Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/iunLhP0bE4vBGyoEJU3lC1kiMws.roa
File: iunLhP0bE4vBGyoEJU3lC1kiMws.roa (raw, json)
Hash identifier: uQ2joKer9H7EXN9kCeF2wYuEnduTl9qdYbAVdUnM9hA=
Subject key identifier: 8A:E9:CB:84:FD:1B:13:8B:C1:1B:2A:04:25:4D:E5:0B:59:22:33:0B
Certificate issuer: /CN=71a2739b20c259c5d1b388d1453f6f1799f28f6c
Certificate serial: 0191DBBAA8AF05000E2806EBAC34CA16B448
Authority key identifier: 71:A2:73:9B:20:C2:59:C5:D1:B3:88:D1:45:3F:6F:17:99:F2:8F:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/caJzmyDCWcXRs4jRRT9vF5nyj2w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/iunLhP0bE4vBGyoEJU3lC1kiMws.roa
Signing time: Tue 10 Sep 2024 11:38:48 +0000
ROA not before: Tue 10 Sep 2024 11:38:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203511
IP address blocks: 84.54.13.0/24 maxlen: 24
176.98.41.0/24 maxlen: 24
193.31.116.0/24 maxlen: 24
213.226.119.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/caJzmyDCWcXRs4jRRT9vF5nyj2w.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/caJzmyDCWcXRs4jRRT9vF5nyj2w.mft
rsync://rpki.ripe.net/repository/DEFAULT/caJzmyDCWcXRs4jRRT9vF5nyj2w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:db:ba:a8:af:05:00:0e:28:06:eb:ac:34:ca:16:b4:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=71a2739b20c259c5d1b388d1453f6f1799f28f6c
Validity
Not Before: Sep 10 11:38:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8ae9cb84fd1b138bc11b2a04254de50b5922330b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:42:7b:16:35:51:a6:40:c8:55:c8:fc:30:2f:
d7:2d:75:82:ce:d4:27:d9:f5:39:9e:19:74:7e:9d:
74:76:61:63:42:51:c4:8d:c0:88:f0:40:99:62:ad:
09:c4:e9:f9:ab:1e:84:d7:57:2e:97:ef:c7:a3:ca:
cc:7f:01:48:45:26:1d:f2:16:50:dd:bb:55:d8:eb:
2a:8c:ea:42:97:c7:10:7d:c5:45:6a:78:8e:76:48:
6f:b3:eb:f1:0c:50:58:25:54:4d:f7:8d:47:24:5c:
4d:74:47:e5:4f:a9:c6:ae:da:07:4c:7e:9f:5c:28:
d4:a2:a3:17:98:9e:5f:10:bb:ec:9b:a1:63:44:fc:
ef:d2:a9:c2:c6:04:25:f0:e8:81:52:55:43:d3:26:
df:9c:ec:2c:4f:e9:95:f1:d9:f4:4a:24:a0:13:d5:
73:eb:ba:ad:18:4d:59:85:56:ad:f6:e3:ef:6a:1a:
4c:85:b6:e5:f6:0f:6e:7c:bd:dd:d5:46:61:be:c9:
21:18:df:e3:82:5b:8b:73:d7:fa:32:b4:f4:a2:7d:
a3:63:5c:b7:b4:c9:39:30:f4:37:a8:db:56:92:b7:
27:58:58:26:c7:9e:aa:0a:ac:c0:48:79:3f:95:c5:
cd:b3:65:02:c7:37:c3:26:0f:d8:e0:d5:06:a5:67:
3e:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:E9:CB:84:FD:1B:13:8B:C1:1B:2A:04:25:4D:E5:0B:59:22:33:0B
X509v3 Authority Key Identifier:
keyid:71:A2:73:9B:20:C2:59:C5:D1:B3:88:D1:45:3F:6F:17:99:F2:8F:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/caJzmyDCWcXRs4jRRT9vF5nyj2w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/iunLhP0bE4vBGyoEJU3lC1kiMws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/499df3-bd4f-4e40-8f82-a3855505ea2e/1/caJzmyDCWcXRs4jRRT9vF5nyj2w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.54.13.0/24
