Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/IrOeHv6mp14uU2xGtodR5VBHIkY.roa
File: IrOeHv6mp14uU2xGtodR5VBHIkY.roa (raw, json)
Hash identifier: i0wVnb1O4jZBN1hYv7rYtDDiwjeDu6m7/BnVXTzXWs0=
Subject key identifier: 22:B3:9E:1E:FE:A6:A7:5E:2E:53:6C:46:B6:87:51:E5:50:47:22:46
Certificate issuer: /CN=a3190f6efd79ea7333f9bccd85a04352d915b239
Certificate serial: 018CC72710B35374DEBC11A0C2D885E9DB41
Authority key identifier: A3:19:0F:6E:FD:79:EA:73:33:F9:BC:CD:85:A0:43:52:D9:15:B2:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oxkPbv156nMz-bzNhaBDUtkVsjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/IrOeHv6mp14uU2xGtodR5VBHIkY.roa
Signing time: Mon 01 Jan 2024 22:31:15 +0000
ROA not before: Mon 01 Jan 2024 22:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50343
IP address blocks: 109.233.152.0/21 maxlen: 24
185.169.112.0/22 maxlen: 24
2a01:8780::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/oxkPbv156nMz-bzNhaBDUtkVsjk.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/oxkPbv156nMz-bzNhaBDUtkVsjk.mft
rsync://rpki.ripe.net/repository/DEFAULT/oxkPbv156nMz-bzNhaBDUtkVsjk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:10:b3:53:74:de:bc:11:a0:c2:d8:85:e9:db:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3190f6efd79ea7333f9bccd85a04352d915b239
Validity
Not Before: Jan 1 22:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22b39e1efea6a75e2e536c46b68751e550472246
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:77:c6:81:9f:09:a6:a7:f7:09:c8:77:d3:06:
39:77:5f:32:ec:ed:c7:7f:96:1a:7e:6b:40:9a:96:
c4:8d:7a:e2:09:45:cd:c2:dc:08:62:00:24:61:9e:
82:93:10:56:bf:7c:d1:85:9b:da:6c:00:0c:5b:3a:
d6:de:53:d0:d2:49:99:c6:a3:f6:3b:83:f2:1f:e1:
0b:9a:39:a1:89:15:80:68:30:47:2c:6b:28:2b:87:
d9:07:1f:15:3a:a2:4e:a3:76:46:4c:79:fd:53:db:
49:d7:b5:0d:ac:04:5e:57:cc:c0:34:b9:40:fc:6a:
82:f1:de:f8:b1:03:92:8a:e0:18:a9:2b:48:15:a8:
45:a7:21:f4:c7:b6:6b:d0:15:53:6c:33:4c:4b:5d:
81:3a:82:ad:87:e7:72:c1:0d:e6:19:d9:fd:63:fe:
0d:68:f3:c0:11:32:10:84:69:d8:8c:b0:e7:56:fc:
71:2a:cc:6b:6a:aa:1c:70:a9:7d:97:b1:6c:43:63:
2f:0d:7d:aa:a2:06:42:ee:a4:50:37:dd:1d:3e:a7:
02:95:ba:25:2d:5a:1b:45:35:9d:3b:cf:9f:60:47:
e9:d6:fc:ab:01:00:06:1e:1e:a2:82:2f:00:93:3f:
26:eb:33:b2:4f:29:7d:7c:04:5e:dd:5f:ac:0f:0c:
f7:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:B3:9E:1E:FE:A6:A7:5E:2E:53:6C:46:B6:87:51:E5:50:47:22:46
X509v3 Authority Key Identifier:
keyid:A3:19:0F:6E:FD:79:EA:73:33:F9:BC:CD:85:A0:43:52:D9:15:B2:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oxkPbv156nMz-bzNhaBDUtkVsjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/IrOeHv6mp14uU2xGtodR5VBHIkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/f6cfd7-a228-4591-9ef5-5f4b87ada4b5/1/oxkPbv156nMz-bzNhaBDUtkVsjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.233.152.0/21
