Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/a52ceb-c8c8-4236-a037-60a5743e6e1f/1/ikbS_HKMwPSlg3MbxLYJZmBMNfk.roa
File: ikbS_HKMwPSlg3MbxLYJZmBMNfk.roa (raw, json)
Hash identifier: xQnzNYA7fV/5hC/1x7Sjg4rqjdZ4jj0P+/his4ijUe0=
Subject key identifier: 8A:46:D2:FC:72:8C:C0:F4:A5:83:73:1B:C4:B6:09:66:60:4C:35:F9
Certificate issuer: /CN=ef4e1ea65287a24e20c663b5161c1513f00c8a8d
Certificate serial: 018E7D643EEF7C2B4F2B71B960A1F1CBC617
Authority key identifier: EF:4E:1E:A6:52:87:A2:4E:20:C6:63:B5:16:1C:15:13:F0:0C:8A:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/704eplKHok4gxmO1FhwVE_AMio0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/a52ceb-c8c8-4236-a037-60a5743e6e1f/1/ikbS_HKMwPSlg3MbxLYJZmBMNfk.roa
Signing time: Wed 27 Mar 2024 00:51:45 +0000
ROA not before: Wed 27 Mar 2024 00:51:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1273
IP address blocks: 193.33.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/a52ceb-c8c8-4236-a037-60a5743e6e1f/1/704eplKHok4gxmO1FhwVE_AMio0.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/a52ceb-c8c8-4236-a037-60a5743e6e1f/1/704eplKHok4gxmO1FhwVE_AMio0.mft
rsync://rpki.ripe.net/repository/DEFAULT/704eplKHok4gxmO1FhwVE_AMio0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7d:64:3e:ef:7c:2b:4f:2b:71:b9:60:a1:f1:cb:c6:17
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef4e1ea65287a24e20c663b5161c1513f00c8a8d
Validity
Not Before: Mar 27 00:51:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8a46d2fc728cc0f4a583731bc4b60966604c35f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:54:0f:8b:ad:db:fe:7e:09:da:02:e2:1e:d4:
58:09:30:83:1c:aa:75:3e:e8:21:b2:94:76:4c:f1:
12:1b:a9:b3:32:42:36:fc:66:67:91:0e:b6:f1:cb:
09:49:87:1c:75:a6:ac:a2:23:f6:e8:9e:fc:5c:fc:
75:23:c8:6f:fd:7c:10:79:ea:6e:80:b8:cf:f2:af:
fc:41:1e:60:2c:5a:53:c9:dc:03:65:10:15:e0:81:
ca:82:69:e6:40:5f:0e:63:4f:1f:13:47:5c:e2:4e:
b6:69:69:37:c2:37:f0:96:99:80:5e:ed:0b:e9:ba:
03:c7:c2:11:ac:8f:5d:9a:84:f4:68:77:a0:31:d2:
2d:ff:61:da:67:19:26:e8:35:68:48:fe:41:cf:93:
b4:3a:79:7f:44:c3:3d:0c:2f:8e:c2:2e:f8:10:cf:
45:7d:70:5c:a0:fa:aa:e0:2f:64:26:48:34:d7:ee:
16:b6:a4:1f:32:ae:93:f1:dc:fa:72:16:cf:49:5e:
c0:61:35:1a:d3:64:01:d6:97:18:f9:0d:30:cf:99:
81:c8:09:8b:7f:ab:4c:87:0e:d1:37:e8:f4:66:20:
6c:ea:a2:61:26:ac:a4:7f:69:45:54:06:d2:74:5e:
14:34:c6:c7:7e:f1:8f:d4:dc:95:3e:90:c9:fd:3b:
aa:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:46:D2:FC:72:8C:C0:F4:A5:83:73:1B:C4:B6:09:66:60:4C:35:F9
X509v3 Authority Key Identifier:
keyid:EF:4E:1E:A6:52:87:A2:4E:20:C6:63:B5:16:1C:15:13:F0:0C:8A:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/704eplKHok4gxmO1FhwVE_AMio0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/a52ceb-c8c8-4236-a037-60a5743e6e1f/1/ikbS_HKMwPSlg3MbxLYJZmBMNfk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/a52ceb-c8c8-4236-a037-60a5743e6e1f/1/704eplKHok4gxmO1FhwVE_AMio0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.33.108.0/24
