Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/In8IkZJxjSaabdl_viScO58K_4A.roa
File: In8IkZJxjSaabdl_viScO58K_4A.roa (raw, json)
Hash identifier: W+v+J7kBk+XlPA5VkKAkybhHf4lEXri3Ytre17E/4LU=
Subject key identifier: 22:7F:08:91:92:71:8D:26:9A:6D:D9:7F:BE:24:9C:3B:9F:0A:FF:80
Certificate issuer: /CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Certificate serial: 01907DB12064571741C3782603BE89A2FACB
Authority key identifier: F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/In8IkZJxjSaabdl_viScO58K_4A.roa
Signing time: Thu 04 Jul 2024 12:21:18 +0000
ROA not before: Thu 04 Jul 2024 12:21:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58172
IP address blocks: 91.239.101.0/24 maxlen: 24
128.127.98.0/24 maxlen: 24
128.127.99.0/24 maxlen: 24
128.127.100.0/24 maxlen: 24
128.127.101.0/24 maxlen: 24
128.127.102.0/24 maxlen: 24
128.127.103.0/24 maxlen: 24
178.20.176.0/24 maxlen: 24
178.20.177.0/24 maxlen: 24
178.20.178.0/24 maxlen: 24
178.20.179.0/24 maxlen: 24
178.20.180.0/24 maxlen: 24
178.20.181.0/24 maxlen: 24
178.20.182.0/24 maxlen: 24
178.20.183.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.mft
rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7d:b1:20:64:57:17:41:c3:78:26:03:be:89:a2:fa:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0c113413d0df5b8fa069011eeb109f067b5579a
Validity
Not Before: Jul 4 12:21:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=227f089192718d269a6dd97fbe249c3b9f0aff80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:cf:e1:13:12:29:22:45:b4:a1:13:29:8e:f9:
7b:eb:20:84:6c:f3:60:b4:2d:62:fc:80:84:24:03:
16:df:06:4e:70:32:19:54:33:cd:9f:e8:c3:5b:ef:
a8:19:2f:7f:73:5e:1d:c8:8e:d7:73:28:bb:8e:38:
7c:70:40:f1:69:cf:b9:a1:3f:ce:c3:df:77:fa:5a:
07:2f:fd:8a:75:f5:40:10:a3:88:fa:66:2a:59:34:
3e:d9:45:8a:16:b4:85:a7:2a:5e:16:2d:28:08:69:
60:76:2b:53:86:6d:0d:94:ee:ad:78:c2:3d:90:ce:
1a:6a:bf:27:3a:a5:6e:e2:da:f7:19:4a:fe:c2:be:
b3:aa:c0:a0:ba:06:ae:99:79:0a:ac:cb:ca:b2:88:
0f:f9:25:db:9a:28:0c:65:54:43:e9:de:d5:b9:7c:
9d:9a:aa:e4:ff:b2:b5:95:ad:f2:42:60:66:09:85:
d5:af:40:78:03:81:14:67:da:0c:3e:b0:b1:d0:4a:
aa:05:84:99:dd:37:7b:a1:65:de:fe:e3:7a:3c:bd:
6f:64:02:5c:3f:33:60:29:4a:34:e6:53:a9:de:e8:
42:ce:38:fd:06:8b:50:7e:be:04:27:a5:a5:d7:72:
b3:24:25:4e:fb:f2:ae:59:b3:73:ab:97:56:e3:aa:
1b:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:7F:08:91:92:71:8D:26:9A:6D:D9:7F:BE:24:9C:3B:9F:0A:FF:80
X509v3 Authority Key Identifier:
keyid:F0:C1:13:41:3D:0D:F5:B8:FA:06:90:11:EE:B1:09:F0:67:B5:57:9A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8METQT0N9bj6BpAR7rEJ8Ge1V5o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/In8IkZJxjSaabdl_viScO58K_4A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/c104c6-9b65-4d46-9e45-50261b11916b/1/8METQT0N9bj6BpAR7rEJ8Ge1V5o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.239.101.0/24
