Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/IesCAUW3fp-iQ6jTysMSx7I4rso.roa
File: IesCAUW3fp-iQ6jTysMSx7I4rso.roa (raw, json)
Hash identifier: jIo7TCwAfJM4Cve92eNudUCs6VOiqw4xGZ/+EGJnoio=
Subject key identifier: 21:EB:02:01:45:B7:7E:9F:A2:43:A8:D3:CA:C3:12:C7:B2:38:AE:CA
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 018F14D096CEE107B303C6DCFE97EF644B00
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/IesCAUW3fp-iQ6jTysMSx7I4rso.roa
Signing time: Thu 25 Apr 2024 10:32:45 +0000
ROA not before: Thu 25 Apr 2024 10:32:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215561
IP address blocks: 2a0a:79c0:200::/40 maxlen: 128
2a0a:79c7:f000::/38 maxlen: 128
2a0a:79c7:f400::/38 maxlen: 128
2a0a:79c7:f800::/38 maxlen: 128
2a0a:79c7:fe00::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 12:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:14:d0:96:ce:e1:07:b3:03:c6:dc:fe:97:ef:64:4b:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Apr 25 10:32:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21eb020145b77e9fa243a8d3cac312c7b238aeca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:fe:0e:c2:0a:c6:1d:dd:19:73:bf:e6:31:bb:
9d:14:6d:23:61:ef:51:5e:7f:fe:93:ab:19:74:af:
8c:d5:e4:23:d2:0f:14:4b:fd:36:29:b2:e3:47:2a:
e3:16:85:79:f5:ce:10:12:fe:bf:25:23:be:07:cd:
86:81:a4:73:68:32:91:ea:f0:0f:15:ac:b0:e9:e4:
23:e3:06:1c:d6:61:9b:1a:76:9a:44:3f:5b:3c:0c:
82:8a:73:1b:04:d0:0a:eb:8f:ed:72:41:73:40:28:
95:06:78:60:f7:d0:98:85:14:a3:64:1a:39:64:aa:
c7:5a:ee:90:ac:dd:bc:8d:28:bb:dd:92:24:08:42:
d5:fc:19:03:31:10:c7:39:cb:ac:53:0e:00:ec:3b:
f3:99:e6:9b:4f:00:74:e0:b3:00:76:f4:9b:4a:ed:
f4:19:b2:20:82:39:2f:21:fc:db:63:ed:a3:3c:bd:
36:4e:d8:05:76:81:cd:db:8b:a1:6d:e5:2c:b9:78:
04:ae:3e:84:d2:71:97:dd:ae:f2:99:39:bc:4e:75:
46:d3:d1:0b:03:93:84:9a:5b:00:da:6d:fc:aa:b9:
d0:fd:47:76:a5:0e:25:2f:2c:99:0f:a2:a7:17:80:
8b:e8:dc:e3:96:e8:7c:21:c7:48:62:cf:ba:cd:b4:
a9:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:EB:02:01:45:B7:7E:9F:A2:43:A8:D3:CA:C3:12:C7:B2:38:AE:CA
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/IesCAUW3fp-iQ6jTysMSx7I4rso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:79c0:200::/40
2a0a:79c7:f000::-2a0a:79c7:fbff:ffff:ffff:ffff:ffff:ffff
2a0a:79c7:fe00::/40
Signature Algorithm: sha256WithRSAEncryption
55:cb:ec:06:c5:5f:b3:4b:64:20:b1:f8:26:9a:84:95:1e:ea:
87:8c:4f:1f:50:22:09:2a:c2:92:b4:65:16:c0:a9:cf:24:01:
e1:47:c5:b1:94:d1:50:5c:1f:dc:90:2d:bb:13:bb:06:d4:54:
30:e5:b8:90:cb:02:47:c2:ce:44:b3:1d:2e:b5:c2:58:17:77:
4d:8e:ff:39:7f:60:db:1a:7d:b1:55:c6:0e:95:30:bf:a1:e4:
74:ff:dd:9f:a4:8c:bf:a3:15:e1:d5:f9:0d:35:a6:ab:1b:ce:
c3:95:a6:32:d2:cc:f3:67:e9:2a:d9:19:29:54:0b:58:58:b4:
0b:7b:34:c3:a0:ff:eb:ba:64:45:59:26:61:73:33:29:27:62:
36:9f:ad:e2:4c:5b:41:ae:10:96:c2:9e:c7:3a:a8:66:0a:3b:
56:a7:8f:31:75:31:db:84:35:f7:dd:51:3d:e0:46:96:9b:3b:
67:c4:5d:75:0e:fa:3a:14:1a:36:45:d5:d0:1c:e9:83:48:d2:
d9:b3:b9:f2:af:59:cb:0e:00:2b:49:61:05:7d:9d:3e:c6:03:
ed:11:3b:8b:1c:2c:87:d5:0b:d2:c9:c6:12:71:8e:85:a5:57:
5b:c8:71:ac:62:3e:8f:55:d7:f7:51:33:74:25:97:ff:c7:26:
02:5b:99:15
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAY8U0JbO4QezA8bc/pfvZEsAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjQwNDI1MTAzMjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWViMDIwMTQ1Yjc3ZTlmYTI0M2E4ZDNjYWMzMTJjN2IyMzhhZWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhP4OwgrGHd0Zc7/mMbudFG0jYe9R
Xn/+k6sZdK+M1eQj0g8US/02KbLjRyrjFoV59c4QEv6/JSO+B82GgaRzaDKR6vAP
Fayw6eQj4wYc1mGbGnaaRD9bPAyCinMbBNAK64/tckFzQCiVBnhg99CYhRSjZBo5
ZKrHWu6QrN28jSi73ZIkCELV/BkDMRDHOcusUw4A7DvzmeabTwB04LMAdvSbSu30
GbIggjkvIfzbY+2jPL02TtgFdoHN24uhbeUsuXgErj6E0nGX3a7ymTm8TnVG09EL
A5OEmlsA2m38qrnQ/Ud2pQ4lLyyZD6KnF4CL6Nzjluh8IcdIYs+6zbSp5QIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFCHrAgFFt36fokOo08rDEseyOK7KMB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvSWVzQ0FVVzNmcC1pUTZqVHlzTVN4N0k0cnNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAAjAiAwYAKgp5wAIw
EAMGBCoKecfwAwYCKgp5x/gDBgAqCnnH/jANBgkqhkiG9w0BAQsFAAOCAQEAVcvs
BsVfs0tkILH4JpqElR7qh4xPH1AiCSrCkrRlFsCpzyQB4UfFsZTRUFwf3JAtuxO7
BtRUMOW4kMsCR8LORLMdLrXCWBd3TY7/OX9g2xp9sVXGDpUwv6HkdP/dn6SMv6MV
4dX5DTWmqxvOw5WmMtLM82fpKtkZKVQLWFi0C3s0w6D/67pkRVkmYXMzKSdiNp+t
4kxbQa4QlsKexzqoZgo7VqePMXUx24Q1991RPeBGlps7Z8RddQ76OhQaNkXV0Bzp
g0jS2bO58q9Zyw4AK0lhBX2dPsYD7RE7ixwsh9UL0snGEnGOhaVXW8hxrGI+j1XX
91EzdCWX/8cmAluZFQ==
-----END CERTIFICATE-----
Generated at Wed May 15 15:56:23 2024 by rpki-client on console-fra.rpki-client.org