Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/IjezXCFAn1MVflvOCKrv9Gq9ttk.roa
File: IjezXCFAn1MVflvOCKrv9Gq9ttk.roa (raw, json)
Hash identifier: Sf1Lr7IW0S9n24sCOm8gb9hfbHcsLw35GWcYNpfz8WU=
Subject key identifier: 22:37:B3:5C:21:40:9F:53:15:7E:5B:CE:08:AA:EF:F4:6A:BD:B6:D9
Certificate issuer: /CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Certificate serial: 01902B94DC340F10E928BD50A775CEE900AB
Authority key identifier: 68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/IjezXCFAn1MVflvOCKrv9Gq9ttk.roa
Signing time: Tue 18 Jun 2024 13:41:34 +0000
ROA not before: Tue 18 Jun 2024 13:41:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31673
IP address blocks: 185.181.84.0/22 maxlen: 22
2a0a:c780::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Sep 2024 13:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:2b:94:dc:34:0f:10:e9:28:bd:50:a7:75:ce:e9:00:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68d425cc7b1b7880a875f76beda80fe3109319ed
Validity
Not Before: Jun 18 13:41:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2237b35c21409f53157e5bce08aaeff46abdb6d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:30:d0:98:0f:e8:3e:6a:71:17:1c:96:f9:1d:
2b:c6:e0:cc:bd:0e:91:26:2d:03:15:02:62:ff:86:
90:f0:17:b8:da:78:3e:95:4b:57:13:21:44:d0:e9:
ab:82:74:0d:c5:18:c8:b6:dc:13:e2:c7:a8:72:e0:
93:3a:6c:07:1e:19:02:c1:33:87:0b:95:47:83:13:
30:d9:d7:90:9d:b9:e5:6e:79:4f:3f:d4:c4:18:f0:
39:46:fb:78:27:dc:2d:6d:ff:6d:56:93:09:86:2d:
0b:6c:d0:72:39:b3:e3:0e:20:b0:17:81:53:83:28:
13:e0:a0:14:70:1c:c6:7c:e2:b1:d2:4c:08:5f:75:
de:13:da:73:76:e3:62:36:1c:f1:54:30:1b:96:cd:
f8:5c:f7:41:5f:ab:19:c8:97:c3:b9:9d:6d:2e:06:
ac:ea:38:c9:d6:09:c0:7c:70:0e:6f:20:c3:f4:b0:
70:b2:7f:da:70:34:f8:69:04:26:d3:51:0a:aa:0e:
35:27:c7:a2:d9:8a:cf:e4:bf:10:e3:12:10:3e:be:
37:0d:e3:de:e4:41:6f:8a:b7:c7:1e:44:98:70:09:
17:4f:85:41:e8:bd:98:63:c8:14:6a:2b:31:61:37:
5a:ba:74:d7:28:79:79:25:25:98:64:35:fb:c7:8b:
38:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:37:B3:5C:21:40:9F:53:15:7E:5B:CE:08:AA:EF:F4:6A:BD:B6:D9
X509v3 Authority Key Identifier:
keyid:68:D4:25:CC:7B:1B:78:80:A8:75:F7:6B:ED:A8:0F:E3:10:93:19:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aNQlzHsbeICodfdr7agP4xCTGe0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/IjezXCFAn1MVflvOCKrv9Gq9ttk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/c0f7e3-63b9-4a5f-96ca-5c45b618f990/1/aNQlzHsbeICodfdr7agP4xCTGe0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.181.84.0/22
