Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e74b81-5ff7-4823-9267-0d3e662b0ee0/1/iPqcgiMO_kwZLhihk2T0WNJSbYE.roa
File: iPqcgiMO_kwZLhihk2T0WNJSbYE.roa (raw, json)
Hash identifier: +hrOzsAxyyg3pcZmO+oOKIRtymznp72lPhrSSrdvEow=
Subject key identifier: 88:FA:9C:82:23:0E:FE:4C:19:2E:18:A1:93:64:F4:58:D2:52:6D:81
Certificate issuer: /CN=3092b117062f6065faa1cdfd38915e4bb9c924bb
Certificate serial: 018CC793706A4F0EC6A1FBA90EE1E50238D4
Authority key identifier: 30:92:B1:17:06:2F:60:65:FA:A1:CD:FD:38:91:5E:4B:B9:C9:24:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MJKxFwYvYGX6oc39OJFeS7nJJLs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e74b81-5ff7-4823-9267-0d3e662b0ee0/1/iPqcgiMO_kwZLhihk2T0WNJSbYE.roa
Signing time: Tue 02 Jan 2024 00:29:37 +0000
ROA not before: Tue 02 Jan 2024 00:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 185.121.143.0/24 maxlen: 24
185.121.140.0/24 maxlen: 24
185.121.142.0/24 maxlen: 24
185.121.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/e74b81-5ff7-4823-9267-0d3e662b0ee0/1/MJKxFwYvYGX6oc39OJFeS7nJJLs.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/e74b81-5ff7-4823-9267-0d3e662b0ee0/1/MJKxFwYvYGX6oc39OJFeS7nJJLs.mft
rsync://rpki.ripe.net/repository/DEFAULT/MJKxFwYvYGX6oc39OJFeS7nJJLs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 12:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:70:6a:4f:0e:c6:a1:fb:a9:0e:e1:e5:02:38:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3092b117062f6065faa1cdfd38915e4bb9c924bb
Validity
Not Before: Jan 2 00:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88fa9c82230efe4c192e18a19364f458d2526d81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:81:ed:13:9c:8c:9a:47:4b:d1:11:9b:7f:31:
c3:41:3a:ca:a7:5f:23:8f:83:a2:e5:0c:e6:31:e6:
59:b0:8e:c4:b6:81:be:06:75:ac:5c:a6:72:38:5d:
57:39:82:ac:52:41:eb:b7:f8:ff:0d:8f:40:a2:3a:
0c:d3:76:68:e1:e4:9a:f8:ce:e3:0d:d9:90:74:1d:
14:18:10:75:94:7f:57:95:05:36:e5:f5:27:a3:db:
0e:8d:b1:8a:f2:ad:89:a7:4a:2f:d9:19:08:79:18:
d9:5b:c7:78:84:5d:cb:33:64:db:38:56:c3:9c:74:
9a:75:c6:f3:2d:96:33:bd:19:00:e6:ee:0d:4e:67:
75:d0:28:d4:df:a4:8c:2b:7a:41:53:d9:a4:1e:82:
c4:87:05:bd:38:12:7e:05:22:da:64:6b:18:5c:83:
94:16:ad:11:59:1c:7c:86:c3:03:da:49:20:95:c2:
2a:6f:9e:b9:b3:ff:a6:f8:95:b6:ec:74:95:b7:47:
83:c0:3c:6a:4a:99:46:de:81:5c:44:54:90:ad:e1:
8a:35:8a:ad:5b:4b:84:d0:0c:be:0e:f1:c2:b0:50:
b3:de:6a:a2:dd:16:9e:85:4c:7c:45:1a:28:3a:f9:
f7:a7:e2:c6:f4:a0:5a:72:ec:8c:45:31:c6:66:c1:
b3:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:FA:9C:82:23:0E:FE:4C:19:2E:18:A1:93:64:F4:58:D2:52:6D:81
X509v3 Authority Key Identifier:
keyid:30:92:B1:17:06:2F:60:65:FA:A1:CD:FD:38:91:5E:4B:B9:C9:24:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MJKxFwYvYGX6oc39OJFeS7nJJLs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e74b81-5ff7-4823-9267-0d3e662b0ee0/1/iPqcgiMO_kwZLhihk2T0WNJSbYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e74b81-5ff7-4823-9267-0d3e662b0ee0/1/MJKxFwYvYGX6oc39OJFeS7nJJLs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.121.140.0/22
Signature Algorithm: sha256WithRSAEncryption
cf:ef:39:47:a0:0f:83:cb:cc:10:ba:36:30:64:3c:53:9f:cf:
aa:76:cc:29:9c:5b:df:b6:75:d1:b5:55:cb:bc:7e:56:3e:36:
64:ff:4b:23:55:01:b1:8a:63:45:fc:29:77:3b:62:a7:19:ce:
de:fa:6b:2d:66:b1:6f:aa:28:fa:c3:71:07:a7:c1:a2:ec:82:
7b:01:2d:de:fa:d8:85:90:17:fa:c6:a9:d0:62:12:3b:70:be:
ab:17:e7:7c:24:77:55:c0:86:9e:02:48:59:7d:b2:b7:29:89:
ea:9d:57:3e:8b:6f:1d:04:80:d4:58:39:50:ed:e4:fb:54:a1:
6c:d5:28:54:2c:c5:f4:8d:72:df:d4:55:90:8a:c7:f7:f2:ef:
24:64:85:ed:87:a2:09:6e:4b:8f:ff:f7:dc:e7:9e:fa:6b:f6:
08:e0:da:c8:0b:99:49:9c:f7:2d:ea:67:00:a4:63:03:87:be:
08:39:b0:d7:55:71:45:78:9f:2d:da:7e:70:8c:35:b7:08:4b:
2c:ae:ff:ee:00:16:3b:e8:95:de:00:8d:1b:df:d2:75:d8:1e:
77:e0:3d:bd:d2:6c:5c:b3:39:16:22:9e:fe:f8:5e:e5:8c:bd:
cc:5c:5f:55:d6:a3:3a:03:75:a9:1e:b8:2e:fd:9b:82:59:c1:
d4:50:85:d7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHk3BqTw7GofupDuHlAjjUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwOTJiMTE3MDYyZjYwNjVmYWExY2RmZDM4OTE1ZTRiYjlj
OTI0YmIwHhcNMjQwMTAyMDAyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGZhOWM4MjIzMGVmZTRjMTkyZTE4YTE5MzY0ZjQ1OGQyNTI2ZDgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiIHtE5yMmkdL0RGbfzHDQTrKp18j
j4Oi5QzmMeZZsI7EtoG+BnWsXKZyOF1XOYKsUkHrt/j/DY9AojoM03Zo4eSa+M7j
DdmQdB0UGBB1lH9XlQU25fUno9sOjbGK8q2Jp0ov2RkIeRjZW8d4hF3LM2TbOFbD
nHSadcbzLZYzvRkA5u4NTmd10CjU36SMK3pBU9mkHoLEhwW9OBJ+BSLaZGsYXIOU
Fq0RWRx8hsMD2kkglcIqb565s/+m+JW27HSVt0eDwDxqSplG3oFcRFSQreGKNYqt
W0uE0Ay+DvHCsFCz3mqi3RaehUx8RRooOvn3p+LG9KBacuyMRTHGZsGzJQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIj6nIIjDv5MGS4YoZNk9FjSUm2BMB8GA1UdIwQY
MBaAFDCSsRcGL2Bl+qHN/TiRXku5ySS7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUpLeEZ3WXZZR1g2b2MzOU9KRmVTN25KSkxzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lNzRiODEtNWZmNy00ODIzLTkyNjct
MGQzZTY2MmIwZWUwLzEvaVBxY2dpTU9fa3daTGhpaGsyVDBXTkpTYllFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lNzRiODEtNWZmNy00ODIzLTkyNjctMGQzZTY2MmIwZWUw
LzEvTUpLeEZ3WXZZR1g2b2MzOU9KRmVTN25KSkxzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuXmMMA0G
CSqGSIb3DQEBCwUAA4IBAQDP7zlHoA+Dy8wQujYwZDxTn8+qdswpnFvftnXRtVXL
vH5WPjZk/0sjVQGximNF/Cl3O2KnGc7e+mstZrFvqij6w3EHp8Gi7IJ7AS3e+tiF
kBf6xqnQYhI7cL6rF+d8JHdVwIaeAkhZfbK3KYnqnVc+i28dBIDUWDlQ7eT7VKFs
1ShULMX0jXLf1FWQisf38u8kZIXth6IJbkuP//fc5576a/YI4NrIC5lJnPct6mcA
pGMDh74IObDXVXFFeJ8t2n5wjDW3CEssrv/uABY76JXeAI0b39J12B534D290mxc
szkWIp7++F7ljL3MXF9V1qM6A3WpHrgu/ZuCWcHUUIXX
-----END CERTIFICATE-----
Generated at Thu May 2 21:16:32 2024 by rpki-client on console-ams.rpki-client.org