Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/96/a3d8f5-0d3c-42fa-8c69-b9c0df70ad3f/1/iN8BBLwmfe7UCPC0pMUlxs-iT0w.roa
File: iN8BBLwmfe7UCPC0pMUlxs-iT0w.roa (raw, json)
Hash identifier: w4CwpS1jS4Nnf6pQrwwC5qLyyv+UyMClkhaHkyIdjMk=
Subject key identifier: 88:DF:01:04:BC:26:7D:EE:D4:08:F0:B4:A4:C5:25:C6:CF:A2:4F:4C
Certificate issuer: /CN=a40043b3e13aed397f8932cf5d13ff4f4aafe6ba
Certificate serial: 018CC56DE5F6682703F7B33E1A96F9B22F42
Authority key identifier: A4:00:43:B3:E1:3A:ED:39:7F:89:32:CF:5D:13:FF:4F:4A:AF:E6:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pABDs-E67Tl_iTLPXRP_T0qv5ro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/96/a3d8f5-0d3c-42fa-8c69-b9c0df70ad3f/1/iN8BBLwmfe7UCPC0pMUlxs-iT0w.roa
Signing time: Mon 01 Jan 2024 14:29:22 +0000
ROA not before: Mon 01 Jan 2024 14:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204285
IP address blocks: 185.254.117.0/24 maxlen: 24
185.254.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/96/a3d8f5-0d3c-42fa-8c69-b9c0df70ad3f/1/pABDs-E67Tl_iTLPXRP_T0qv5ro.crl
rsync://rpki.ripe.net/repository/DEFAULT/96/a3d8f5-0d3c-42fa-8c69-b9c0df70ad3f/1/pABDs-E67Tl_iTLPXRP_T0qv5ro.mft
rsync://rpki.ripe.net/repository/DEFAULT/pABDs-E67Tl_iTLPXRP_T0qv5ro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 05:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:e5:f6:68:27:03:f7:b3:3e:1a:96:f9:b2:2f:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a40043b3e13aed397f8932cf5d13ff4f4aafe6ba
Validity
Not Before: Jan 1 14:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88df0104bc267deed408f0b4a4c525c6cfa24f4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:9d:c3:b8:64:38:61:50:47:54:50:21:f0:1e:
0a:b6:ac:27:d8:d8:ae:f4:2d:f7:94:76:1f:59:65:
88:5e:92:f6:a7:3e:14:f5:de:65:c0:df:06:67:8e:
3e:22:2f:73:a1:87:58:64:b3:f8:fb:76:79:4b:98:
4a:0a:ff:02:3b:54:15:25:b2:f9:54:e9:1e:fc:a4:
da:0d:c8:46:eb:74:1b:67:e4:45:1a:90:fd:10:7d:
98:f5:3a:01:1d:97:65:75:e0:b1:b9:7a:77:b1:54:
04:44:1a:83:8b:6d:d3:98:1c:8d:30:eb:de:fa:b4:
0a:55:05:a8:c1:69:35:9d:9e:4f:b3:ff:cb:7a:25:
86:92:55:d9:c8:96:c9:81:a6:30:7e:e0:cb:14:ae:
fa:d2:65:e8:af:b4:94:83:df:39:b8:08:de:aa:6a:
6e:d8:71:21:01:71:4b:7d:d9:88:2c:0a:ba:d9:19:
09:9f:cb:6a:78:47:c0:f4:0f:86:c8:4b:4e:c0:2f:
05:f2:b9:98:4d:0e:ab:72:85:6c:96:55:4f:4f:85:
26:6d:f8:6d:8d:bd:73:68:a6:39:3f:67:77:56:7e:
35:9c:d1:7a:59:24:cc:4a:73:04:bf:04:43:a8:b1:
85:b2:b3:c8:cc:ff:41:a9:35:32:a3:09:3b:26:9a:
44:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:DF:01:04:BC:26:7D:EE:D4:08:F0:B4:A4:C5:25:C6:CF:A2:4F:4C
X509v3 Authority Key Identifier:
