Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/iDX-vWHS0YfrgjsGzPFYWHXYloc.roa
File: iDX-vWHS0YfrgjsGzPFYWHXYloc.roa (raw, json)
Hash identifier: LVzMhubtwVENUS4YTTWaQsf2QgdYP9Axx4ZIa1aN1vw=
Subject key identifier: 88:35:FE:BD:61:D2:D1:87:EB:82:3B:06:CC:F1:58:58:75:D8:96:87
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018CC50112A48BEC77F7D2A06458E6BBA0C7
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/iDX-vWHS0YfrgjsGzPFYWHXYloc.roa
Signing time: Mon 01 Jan 2024 12:30:31 +0000
ROA not before: Mon 01 Jan 2024 12:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47583
IP address blocks: 78.142.242.0/24 maxlen: 24
185.9.54.0/24 maxlen: 24
223.27.112.0/24 maxlen: 24
193.19.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:12:a4:8b:ec:77:f7:d2:a0:64:58:e6:bb:a0:c7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jan 1 12:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8835febd61d2d187eb823b06ccf1585875d89687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:11:10:e9:74:20:ee:f5:86:d2:42:99:5a:91:
09:97:08:7c:77:9e:06:73:4c:15:5a:69:0d:5d:5e:
16:28:aa:ba:33:2f:14:1f:f0:ae:b3:18:bf:f7:02:
f9:f7:ca:83:d5:4d:c4:08:16:7f:a7:6d:5a:be:96:
65:21:53:f9:dc:66:56:30:47:08:dc:8e:33:9e:04:
76:2a:7f:fd:9f:07:62:10:92:46:d8:38:35:e6:18:
78:61:7d:48:e2:14:38:a6:3e:db:75:50:46:16:c5:
66:04:a7:86:e4:f4:29:93:77:69:f1:d4:36:79:fa:
51:83:32:f8:f4:38:d6:43:3c:4f:3c:e7:b8:13:23:
c7:95:0b:d6:8e:1c:10:6c:df:98:17:5a:91:06:34:
43:ca:5c:03:90:0f:0f:8e:b2:da:8e:6b:aa:0e:24:
ac:15:d3:0d:7f:cf:5d:3b:1a:6e:7d:3f:f6:8f:81:
e4:5d:20:c9:77:af:20:6f:9c:c7:e7:4f:56:d5:28:
21:1f:fc:b9:84:69:52:a8:fa:d7:7c:1b:af:6c:8e:
b0:56:a8:ce:6b:3e:7f:74:e4:2e:0d:70:06:aa:b2:
f9:94:2e:4a:55:0d:07:27:d0:1f:b2:b0:1a:8b:f3:
a7:02:6f:ad:79:9c:f0:50:94:58:f9:72:10:20:52:
95:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:35:FE:BD:61:D2:D1:87:EB:82:3B:06:CC:F1:58:58:75:D8:96:87
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/iDX-vWHS0YfrgjsGzPFYWHXYloc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.142.242.0/24
185.9.54.0/24
193.19.106.0/24
223.27.112.0/24
Signature Algorithm: sha256WithRSAEncryption
59:eb:39:4d:41:9e:1c:d3:8c:f4:6f:19:d5:1e:5c:14:66:f0:
8f:63:7a:52:02:b7:31:34:fd:8c:cc:51:7e:50:93:e7:84:9d:
3b:b7:f4:9e:f8:b9:e7:6a:03:08:0b:8d:3a:c9:34:f6:7f:bf:
91:c7:93:b2:96:09:7b:44:52:7b:ca:76:79:bd:4a:4e:b1:76:
26:2a:57:a5:50:95:43:7c:54:9d:32:3b:0c:6b:05:b4:06:e1:
68:bb:59:28:04:12:f0:f3:89:cc:c0:8e:e1:4b:86:e5:f4:ec:
5b:f1:05:48:d1:ba:a8:04:11:c2:ad:16:6a:be:f3:4f:35:62:
51:0a:7d:ba:c4:9d:01:35:38:c3:4a:9f:e6:0c:1f:0f:a2:24:
7a:fd:5f:4b:21:d0:b9:73:4d:d5:48:95:a7:d5:ab:56:de:c6:
8b:80:e6:fd:44:b4:73:3d:7a:35:9c:2b:22:44:d7:ed:d2:f2:
0a:ae:ec:99:71:e0:1e:5b:8c:b4:c0:90:65:9e:85:9f:89:63:
d1:23:71:5d:3b:2c:5c:47:12:83:1e:58:80:b9:ed:79:55:c0:
fd:36:13:17:61:ce:93:4b:9e:69:0d:97:d3:01:ca:67:55:35:
90:a7:1e:59:48:0e:66:69:e0:9a:12:de:9c:13:80:c3:a7:17:
12:83:b4:9e
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzFARKki+x399KgZFjmu6DHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwMTAxMTIzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODM1ZmViZDYxZDJkMTg3ZWI4MjNiMDZjY2YxNTg1ODc1ZDg5Njg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxREQ6XQg7vWG0kKZWpEJlwh8d54G
c0wVWmkNXV4WKKq6My8UH/Cusxi/9wL598qD1U3ECBZ/p21avpZlIVP53GZWMEcI
3I4zngR2Kn/9nwdiEJJG2Dg15hh4YX1I4hQ4pj7bdVBGFsVmBKeG5PQpk3dp8dQ2
efpRgzL49DjWQzxPPOe4EyPHlQvWjhwQbN+YF1qRBjRDylwDkA8PjrLajmuqDiSs
FdMNf89dOxpufT/2j4HkXSDJd68gb5zH509W1SghH/y5hGlSqPrXfBuvbI6wVqjO
az5/dOQuDXAGqrL5lC5KVQ0HJ9AfsrAai/OnAm+teZzwUJRY+XIQIFKV9wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIg1/r1h0tGH64I7BszxWFh12JaHMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaURYLXZXSFMwWWZyZ2pzR3pQRllXSFhZbG9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATo7yAwQA
uQk2AwQAwRNqAwQA3xtwMA0GCSqGSIb3DQEBCwUAA4IBAQBZ6zlNQZ4c04z0bxnV
HlwUZvCPY3pSArcxNP2MzFF+UJPnhJ07t/Se+LnnagMIC406yTT2f7+Rx5Oylgl7
RFJ7ynZ5vUpOsXYmKlelUJVDfFSdMjsMawW0BuFou1koBBLw84nMwI7hS4bl9Oxb
8QVI0bqoBBHCrRZqvvNPNWJRCn26xJ0BNTjDSp/mDB8PoiR6/V9LIdC5c03VSJWn
1atW3saLgOb9RLRzPXo1nCsiRNft0vIKruyZceAeW4y0wJBlnoWfiWPRI3FdOyxc
RxKDHliAue15VcD9NhMXYc6TS55pDZfTAcpnVTWQpx5ZSA5maeCaEt6cE4DDpxcS
g7Se
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:05:54 2024 by rpki-client on console-ams.rpki-client.org