Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/I1U-6aSOTWLBVgHx0hOJ1qtko7o.roa
File: I1U-6aSOTWLBVgHx0hOJ1qtko7o.roa (raw, json)
Hash identifier: noaHGgBGnHWmVCJCAnKWph7dPLV9cU70lHDLDny4dL8=
Subject key identifier: 23:55:3E:E9:A4:8E:4D:62:C1:56:01:F1:D2:13:89:D6:AB:64:A3:BA
Certificate issuer: /CN=ab9aab13427ad8c0072ae08d9bb80abc19d3f984
Certificate serial: 019006184DDB2CCC48A66B201B6DF2ACF96D
Authority key identifier: AB:9A:AB:13:42:7A:D8:C0:07:2A:E0:8D:9B:B8:0A:BC:19:D3:F9:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/I1U-6aSOTWLBVgHx0hOJ1qtko7o.roa
Signing time: Tue 11 Jun 2024 06:59:34 +0000
ROA not before: Tue 11 Jun 2024 06:59:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215783
IP address blocks: 185.141.152.0/22 maxlen: 22
185.141.155.0/24 maxlen: 24
2a07:2440::/29 maxlen: 29
2a07:2440:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/q5qrE0J62MAHKuCNm7gKvBnT-YQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/q5qrE0J62MAHKuCNm7gKvBnT-YQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:06:18:4d:db:2c:cc:48:a6:6b:20:1b:6d:f2:ac:f9:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab9aab13427ad8c0072ae08d9bb80abc19d3f984
Validity
Not Before: Jun 11 06:59:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23553ee9a48e4d62c15601f1d21389d6ab64a3ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:54:1d:82:c4:92:bf:6c:45:e1:29:8d:f1:8f:
9d:a6:fc:0f:e5:4d:39:5d:9d:5f:cd:b9:29:bb:a1:
60:59:74:6b:a1:51:df:bf:0d:9d:03:4b:b7:9e:69:
5e:8a:8e:d6:c2:de:bd:af:b7:6a:11:23:0b:08:47:
a4:7f:de:48:8a:b0:99:06:9a:18:6b:69:c3:7a:d7:
af:b0:4b:d6:3d:dd:4e:3b:38:ba:f9:1b:33:ff:7e:
48:52:d4:39:89:cb:79:38:5f:75:0a:88:27:cd:e7:
be:4b:d4:9c:64:ef:d7:4c:2e:91:d3:bf:4b:5e:9b:
68:73:32:f6:93:7a:84:d0:51:83:5c:53:b1:d0:bf:
fe:70:f2:81:53:9c:fd:23:2e:64:6f:ad:e5:21:23:
46:80:a5:d0:a9:ff:bf:fe:54:ad:37:bc:81:46:33:
76:00:95:2a:fa:f2:2e:ab:6b:5f:2f:c4:75:6d:6f:
b8:a7:e6:d7:cc:ff:e9:57:46:02:c9:8f:41:44:2c:
59:26:6b:3f:72:68:a9:45:7b:f4:5d:b6:05:50:8e:
1e:38:0f:e5:b3:d4:62:94:25:64:2a:ac:dc:d0:6d:
58:14:06:88:d3:0f:41:70:47:b5:69:8b:aa:fb:41:
f3:57:f5:3e:b5:bd:be:19:f1:1e:4b:af:33:8e:f9:
07:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:55:3E:E9:A4:8E:4D:62:C1:56:01:F1:D2:13:89:D6:AB:64:A3:BA
X509v3 Authority Key Identifier:
keyid:AB:9A:AB:13:42:7A:D8:C0:07:2A:E0:8D:9B:B8:0A:BC:19:D3:F9:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q5qrE0J62MAHKuCNm7gKvBnT-YQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/I1U-6aSOTWLBVgHx0hOJ1qtko7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/eb9582-d275-497a-b62b-39260319c7bd/1/q5qrE0J62MAHKuCNm7gKvBnT-YQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.141.152.0/22
