Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Iqv41CApRPS54zGK_tZCFoYlogU.roa
File: Iqv41CApRPS54zGK_tZCFoYlogU.roa (raw, json)
Hash identifier: G1ITuSriP4NGye6//5XpnuQIvFi5F2cWGSPVUSvm4l8=
Subject key identifier: 22:AB:F8:D4:20:29:44:F4:B9:E3:31:8A:FE:D6:42:16:86:25:A2:05
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC50107B62BDD51A277C2CD2D2CA2EEDB
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Iqv41CApRPS54zGK_tZCFoYlogU.roa
Signing time: Mon 01 Jan 2024 12:30:28 +0000
ROA not before: Mon 01 Jan 2024 12:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9312
IP address blocks: 194.242.2.0/24 maxlen: 24
193.19.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:07:b6:2b:dd:51:a2:77:c2:cd:2d:2c:a2:ee:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22abf8d4202944f4b9e3318afed642168625a205
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:9f:ce:80:a9:0a:59:ba:3b:42:4a:61:53:60:
04:25:7e:bb:3e:f7:42:b9:06:d4:e6:d6:0b:b6:f0:
05:d7:29:32:7e:99:f3:1a:93:f4:c5:8b:5e:fa:3a:
6b:ff:d2:ee:87:c5:62:9b:85:fa:4f:81:d2:9b:c6:
2f:5b:87:b2:96:fb:d9:76:4e:97:62:0c:c3:d2:e1:
65:27:a9:46:b5:61:93:2c:8e:ca:c3:65:3f:f4:9f:
b2:62:24:17:23:b6:22:a8:1e:b5:ad:49:71:db:e4:
03:b0:02:22:f8:0e:58:b2:be:ce:e7:c7:87:63:61:
e3:59:0d:ee:08:0e:83:a2:05:95:b2:d9:1c:40:16:
5d:b6:07:06:69:9e:b6:44:ad:b2:1b:10:72:e7:71:
a2:6f:8b:7d:b9:98:b1:0f:e6:c4:f4:94:17:48:a0:
cf:78:a0:b6:6c:7c:22:a4:05:ec:ab:8e:ce:f7:69:
50:09:38:4c:0f:41:9b:23:22:07:6d:3c:13:eb:ec:
d1:69:fd:d5:df:48:b6:0e:fd:71:8f:30:b0:c1:f2:
d3:45:b2:25:ef:dc:7d:08:4f:a4:00:0a:ae:e3:6c:
74:58:0c:16:4a:0a:83:84:a9:0c:87:f2:be:3d:f5:
9e:43:fe:3d:5f:49:4f:bf:d8:35:39:f1:70:b5:9c:
a4:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:AB:F8:D4:20:29:44:F4:B9:E3:31:8A:FE:D6:42:16:86:25:A2:05
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/Iqv41CApRPS54zGK_tZCFoYlogU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.19.108.0/24
194.242.2.0/24
Signature Algorithm: sha256WithRSAEncryption
10:36:8d:03:34:48:9b:3f:ea:7f:57:3a:82:7a:b3:76:39:02:
5d:30:66:cb:26:43:4f:dd:54:63:82:64:df:c9:94:a7:9b:89:
af:15:00:0c:5d:6b:8c:eb:06:ba:fe:61:83:e7:57:a0:a9:84:
ff:e0:d9:d5:df:20:9c:c8:e0:1b:c9:b7:a6:df:03:13:80:ae:
c6:f5:ba:ab:13:39:ec:96:e7:d5:44:7c:cc:7e:0e:82:d8:2f:
08:b7:29:a9:fd:39:9c:7b:0d:c5:18:ef:1f:3b:9a:9e:a3:6c:
f9:be:c2:40:1e:8b:bc:44:af:82:48:f7:96:78:d4:8a:63:2d:
2d:46:13:5e:e6:13:58:21:31:87:fc:59:57:58:a8:6f:7a:b4:
9f:7f:bd:58:cb:f4:c6:48:7e:89:d6:28:42:0a:92:36:c9:97:
d9:c9:5e:26:33:66:83:19:74:42:6f:7a:70:78:7e:c1:d1:e1:
0a:e4:73:8d:1b:7e:18:3d:b3:6c:26:72:68:f9:2e:8b:ba:70:
ca:05:2c:ed:e2:63:c6:f5:8c:2f:c0:47:60:26:63:79:2d:42:
75:a7:43:6a:cc:89:d5:dc:71:8b:ae:86:ff:6d:8a:32:a8:2a:
da:f3:1e:1c:2e:1d:c5:ec:2d:7b:d8:a8:4e:83:6e:10:63:dd:
3b:60:7d:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAQe2K91RonfCzS0sou7bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmFiZjhkNDIwMjk0NGY0YjllMzMxOGFmZWQ2NDIxNjg2MjVhMjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0p/OgKkKWbo7QkphU2AEJX67PvdC
uQbU5tYLtvAF1ykyfpnzGpP0xYte+jpr/9Luh8Vim4X6T4HSm8YvW4eylvvZdk6X
YgzD0uFlJ6lGtWGTLI7Kw2U/9J+yYiQXI7YiqB61rUlx2+QDsAIi+A5Ysr7O58eH
Y2HjWQ3uCA6DogWVstkcQBZdtgcGaZ62RK2yGxBy53Gib4t9uZixD+bE9JQXSKDP
eKC2bHwipAXsq47O92lQCThMD0GbIyIHbTwT6+zRaf3V30i2Dv1xjzCwwfLTRbIl
79x9CE+kAAqu42x0WAwWSgqDhKkMh/K+PfWeQ/49X0lPv9g1OfFwtZykNQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCKr+NQgKUT0ueMxiv7WQhaGJaIFMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvSXF2NDFDQXBSUFM1NHpHS190WkNGb1lsb2dVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwRNsAwQA
wvICMA0GCSqGSIb3DQEBCwUAA4IBAQAQNo0DNEibP+p/VzqCerN2OQJdMGbLJkNP
3VRjgmTfyZSnm4mvFQAMXWuM6wa6/mGD51egqYT/4NnV3yCcyOAbybem3wMTgK7G
9bqrEznslufVRHzMfg6C2C8Itymp/Tmcew3FGO8fO5qeo2z5vsJAHou8RK+CSPeW
eNSKYy0tRhNe5hNYITGH/FlXWKhverSff71Yy/TGSH6J1ihCCpI2yZfZyV4mM2aD
GXRCb3pweH7B0eEK5HONG34YPbNsJnJo+S6LunDKBSzt4mPG9YwvwEdgJmN5LUJ1
p0NqzInV3HGLrob/bYoyqCra8x4cLh3F7C172KhOg24QY907YH21
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:05:54 2024 by rpki-client on console-ams.rpki-client.org