Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/IsR6AxRNJVbai8dQvQEhi2WQgyk.roa
File: IsR6AxRNJVbai8dQvQEhi2WQgyk.roa (raw, json)
Hash identifier: i318CLfx+k865BL4D7cjGQFKhTmzqD1b6rRbxR48gK4=
Subject key identifier: 22:C4:7A:03:14:4D:25:56:DA:8B:C7:50:BD:01:21:8B:65:90:83:29
Certificate issuer: /CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Certificate serial: 018CC42471815E3B929C2C274F0ABF963A79
Authority key identifier: D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/IsR6AxRNJVbai8dQvQEhi2WQgyk.roa
Signing time: Mon 01 Jan 2024 08:29:31 +0000
ROA not before: Mon 01 Jan 2024 08:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205727
IP address blocks: 176.107.128.0/20 maxlen: 24
80.211.240.0/20 maxlen: 24
2a00:6d47::/36 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.mft
rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 17:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:71:81:5e:3b:92:9c:2c:27:4f:0a:bf:96:3a:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cb5cecc213b9f86dbba518521e8546ec93861c
Validity
Not Before: Jan 1 08:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22c47a03144d2556da8bc750bd01218b65908329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3e:19:77:46:11:82:e9:47:69:7b:71:34:99:
fb:db:d6:e2:4c:c8:51:2e:c4:2f:e7:20:95:55:9b:
94:33:0d:a0:64:ac:9c:27:1a:98:5e:fb:5a:35:3a:
d8:91:8b:d1:cb:89:b6:69:6a:96:a2:16:80:4b:05:
0f:07:8f:6a:a8:0e:90:83:d9:f0:8e:44:53:ab:7e:
b7:ac:63:67:bf:a0:37:57:d4:f1:30:91:dd:96:3e:
40:f0:ba:0c:10:df:85:a0:3a:04:4a:c3:37:e0:7a:
fc:1c:f2:f4:2e:9e:88:e3:7e:c6:7f:38:e2:2f:72:
f2:86:55:ec:45:25:6f:1e:a9:69:d5:1d:4a:08:c6:
17:ab:57:0b:4b:ab:06:08:87:ef:17:6a:fe:96:5e:
2b:f5:70:ec:84:df:08:f6:8c:77:17:97:54:e4:27:
eb:c4:00:bb:a3:a4:44:2b:78:e3:3e:ec:95:a6:82:
a8:6b:d6:58:88:91:73:cc:93:b3:75:5d:cd:5b:c8:
f4:5b:bb:cb:1d:77:d4:bf:96:19:05:05:24:8e:9e:
38:cf:c0:6e:9f:44:f8:24:99:50:96:11:c7:72:b8:
c8:f9:59:eb:a3:3a:37:5d:19:30:b6:58:d3:8b:70:
b6:0c:60:c2:50:aa:67:15:f2:9b:16:62:31:4b:b6:
a6:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:C4:7A:03:14:4D:25:56:DA:8B:C7:50:BD:01:21:8B:65:90:83:29
X509v3 Authority Key Identifier:
keyid:D3:CB:5C:EC:C2:13:B9:F8:6D:BB:A5:18:52:1E:85:46:EC:93:86:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/08tc7MITufhtu6UYUh6FRuyThhw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/IsR6AxRNJVbai8dQvQEhi2WQgyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/e117fe-c9e7-4d41-94df-84269412d561/1/08tc7MITufhtu6UYUh6FRuyThhw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.211.240.0/20
