Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/iaRVIi0FyGzElQkIbTaFOLHHZpY.roa
File: iaRVIi0FyGzElQkIbTaFOLHHZpY.roa (raw, json)
Hash identifier: g+GeJIZIr3BL8W8SBWjKrIp6VfZLasvFOHs6aDeAqTo=
Subject key identifier: 89:A4:55:22:2D:05:C8:6C:C4:95:09:08:6D:36:85:38:B1:C7:66:96
Certificate issuer: /CN=6ff362c0765afb7b9804b6d819470007b01f262e
Certificate serial: 0190BFDC74796FE401127F4D62F065746DA2
Authority key identifier: 6F:F3:62:C0:76:5A:FB:7B:98:04:B6:D8:19:47:00:07:B0:1F:26:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/iaRVIi0FyGzElQkIbTaFOLHHZpY.roa
Signing time: Wed 17 Jul 2024 08:43:34 +0000
ROA not before: Wed 17 Jul 2024 08:43:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31399
IP address blocks: 53.0.0.0/8 maxlen: 8
53.3.144.0/21 maxlen: 21
141.113.0.0/21 maxlen: 21
141.113.8.0/21 maxlen: 21
141.113.24.0/22 maxlen: 22
141.113.32.0/21 maxlen: 21
141.113.32.0/22 maxlen: 22
141.113.36.0/22 maxlen: 22
141.113.40.0/21 maxlen: 21
141.113.48.0/21 maxlen: 21
141.113.56.0/21 maxlen: 21
141.113.64.0/21 maxlen: 21
141.113.72.0/21 maxlen: 21
141.113.88.0/22 maxlen: 22
141.113.96.0/21 maxlen: 21
141.113.104.0/21 maxlen: 21
141.113.112.0/21 maxlen: 21
141.113.120.0/21 maxlen: 21
141.113.200.0/22 maxlen: 22
141.113.204.0/22 maxlen: 22
141.113.208.0/21 maxlen: 21
141.113.216.0/21 maxlen: 21
141.113.224.0/21 maxlen: 21
141.113.232.0/21 maxlen: 21
141.113.240.0/21 maxlen: 21
141.113.248.0/21 maxlen: 21
2a03:9e40::/29 maxlen: 29
2a03:9e42::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.mft
rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:bf:dc:74:79:6f:e4:01:12:7f:4d:62:f0:65:74:6d:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ff362c0765afb7b9804b6d819470007b01f262e
Validity
Not Before: Jul 17 08:43:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89a455222d05c86cc49509086d368538b1c76696
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:6e:e5:d1:2b:f0:28:fe:83:4d:a3:a4:0d:52:
cf:4c:e6:e8:e5:7e:f7:4a:80:c2:2c:aa:eb:04:5b:
e2:0a:3b:92:3f:78:2a:df:76:a8:65:e1:e2:de:87:
a5:0e:51:29:68:c6:5e:c8:6c:c1:b0:b1:da:c1:9d:
5d:b8:db:fc:4f:0b:39:36:d3:a7:1f:ee:47:7e:e2:
27:23:69:83:47:c3:65:89:37:e8:0f:54:e2:6f:f5:
6a:e3:73:a6:f3:52:36:15:af:19:42:48:e5:93:42:
1a:2f:90:89:c0:4d:ed:9d:e8:44:63:4e:d9:1c:7f:
68:b1:81:89:1c:30:b4:d6:8b:1a:f7:d1:a5:c4:b3:
3b:9d:cb:57:ae:16:39:98:ed:68:f0:cd:77:e8:03:
22:80:df:f4:8f:8d:10:c4:90:72:24:cc:5a:a2:55:
78:5d:22:5f:60:e8:c0:ec:59:41:31:7d:bb:b8:3d:
5c:ba:eb:f4:db:68:ff:d3:ea:6e:4a:66:2b:45:5b:
46:b4:ab:55:13:71:9d:6b:d3:c6:a7:16:91:4d:16:
9a:cc:d5:9c:d7:7b:c2:a2:ba:ea:0c:9b:ff:dd:ec:
41:b3:b0:3d:e1:fe:c0:d9:fb:92:31:de:10:e6:5f:
d4:4d:04:5b:21:ac:98:09:96:8b:1f:5e:f9:3a:80:
90:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:A4:55:22:2D:05:C8:6C:C4:95:09:08:6D:36:85:38:B1:C7:66:96
X509v3 Authority Key Identifier:
