Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/81b2c7-f454-4119-894a-7a06ff002517/1/iMkPzPUgiXbWFGL4ySRbudQw7cM.roa
File: iMkPzPUgiXbWFGL4ySRbudQw7cM.roa (raw, json)
Hash identifier: 2wCz/AbYbX9j6SwscLYIhG9wF0HE4aYHXogYbEb2x4w=
Subject key identifier: 88:C9:0F:CC:F5:20:89:76:D6:14:62:F8:C9:24:5B:B9:D4:30:ED:C3
Certificate issuer: /CN=11660f0a05fc4cf7332230852d9d78bd7ac2f24b
Certificate serial: 018CC5DD18C49EFB6479F7A0D5095F607C8D
Authority key identifier: 11:66:0F:0A:05:FC:4C:F7:33:22:30:85:2D:9D:78:BD:7A:C2:F2:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EWYPCgX8TPczIjCFLZ14vXrC8ks.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/81b2c7-f454-4119-894a-7a06ff002517/1/iMkPzPUgiXbWFGL4ySRbudQw7cM.roa
Signing time: Mon 01 Jan 2024 16:30:50 +0000
ROA not before: Mon 01 Jan 2024 16:30:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211713
IP address blocks: 185.93.24.0/22 maxlen: 24
2a03:8e20::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/81b2c7-f454-4119-894a-7a06ff002517/1/EWYPCgX8TPczIjCFLZ14vXrC8ks.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/81b2c7-f454-4119-894a-7a06ff002517/1/EWYPCgX8TPczIjCFLZ14vXrC8ks.mft
rsync://rpki.ripe.net/repository/DEFAULT/EWYPCgX8TPczIjCFLZ14vXrC8ks.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dd:18:c4:9e:fb:64:79:f7:a0:d5:09:5f:60:7c:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11660f0a05fc4cf7332230852d9d78bd7ac2f24b
Validity
Not Before: Jan 1 16:30:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88c90fccf5208976d61462f8c9245bb9d430edc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:98:4e:33:62:7e:e1:c4:5d:36:92:f9:0c:33:
ff:cb:10:26:03:b0:1d:3c:34:f6:a9:d6:b4:60:32:
9b:48:cc:07:5f:1b:a5:c4:4b:2a:2b:f5:89:2b:8c:
ff:ab:26:ce:bc:38:0b:83:5f:24:b1:98:0f:d1:b7:
6a:22:e1:87:04:26:5f:6f:85:07:1b:28:df:c2:ed:
29:78:09:31:b0:ef:41:8e:88:bc:29:a4:2d:02:be:
70:ee:6b:83:8b:1e:cf:c5:5f:33:30:b3:e2:c1:6c:
58:8c:e0:da:53:a8:58:b6:5c:3d:0f:61:73:0f:ec:
6f:b2:1f:a2:9c:7a:27:17:25:f4:de:02:ec:43:fa:
cf:c8:1e:f9:87:71:4a:07:88:e5:78:e7:70:19:32:
71:db:62:ed:fe:1e:4d:14:24:32:b7:e1:e5:4c:d5:
54:d3:4d:63:f1:10:b9:74:74:de:7b:99:2e:60:98:
bd:82:f7:59:e7:36:81:68:6e:d1:79:27:73:f0:28:
0d:7c:0a:52:7b:5c:17:49:26:ee:1d:72:c0:e2:5a:
17:1f:b4:dd:ba:35:35:a7:80:6b:eb:e8:d3:40:16:
f7:68:5f:f2:24:26:5b:c8:c2:ae:2d:a8:f6:6f:64:
48:e8:0e:d0:01:37:45:95:9a:60:81:f4:cd:7c:f7:
1a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:C9:0F:CC:F5:20:89:76:D6:14:62:F8:C9:24:5B:B9:D4:30:ED:C3
X509v3 Authority Key Identifier:
keyid:11:66:0F:0A:05:FC:4C:F7:33:22:30:85:2D:9D:78:BD:7A:C2:F2:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EWYPCgX8TPczIjCFLZ14vXrC8ks.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/81b2c7-f454-4119-894a-7a06ff002517/1/iMkPzPUgiXbWFGL4ySRbudQw7cM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/81b2c7-f454-4119-894a-7a06ff002517/1/EWYPCgX8TPczIjCFLZ14vXrC8ks.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.24.0/22
