3:33:
e7:51:95:18:f7:fe:3d:67:c3:02:9f:7a:79:f8:5f:
67:69:6c:16:24:58:84:2c:01:25:a4:e2:75:2c:9d:
39:cd:7c:d1:eb:90:72:f9:6e:a7:31:e2:04:a5:1c:
2d:5f:d2:20:50:21:a4:81:51:94:99:fd:3b:ef:6c:
f7:01:dc:22:9d:5d:44:01:1b:dd:11:f8:16:2f:68:
92:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:87:93:CE:62:69:99:62:99:73:AC:6F:C5:AE:11:94:09:A6:D2:B2
X509v3 Authority Key Identifier:
keyid:6F:CC:DF:FD:A6:A4:C4:89:14:B5:E8:CD:E7:DA:5D:82:0B:9C:97:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8zf_aakxIkUtejN59pdgguclxg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/0IeTzmJpmWKZc6xvxa4RlAmm0rI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/cb0153-803a-4bb6-b19d-a774e41d264c/1/b8zf_aakxIkUtejN59pdgguclxg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.253.0.0/24
195.28.182.0/23
IPv6:
2001:67c:2f6c::/48
2a0a:8c46::/32
Signature Algorithm: sha256WithRSAEncryption
22:37:90:54:8e:10:a1:8c:dd:d7:5b:65:75:d7:51:01:cd:a7:
5a:c2:8d:31:a8:8f:9a:6a:e7:9e:8d:78:10:d8:14:b3:80:ed:
79:b0:e0:93:43:35:70:c9:a2:29:d8:38:d9:98:9c:55:53:fb:
6c:eb:fc:9f:67:44:8a:d7:29:50:f7:4e:a3:22:87:f1:e5:ca:
ff:e9:79:1a:d6:fc:8e:90:aa:49:31:98:f2:1d:4e:d0:35:28:
9d:fa:74:27:5e:33:59:d3:a5:02:9b:0b:ea:50:1e:33:f3:60:
9f:56:8e:d9:21:99:9a:29:23:37:fb:76:d3:ce:50:19:bd:2a:
8e:cd:f8:d5:81:fe:f0:37:70:29:db:b8:f0:1f:27:5a:60:ce:
40:01:51:17:66:8d:6d:e3:02:7a:07:df:35:79:38:a7:53:a8:
7b:d6:e8:57:07:7a:66:8a:9a:71:dd:c6:92:bb:29:f9:e9:63:
dd:7c:a6:78:7e:89:4a:ac:93:fd:ff:6c:04:48:6a:24:60:8e:
c4:f5:e7:25:50:76:3f:61:95:fd:3c:df:44:8c:ee:88:ab:9e:
77:4d:30:3f:b7:64:e6:1c:ab:c9:7f:f9:68:32:44:0e:51:8a:
93:54:2d:67:7b:ae:0a:94:86:90:ac:ad:d8:61:c4:df:96:a8:
f4:ec:73:d9
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzJTJT62SZPv67S89prvHeaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmY2NkZmZkYTZhNGM0ODkxNGI1ZThjZGU3ZGE1ZDgyMGI5
Yzk3MTgwHhcNMjQwMTAyMDgzMTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDg3OTNjZTYyNjk5OTYyOTk3M2FjNmZjNWFlMTE5NDA5YTZkMmIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAksCMVz35scqqgtk3qI4qk6Rbggoi
Hf+LcJlz0/orSu1Sen/JBAg8aJaM0x6OEErVbE8Xx7jvu4GZdRfrUg1h1hbbLC21
8pY5Gvg+SP68+6MQWxhHPTLgQMagHmv9MMU0qahFh0YY7woCPaVgIppNvHqanGEE
CBjMTgs1uECxOZdKLnGTTecskWwPfdnblA1ykmalDQ9Vu1lMcOmGffIS+wikgB8Q
FsL9Z27pGSfQ9Z1TszPnUZUY9/49Z8MCn3p5+F9naWwWJFiELAElpOJ1LJ05zXzR
65By+W6nMeIEpRwtX9IgUCGkgVGUmf0772z3AdwinV1EARvdEfgWL2iSFQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFNCHk85iaZlimXOsb8WuEZQJptKyMB8GA1UdIwQY
MBaAFG/M3/2mpMSJFLXozefaXYILnJcYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQt
YTc3NGU0MWQyNjRjLzEvMEllVHptSnBtV0taYzZ4dnhhNFJsQW1tMHJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi9jYjAxNTMtODAzYS00YmI2LWIxOWQtYTc3NGU0MWQyNjRj
LzEvYjh6Zl9hYWt4SWtVdGVqTjU5cGRnZ3VjbHhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQAuf0AAwQB
wxy2MBYEAgACMBADBwAgAQZ8L2wDBQAqCoxGMA0GCSqGSIb3DQEBCwUAA4IBAQAi
N5BUjhChjN3XW2V111EBzadawo0xqI+aaueejXgQ2BSzgO15sOCTQzVwyaIp2DjZ
mJxVU/ts6/yfZ0SK1ylQ906jIofx5cr/6Xka1vyOkKpJMZjyHU7QNSid+nQnXjNZ
06UCmwvqUB4z82CfVo7ZIZmaKSM3+3bTzlAZvSqOzfjVgf7wN3Ap27jwHydaYM5A
AVEXZo1t4wJ6B981eTinU6h71uhXB3pmippx3caSuyn56WPdfKZ4folKrJP9/2wE
SGokYI7E9eclUHY/YZX9PN9EjO6Iq553TTA/t2TmHKvJf/loMkQOUYqTVC1ne64K
lIaQrK3YYcTflqj07HPZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 21:15:21 2024 by rpki-client on console-fra.rpki-client.org