IPv6:
2a0a:c780::/29
Signature Algorithm: sha256WithRSAEncryption
d0:ee:95:b5:2b:e5:4d:66:d7:c4:c1:99:89:ff:a8:aa:8c:94:
c5:25:a9:48:6e:93:f4:7e:df:86:7d:aa:45:08:11:1a:be:27:
24:ed:be:18:73:ee:c7:fc:ce:84:41:31:61:83:25:39:ec:6f:
0e:9c:bd:b4:1d:87:f1:3d:d1:13:16:2a:50:8e:74:cb:a1:7c:
50:65:2b:a2:29:6b:6d:a2:c7:e4:2c:ab:f0:8c:80:92:0e:ad:
aa:3d:3c:b0:29:31:43:71:8c:1c:9f:35:0b:fe:01:02:37:14:
0a:75:04:69:43:36:c5:02:f5:a9:e5:df:79:08:b2:e5:f7:e3:
ea:b2:7d:91:59:b0:f1:60:bd:bc:c2:a8:fb:14:bb:53:05:b5:
6c:85:58:a2:89:75:2a:44:40:98:25:aa:6a:84:10:e0:53:e9:
a1:0e:0f:43:18:1b:1e:6b:21:88:c4:20:06:46:33:42:6f:93:
db:5d:4a:37:4a:c8:6b:0d:48:07:f2:ff:be:36:a0:b1:89:c5:
c5:ef:69:da:f6:92:6a:7b:07:2c:03:30:01:c8:6e:5a:0a:cd:
3e:f9:4d:e4:d8:05:40:91:ac:86:3f:f8:ab:48:66:14:03:d8:
e9:7d:be:b1:be:1d:b9:25:c4:29:c8:e6:8c:ac:4c:a6:c1:1a:
70:be:6c:4a
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZArlNw0DxDpKL1Qp3XO6QCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4ZDQyNWNjN2IxYjc4ODBhODc1Zjc2YmVkYTgwZmUzMTA5
MzE5ZWQwHhcNMjQwNjE4MTM0MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjM3YjM1YzIxNDA5ZjUzMTU3ZTViY2UwOGFhZWZmNDZhYmRiNmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhDDQmA/oPmpxFxyW+R0rxuDMvQ6R
Ji0DFQJi/4aQ8Be42ng+lUtXEyFE0OmrgnQNxRjIttwT4seocuCTOmwHHhkCwTOH
C5VHgxMw2deQnbnlbnlPP9TEGPA5Rvt4J9wtbf9tVpMJhi0LbNByObPjDiCwF4FT
gygT4KAUcBzGfOKx0kwIX3XeE9pzduNiNhzxVDAbls34XPdBX6sZyJfDuZ1tLgas
6jjJ1gnAfHAObyDD9LBwsn/acDT4aQQm01EKqg41J8ei2YrP5L8Q4xIQPr43DePe
5EFvirfHHkSYcAkXT4VB6L2YY8gUaisxYTdaunTXKHl5JSWYZDX7x4s4KQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCI3s1whQJ9TFX5bzgiq7/RqvbbZMB8GA1UdIwQY
MBaAFGjUJcx7G3iAqHX3a+2oD+MQkxntMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2Et
NWM0NWI2MThmOTkwLzEvSWplelhDRkFuMU1WZmx2T0NLcnY5R3E5dHRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy9jMGY3ZTMtNjNiOS00YTVmLTk2Y2EtNWM0NWI2MThmOTkw
LzEvYU5RbHpIc2JlSUNvZGZkcjdhZ1A0eENUR2UwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCubVUMA0E
AgACMAcDBQMqCseAMA0GCSqGSIb3DQEBCwUAA4IBAQDQ7pW1K+VNZtfEwZmJ/6iq
jJTFJalIbpP0ft+GfapFCBEavick7b4Yc+7H/M6EQTFhgyU57G8OnL20HYfxPdET
FipQjnTLoXxQZSuiKWttosfkLKvwjICSDq2qPTywKTFDcYwcnzUL/gECNxQKdQRp
QzbFAvWp5d95CLLl9+Pqsn2RWbDxYL28wqj7FLtTBbVshViiiXUqRECYJapqhBDg
U+mhDg9DGBseayGIxCAGRjNCb5PbXUo3SshrDUgH8v++NqCxicXF72na9pJqewcs
AzAByG5aCs0++U3k2AVAkayGP/irSGYUA9jpfb6xvh25JcQpyOaMrEymwRpwvmxK
-----END CERTIFICATE-----
Generated at Fri Sep 27 22:11:53 2024 by rpki-client on console-ams.rpki-client.org