Signature Algorithm: sha256WithRSAEncryption
a5:20:f2:8d:e8:9d:11:47:78:48:84:b8:a3:e9:71:47:cf:4d:
c7:2a:0f:7d:25:1d:c7:79:68:da:84:17:8e:8e:b2:e8:8f:52:
53:b8:a1:f6:90:51:16:ac:5c:f4:a3:86:60:d2:2f:55:4a:c9:
a8:a6:28:86:65:dc:d9:1c:cd:5f:b6:25:56:b8:27:31:a2:67:
12:de:1f:6a:66:3e:7a:cc:da:2a:fa:83:9a:9c:67:12:79:ca:
59:7e:b5:94:b1:64:97:65:14:50:bb:1b:91:c4:51:1e:0e:38:
2e:85:08:02:ae:5e:de:5a:f6:97:63:a6:50:bf:8b:6d:2b:9a:
2b:0c:27:09:06:37:b8:5f:34:f9:5b:ba:03:a8:63:b1:09:01:
c9:f1:42:f8:74:30:42:74:70:01:54:37:44:bb:1b:2e:50:71:
92:de:ad:f6:03:22:49:28:6f:3c:17:8a:dc:7c:a1:34:5d:b9:
45:6d:a9:dc:96:47:9a:a6:b7:8a:ae:09:f7:e7:c5:63:bc:41:
67:98:f5:da:d8:be:e7:2b:b7:25:50:40:e6:26:82:21:fe:b8:
c9:ca:02:21:cf:22:72:56:a6:75:5a:eb:57:cb:6b:5d:c9:7e:
b8:f8:34:07:29:6b:e7:8e:f1:a2:92:cc:fa:15:9f:c7:8d:63:
86:4c:88:09
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY59ZD7vfCtPK3G5YKHxy8YXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNGUxZWE2NTI4N2EyNGUyMGM2NjNiNTE2MWMxNTEzZjAw
YzhhOGQwHhcNMjQwMzI3MDA1MTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTQ2ZDJmYzcyOGNjMGY0YTU4MzczMWJjNGI2MDk2NjYwNGMzNWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvVQPi63b/n4J2gLiHtRYCTCDHKp1
PughspR2TPESG6mzMkI2/GZnkQ628csJSYccdaasoiP26J78XPx1I8hv/XwQeepu
gLjP8q/8QR5gLFpTydwDZRAV4IHKgmnmQF8OY08fE0dc4k62aWk3wjfwlpmAXu0L
6boDx8IRrI9dmoT0aHegMdIt/2HaZxkm6DVoSP5Bz5O0Onl/RMM9DC+Owi74EM9F
fXBcoPqq4C9kJkg01+4WtqQfMq6T8dz6chbPSV7AYTUa02QB1pcY+Q0wz5mByAmL
f6tMhw7RN+j0ZiBs6qJhJqykf2lFVAbSdF4UNMbHfvGP1NyVPpDJ/TuqiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIpG0vxyjMD0pYNzG8S2CWZgTDX5MB8GA1UdIwQY
MBaAFO9OHqZSh6JOIMZjtRYcFRPwDIqNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzA0ZXBsS0hvazRneG1PMUZod1ZFX0FNaW8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OC9hNTJjZWItYzhjOC00MjM2LWEwMzct
NjBhNTc0M2U2ZTFmLzEvaWtiU19IS013UFNsZzNNYnhMWUpabUJNTmZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OC9hNTJjZWItYzhjOC00MjM2LWEwMzctNjBhNTc0M2U2ZTFm
LzEvNzA0ZXBsS0hvazRneG1PMUZod1ZFX0FNaW8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwSFsMA0G
CSqGSIb3DQEBCwUAA4IBAQClIPKN6J0RR3hIhLij6XFHz03HKg99JR3HeWjahBeO
jrLoj1JTuKH2kFEWrFz0o4Zg0i9VSsmopiiGZdzZHM1ftiVWuCcxomcS3h9qZj56
zNoq+oOanGcSecpZfrWUsWSXZRRQuxuRxFEeDjguhQgCrl7eWvaXY6ZQv4ttK5or
DCcJBje4XzT5W7oDqGOxCQHJ8UL4dDBCdHABVDdEuxsuUHGS3q32AyJJKG88F4rc
fKE0XblFbanclkeapreKrgn358VjvEFnmPXa2L7nK7clUEDmJoIh/rjJygIhzyJy
VqZ1WutXy2tdyX64+DQHKWvnjvGiksz6FZ/HjWOGTIgJ
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:47:08 2024 by rpki-client on console-ams.rpki-client.org