Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/16fcf1-6412-4db2-b3ae-49a3c49f393c/1/I-D0UnlpnaTXAjdksnUfmAFIMM8.roa
File: I-D0UnlpnaTXAjdksnUfmAFIMM8.roa (raw, json)
Hash identifier: f9H4g9pAZS3KWTWrybYyM3on1gETXP4G+uTJBr9+Vm0=
Subject key identifier: 23:E0:F4:52:79:69:9D:A4:D7:02:37:64:B2:75:1F:98:01:48:30:CF
Certificate issuer: /CN=552ad3a0b4b74e85af54f58ad75a3026b7df7181
Certificate serial: 018CCA99C4426C5510D35750E0829B0B70A5
Authority key identifier: 55:2A:D3:A0:B4:B7:4E:85:AF:54:F5:8A:D7:5A:30:26:B7:DF:71:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VSrToLS3ToWvVPWK11owJrffcYE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/16fcf1-6412-4db2-b3ae-49a3c49f393c/1/I-D0UnlpnaTXAjdksnUfmAFIMM8.roa
Signing time: Tue 02 Jan 2024 14:35:23 +0000
ROA not before: Tue 02 Jan 2024 14:35:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15426
IP address blocks: 89.255.17.0/24 maxlen: 24
217.67.239.0/24 maxlen: 24
185.157.61.0/24 maxlen: 24
185.157.63.0/24 maxlen: 24
185.157.60.0/24 maxlen: 24
185.157.62.0/24 maxlen: 24
2a03:1a00::/32 maxlen: 32
2a0a:1880::/29 maxlen: 29
2a07:a380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/16fcf1-6412-4db2-b3ae-49a3c49f393c/1/VSrToLS3ToWvVPWK11owJrffcYE.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/16fcf1-6412-4db2-b3ae-49a3c49f393c/1/VSrToLS3ToWvVPWK11owJrffcYE.mft
rsync://rpki.ripe.net/repository/DEFAULT/VSrToLS3ToWvVPWK11owJrffcYE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:c4:42:6c:55:10:d3:57:50:e0:82:9b:0b:70:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=552ad3a0b4b74e85af54f58ad75a3026b7df7181
Validity
Not Before: Jan 2 14:35:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23e0f45279699da4d7023764b2751f98014830cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:81:ea:30:04:d3:93:b1:2e:d7:b1:b8:99:01:
27:21:ec:59:fc:4b:2b:ac:23:b9:46:6d:b1:87:49:
a9:7e:ae:86:2d:7e:d4:a4:b0:b9:e4:f5:19:c2:1b:
3e:a9:7c:21:6e:38:2c:d6:a7:d0:10:5c:13:df:17:
e8:24:5e:24:3c:2d:47:fc:93:28:99:7a:20:43:80:
bb:ee:f3:31:74:e0:64:5d:c9:e4:37:a0:c2:e9:4d:
a8:7b:b5:96:e9:c9:14:55:70:d8:be:0b:ec:84:0a:
c4:fb:48:69:9a:06:98:25:f3:ec:09:59:68:5e:48:
1d:b2:2b:e5:84:5c:8d:4d:29:68:df:ca:95:78:fa:
8c:c6:1e:f9:a2:66:5b:a3:80:20:e3:d1:af:4f:ef:
3d:07:19:f7:f8:d8:1b:46:d0:47:26:cc:2d:e4:1c:
f9:10:e1:d7:c7:9c:00:93:91:ea:14:b2:3e:7d:6c:
03:58:d2:e5:9f:d3:45:fc:cb:4e:dd:90:6a:9f:90:
5d:03:d3:27:76:c8:76:6e:eb:14:cf:b7:fc:ec:a7:
b3:57:dc:67:dc:ba:a0:e2:a3:08:74:b8:ed:d1:ef:
69:f8:71:81:65:95:0c:d7:74:25:bf:f4:4d:5f:34:
f3:99:1f:25:14:1c:b8:1e:ff:97:8a:6a:a7:a3:de:
fa:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:E0:F4:52:79:69:9D:A4:D7:02:37:64:B2:75:1F:98:01:48:30:CF
X509v3 Authority Key Identifier:
keyid:55:2A:D3:A0:B4:B7:4E:85:AF:54:F5:8A:D7:5A:30:26:B7:DF:71:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VSrToLS3ToWvVPWK11owJrffcYE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/16fcf1-6412-4db2-b3ae-49a3c49f393c/1/I-D0UnlpnaTXAjdksnUfmAFIMM8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/16fcf1-6412-4db2-b3ae-49a3c49f393c/1/VSrToLS3ToWvVPWK11owJrffcYE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.255.17.0/24
