Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/c7b524-c4d9-41a4-88fa-d8bf521b26b0/1/I-JQXy6tEOcDXgxYKhySArzD6UA.roa
File: I-JQXy6tEOcDXgxYKhySArzD6UA.roa (raw, json)
Hash identifier: LQ2X2wdZCxXilZKOOcbl9bjtjuS4deqjUrvrx7VoSoY=
Subject key identifier: 23:E2:50:5F:2E:AD:10:E7:03:5E:0C:58:2A:1C:92:02:BC:C3:E9:40
Certificate issuer: /CN=94a3806f742abcd5db1204f528f4ca6ddeb1e9da
Certificate serial: 018CC3490816AE5C95FCA20C1977D8542691
Authority key identifier: 94:A3:80:6F:74:2A:BC:D5:DB:12:04:F5:28:F4:CA:6D:DE:B1:E9:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lKOAb3QqvNXbEgT1KPTKbd6x6do.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/c7b524-c4d9-41a4-88fa-d8bf521b26b0/1/I-JQXy6tEOcDXgxYKhySArzD6UA.roa
Signing time: Mon 01 Jan 2024 04:29:52 +0000
ROA not before: Mon 01 Jan 2024 04:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 18434
IP address blocks: 185.41.233.0/24 maxlen: 24
185.41.232.0/24 maxlen: 24
185.41.234.0/24 maxlen: 24
185.41.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/c7b524-c4d9-41a4-88fa-d8bf521b26b0/1/lKOAb3QqvNXbEgT1KPTKbd6x6do.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/c7b524-c4d9-41a4-88fa-d8bf521b26b0/1/lKOAb3QqvNXbEgT1KPTKbd6x6do.mft
rsync://rpki.ripe.net/repository/DEFAULT/lKOAb3QqvNXbEgT1KPTKbd6x6do.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:08:16:ae:5c:95:fc:a2:0c:19:77:d8:54:26:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94a3806f742abcd5db1204f528f4ca6ddeb1e9da
Validity
Not Before: Jan 1 04:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23e2505f2ead10e7035e0c582a1c9202bcc3e940
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:dc:0c:7d:ae:98:33:de:33:cd:b8:af:a8:c8:
a8:3d:fa:a0:e8:eb:b8:ea:83:e0:52:83:08:52:0d:
38:04:66:34:4d:43:3b:5b:34:f5:56:a4:ec:12:68:
c9:6a:d6:5a:ca:fe:ad:4e:8a:df:b5:87:67:32:43:
c8:00:3c:c2:c9:56:5a:a4:8d:e4:d3:97:01:44:93:
1b:25:c9:05:0c:01:04:04:a3:c3:bc:0d:a2:4c:87:
de:1b:01:87:33:4e:1f:51:0f:7b:27:ee:36:97:ca:
9a:40:e3:81:e5:38:36:05:d3:d3:9a:a3:35:2d:66:
26:5d:51:0f:ce:3f:fc:17:29:4d:7f:9a:88:6d:9e:
90:99:e5:64:d3:83:ad:40:42:67:ed:a3:8d:64:19:
8d:6b:e2:fa:8c:08:14:c7:91:a0:e0:d0:5b:0f:ee:
5a:ac:ff:99:ca:98:99:64:3d:09:cd:6d:86:02:ba:
52:21:b8:0f:5f:41:70:c1:96:bb:70:39:5c:b3:fe:
53:30:86:35:94:11:db:1f:cd:ff:22:70:2c:d8:5f:
9b:8c:51:7d:00:3a:a7:af:59:af:d5:3b:5f:f4:10:
aa:62:eb:51:98:a0:9d:6b:cf:54:8f:e4:86:62:37:
22:0b:69:e3:04:33:ca:07:0f:16:e9:dc:eb:84:fc:
30:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E2:50:5F:2E:AD:10:E7:03:5E:0C:58:2A:1C:92:02:BC:C3:E9:40
X509v3 Authority Key Identifier:
keyid:94:A3:80:6F:74:2A:BC:D5:DB:12:04:F5:28:F4:CA:6D:DE:B1:E9:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lKOAb3QqvNXbEgT1KPTKbd6x6do.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/c7b524-c4d9-41a4-88fa-d8bf521b26b0/1/I-JQXy6tEOcDXgxYKhySArzD6UA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/c7b524-c4d9-41a4-88fa-d8bf521b26b0/1/lKOAb3QqvNXbEgT1KPTKbd6x6do.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.41.232.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:df:64:1c:b8:f4:d2:c9:9d:f2:b7:8a:29:4c:d0:a9:8b:86:
6b:04:52:60:08:21:16:0a:33:e9:fb:ae:64:80:80:a1:23:e0:
db:9f:61:25:c0:9c:0e:02:92:2c:89:29:1c:03:cc:38:66:fe:
fa:5f:58:3e:48:40:17:e6:64:46:bf:38:d9:28:ce:5c:fd:97:
15:b8:f0:bc:a6:ec:e7:1e:cb:69:a9:e5:90:d7:d5:07:ec:b5:
d0:4a:79:ab:ce:1e:b9:f4:39:86:cd:e3:70:0c:ac:ed:b9:2e:
f7:29:ef:97:2a:ff:83:09:ca:ac:e9:23:c9:7b:0c:53:ad:b4:
c0:38:99:a4:e7:63:2b:26:6c:2c:db:92:b0:5c:58:7f:e5:f5:
c9:e9:f6:99:ba:11:e0:6c:2c:83:c2:95:88:c6:29:cf:c5:05:
6e:e9:c6:3b:89:19:83:5a:98:3c:e7:32:c7:8e:a7:75:47:d4:
d7:99:5b:be:b1:a8:f5:88:68:67:43:e4:0c:0e:32:c2:78:f7:
9f:fe:4b:02:78:0b:2f:c8:4b:90:f4:e6:7f:72:fc:bd:12:46:
54:8e:88:e6:33:80:1c:29:bd:e5:78:19:da:cc:3d:8d:f8:07:
32:9e:32:de:ad:8e:25:fe:9a:e8:48:05:f4:27:80:b0:57:6f:
21:8e:61:01
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSQgWrlyV/KIMGXfYVCaRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0YTM4MDZmNzQyYWJjZDVkYjEyMDRmNTI4ZjRjYTZkZGVi
MWU5ZGEwHhcNMjQwMTAxMDQyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2UyNTA1ZjJlYWQxMGU3MDM1ZTBjNTgyYTFjOTIwMmJjYzNlOTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNwMfa6YM94zzbivqMioPfqg6Ou4
6oPgUoMIUg04BGY0TUM7WzT1VqTsEmjJatZayv6tTorftYdnMkPIADzCyVZapI3k
05cBRJMbJckFDAEEBKPDvA2iTIfeGwGHM04fUQ97J+42l8qaQOOB5Tg2BdPTmqM1
LWYmXVEPzj/8FylNf5qIbZ6QmeVk04OtQEJn7aONZBmNa+L6jAgUx5Gg4NBbD+5a
rP+ZypiZZD0JzW2GArpSIbgPX0FwwZa7cDlcs/5TMIY1lBHbH83/InAs2F+bjFF9
ADqnr1mv1Ttf9BCqYutRmKCda89Uj+SGYjciC2njBDPKBw8W6dzrhPwwQwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCPiUF8urRDnA14MWCockgK8w+lAMB8GA1UdIwQY
MBaAFJSjgG90KrzV2xIE9Sj0ym3esenaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbEtPQWIzUXF2TlhiRWdUMUtQVEtiZDZ4NmRvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9jN2I1MjQtYzRkOS00MWE0LTg4ZmEt
ZDhiZjUyMWIyNmIwLzEvSS1KUVh5NnRFT2NEWGd4WUtoeVNBcnpENlVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9jN2I1MjQtYzRkOS00MWE0LTg4ZmEtZDhiZjUyMWIyNmIw
LzEvbEtPQWIzUXF2TlhiRWdUMUtQVEtiZDZ4NmRvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuSnoMA0G
CSqGSIb3DQEBCwUAA4IBAQBN32QcuPTSyZ3yt4opTNCpi4ZrBFJgCCEWCjPp+65k
gIChI+Dbn2ElwJwOApIsiSkcA8w4Zv76X1g+SEAX5mRGvzjZKM5c/ZcVuPC8puzn
HstpqeWQ19UH7LXQSnmrzh659DmGzeNwDKztuS73Ke+XKv+DCcqs6SPJewxTrbTA
OJmk52MrJmws25KwXFh/5fXJ6faZuhHgbCyDwpWIxinPxQVu6cY7iRmDWpg85zLH
jqd1R9TXmVu+saj1iGhnQ+QMDjLCePef/ksCeAsvyEuQ9OZ/cvy9EkZUjojmM4Ac
Kb3leBnazD2N+AcynjLerY4l/proSAX0J4CwV28hjmEB
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:53:22 2024 by rpki-client on console-fra.rpki-client.org