176.107.128.0/20
IPv6:
2a00:6d47::/36
Signature Algorithm: sha256WithRSAEncryption
ac:93:2a:1f:a4:32:52:8f:31:7e:a8:25:b6:55:1d:29:25:cd:
3b:3e:a1:5c:3b:d8:0a:6f:65:35:16:69:47:ee:10:5f:06:bc:
25:f7:45:47:a9:d7:2d:41:99:b9:4d:dd:dd:28:30:28:b4:d8:
e8:4e:6e:e4:27:33:9d:32:e1:a1:e2:29:1c:f7:d6:a3:9b:c2:
8d:06:de:dd:c7:2d:7c:7b:dd:c5:ba:c8:2c:cc:0d:e6:a9:e5:
f9:3b:61:19:49:a8:08:59:e8:9f:ae:d3:34:d2:a5:c0:94:9f:
18:fe:07:30:d1:fd:cc:23:92:1b:32:12:66:bf:ec:c8:fd:41:
8a:5c:32:2e:fe:59:79:0f:70:77:0b:12:be:e0:b0:71:4b:91:
98:f4:ee:01:cf:78:00:c7:56:54:b9:85:d8:2c:03:a0:4b:cb:
3b:5e:25:74:c9:f5:16:b8:49:a5:d4:ee:b8:e9:09:ce:78:cd:
b5:91:f7:97:ee:3b:44:30:7c:52:00:52:6b:ca:d0:6b:42:98:
f3:79:28:42:eb:78:d0:f9:1d:30:fa:8e:d8:ba:e0:48:33:df:
fe:d0:c8:93:96:fb:c2:51:41:95:a4:92:11:5c:37:54:25:20:
c2:35:ad:32:3c:71:7d:c0:19:73:41:57:34:8e:69:d8:de:64:
49:21:64:e2
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAYzEJHGBXjuSnCwnTwq/ljp5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2I1Y2VjYzIxM2I5Zjg2ZGJiYTUxODUyMWU4NTQ2ZWM5
Mzg2MWMwHhcNMjQwMTAxMDgyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmM0N2EwMzE0NGQyNTU2ZGE4YmM3NTBiZDAxMjE4YjY1OTA4MzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoz4Zd0YRgulHaXtxNJn729biTMhR
LsQv5yCVVZuUMw2gZKycJxqYXvtaNTrYkYvRy4m2aWqWohaASwUPB49qqA6Qg9nw
jkRTq363rGNnv6A3V9TxMJHdlj5A8LoMEN+FoDoESsM34Hr8HPL0Lp6I437Gfzji
L3LyhlXsRSVvHqlp1R1KCMYXq1cLS6sGCIfvF2r+ll4r9XDshN8I9ox3F5dU5Cfr
xAC7o6REK3jjPuyVpoKoa9ZYiJFzzJOzdV3NW8j0W7vLHXfUv5YZBQUkjp44z8Bu
n0T4JJlQlhHHcrjI+Vnrozo3XRkwtljTi3C2DGDCUKpnFfKbFmIxS7amwwIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFCLEegMUTSVW2ovHUL0BIYtlkIMpMB8GA1UdIwQY
MBaAFNPLXOzCE7n4bbulGFIehUbsk4YcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYt
ODQyNjk0MTJkNTYxLzEvSXNSNkF4Uk5KVmJhaThkUXZRRWhpMldRZ3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9lMTE3ZmUtYzllNy00ZDQxLTk0ZGYtODQyNjk0MTJkNTYx
LzEvMDh0YzdNSVR1Zmh0dTZVWVVoNkZSdXlUaGh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQEUNPwAwQE
sGuAMA4EAgACMAgDBgQqAG1HADANBgkqhkiG9w0BAQsFAAOCAQEArJMqH6QyUo8x
fqgltlUdKSXNOz6hXDvYCm9lNRZpR+4QXwa8JfdFR6nXLUGZuU3d3SgwKLTY6E5u
5CcznTLhoeIpHPfWo5vCjQbe3cctfHvdxbrILMwN5qnl+TthGUmoCFnon67TNNKl
wJSfGP4HMNH9zCOSGzISZr/syP1BilwyLv5ZeQ9wdwsSvuCwcUuRmPTuAc94AMdW
VLmF2CwDoEvLO14ldMn1FrhJpdTuuOkJznjNtZH3l+47RDB8UgBSa8rQa0KY83ko
Qut40PkdMPqO2LrgSDPf/tDIk5b7wlFBlaSSEVw3VCUgwjWtMjxxfcAZc0FXNI5p
2N5kSSFk4g==
-----END CERTIFICATE-----
Generated at Sat May 11 20:23:00 2024 by rpki-client on console-ams.rpki-client.org