185.157.60.0/22
217.67.239.0/24
IPv6:
2a03:1a00::/32
2a07:a380::/29
2a0a:1880::/29
Signature Algorithm: sha256WithRSAEncryption
30:f0:8d:51:8b:1c:f8:a8:d4:1d:b5:cb:37:0e:ca:fb:13:b2:
12:73:ad:f9:d9:8c:1d:53:60:0f:7a:91:f0:ca:c5:d1:67:0c:
6b:6a:73:33:6c:c1:e0:c5:fe:12:8f:b0:07:14:93:37:ce:a1:
86:f2:b3:2a:60:77:cb:97:b7:0a:e9:a8:0a:56:f7:92:5e:eb:
d9:21:d7:45:82:90:4d:bb:88:40:cf:27:41:2c:f6:48:81:64:
9b:3e:a7:30:08:5b:4b:d0:ae:ca:87:f2:1c:fe:a6:ba:f9:41:
ef:6a:ac:0c:f2:aa:dd:cd:50:32:fe:5c:da:44:5b:a0:66:fb:
93:54:ac:69:e7:be:39:af:bc:a8:7b:bb:38:56:3f:f1:6b:08:
8a:32:d2:7d:bf:6e:ea:66:d8:c7:82:fa:fe:56:98:7c:e4:90:
c3:bf:0a:68:12:a1:a0:1d:73:d6:77:bd:d7:c1:45:59:c7:7f:
d3:d8:7b:3e:31:28:7a:18:c6:e9:71:6b:ea:94:32:b9:7f:4b:
f2:a8:64:30:d4:34:b9:fe:90:68:ff:43:27:9f:d8:50:54:97:
c2:1c:e3:a1:58:88:da:66:65:9e:82:2f:49:53:e0:3f:26:da:
4d:46:1f:7d:6f:eb:22:64:2c:d7:af:3e:0e:fd:1a:ea:ef:8e:
f3:ed:ad:b6
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzKmcRCbFUQ01dQ4IKbC3ClMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MmFkM2EwYjRiNzRlODVhZjU0ZjU4YWQ3NWEzMDI2Yjdk
ZjcxODEwHhcNMjQwMTAyMTQzNTIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2UwZjQ1Mjc5Njk5ZGE0ZDcwMjM3NjRiMjc1MWY5ODAxNDgzMGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkYHqMATTk7Eu17G4mQEnIexZ/Esr
rCO5Rm2xh0mpfq6GLX7UpLC55PUZwhs+qXwhbjgs1qfQEFwT3xfoJF4kPC1H/JMo
mXogQ4C77vMxdOBkXcnkN6DC6U2oe7WW6ckUVXDYvgvshArE+0hpmgaYJfPsCVlo
XkgdsivlhFyNTSlo38qVePqMxh75omZbo4Ag49GvT+89Bxn3+NgbRtBHJswt5Bz5
EOHXx5wAk5HqFLI+fWwDWNLln9NF/MtO3ZBqn5BdA9Mndsh2busUz7f87KezV9xn
3Lqg4qMIdLjt0e9p+HGBZZUM13Qlv/RNXzTzmR8lFBy4Hv+Ximqno976qQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFCPg9FJ5aZ2k1wI3ZLJ1H5gBSDDPMB8GA1UdIwQY
MBaAFFUq06C0t06Fr1T1itdaMCa333GBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlNyVG9MUzNUb1d2VlBXSzExb3dKcmZmY1lFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8xNmZjZjEtNjQxMi00ZGIyLWIzYWUt
NDlhM2M0OWYzOTNjLzEvSS1EMFVubHBuYVRYQWpka3NuVWZtQUZJTU04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8xNmZjZjEtNjQxMi00ZGIyLWIzYWUtNDlhM2M0OWYzOTNj
LzEvVlNyVG9MUzNUb1d2VlBXSzExb3dKcmZmY1lFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAYBAIAATASAwQAWf8RAwQC
uZ08AwQA2UPvMBsEAgACMBUDBQAqAxoAAwUDKgejgAMFAyoKGIAwDQYJKoZIhvcN
AQELBQADggEBADDwjVGLHPio1B21yzcOyvsTshJzrfnZjB1TYA96kfDKxdFnDGtq
czNsweDF/hKPsAcUkzfOoYbysypgd8uXtwrpqApW95Je69kh10WCkE27iEDPJ0Es
9kiBZJs+pzAIW0vQrsqH8hz+prr5Qe9qrAzyqt3NUDL+XNpEW6Bm+5NUrGnnvjmv
vKh7uzhWP/FrCIoy0n2/bupm2MeC+v5WmHzkkMO/CmgSoaAdc9Z3vdfBRVnHf9PY
ez4xKHoYxulxa+qUMrl/S/KoZDDUNLn+kGj/Qyef2FBUl8Ic46FYiNpmZZ6CL0lT
4D8m2k1GH31v6yJkLNevPg79GurvjvPtrbY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:23:29 2024 by rpki-client on console-fra.rpki-client.org