128.127.98.0-128.127.103.255
178.20.176.0/21
Signature Algorithm: sha256WithRSAEncryption
2b:17:c0:bc:80:59:0a:77:4c:6a:81:6a:f9:07:cd:3b:ee:b3:
1c:9f:e2:2c:25:11:a9:7a:b4:1e:0a:f0:3e:3f:13:4c:da:1a:
7e:35:3c:af:7d:9b:fb:d3:1c:67:96:e6:7b:d9:43:76:c4:5a:
c0:6e:41:4a:14:79:9e:2d:17:7f:66:ca:0d:1a:b1:d4:91:55:
07:f1:3c:7e:2d:17:f5:21:5b:a2:33:99:9e:21:2f:2c:19:59:
12:b8:88:e8:89:6c:c6:31:df:a4:36:ee:5a:54:58:c7:24:8f:
ee:6b:9c:93:f1:02:d5:23:dc:57:97:eb:25:00:4c:ac:0f:10:
7d:ff:93:e8:38:9f:f9:d4:68:0f:a9:26:4f:c2:c1:4e:6b:8b:
59:5b:46:ce:2f:6e:7d:5e:87:b3:6e:cb:1f:49:08:e7:d4:63:
a6:f3:57:98:10:63:30:4b:a6:c8:b4:9a:ac:62:2a:92:c7:78:
4b:78:27:02:2f:ae:3b:ea:cc:34:10:d2:85:69:bb:e3:84:39:
d0:d9:fe:e8:d1:8f:ba:c4:4a:8b:43:61:e9:04:87:b9:22:b3:
c1:3a:65:f7:95:93:d4:42:bc:a5:29:d1:de:48:37:e7:bc:1f:
f3:80:b0:5e:11:13:05:6c:9b:6b:79:61:85:bf:a7:ec:22:82:
ca:cf:5c:8b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZB9sSBkVxdBw3gmA76JovrLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwYzExMzQxM2QwZGY1YjhmYTA2OTAxMWVlYjEwOWYwNjdi
NTU3OWEwHhcNMjQwNzA0MTIyMTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjdmMDg5MTkyNzE4ZDI2OWE2ZGQ5N2ZiZTI0OWMzYjlmMGFmZjgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyc/hExIpIkW0oRMpjvl76yCEbPNg
tC1i/ICEJAMW3wZOcDIZVDPNn+jDW++oGS9/c14dyI7Xcyi7jjh8cEDxac+5oT/O
w993+loHL/2KdfVAEKOI+mYqWTQ+2UWKFrSFpypeFi0oCGlgditThm0NlO6teMI9
kM4aar8nOqVu4tr3GUr+wr6zqsCgugaumXkKrMvKsogP+SXbmigMZVRD6d7VuXyd
mqrk/7K1la3yQmBmCYXVr0B4A4EUZ9oMPrCx0EqqBYSZ3Td7oWXe/uN6PL1vZAJc
PzNgKUo05lOp3uhCzjj9BotQfr4EJ6Wl13KzJCVO+/KuWbNzq5dW46obUwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCJ/CJGScY0mmm3Zf74knDufCv+AMB8GA1UdIwQY
MBaAFPDBE0E9DfW4+gaQEe6xCfBntVeaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUt
NTAyNjFiMTE5MTZiLzEvSW44SWtaSnhqU2FhYmRsX3ZpU2NPNThLXzRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9jMTA0YzYtOWI2NS00ZDQ2LTllNDUtNTAyNjFiMTE5MTZi
LzEvOE1FVFFUME45Ymo2QnBBUjdyRUo4R2UxVjVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAW+9lMAwD
BAGAf2IDBAOAf2ADBAOyFLAwDQYJKoZIhvcNAQELBQADggEBACsXwLyAWQp3TGqB
avkHzTvusxyf4iwlEal6tB4K8D4/E0zaGn41PK99m/vTHGeW5nvZQ3bEWsBuQUoU
eZ4tF39myg0asdSRVQfxPH4tF/UhW6IzmZ4hLywZWRK4iOiJbMYx36Q27lpUWMck
j+5rnJPxAtUj3FeX6yUATKwPEH3/k+g4n/nUaA+pJk/CwU5ri1lbRs4vbn1eh7Nu
yx9JCOfUY6bzV5gQYzBLpsi0mqxiKpLHeEt4JwIvrjvqzDQQ0oVpu+OEOdDZ/ujR
j7rESotDYekEh7kis8E6ZfeVk9RCvKUp0d5IN+e8H/OAsF4REwVsm2t5YYW/p+wi
gsrPXIs=
-----END CERTIFICATE-----
Generated at Mon Nov 25 11:37:41 2024 by rpki-client on console-ams.rpki-client.org