IPv6:
2a03:8e20::/32
Signature Algorithm: sha256WithRSAEncryption
52:c3:ce:55:3a:c2:b3:1b:42:27:3b:6f:93:26:40:6f:31:87:
5f:19:51:8a:a5:f1:8d:3d:09:2d:30:7c:69:55:ff:b1:62:03:
fd:21:46:72:bf:dd:36:41:58:64:ae:d0:c0:5d:91:e0:18:bf:
16:2e:e9:04:d9:cc:d6:95:66:a5:3d:7d:49:39:b1:df:5c:e3:
71:14:bd:09:45:c9:3d:d3:fb:77:ce:3c:2d:7d:d9:e9:b6:35:
39:ff:6b:11:3a:7f:8f:6e:d1:d2:9d:ef:04:71:6e:8c:ff:fd:
ac:ef:64:d9:62:d7:58:ba:7d:54:e9:f8:de:6e:4e:37:5f:51:
3f:bf:96:68:83:b6:db:a7:6c:14:06:20:13:05:4f:e2:15:b6:
cc:ea:4f:2d:02:33:a9:0d:cf:99:31:86:ab:7f:5e:b1:b4:96:
f6:53:6a:46:8e:f5:64:25:41:ae:ad:b5:49:08:79:ff:08:f8:
c7:5c:2a:69:65:3d:d0:18:bf:92:9d:37:cb:2c:25:50:a3:35:
1b:14:da:64:10:21:40:5d:22:71:28:17:a6:ce:3c:d9:40:df:
8f:12:2b:39:20:49:67:48:87:7f:02:d7:4c:e1:47:9a:d7:26:
2d:d6:9e:7f:b9:63:a7:45:37:73:f9:92:7b:97:45:f1:4a:e0:
f2:ca:25:05
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzF3RjEnvtkefeg1QlfYHyNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExNjYwZjBhMDVmYzRjZjczMzIyMzA4NTJkOWQ3OGJkN2Fj
MmYyNGIwHhcNMjQwMTAxMTYzMDUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGM5MGZjY2Y1MjA4OTc2ZDYxNDYyZjhjOTI0NWJiOWQ0MzBlZGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlphOM2J+4cRdNpL5DDP/yxAmA7Ad
PDT2qda0YDKbSMwHXxulxEsqK/WJK4z/qybOvDgLg18ksZgP0bdqIuGHBCZfb4UH
Gyjfwu0peAkxsO9Bjoi8KaQtAr5w7muDix7PxV8zMLPiwWxYjODaU6hYtlw9D2Fz
D+xvsh+inHonFyX03gLsQ/rPyB75h3FKB4jleOdwGTJx22Lt/h5NFCQyt+HlTNVU
001j8RC5dHTee5kuYJi9gvdZ5zaBaG7ReSdz8CgNfApSe1wXSSbuHXLA4loXH7Td
ujU1p4Br6+jTQBb3aF/yJCZbyMKuLaj2b2RI6A7QATdFlZpggfTNfPcahwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFIjJD8z1IIl21hRi+MkkW7nUMO3DMB8GA1UdIwQY
MBaAFBFmDwoF/Ez3MyIwhS2deL16wvJLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVdZUENnWDhUUGN6SWpDRkxaMTR2WHJDOGtzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS84MWIyYzctZjQ1NC00MTE5LTg5NGEt
N2EwNmZmMDAyNTE3LzEvaU1rUHpQVWdpWGJXRkdMNHlTUmJ1ZFF3N2NNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS84MWIyYzctZjQ1NC00MTE5LTg5NGEtN2EwNmZmMDAyNTE3
LzEvRVdZUENnWDhUUGN6SWpDRkxaMTR2WHJDOGtzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuV0YMA0E
AgACMAcDBQAqA44gMA0GCSqGSIb3DQEBCwUAA4IBAQBSw85VOsKzG0InO2+TJkBv
MYdfGVGKpfGNPQktMHxpVf+xYgP9IUZyv902QVhkrtDAXZHgGL8WLukE2czWlWal
PX1JObHfXONxFL0JRck90/t3zjwtfdnptjU5/2sROn+PbtHSne8EcW6M//2s72TZ
YtdYun1U6fjebk43X1E/v5Zog7bbp2wUBiATBU/iFbbM6k8tAjOpDc+ZMYarf16x
tJb2U2pGjvVkJUGurbVJCHn/CPjHXCppZT3QGL+SnTfLLCVQozUbFNpkECFAXSJx
KBemzjzZQN+PEis5IElnSId/AtdM4Uea1yYt1p5/uWOnRTdz+ZJ7l0XxSuDyyiUF
-----END CERTIFICATE-----
Generated at Sun May 19 06:14:50 2024 by rpki-client on console-fra.rpki-client.org