Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/iw_NoQr-4Zpqb1BQJiqjYWIyzAQ.roa
File: iw_NoQr-4Zpqb1BQJiqjYWIyzAQ.roa (raw, json)
Hash identifier: ZwHWG6KrQHF+84kJtMaK0eTr4wmJ3UG8+nG5YiIQDc0=
Subject key identifier: 8B:0F:CD:A1:0A:FE:E1:9A:6A:6F:50:50:26:2A:A3:61:62:32:CC:04
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018CC26D276BB152F0C923DBD7BFC74D94AA
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/iw_NoQr-4Zpqb1BQJiqjYWIyzAQ.roa
Signing time: Mon 01 Jan 2024 00:29:42 +0000
ROA not before: Mon 01 Jan 2024 00:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56913
IP address blocks: 93.113.177.0/24 maxlen: 24
93.113.178.0/24 maxlen: 24
93.113.179.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:27:6b:b1:52:f0:c9:23:db:d7:bf:c7:4d:94:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 00:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8b0fcda10afee19a6a6f5050262aa3616232cc04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:07:bc:8d:74:cc:be:81:8e:46:f2:4d:74:2b:
05:75:2c:fd:45:97:18:26:cc:bd:15:ca:a1:07:8b:
a4:22:41:56:b3:db:4f:53:b9:f1:7d:d4:e7:e7:6a:
cd:c9:00:7c:1b:b3:80:bc:f0:04:42:35:49:50:a5:
0a:57:f5:17:7f:6e:bd:09:a5:b0:2d:3a:fc:3c:35:
04:0b:e6:ee:0e:cf:d4:e2:98:89:02:2e:44:74:d3:
74:4b:98:1b:47:33:f6:2a:ca:ae:46:9f:e0:ce:cc:
55:88:df:41:07:09:3e:30:ac:53:64:71:88:03:3a:
b3:c1:5d:dc:8a:af:9a:00:a8:a6:ff:7e:2a:27:33:
19:fa:dd:97:a1:68:23:38:99:82:cc:a7:d5:ab:80:
d7:81:35:37:f3:02:31:46:2a:3c:f7:90:81:a2:87:
2b:75:20:b3:2c:24:a2:3a:45:d1:c0:a5:b6:66:05:
d8:67:7b:44:ff:be:18:bc:f1:04:6a:d0:99:f7:e8:
bb:4a:92:5c:f7:b8:d6:82:7f:3b:4f:40:38:26:ce:
cc:c0:b9:88:cd:15:68:c2:2d:18:4d:1d:2d:3b:69:
d5:6c:e2:c8:c7:4f:08:6b:4e:09:b0:c5:3b:2c:9d:
02:e2:2a:67:d8:5a:94:fe:bf:16:58:88:7e:f5:d6:
ab:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:0F:CD:A1:0A:FE:E1:9A:6A:6F:50:50:26:2A:A3:61:62:32:CC:04
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/iw_NoQr-4Zpqb1BQJiqjYWIyzAQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.113.177.0-93.113.179.255
Signature Algorithm: sha256WithRSAEncryption
39:77:be:32:ee:d3:45:0a:d0:1a:17:90:e1:61:5f:ab:27:86:
18:9d:9a:1c:b8:76:62:68:de:89:8a:1b:db:43:e0:19:33:9a:
4e:71:01:bb:c2:2b:a1:4c:d2:c0:db:67:89:25:98:83:3e:aa:
05:0d:87:fa:2a:8c:22:aa:80:98:4a:69:35:7f:73:89:36:e4:
67:75:38:dd:d9:1a:9e:cc:d2:d2:5a:73:ff:e9:cd:bc:88:d9:
ca:f6:49:ba:cf:38:de:a8:70:75:82:72:26:0c:a9:f8:3c:80:
f0:06:b7:cb:dc:0d:7a:14:27:10:9f:54:66:16:6a:80:28:0d:
df:19:1a:b6:9d:bd:ca:be:4d:a3:57:3c:e0:6f:73:26:4d:dd:
38:1c:a3:c4:c6:6a:d7:76:da:48:64:47:91:b6:3b:10:f5:0f:
05:90:e0:4c:62:b1:13:c3:0e:5c:e3:fa:dd:01:3d:6e:bd:26:
f8:c9:15:2d:51:e4:f9:c4:12:63:6e:16:68:76:8b:b8:61:e4:
c7:09:41:a7:81:39:7e:6d:8f:d8:ca:10:75:71:81:ae:29:8a:
a4:09:a4:99:30:7e:51:ed:92:d2:ff:e5:b7:5e:17:e3:51:8c:
02:5a:6b:09:a5:eb:f1:75:c2:ca:11:74:44:d7:62:2a:f0:44:
8b:14:a4:5e
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzCbSdrsVLwySPb17/HTZSqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTAxMDAyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjBmY2RhMTBhZmVlMTlhNmE2ZjUwNTAyNjJhYTM2MTYyMzJjYzA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiAe8jXTMvoGORvJNdCsFdSz9RZcY
Jsy9FcqhB4ukIkFWs9tPU7nxfdTn52rNyQB8G7OAvPAEQjVJUKUKV/UXf269CaWw
LTr8PDUEC+buDs/U4piJAi5EdNN0S5gbRzP2KsquRp/gzsxViN9BBwk+MKxTZHGI
AzqzwV3ciq+aAKim/34qJzMZ+t2XoWgjOJmCzKfVq4DXgTU38wIxRio895CBoocr
dSCzLCSiOkXRwKW2ZgXYZ3tE/74YvPEEatCZ9+i7SpJc97jWgn87T0A4Js7MwLmI
zRVowi0YTR0tO2nVbOLIx08Ia04JsMU7LJ0C4ipn2FqU/r8WWIh+9darAwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFIsPzaEK/uGaam9QUCYqo2FiMswEMB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvaXdfTm9Rci00WnBxYjFCUUppcWpZV0l5ekFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBABdcbED
BAJdcbAwDQYJKoZIhvcNAQELBQADggEBADl3vjLu00UK0BoXkOFhX6snhhidmhy4
dmJo3omKG9tD4Bkzmk5xAbvCK6FM0sDbZ4klmIM+qgUNh/oqjCKqgJhKaTV/c4k2
5Gd1ON3ZGp7M0tJac//pzbyI2cr2SbrPON6ocHWCciYMqfg8gPAGt8vcDXoUJxCf
VGYWaoAoDd8ZGradvcq+TaNXPOBvcyZN3Tgco8TGatd22khkR5G2OxD1DwWQ4Exi
sRPDDlzj+t0BPW69JvjJFS1R5PnEEmNuFmh2i7hh5McJQaeBOX5tj9jKEHVxga4p
iqQJpJkwflHtktL/5bdeF+NRjAJaawml6/F1wsoRdETXYirwRIsUpF4=
-----END CERTIFICATE-----
Generated at Mon Nov 25 14:07:39 2024 by rpki-client on console-fra.rpki-client.org