keyid:A4:00:43:B3:E1:3A:ED:39:7F:89:32:CF:5D:13:FF:4F:4A:AF:E6:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pABDs-E67Tl_iTLPXRP_T0qv5ro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/96/a3d8f5-0d3c-42fa-8c69-b9c0df70ad3f/1/iN8BBLwmfe7UCPC0pMUlxs-iT0w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/96/a3d8f5-0d3c-42fa-8c69-b9c0df70ad3f/1/pABDs-E67Tl_iTLPXRP_T0qv5ro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.116.0/23
Signature Algorithm: sha256WithRSAEncryption
3d:b1:be:c6:a4:4d:0b:25:8c:a5:55:f7:56:83:e9:7e:3c:54:
89:d9:cd:aa:1f:f7:3a:21:ab:c3:64:c6:ce:67:e7:0b:a6:0d:
86:67:14:b5:b0:ef:e0:a7:2b:d4:71:27:b7:11:30:c8:1c:d0:
b0:b7:e1:c6:03:1c:d9:58:92:90:68:ff:97:02:c9:b6:35:96:
fe:bb:f0:71:29:07:14:79:dc:15:70:11:57:ab:77:5d:0f:9e:
6f:2a:c9:e9:22:03:15:f7:b0:b5:42:fa:5a:b8:a5:92:e5:7f:
fe:df:0f:01:5e:9c:dc:50:98:6b:2a:43:24:c0:3f:0a:e5:37:
ba:ef:54:a9:87:a9:41:10:44:b3:5d:e9:66:01:24:14:d5:ff:
40:e5:75:54:4b:42:61:56:34:c9:21:62:02:b5:1f:33:53:00:
6a:11:59:79:c3:ae:d6:37:2e:45:ba:0e:43:2c:fa:30:d7:f1:
9f:da:4c:50:16:04:ac:2b:47:66:71:12:43:fb:c4:40:c4:6f:
37:db:73:c3:94:34:ac:97:6a:8d:b1:d8:2c:7d:8f:d2:91:b2:
f0:3a:4c:a9:7e:a5:ff:6b:28:da:01:1d:30:f8:ee:f4:80:17:
84:b9:3b:88:b2:a5:cd:ad:a6:ab:7e:7e:94:69:0d:1d:01:b5:
cb:ab:39:f7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbeX2aCcD97M+Gpb5si9CMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MDA0M2IzZTEzYWVkMzk3Zjg5MzJjZjVkMTNmZjRmNGFh
ZmU2YmEwHhcNMjQwMTAxMTQyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGRmMDEwNGJjMjY3ZGVlZDQwOGYwYjRhNGM1MjVjNmNmYTI0ZjRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhp3DuGQ4YVBHVFAh8B4Ktqwn2Niu
9C33lHYfWWWIXpL2pz4U9d5lwN8GZ44+Ii9zoYdYZLP4+3Z5S5hKCv8CO1QVJbL5
VOke/KTaDchG63QbZ+RFGpD9EH2Y9ToBHZdldeCxuXp3sVQERBqDi23TmByNMOve
+rQKVQWowWk1nZ5Ps//LeiWGklXZyJbJgaYwfuDLFK760mXor7SUg985uAjeqmpu
2HEhAXFLfdmILAq62RkJn8tqeEfA9A+GyEtOwC8F8rmYTQ6rcoVsllVPT4Umbfht
jb1zaKY5P2d3Vn41nNF6WSTMSnMEvwRDqLGFsrPIzP9BqTUyowk7JppEpQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIjfAQS8Jn3u1AjwtKTFJcbPok9MMB8GA1UdIwQY
MBaAFKQAQ7PhOu05f4kyz10T/09Kr+a6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEFCRHMtRTY3VGxfaVRMUFhSUF9UMHF2NXJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Ni9hM2Q4ZjUtMGQzYy00MmZhLThjNjkt
YjljMGRmNzBhZDNmLzEvaU44QkJMd21mZTdVQ1BDMHBNVWx4cy1pVDB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Ni9hM2Q4ZjUtMGQzYy00MmZhLThjNjktYjljMGRmNzBhZDNm
LzEvcEFCRHMtRTY3VGxfaVRMUFhSUF9UMHF2NXJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBuf50MA0G
CSqGSIb3DQEBCwUAA4IBAQA9sb7GpE0LJYylVfdWg+l+PFSJ2c2qH/c6IavDZMbO
Z+cLpg2GZxS1sO/gpyvUcSe3ETDIHNCwt+HGAxzZWJKQaP+XAsm2NZb+u/BxKQcU
edwVcBFXq3ddD55vKsnpIgMV97C1QvpauKWS5X/+3w8BXpzcUJhrKkMkwD8K5Te6
71Sph6lBEESzXelmASQU1f9A5XVUS0JhVjTJIWICtR8zUwBqEVl5w67WNy5Fug5D
LPow1/Gf2kxQFgSsK0dmcRJD+8RAxG8323PDlDSsl2qNsdgsfY/SkbLwOkypfqX/
ayjaAR0w+O70gBeEuTuIsqXNraarfn6UaQ0dAbXLqzn3
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:03:48 2024 by rpki-client on console-fra.rpki-client.org