Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/ac9a4f-5774-4ecc-9c1d-c998f0292135/1/ik9pAs-oXBS0l0utPLQdJhXZ5X0.roa
File: ik9pAs-oXBS0l0utPLQdJhXZ5X0.roa (raw, json)
Hash identifier: LmKUQUveU3bNm/doGhpBXkqduAWf1pf1v3+L9U63Su8=
Subject key identifier: 8A:4F:69:02:CF:A8:5C:14:B4:97:4B:AD:3C:B4:1D:26:15:D9:E5:7D
Certificate issuer: /CN=2264d8aa1878f9dc1424d2fdade4039e120d5b11
Certificate serial: 0194B739D04A0BE9572F8A9F230FB71C0459
Authority key identifier: 22:64:D8:AA:18:78:F9:DC:14:24:D2:FD:AD:E4:03:9E:12:0D:5B:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ImTYqhh4-dwUJNL9reQDnhINWxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/ac9a4f-5774-4ecc-9c1d-c998f0292135/1/ik9pAs-oXBS0l0utPLQdJhXZ5X0.roa
Signing time: Thu 30 Jan 2025 12:40:06 +0000
ROA not before: Thu 30 Jan 2025 12:40:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 85.202.22.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/ac9a4f-5774-4ecc-9c1d-c998f0292135/1/ImTYqhh4-dwUJNL9reQDnhINWxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/ac9a4f-5774-4ecc-9c1d-c998f0292135/1/ImTYqhh4-dwUJNL9reQDnhINWxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ImTYqhh4-dwUJNL9reQDnhINWxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Feb 2025 00:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:b7:39:d0:4a:0b:e9:57:2f:8a:9f:23:0f:b7:1c:04:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2264d8aa1878f9dc1424d2fdade4039e120d5b11
Validity
Not Before: Jan 30 12:40:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a4f6902cfa85c14b4974bad3cb41d2615d9e57d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:00:47:5b:47:e1:09:c3:8f:27:1c:92:4e:a7:
9f:e1:4d:ac:61:1a:ce:b0:d9:2b:47:90:97:4b:22:
2c:ff:6a:65:7b:6f:9b:e4:d6:19:9d:53:83:85:63:
8b:7a:86:ee:f0:98:08:e9:a0:1e:8a:e2:a8:7e:2d:
59:2c:b4:2d:45:6e:c6:d1:d4:ef:4e:9e:a5:05:93:
0f:82:55:5f:0c:97:ec:0f:7a:3a:4d:70:9b:43:ea:
7d:ff:47:a6:56:9f:b4:91:3e:d5:a9:42:db:fd:74:
ea:f0:5c:bb:3d:4b:a9:74:0f:22:92:ca:c6:e5:bb:
2e:33:94:d6:7f:02:b8:12:ed:60:ae:8b:99:37:c9:
8d:ab:b0:ba:b2:06:97:e1:92:42:67:ad:57:02:64:
39:79:91:3f:82:92:16:c6:8c:53:73:3d:94:c6:d5:
96:b2:3a:03:91:39:d6:e3:55:62:ad:70:94:07:ae:
ed:cd:02:fd:dc:8a:b5:07:2a:a8:a7:a8:31:11:b7:
62:ff:ec:6b:1d:4e:35:33:71:1b:1f:bd:ba:0d:d5:
b5:b3:8c:3f:cb:48:75:4c:67:f1:0a:d2:29:50:95:
45:a3:a0:d9:9b:d4:1c:9a:69:0e:34:99:76:7c:4f:
70:af:89:5b:ec:26:98:56:97:b6:50:e0:e7:bd:9b:
22:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:4F:69:02:CF:A8:5C:14:B4:97:4B:AD:3C:B4:1D:26:15:D9:E5:7D
X509v3 Authority Key Identifier:
