Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/I5con75aWk-VwuwKTII0hK6JKR8.roa
File: I5con75aWk-VwuwKTII0hK6JKR8.roa (raw, json)
Hash identifier: 6yI4jICwVGXjRck9XwgWkbYR7TFAbuQBuUPAWnYib34=
Subject key identifier: 23:97:28:9F:BE:5A:5A:4F:95:C2:EC:0A:4C:82:34:84:AE:89:29:1F
Certificate issuer: /CN=cb2cc7ce42e79c351ac7d28f645de7f5938acc9c
Certificate serial: 018CC5DC1084DE1764F2DF8B4B016B99928D
Authority key identifier: CB:2C:C7:CE:42:E7:9C:35:1A:C7:D2:8F:64:5D:E7:F5:93:8A:CC:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yyzHzkLnnDUax9KPZF3n9ZOKzJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/I5con75aWk-VwuwKTII0hK6JKR8.roa
Signing time: Mon 01 Jan 2024 16:29:42 +0000
ROA not before: Mon 01 Jan 2024 16:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197064
IP address blocks: 151.248.56.0/21 maxlen: 21
178.23.104.0/21 maxlen: 21
185.24.196.0/22 maxlen: 22
2a02:2408::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/yyzHzkLnnDUax9KPZF3n9ZOKzJw.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/yyzHzkLnnDUax9KPZF3n9ZOKzJw.mft
rsync://rpki.ripe.net/repository/DEFAULT/yyzHzkLnnDUax9KPZF3n9ZOKzJw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:10:84:de:17:64:f2:df:8b:4b:01:6b:99:92:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb2cc7ce42e79c351ac7d28f645de7f5938acc9c
Validity
Not Before: Jan 1 16:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2397289fbe5a5a4f95c2ec0a4c823484ae89291f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:ee:2e:c7:65:7a:4f:5f:95:21:7b:2d:3e:7a:
6b:4c:48:3d:8d:33:e9:cb:f2:eb:95:9c:d0:73:bd:
32:46:97:ec:29:ee:68:39:a7:cd:7c:86:f8:0b:b5:
c9:9d:81:bf:21:13:f0:15:8e:ff:67:80:a6:45:87:
b1:aa:7a:0c:44:99:f2:c4:c7:31:ef:a6:27:94:7a:
44:fd:e2:0e:9e:f9:d7:f4:a1:2d:74:cb:8c:99:74:
26:6b:4c:e6:d5:ac:49:1c:1e:65:0e:6e:e0:7c:a8:
94:6e:36:98:38:20:9a:c3:ce:f9:0c:43:52:ca:e4:
a2:f2:c3:cb:c5:88:8a:5b:d6:7f:5f:1f:b9:b5:81:
ae:37:52:c7:c5:ce:5b:66:7a:12:4c:cb:ef:00:35:
dd:77:96:80:5e:41:54:1f:7f:84:ee:a7:8d:7b:3f:
3e:d3:1a:b0:71:f9:bc:32:23:e4:6e:21:b2:38:38:
d6:84:60:f4:41:39:b3:88:ab:29:0b:d6:d2:6d:03:
ee:56:74:b2:50:b3:b9:25:ff:67:ae:3c:ad:3d:35:
05:4a:e9:d5:2b:f6:c8:b5:d3:81:ff:ef:1d:12:d1:
40:d3:2b:f6:4b:9a:78:ab:f7:ec:ab:6f:4a:75:02:
bf:69:ef:12:ba:e3:0d:18:de:b6:5f:f2:80:70:00:
a9:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:97:28:9F:BE:5A:5A:4F:95:C2:EC:0A:4C:82:34:84:AE:89:29:1F
X509v3 Authority Key Identifier:
keyid:CB:2C:C7:CE:42:E7:9C:35:1A:C7:D2:8F:64:5D:E7:F5:93:8A:CC:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yyzHzkLnnDUax9KPZF3n9ZOKzJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/I5con75aWk-VwuwKTII0hK6JKR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/90c403-e6e9-41e0-b157-781d8fb1d2fb/1/yyzHzkLnnDUax9KPZF3n9ZOKzJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.248.56.0/21
