Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/33ad44-786c-4643-9de2-34f722b08def/1/IyaPOy7oGAJNhefGcOcZN1-tfGs.roa
File: IyaPOy7oGAJNhefGcOcZN1-tfGs.roa (raw, json)
Hash identifier: FHZu5bPM+rKsk4OyHGPH7dd0SQVOW3boG3f0zNL5824=
Subject key identifier: 23:26:8F:3B:2E:E8:18:02:4D:85:E7:C6:70:E7:19:37:5F:AD:7C:6B
Certificate issuer: /CN=aefcb6441d70d2eb10d7633da7319a3d3ff977ae
Certificate serial: 01918E94810CC221D87E5E8295E691539F08
Authority key identifier: AE:FC:B6:44:1D:70:D2:EB:10:D7:63:3D:A7:31:9A:3D:3F:F9:77:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rvy2RB1w0usQ12M9pzGaPT_5d64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/33ad44-786c-4643-9de2-34f722b08def/1/IyaPOy7oGAJNhefGcOcZN1-tfGs.roa
Signing time: Mon 26 Aug 2024 12:06:22 +0000
ROA not before: Mon 26 Aug 2024 12:06:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39257
IP address blocks: 194.48.242.0/24 maxlen: 24
2a13:d500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/33ad44-786c-4643-9de2-34f722b08def/1/rvy2RB1w0usQ12M9pzGaPT_5d64.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/33ad44-786c-4643-9de2-34f722b08def/1/rvy2RB1w0usQ12M9pzGaPT_5d64.mft
rsync://rpki.ripe.net/repository/DEFAULT/rvy2RB1w0usQ12M9pzGaPT_5d64.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:8e:94:81:0c:c2:21:d8:7e:5e:82:95:e6:91:53:9f:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefcb6441d70d2eb10d7633da7319a3d3ff977ae
Validity
Not Before: Aug 26 12:06:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23268f3b2ee818024d85e7c670e719375fad7c6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:8f:bf:8a:88:26:8a:f9:68:8a:51:20:4b:7c:
99:84:0e:e6:95:92:c5:39:2b:73:7f:b5:3b:53:cb:
12:3e:ef:11:6d:fa:26:fa:49:75:c3:3a:b3:2e:a8:
f0:62:24:a7:ea:2a:f8:97:69:c5:df:09:21:1c:59:
1e:58:57:37:a1:60:fa:84:23:0b:7b:85:49:2c:e8:
a4:a1:a5:27:f7:85:06:be:36:71:b6:d0:6f:fc:b7:
2d:93:95:f7:58:61:61:09:8f:42:17:3d:fb:0b:b4:
ce:53:a3:e4:d0:b1:dd:d9:e6:2e:30:28:8e:f8:08:
26:b4:fe:14:ed:a4:d0:f9:01:ea:1a:a7:2a:c9:dd:
d0:63:4b:04:67:6d:dd:ab:cc:ef:aa:f1:fe:3a:e5:
84:b3:c0:af:45:17:f7:c9:c3:21:ab:56:0f:a0:a7:
6d:a8:6f:81:d2:48:7f:e7:cc:f6:74:1e:56:13:de:
a3:c2:e1:a5:4c:8c:65:b1:88:5b:3c:73:fb:9e:0a:
9c:f8:3f:0f:0f:7e:de:2d:29:72:17:9c:d6:8b:96:
2c:33:81:5b:fa:75:65:2b:a7:82:8d:a1:b3:09:de:
6f:b6:29:e3:a6:04:e6:2d:07:c0:da:41:bf:9f:52:
e6:66:02:2d:2b:30:88:ba:36:97:63:f3:e5:82:e1:
ac:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:26:8F:3B:2E:E8:18:02:4D:85:E7:C6:70:E7:19:37:5F:AD:7C:6B
X509v3 Authority Key Identifier:
keyid:AE:FC:B6:44:1D:70:D2:EB:10:D7:63:3D:A7:31:9A:3D:3F:F9:77:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rvy2RB1w0usQ12M9pzGaPT_5d64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/33ad44-786c-4643-9de2-34f722b08def/1/IyaPOy7oGAJNhefGcOcZN1-tfGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/33ad44-786c-4643-9de2-34f722b08def/1/rvy2RB1w0usQ12M9pzGaPT_5d64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.48.242.0/24
