Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/IaSmBUfqxxAqHxk7UrP4YbgQGmI.roa
File: IaSmBUfqxxAqHxk7UrP4YbgQGmI.roa (raw, json)
Hash identifier: U6fQoqeIEEvg/cvZTIpxzFAn79WHjpp9wXUhxAny6Nk=
Subject key identifier: 21:A4:A6:05:47:EA:C7:10:2A:1F:19:3B:52:B3:F8:61:B8:10:1A:62
Certificate issuer: /CN=97024ffc4927bfe35289435d9d0280420b8ecdcb
Certificate serial: 0192BF77DF07F19FE117055A0CB2E669554C
Authority key identifier: 97:02:4F:FC:49:27:BF:E3:52:89:43:5D:9D:02:80:42:0B:8E:CD:CB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lwJP_Eknv-NSiUNdnQKAQguOzcs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/IaSmBUfqxxAqHxk7UrP4YbgQGmI.roa
Signing time: Thu 24 Oct 2024 16:59:17 +0000
ROA not before: Thu 24 Oct 2024 16:59:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48239
IP address blocks: 91.209.51.0/24 maxlen: 24
185.191.176.0/22 maxlen: 22
212.90.32.0/19 maxlen: 19
212.90.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/lwJP_Eknv-NSiUNdnQKAQguOzcs.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/lwJP_Eknv-NSiUNdnQKAQguOzcs.mft
rsync://rpki.ripe.net/repository/DEFAULT/lwJP_Eknv-NSiUNdnQKAQguOzcs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bf:77:df:07:f1:9f:e1:17:05:5a:0c:b2:e6:69:55:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97024ffc4927bfe35289435d9d0280420b8ecdcb
Validity
Not Before: Oct 24 16:59:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21a4a60547eac7102a1f193b52b3f861b8101a62
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d4:f7:1f:e7:ff:6f:64:d4:d2:18:2d:24:07:
e4:93:91:4d:c0:3e:81:ef:e0:80:e1:84:3a:3d:e4:
32:24:b6:22:46:ef:fa:69:86:f3:2a:ec:55:d4:2b:
9d:2d:26:e8:8b:d1:08:dc:ae:9b:60:0a:40:ae:51:
75:9f:21:32:70:f9:9a:2f:8e:52:dd:c5:3e:13:d4:
d9:86:ab:81:54:00:86:1a:a5:f4:54:cd:94:c4:77:
a8:4f:31:59:80:2e:55:5d:35:96:b3:cc:ca:ad:1e:
d6:eb:37:fb:e1:f4:20:5a:85:83:6e:e7:8d:67:93:
d9:50:ae:8e:83:13:b1:ca:f0:ec:bb:6a:63:49:74:
31:95:cd:c7:49:69:57:b8:7c:bb:64:b1:92:91:12:
55:65:f2:6a:ca:02:1f:3e:e3:3d:1f:5b:7b:5a:20:
51:9c:da:a5:f9:f4:f4:c5:36:ac:de:28:6d:0f:41:
c0:6a:b9:92:fd:85:72:0b:05:fe:c3:b8:f4:32:46:
e1:d0:0c:85:07:97:40:45:8d:44:35:c7:b0:e1:cd:
98:e1:42:c3:ca:11:7c:01:52:78:13:96:36:e5:10:
7b:d7:a9:17:d9:95:85:dc:58:ac:95:56:e5:13:d1:
f6:84:3c:ca:37:eb:b0:c8:35:71:7b:2a:92:08:f8:
81:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A4:A6:05:47:EA:C7:10:2A:1F:19:3B:52:B3:F8:61:B8:10:1A:62
X509v3 Authority Key Identifier:
keyid:97:02:4F:FC:49:27:BF:E3:52:89:43:5D:9D:02:80:42:0B:8E:CD:CB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lwJP_Eknv-NSiUNdnQKAQguOzcs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/IaSmBUfqxxAqHxk7UrP4YbgQGmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/717221-1d03-4d13-9049-401bda4477b5/1/lwJP_Eknv-NSiUNdnQKAQguOzcs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.209.51.0/24