IPv6:
2a07:2440::/29
Signature Algorithm: sha256WithRSAEncryption
08:64:b6:76:ce:63:06:c1:5c:64:ff:77:50:89:b4:12:89:76:
7f:bb:b4:68:95:34:8f:ca:82:a1:f7:14:ec:d3:0a:f8:3e:43:
7a:47:b0:39:b3:72:97:aa:58:61:ee:8f:a1:15:e4:05:84:50:
e3:af:55:d6:b0:9e:06:2c:af:0d:a2:19:3c:d3:34:cf:cd:9f:
06:c5:2b:34:b6:92:7b:07:81:8c:a4:6a:96:0e:2d:95:fc:d5:
d6:10:92:e4:7e:f2:04:25:68:cf:dc:e2:7d:b6:89:cf:45:d7:
2b:04:9e:f5:a9:cf:4f:4b:ff:13:f5:aa:99:02:54:fe:2c:45:
7a:90:a6:6c:ba:8c:c9:c2:9a:27:14:3f:cd:26:f1:99:dc:47:
da:61:27:83:4c:f7:1a:23:ef:0b:7a:42:e3:d9:50:a1:5d:b1:
9e:e7:23:89:1f:9e:08:5c:55:f6:a5:0c:1c:4d:29:d6:17:7d:
89:0d:eb:89:fa:17:86:7c:c9:57:d2:72:3c:e2:15:ce:2b:48:
86:8d:7e:64:4d:43:4d:60:17:3d:d5:a4:17:3d:65:04:8c:04:
8e:dd:01:4c:1b:a1:94:63:4c:f5:cc:46:c8:68:68:10:b5:99:
9d:99:d4:d7:55:69:4c:35:2f:68:c1:c1:ed:9b:e9:db:29:5b:
2f:e8:6a:06
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZAGGE3bLMxIpmsgG23yrPltMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiOWFhYjEzNDI3YWQ4YzAwNzJhZTA4ZDliYjgwYWJjMTlk
M2Y5ODQwHhcNMjQwNjExMDY1OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzU1M2VlOWE0OGU0ZDYyYzE1NjAxZjFkMjEzODlkNmFiNjRhM2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqlQdgsSSv2xF4SmN8Y+dpvwP5U05
XZ1fzbkpu6FgWXRroVHfvw2dA0u3nmleio7Wwt69r7dqESMLCEekf95IirCZBpoY
a2nDetevsEvWPd1OOzi6+Rsz/35IUtQ5ict5OF91Cognzee+S9ScZO/XTC6R079L
XptoczL2k3qE0FGDXFOx0L/+cPKBU5z9Iy5kb63lISNGgKXQqf+//lStN7yBRjN2
AJUq+vIuq2tfL8R1bW+4p+bXzP/pV0YCyY9BRCxZJms/cmipRXv0XbYFUI4eOA/l
s9RilCVkKqzc0G1YFAaI0w9BcEe1aYuq+0HzV/U+tb2+GfEeS68zjvkHKQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCNVPumkjk1iwVYB8dITidarZKO6MB8GA1UdIwQY
MBaAFKuaqxNCetjAByrgjZu4CrwZ0/mEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcTVxckUwSjYyTUFIS3VDTm03Z0t2Qm5ULVlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9lYjk1ODItZDI3NS00OTdhLWI2MmIt
MzkyNjAzMTljN2JkLzEvSTFVLTZhU09UV0xCVmdIeDBoT0oxcXRrbzdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9lYjk1ODItZDI3NS00OTdhLWI2MmItMzkyNjAzMTljN2Jk
LzEvcTVxckUwSjYyTUFIS3VDTm03Z0t2Qm5ULVlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuY2YMA0E
AgACMAcDBQMqByRAMA0GCSqGSIb3DQEBCwUAA4IBAQAIZLZ2zmMGwVxk/3dQibQS
iXZ/u7RolTSPyoKh9xTs0wr4PkN6R7A5s3KXqlhh7o+hFeQFhFDjr1XWsJ4GLK8N
ohk80zTPzZ8GxSs0tpJ7B4GMpGqWDi2V/NXWEJLkfvIEJWjP3OJ9tonPRdcrBJ71
qc9PS/8T9aqZAlT+LEV6kKZsuozJwponFD/NJvGZ3EfaYSeDTPcaI+8LekLj2VCh
XbGe5yOJH54IXFX2pQwcTSnWF32JDeuJ+heGfMlX0nI84hXOK0iGjX5kTUNNYBc9
1aQXPWUEjASO3QFMG6GUY0z1zEbIaGgQtZmdmdTXVWlMNS9owcHtm+nbKVsv6GoG
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:36:31 2024 by rpki-client on console-ams.rpki-client.org