Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/CIcyxT9xp_M2FJaQXj-mKH07w6Y.roa
File: CIcyxT9xp_M2FJaQXj-mKH07w6Y.roa (raw, json)
Hash identifier: yFVotHQ/Q61pgNMPC8IoqAt9iTgh0oZSOsvfStjoSeM=
Subject key identifier: 08:87:32:C5:3F:71:A7:F3:36:14:96:90:5E:3F:A6:28:7D:3B:C3:A6
Certificate issuer: /CN=8e702a616c04941e2c9f071651e49c5df3aed0b1
Certificate serial: 01910EBB0AAD163DC9A02B83C7758CD8D3D6
Authority key identifier: 8E:70:2A:61:6C:04:94:1E:2C:9F:07:16:51:E4:9C:5D:F3:AE:D0:B1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jnAqYWwElB4snwcWUeScXfOu0LE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/CIcyxT9xp_M2FJaQXj-mKH07w6Y.roa
Signing time: Thu 01 Aug 2024 16:17:04 +0000
ROA not before: Thu 01 Aug 2024 16:17:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200325
IP address blocks: 91.200.176.0/24 maxlen: 24
107.150.176.0/24 maxlen: 24
109.104.146.0/23 maxlen: 24
109.224.228.0/22 maxlen: 24
193.162.131.0/24 maxlen: 24
212.104.158.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/jnAqYWwElB4snwcWUeScXfOu0LE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/jnAqYWwElB4snwcWUeScXfOu0LE.mft
rsync://rpki.ripe.net/repository/DEFAULT/jnAqYWwElB4snwcWUeScXfOu0LE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:0e:bb:0a:ad:16:3d:c9:a0:2b:83:c7:75:8c:d8:d3:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8e702a616c04941e2c9f071651e49c5df3aed0b1
Validity
Not Before: Aug 1 16:17:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=088732c53f71a7f3361496905e3fa6287d3bc3a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:e8:18:4b:23:07:2a:ff:94:26:d6:51:39:a8:
c6:e1:27:41:a2:08:62:84:2b:01:1d:b8:e5:04:f3:
83:93:88:b8:7b:5a:21:82:0b:1d:55:cc:9a:ff:82:
8e:43:28:23:8f:e1:b6:0f:74:f3:3b:81:5b:c6:46:
8a:f4:93:3b:ce:9d:08:fb:a3:72:c3:03:b9:ff:1b:
3a:4f:da:e1:4c:15:1b:f8:69:e4:41:93:19:fc:b8:
8d:7a:28:d9:73:72:47:6b:fa:9d:8c:52:61:b1:83:
62:58:e2:36:a9:ff:2e:4e:fd:29:66:ef:65:1e:f6:
f2:79:e2:e0:43:ee:97:22:88:86:a5:f6:fe:a2:a0:
bb:2e:62:c5:10:c2:bf:b1:f6:94:15:f1:82:8e:6e:
4b:eb:12:d0:40:4c:09:fb:4e:e6:e4:65:e8:de:92:
08:6a:56:10:b1:ad:84:79:9a:04:dc:94:72:de:64:
bb:bd:d9:23:1a:30:5f:fe:34:7f:7a:ed:50:dd:35:
92:c2:a6:1e:8b:0f:c5:50:14:86:9c:1c:c5:b0:29:
69:e0:f6:11:79:a5:d6:23:ba:8c:64:bc:bf:73:53:
a7:80:29:3f:9c:24:47:be:91:47:86:ab:3b:42:ab:
20:78:87:14:31:07:94:fc:27:94:80:c9:cd:8a:bf:
a2:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:87:32:C5:3F:71:A7:F3:36:14:96:90:5E:3F:A6:28:7D:3B:C3:A6
X509v3 Authority Key Identifier:
keyid:8E:70:2A:61:6C:04:94:1E:2C:9F:07:16:51:E4:9C:5D:F3:AE:D0:B1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jnAqYWwElB4snwcWUeScXfOu0LE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/CIcyxT9xp_M2FJaQXj-mKH07w6Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/2b8877-e523-4e9c-9fc3-cd60c891001b/1/jnAqYWwElB4snwcWUeScXfOu0LE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.200.176.0/24