178.23.104.0/21
185.24.196.0/22
IPv6:
2a02:2408::/32
Signature Algorithm: sha256WithRSAEncryption
1a:5d:ba:72:56:ff:9b:b1:38:83:b6:9c:a4:b3:e5:6a:15:be:
0e:ae:5d:84:93:d9:cb:9d:0f:80:dd:f1:de:ce:de:e1:a2:c1:
44:4f:a2:5b:b8:db:42:b2:c8:36:d3:23:00:3c:2d:eb:eb:bf:
9c:46:c9:a2:7e:70:72:ed:08:72:7d:0e:61:ad:7f:0f:f8:30:
78:20:35:09:46:09:73:28:8b:0c:0d:5a:30:3d:17:e1:2d:9d:
d9:92:f9:93:8c:dc:4b:bb:8e:50:dd:0c:d6:fb:7e:b8:7c:40:
47:67:fa:81:3a:a9:ec:ee:0a:65:de:4f:6c:ad:6d:4c:b2:40:
55:e6:b7:88:5c:80:3f:7d:1e:b5:ff:b9:74:45:c5:14:27:1b:
c8:77:8b:51:1b:48:29:6a:2e:17:28:2d:42:f9:05:3e:35:40:
70:ed:5c:2a:d9:20:32:e8:23:ab:47:f7:b4:89:c6:ad:c3:c0:
d6:84:4d:c6:8e:da:49:51:bf:cc:eb:19:a1:a1:91:2d:1e:4e:
d0:af:37:e1:af:88:fe:23:a1:0d:5d:32:00:be:af:6d:f0:8f:
10:49:50:0c:67:cd:86:30:57:cd:43:76:1c:86:7c:38:e5:be:
60:dd:43:8e:85:b2:84:c6:10:d8:bf:8c:1b:c0:74:e6:ef:e1:
0a:ca:fc:50
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzF3BCE3hdk8t+LSwFrmZKNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiMmNjN2NlNDJlNzljMzUxYWM3ZDI4ZjY0NWRlN2Y1OTM4
YWNjOWMwHhcNMjQwMTAxMTYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzk3Mjg5ZmJlNWE1YTRmOTVjMmVjMGE0YzgyMzQ4NGFlODkyOTFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgu4ux2V6T1+VIXstPnprTEg9jTPp
y/LrlZzQc70yRpfsKe5oOafNfIb4C7XJnYG/IRPwFY7/Z4CmRYexqnoMRJnyxMcx
76YnlHpE/eIOnvnX9KEtdMuMmXQma0zm1axJHB5lDm7gfKiUbjaYOCCaw875DENS
yuSi8sPLxYiKW9Z/Xx+5tYGuN1LHxc5bZnoSTMvvADXdd5aAXkFUH3+E7qeNez8+
0xqwcfm8MiPkbiGyODjWhGD0QTmziKspC9bSbQPuVnSyULO5Jf9nrjytPTUFSunV
K/bItdOB/+8dEtFA0yv2S5p4q/fsq29KdQK/ae8SuuMNGN62X/KAcACpvwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCOXKJ++WlpPlcLsCkyCNISuiSkfMB8GA1UdIwQY
MBaAFMssx85C55w1GsfSj2Rd5/WTisycMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXl6SHprTG5uRFVheDlLUFpGM245Wk9Lekp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC85MGM0MDMtZTZlOS00MWUwLWIxNTct
NzgxZDhmYjFkMmZiLzEvSTVjb243NWFXay1Wd3V3S1RJSTBoSzZKS1I4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC85MGM0MDMtZTZlOS00MWUwLWIxNTctNzgxZDhmYjFkMmZi
LzEveXl6SHprTG5uRFVheDlLUFpGM245Wk9Lekp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDl/g4AwQD
shdoAwQCuRjEMA0EAgACMAcDBQAqAiQIMA0GCSqGSIb3DQEBCwUAA4IBAQAaXbpy
Vv+bsTiDtpyks+VqFb4Orl2Ek9nLnQ+A3fHezt7hosFET6JbuNtCssg20yMAPC3r
67+cRsmifnBy7QhyfQ5hrX8P+DB4IDUJRglzKIsMDVowPRfhLZ3ZkvmTjNxLu45Q
3QzW+364fEBHZ/qBOqns7gpl3k9srW1MskBV5reIXIA/fR61/7l0RcUUJxvId4tR
G0gpai4XKC1C+QU+NUBw7Vwq2SAy6COrR/e0icatw8DWhE3GjtpJUb/M6xmhoZEt
Hk7Qrzfhr4j+I6ENXTIAvq9t8I8QSVAMZ82GMFfNQ3Ychnw45b5g3UOOhbKExhDY
v4wbwHTm7+EKyvxQ
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:12:17 2024 by rpki-client on console-ams.rpki-client.org