IPv6:
2a13:d500::/32
Signature Algorithm: sha256WithRSAEncryption
80:96:29:0f:92:5e:37:9e:fa:a6:e5:24:d7:a7:c6:83:1b:f8:
e3:94:eb:bb:7d:30:68:e3:1e:7d:fd:55:b1:92:66:68:f4:db:
f2:60:05:67:1c:28:89:4f:e8:10:5c:d6:b5:8c:b3:05:2c:0c:
09:66:ee:f3:17:67:81:4b:62:bf:25:1d:87:db:06:c1:35:8d:
fd:8e:65:d0:dd:0e:55:ac:2f:0b:eb:d5:fb:b5:fb:ff:77:a7:
7e:12:8d:d0:b6:ec:7f:3d:5d:6a:96:90:0c:c4:4b:93:3d:f5:
4a:22:06:f1:35:15:52:41:91:5e:2c:d1:26:20:e9:f4:75:6d:
20:95:4e:73:e9:3f:25:f6:23:2c:99:3f:f0:38:2c:88:f8:b8:
8f:c6:00:c6:91:26:6b:14:86:a3:f8:2a:4d:9c:a3:e2:a9:4d:
be:43:98:c4:30:5b:4f:33:83:2c:2f:48:0d:1f:15:07:9d:21:
e9:71:ee:53:e9:70:bd:72:fa:19:42:7a:1a:fc:91:1b:4b:01:
21:08:c2:f0:c6:8f:d4:88:d2:b5:ee:88:11:96:1d:58:83:15:
89:88:b0:ba:f4:1d:96:24:43:8f:5b:4a:ea:75:c5:b6:33:24:
ed:03:71:3b:04:e3:c7:53:fe:cd:50:b9:84:fa:9b:16:0a:35:
93:8c:ad:57
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZGOlIEMwiHYfl6CleaRU58IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmNiNjQ0MWQ3MGQyZWIxMGQ3NjMzZGE3MzE5YTNkM2Zm
OTc3YWUwHhcNMjQwODI2MTIwNjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzI2OGYzYjJlZTgxODAyNGQ4NWU3YzY3MGU3MTkzNzVmYWQ3YzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjI+/iogmivloilEgS3yZhA7mlZLF
OStzf7U7U8sSPu8Rbfom+kl1wzqzLqjwYiSn6ir4l2nF3wkhHFkeWFc3oWD6hCML
e4VJLOikoaUn94UGvjZxttBv/Lctk5X3WGFhCY9CFz37C7TOU6Pk0LHd2eYuMCiO
+AgmtP4U7aTQ+QHqGqcqyd3QY0sEZ23dq8zvqvH+OuWEs8CvRRf3ycMhq1YPoKdt
qG+B0kh/58z2dB5WE96jwuGlTIxlsYhbPHP7ngqc+D8PD37eLSlyF5zWi5YsM4Fb
+nVlK6eCjaGzCd5vtinjpgTmLQfA2kG/n1LmZgItKzCIujaXY/PlguGskQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCMmjzsu6BgCTYXnxnDnGTdfrXxrMB8GA1UdIwQY
MBaAFK78tkQdcNLrENdjPacxmj0/+XeuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnZ5MlJCMXcwdXNRMTJNOXB6R2FQVF81ZDY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8zM2FkNDQtNzg2Yy00NjQzLTlkZTIt
MzRmNzIyYjA4ZGVmLzEvSXlhUE95N29HQUpOaGVmR2NPY1pOMS10ZkdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8zM2FkNDQtNzg2Yy00NjQzLTlkZTItMzRmNzIyYjA4ZGVm
LzEvcnZ5MlJCMXcwdXNRMTJNOXB6R2FQVF81ZDY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwjDyMA0E
AgACMAcDBQAqE9UAMA0GCSqGSIb3DQEBCwUAA4IBAQCAlikPkl43nvqm5STXp8aD
G/jjlOu7fTBo4x59/VWxkmZo9NvyYAVnHCiJT+gQXNa1jLMFLAwJZu7zF2eBS2K/
JR2H2wbBNY39jmXQ3Q5VrC8L69X7tfv/d6d+Eo3Qtux/PV1qlpAMxEuTPfVKIgbx
NRVSQZFeLNEmIOn0dW0glU5z6T8l9iMsmT/wOCyI+LiPxgDGkSZrFIaj+CpNnKPi
qU2+Q5jEMFtPM4MsL0gNHxUHnSHpce5T6XC9cvoZQnoa/JEbSwEhCMLwxo/UiNK1
7ogRlh1YgxWJiLC69B2WJEOPW0rqdcW2MyTtA3E7BOPHU/7NULmE+psWCjWTjK1X
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:44:28 2024 by rpki-client on console-ams.rpki-client.org