176.98.41.0/24
193.31.116.0/24
213.226.119.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:85:35:59:4e:90:fe:13:7b:54:30:98:5d:34:b0:51:42:5e:
a7:5e:e2:b0:74:65:52:9f:d3:76:26:47:82:79:29:1c:fd:0d:
64:50:af:49:81:dd:34:30:be:52:d3:c8:e4:ab:31:75:8e:31:
a5:e0:69:49:61:77:4a:0f:76:bc:58:01:40:34:8b:59:16:87:
f3:ec:7f:48:3c:5c:81:87:5c:b4:4c:e5:a1:d4:02:bc:18:57:
2e:ec:c9:5c:04:bb:78:6a:a5:b2:99:64:57:81:b7:75:6e:88:
d1:e0:e2:5e:ac:a9:c8:90:4c:28:6e:93:92:58:c6:66:7a:b8:
cf:22:0d:c2:60:1b:40:56:35:42:18:38:00:9b:9f:9c:97:cd:
c8:92:30:46:32:fa:3c:5b:12:ec:16:83:16:12:59:01:66:7c:
45:b7:86:7f:80:d1:91:3c:3e:77:76:5f:b4:ba:ed:b2:d0:c1:
47:09:b7:84:74:1d:49:15:5e:56:a1:b2:a6:fd:bd:9d:cf:57:
f7:ea:63:7b:3a:7b:ab:ee:f5:64:63:f0:af:2e:e1:5f:03:d0:
09:a5:be:f0:c9:ce:93:4c:ec:82:6d:39:07:e6:5e:ab:1c:9e:
14:d9:84:a9:57:5b:3c:01:fc:5c:f2:68:32:04:ea:06:db:4b:
b7:44:45:b3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZHbuqivBQAOKAbrrDTKFrRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxYTI3MzliMjBjMjU5YzVkMWIzODhkMTQ1M2Y2ZjE3OTlm
MjhmNmMwHhcNMjQwOTEwMTEzODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YWU5Y2I4NGZkMWIxMzhiYzExYjJhMDQyNTRkZTUwYjU5MjIzMzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUJ7FjVRpkDIVcj8MC/XLXWCztQn
2fU5nhl0fp10dmFjQlHEjcCI8ECZYq0JxOn5qx6E11cul+/Ho8rMfwFIRSYd8hZQ
3btV2OsqjOpCl8cQfcVFaniOdkhvs+vxDFBYJVRN941HJFxNdEflT6nGrtoHTH6f
XCjUoqMXmJ5fELvsm6FjRPzv0qnCxgQl8OiBUlVD0ybfnOwsT+mV8dn0SiSgE9Vz
67qtGE1ZhVat9uPvahpMhbbl9g9ufL3d1UZhvskhGN/jgluLc9f6MrT0on2jY1y3
tMk5MPQ3qNtWkrcnWFgmx56qCqzASHk/lcXNs2UCxzfDJg/Y4NUGpWc+gwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIrpy4T9GxOLwRsqBCVN5QtZIjMLMB8GA1UdIwQY
MBaAFHGic5sgwlnF0bOI0UU/bxeZ8o9sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY2FKem15RENXY1hSczRqUlJUOXZGNW55ajJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC80OTlkZjMtYmQ0Zi00ZTQwLThmODIt
YTM4NTU1MDVlYTJlLzEvaXVuTGhQMGJFNHZCR3lvRUpVM2xDMWtpTXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC80OTlkZjMtYmQ0Zi00ZTQwLThmODItYTM4NTU1MDVlYTJl
LzEvY2FKem15RENXY1hSczRqUlJUOXZGNW55ajJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVDYNAwQA
sGIpAwQAwR90AwQA1eJ3MA0GCSqGSIb3DQEBCwUAA4IBAQBPhTVZTpD+E3tUMJhd
NLBRQl6nXuKwdGVSn9N2JkeCeSkc/Q1kUK9Jgd00ML5S08jkqzF1jjGl4GlJYXdK
D3a8WAFANItZFofz7H9IPFyBh1y0TOWh1AK8GFcu7MlcBLt4aqWymWRXgbd1bojR
4OJerKnIkEwobpOSWMZmerjPIg3CYBtAVjVCGDgAm5+cl83IkjBGMvo8WxLsFoMW
ElkBZnxFt4Z/gNGRPD53dl+0uu2y0MFHCbeEdB1JFV5WobKm/b2dz1f36mN7Onur
7vVkY/CvLuFfA9AJpb7wyc6TTOyCbTkH5l6rHJ4U2YSpV1s8Afxc8mgyBOoG20u3
REWz
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:51:55 2024 by rpki-client on console-fra.rpki-client.org