keyid:6F:F3:62:C0:76:5A:FB:7B:98:04:B6:D8:19:47:00:07:B0:1F:26:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_NiwHZa-3uYBLbYGUcAB7AfJi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/iaRVIi0FyGzElQkIbTaFOLHHZpY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/e01190-5204-44c5-a11a-dafd74763d23/1/b_NiwHZa-3uYBLbYGUcAB7AfJi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
53.0.0.0/8
141.113.0.0/20
141.113.24.0/22
141.113.32.0-141.113.79.255
141.113.88.0/22
141.113.96.0/19
141.113.200.0-141.113.255.255
IPv6:
2a03:9e40::/29
Signature Algorithm: sha256WithRSAEncryption
7b:01:70:d4:3f:de:5b:7b:43:30:5a:c1:ca:cd:b4:81:72:6f:
a8:c2:17:99:5f:65:86:a6:04:b9:6e:ff:d1:fe:d9:b5:c1:11:
f1:41:6f:0d:fd:e5:d5:18:1e:70:a0:50:5f:4f:0a:02:04:97:
24:77:ff:9d:07:12:89:d1:c8:0d:b3:c0:a9:05:84:25:cd:63:
20:27:5f:10:60:e4:b7:d4:12:f5:56:6c:fe:af:fa:7b:8e:a8:
50:53:66:c0:a7:c0:df:85:08:bd:ca:9e:4a:2e:a2:66:22:31:
a1:a7:3e:76:7f:de:43:83:59:10:0c:9a:0f:d2:39:71:d6:65:
58:7d:ec:12:11:e6:90:56:89:37:1f:74:1f:56:4c:6a:b5:a0:
cc:98:06:61:c8:42:93:0a:58:93:5d:d9:06:e1:e3:23:de:dd:
63:28:27:19:1d:6e:0b:27:8d:35:3c:5d:47:92:e1:6e:fb:38:
ee:3f:a3:3a:ad:6b:d4:1a:32:bd:91:36:5b:e8:98:2e:29:b1:
31:e2:94:e9:73:44:5f:31:6f:1e:03:5d:f0:1b:87:66:77:3f:
92:5b:e1:df:43:a6:e8:27:3f:bf:5f:cd:5d:9e:05:92:3d:cc:
0c:f0:9e:0e:92:ff:ab:85:d5:c7:d0:5a:04:38:09:e0:77:32:
70:74:f5:a4
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZC/3HR5b+QBEn9NYvBldG2iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZjM2MmMwNzY1YWZiN2I5ODA0YjZkODE5NDcwMDA3YjAx
ZjI2MmUwHhcNMjQwNzE3MDg0MzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWE0NTUyMjJkMDVjODZjYzQ5NTA5MDg2ZDM2ODUzOGIxYzc2Njk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4G7l0SvwKP6DTaOkDVLPTObo5X73
SoDCLKrrBFviCjuSP3gq33aoZeHi3oelDlEpaMZeyGzBsLHawZ1duNv8Tws5NtOn
H+5HfuInI2mDR8NliTfoD1Tib/Vq43Om81I2Fa8ZQkjlk0IaL5CJwE3tnehEY07Z
HH9osYGJHDC01osa99GlxLM7nctXrhY5mO1o8M136AMigN/0j40QxJByJMxaolV4
XSJfYOjA7FlBMX27uD1cuuv022j/0+puSmYrRVtGtKtVE3Gda9PGpxaRTRaazNWc
13vCorrqDJv/3exBs7A94f7A2fuSMd4Q5l/UTQRbIayYCZaLH175OoCQIQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFImkVSItBchsxJUJCG02hTixx2aWMB8GA1UdIwQY
MBaAFG/zYsB2Wvt7mAS22BlHAAewHyYuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl9OaXdIWmEtM3VZQkxiWUdVY0FCN0FmSmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9lMDExOTAtNTIwNC00NGM1LWExMWEt
ZGFmZDc0NzYzZDIzLzEvaWFSVklpMEZ5R3pFbFFrSWJUYUZPTEhIWnBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9lMDExOTAtNTIwNC00NGM1LWExMWEtZGFmZDc0NzYzZDIz
LzEvYl9OaXdIWmEtM3VZQkxiWUdVY0FCN0FmSmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA9BAIAATA3AwIANQMEBI1x
AAMEAo1xGDAMAwQFjXEgAwQEjXFAAwQCjXFYAwQFjXFgMAsDBAONccgDAwGNcDAN
BAIAAjAHAwUDKgOeQDANBgkqhkiG9w0BAQsFAAOCAQEAewFw1D/eW3tDMFrBys20
gXJvqMIXmV9lhqYEuW7/0f7ZtcER8UFvDf3l1RgecKBQX08KAgSXJHf/nQcSidHI
DbPAqQWEJc1jICdfEGDkt9QS9VZs/q/6e46oUFNmwKfA34UIvcqeSi6iZiIxoac+
dn/eQ4NZEAyaD9I5cdZlWH3sEhHmkFaJNx90H1ZMarWgzJgGYchCkwpYk13ZBuHj
I97dYygnGR1uCyeNNTxdR5Lhbvs47j+jOq1r1BoyvZE2W+iYLimxMeKU6XNEXzFv
HgNd8BuHZnc/klvh30Om6Cc/v1/NXZ4Fkj3MDPCeDpL/q4XVx9BaBDgJ4HcycHT1
pA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:40:44 2024 by rpki-client on console-ams.rpki-client.org