185.191.176.0/22
212.90.32.0/19
Signature Algorithm: sha256WithRSAEncryption
59:45:d1:47:d6:b2:b2:12:b1:4e:51:d4:ee:77:c4:56:1f:30:
4d:18:79:b4:f6:d3:7a:4a:5b:ce:55:dc:7a:21:80:08:0e:4a:
30:21:00:6f:64:4d:aa:29:cb:3e:9c:58:16:fb:15:85:3c:a4:
8c:5a:ec:a3:25:a4:fe:30:e2:64:a0:11:b0:2e:cb:d1:93:a0:
58:0b:1e:df:6e:42:2f:22:34:a2:27:0f:c0:91:cd:35:e5:2a:
81:ce:bf:9f:fa:04:01:51:4d:30:af:34:37:b9:8f:07:0c:93:
82:74:de:c6:3e:96:81:b5:7f:9d:47:b3:5e:99:52:a4:69:f3:
24:96:e7:68:4d:a3:81:ae:aa:a5:f0:ae:28:d8:75:b9:dc:bc:
ad:97:ed:34:18:4c:8f:df:13:d5:01:0d:b5:39:0b:82:a0:7f:
c3:22:ca:05:dd:96:28:96:42:c7:65:5c:ed:d0:93:24:17:16:
69:9f:37:f2:5e:4e:01:54:f1:61:82:bd:1c:4c:23:8c:58:94:
aa:90:67:81:cb:43:b3:95:58:0e:9f:63:0e:2b:ba:41:56:87:
19:3e:d8:e6:86:af:54:73:f5:1e:af:3c:4a:8b:2e:ab:0c:7d:
fe:b4:a3:16:b8:ce:ff:b0:51:3e:3b:af:7c:ec:dc:1c:f7:23:
b2:f8:a6:b9
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZK/d98H8Z/hFwVaDLLmaVVMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MDI0ZmZjNDkyN2JmZTM1Mjg5NDM1ZDlkMDI4MDQyMGI4
ZWNkY2IwHhcNMjQxMDI0MTY1OTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWE0YTYwNTQ3ZWFjNzEwMmExZjE5M2I1MmIzZjg2MWI4MTAxYTYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdT3H+f/b2TU0hgtJAfkk5FNwD6B
7+CA4YQ6PeQyJLYiRu/6aYbzKuxV1CudLSboi9EI3K6bYApArlF1nyEycPmaL45S
3cU+E9TZhquBVACGGqX0VM2UxHeoTzFZgC5VXTWWs8zKrR7W6zf74fQgWoWDbueN
Z5PZUK6OgxOxyvDsu2pjSXQxlc3HSWlXuHy7ZLGSkRJVZfJqygIfPuM9H1t7WiBR
nNql+fT0xTas3ihtD0HAarmS/YVyCwX+w7j0Mkbh0AyFB5dARY1ENcew4c2Y4ULD
yhF8AVJ4E5Y25RB716kX2ZWF3FislVblE9H2hDzKN+uwyDVxeyqSCPiBCQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFCGkpgVH6scQKh8ZO1Kz+GG4EBpiMB8GA1UdIwQY
MBaAFJcCT/xJJ7/jUolDXZ0CgEILjs3LMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHdKUF9Fa252LU5TaVVOZG5RS0FRZ3VPemNzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC83MTcyMjEtMWQwMy00ZDEzLTkwNDkt
NDAxYmRhNDQ3N2I1LzEvSWFTbUJVZnF4eEFxSHhrN1VyUDRZYmdRR21JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC83MTcyMjEtMWQwMy00ZDEzLTkwNDktNDAxYmRhNDQ3N2I1
LzEvbHdKUF9Fa252LU5TaVVOZG5RS0FRZ3VPemNzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAW9EzAwQC
ub+wAwQF1FogMA0GCSqGSIb3DQEBCwUAA4IBAQBZRdFH1rKyErFOUdTud8RWHzBN
GHm09tN6SlvOVdx6IYAIDkowIQBvZE2qKcs+nFgW+xWFPKSMWuyjJaT+MOJkoBGw
LsvRk6BYCx7fbkIvIjSiJw/Akc015SqBzr+f+gQBUU0wrzQ3uY8HDJOCdN7GPpaB
tX+dR7NemVKkafMkludoTaOBrqql8K4o2HW53Lytl+00GEyP3xPVAQ21OQuCoH/D
IsoF3ZYolkLHZVzt0JMkFxZpnzfyXk4BVPFhgr0cTCOMWJSqkGeBy0OzlVgOn2MO
K7pBVocZPtjmhq9Uc/UerzxKiy6rDH3+tKMWuM7/sFE+O6987Nwc9yOy+Ka5
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:54:57 2024 by rpki-client on console-ams.rpki-client.org