185.169.112.0/22
IPv6:
2a01:8780::/29
Signature Algorithm: sha256WithRSAEncryption
35:6e:21:eb:d5:33:fb:2d:d0:b2:5b:b5:00:18:1a:d6:38:5d:
ad:3b:51:4b:7c:89:6a:15:a0:84:84:04:7a:53:84:22:a3:74:
c8:b2:64:b6:a3:ca:34:ca:d8:0b:ba:f0:70:2c:ae:64:cc:4c:
e3:ef:c4:85:7f:39:3c:48:29:b7:06:a0:db:6c:8f:02:7d:28:
4b:c7:c8:1c:5d:34:df:65:e2:c2:fe:a1:ef:c7:b8:d7:43:51:
a0:1e:f1:bc:3d:39:f7:91:02:fc:a8:de:06:df:59:cf:da:d2:
8d:1e:58:17:34:2b:32:14:70:93:06:a9:9d:28:64:a5:e1:2c:
b9:69:21:50:f3:ec:bf:13:ef:1c:c7:44:25:90:e5:23:a4:aa:
69:f0:4f:b8:48:23:33:0d:16:18:42:29:ce:94:93:30:61:25:
6a:66:78:ff:fe:17:3d:a8:fc:75:05:2e:ae:a1:48:29:eb:8b:
aa:a7:0a:ca:36:ae:d7:66:1b:7a:cb:85:11:3b:87:1b:02:70:
09:af:4c:49:60:5d:74:a8:79:ec:8a:49:8f:69:c6:bb:c7:d6:
48:e7:2b:68:51:0e:41:80:54:32:48:bf:c9:6d:c9:c8:ff:ca:
37:16:3e:29:93:08:0e:ab:ed:cc:ba:86:2c:c0:fe:44:57:bc:
43:f5:f2:4f
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzHJxCzU3TevBGgwtiF6dtBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzMTkwZjZlZmQ3OWVhNzMzM2Y5YmNjZDg1YTA0MzUyZDkx
NWIyMzkwHhcNMjQwMTAxMjIzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmIzOWUxZWZlYTZhNzVlMmU1MzZjNDZiNjg3NTFlNTUwNDcyMjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg3fGgZ8Jpqf3Cch30wY5d18y7O3H
f5YafmtAmpbEjXriCUXNwtwIYgAkYZ6CkxBWv3zRhZvabAAMWzrW3lPQ0kmZxqP2
O4PyH+ELmjmhiRWAaDBHLGsoK4fZBx8VOqJOo3ZGTHn9U9tJ17UNrAReV8zANLlA
/GqC8d74sQOSiuAYqStIFahFpyH0x7Zr0BVTbDNMS12BOoKth+dywQ3mGdn9Y/4N
aPPAETIQhGnYjLDnVvxxKsxraqoccKl9l7FsQ2MvDX2qogZC7qRQN90dPqcClbol
LVobRTWdO8+fYEfp1vyrAQAGHh6igi8Akz8m6zOyTyl9fARe3V+sDwz3BwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCKznh7+pqdeLlNsRraHUeVQRyJGMB8GA1UdIwQY
MBaAFKMZD279eepzM/m8zYWgQ1LZFbI5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3hrUGJ2MTU2bk16LWJ6TmhhQkRVdGtWc2prLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9mNmNmZDctYTIyOC00NTkxLTllZjUt
NWY0Yjg3YWRhNGI1LzEvSXJPZUh2Nm1wMTR1VTJ4R3RvZFI1VkJISWtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9mNmNmZDctYTIyOC00NTkxLTllZjUtNWY0Yjg3YWRhNGI1
LzEvb3hrUGJ2MTU2bk16LWJ6TmhhQkRVdGtWc2prLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDbemYAwQC
ualwMA0EAgACMAcDBQMqAYeAMA0GCSqGSIb3DQEBCwUAA4IBAQA1biHr1TP7LdCy
W7UAGBrWOF2tO1FLfIlqFaCEhAR6U4Qio3TIsmS2o8o0ytgLuvBwLK5kzEzj78SF
fzk8SCm3BqDbbI8CfShLx8gcXTTfZeLC/qHvx7jXQ1GgHvG8PTn3kQL8qN4G31nP
2tKNHlgXNCsyFHCTBqmdKGSl4Sy5aSFQ8+y/E+8cx0QlkOUjpKpp8E+4SCMzDRYY
QinOlJMwYSVqZnj//hc9qPx1BS6uoUgp64uqpwrKNq7XZht6y4URO4cbAnAJr0xJ
YF10qHnsikmPaca7x9ZI5ytoUQ5BgFQySL/JbcnI/8o3Fj4pkwgOq+3MuoYswP5E
V7xD9fJP
-----END CERTIFICATE-----
Generated at Sat Jun 1 09:05:00 2024 by rpki-client on console-ams.rpki-client.org