107.150.176.0/24
109.104.146.0/23
109.224.228.0/22
193.162.131.0/24
212.104.158.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:42:66:4b:42:96:47:fa:7f:11:ba:1e:3f:ec:c4:89:22:67:
c9:3a:94:72:53:2a:d1:8c:ad:fd:ce:1e:35:7f:8a:d5:98:06:
e0:43:7b:7e:38:25:ac:14:90:a3:be:bf:ca:12:64:89:72:cf:
6d:12:30:e6:98:47:36:83:c8:72:4b:dc:09:14:ee:37:a2:38:
11:d6:9d:a1:08:ee:65:e2:f6:37:28:f6:26:43:cd:db:b7:5e:
19:1d:e9:48:12:dd:dd:3d:0c:1c:c4:31:13:e2:da:2f:6a:ab:
ac:60:ad:28:8c:4b:85:5b:de:cc:68:96:b0:bd:92:99:e7:58:
8e:3f:c5:f0:13:6b:25:4e:2a:2c:24:b5:fa:27:10:b3:c7:11:
78:11:16:c8:28:6a:91:3a:c2:0f:8f:c7:06:1f:d5:57:f2:c4:
1b:a9:7c:fe:67:0b:be:85:40:40:de:01:b7:00:b0:76:8f:4b:
a9:69:4b:c9:dc:59:2e:b9:ab:82:07:83:95:d8:26:01:6b:a2:
8a:33:23:3c:d1:2e:1c:2a:c5:4d:62:52:1e:3e:08:eb:85:49:
56:b0:a1:6a:5f:82:40:f9:b1:d9:52:a8:63:8b:ce:ec:86:f7:
99:d7:c6:9c:6d:8b:34:22:85:28:c6:8f:3a:e2:9c:bb:0c:97:
46:de:39:7b
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZEOuwqtFj3JoCuDx3WM2NPWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhlNzAyYTYxNmMwNDk0MWUyYzlmMDcxNjUxZTQ5YzVkZjNh
ZWQwYjEwHhcNMjQwODAxMTYxNzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODg3MzJjNTNmNzFhN2YzMzYxNDk2OTA1ZTNmYTYyODdkM2JjM2E2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvugYSyMHKv+UJtZROajG4SdBoghi
hCsBHbjlBPODk4i4e1ohggsdVcya/4KOQygjj+G2D3TzO4FbxkaK9JM7zp0I+6Ny
wwO5/xs6T9rhTBUb+GnkQZMZ/LiNeijZc3JHa/qdjFJhsYNiWOI2qf8uTv0pZu9l
HvbyeeLgQ+6XIoiGpfb+oqC7LmLFEMK/sfaUFfGCjm5L6xLQQEwJ+07m5GXo3pII
alYQsa2EeZoE3JRy3mS7vdkjGjBf/jR/eu1Q3TWSwqYeiw/FUBSGnBzFsClp4PYR
eaXWI7qMZLy/c1OngCk/nCRHvpFHhqs7QqsgeIcUMQeU/CeUgMnNir+ixQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFAiHMsU/cafzNhSWkF4/pih9O8OmMB8GA1UdIwQY
MBaAFI5wKmFsBJQeLJ8HFlHknF3zrtCxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvam5BcVlXd0VsQjRzbndjV1VlU2NYZk91MExFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy8yYjg4NzctZTUyMy00ZTljLTlmYzMt
Y2Q2MGM4OTEwMDFiLzEvQ0ljeXhUOXhwX00yRkphUVhqLW1LSDA3dzZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy8yYjg4NzctZTUyMy00ZTljLTlmYzMtY2Q2MGM4OTEwMDFi
LzEvam5BcVlXd0VsQjRzbndjV1VlU2NYZk91MExFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW8iwAwQA
a5awAwQBbWiSAwQCbeDkAwQAwaKDAwQA1GieMA0GCSqGSIb3DQEBCwUAA4IBAQCs
QmZLQpZH+n8Ruh4/7MSJImfJOpRyUyrRjK39zh41f4rVmAbgQ3t+OCWsFJCjvr/K
EmSJcs9tEjDmmEc2g8hyS9wJFO43ojgR1p2hCO5l4vY3KPYmQ83bt14ZHelIEt3d
PQwcxDET4tovaqusYK0ojEuFW97MaJawvZKZ51iOP8XwE2slTiosJLX6JxCzxxF4
ERbIKGqROsIPj8cGH9VX8sQbqXz+Zwu+hUBA3gG3ALB2j0upaUvJ3FkuuauCB4OV
2CYBa6KKMyM80S4cKsVNYlIePgjrhUlWsKFqX4JA+bHZUqhji87shveZ18acbYs0
IoUoxo864py7DJdG3jl7
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:23:05 2024 by rpki-client on console-fra.rpki-client.org