keyid:22:64:D8:AA:18:78:F9:DC:14:24:D2:FD:AD:E4:03:9E:12:0D:5B:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ImTYqhh4-dwUJNL9reQDnhINWxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/ac9a4f-5774-4ecc-9c1d-c998f0292135/1/ik9pAs-oXBS0l0utPLQdJhXZ5X0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/ac9a4f-5774-4ecc-9c1d-c998f0292135/1/ImTYqhh4-dwUJNL9reQDnhINWxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.202.22.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:2b:87:83:ba:2e:5f:82:3a:4d:b9:22:72:67:0b:7a:bf:fa:
96:6b:80:e5:84:85:c6:e8:a9:3a:a9:8e:4f:7b:28:a2:0c:df:
82:e9:dc:69:01:94:08:79:25:98:03:e8:71:64:45:7a:a4:c2:
1d:c7:e1:e3:6e:e6:64:6f:b3:e1:2e:e3:f0:74:c0:3f:85:85:
07:4b:57:39:34:9b:f9:de:51:48:df:e5:91:1e:c7:e1:f1:22:
79:99:03:51:9b:48:fd:36:8e:ff:91:c7:91:0f:a0:a3:37:68:
fe:7e:7b:06:4a:c1:f0:8b:c4:b6:ec:c9:fb:62:db:46:3c:c3:
1f:28:44:14:9e:a3:c8:48:40:b5:aa:11:f8:08:49:e7:15:65:
0d:69:ea:7d:a9:15:bd:21:2e:4e:29:50:84:17:5f:9e:fd:c3:
f4:60:13:a5:12:d4:1c:d7:0e:08:0b:cb:a6:d3:13:53:90:9c:
5d:84:a9:fd:a2:6e:88:4d:9d:5a:5a:fa:07:2c:32:cd:e6:fb:
d3:ca:f5:f5:0a:c4:09:19:8e:4b:df:67:a3:25:66:77:f1:6d:
ba:c6:7d:b7:b3:82:8a:14:13:12:cd:53:24:35:6c:4c:2d:c5:
2c:27:88:bc:ed:35:bb:c1:53:45:85:e3:70:ba:7e:6c:b9:67:
55:92:8b:af
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZS3OdBKC+lXL4qfIw+3HARZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyNjRkOGFhMTg3OGY5ZGMxNDI0ZDJmZGFkZTQwMzllMTIw
ZDViMTEwHhcNMjUwMTMwMTI0MDA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTRmNjkwMmNmYTg1YzE0YjQ5NzRiYWQzY2I0MWQyNjE1ZDllNTdkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvQBHW0fhCcOPJxySTqef4U2sYRrO
sNkrR5CXSyIs/2ple2+b5NYZnVODhWOLeobu8JgI6aAeiuKofi1ZLLQtRW7G0dTv
Tp6lBZMPglVfDJfsD3o6TXCbQ+p9/0emVp+0kT7VqULb/XTq8Fy7PUupdA8iksrG
5bsuM5TWfwK4Eu1grouZN8mNq7C6sgaX4ZJCZ61XAmQ5eZE/gpIWxoxTcz2UxtWW
sjoDkTnW41VirXCUB67tzQL93Iq1Byqop6gxEbdi/+xrHU41M3EbH726DdW1s4w/
y0h1TGfxCtIpUJVFo6DZm9QcmmkONJl2fE9wr4lb7CaYVpe2UODnvZsihwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIpPaQLPqFwUtJdLrTy0HSYV2eV9MB8GA1UdIwQY
MBaAFCJk2KoYePncFCTS/a3kA54SDVsRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSW1UWXFoaDQtZHdVSk5MOXJlUURuaElOV3hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS9hYzlhNGYtNTc3NC00ZWNjLTljMWQt
Yzk5OGYwMjkyMTM1LzEvaWs5cEFzLW9YQlMwbDB1dFBMUWRKaFhaNVgwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS9hYzlhNGYtNTc3NC00ZWNjLTljMWQtYzk5OGYwMjkyMTM1
LzEvSW1UWXFoaDQtZHdVSk5MOXJlUURuaElOV3hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVcoWMA0G
CSqGSIb3DQEBCwUAA4IBAQA8K4eDui5fgjpNuSJyZwt6v/qWa4DlhIXG6Kk6qY5P
eyiiDN+C6dxpAZQIeSWYA+hxZEV6pMIdx+HjbuZkb7PhLuPwdMA/hYUHS1c5NJv5
3lFI3+WRHsfh8SJ5mQNRm0j9No7/kceRD6CjN2j+fnsGSsHwi8S27Mn7YttGPMMf
KEQUnqPISEC1qhH4CEnnFWUNaep9qRW9IS5OKVCEF1+e/cP0YBOlEtQc1w4IC8um
0xNTkJxdhKn9om6ITZ1aWvoHLDLN5vvTyvX1CsQJGY5L32ejJWZ38W26xn23s4KK
FBMSzVMkNWxMLcUsJ4i87TW7wVNFheNwun5suWdVkouv
-----END CERTIFICATE-----
Generated at Sun Feb 2 09:53:38 2025 by rpki-client