Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/IuvHkFudrQgIAc26i0t2VcGCoCA.roa
File: IuvHkFudrQgIAc26i0t2VcGCoCA.roa (raw, json)
Hash identifier: XQaEeomItNz9vvSaMJ5f7Db6j39u9h6HoIChMYiJyXY=
Subject key identifier: 22:EB:C7:90:5B:9D:AD:08:08:01:CD:BA:8B:4B:76:55:C1:82:A0:20
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 018CC2DAC1119CF5C5A43FD89AC7F57C2B93
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/IuvHkFudrQgIAc26i0t2VcGCoCA.roa
Signing time: Mon 01 Jan 2024 02:29:25 +0000
ROA not before: Mon 01 Jan 2024 02:29:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43402
IP address blocks: 83.142.240.0/21 maxlen: 24
95.131.160.0/21 maxlen: 24
185.127.144.0/22 maxlen: 24
2a03:62c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:c1:11:9c:f5:c5:a4:3f:d8:9a:c7:f5:7c:2b:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Jan 1 02:29:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22ebc7905b9dad080801cdba8b4b7655c182a020
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:d6:f7:ba:e5:f6:50:87:ac:b5:d2:41:df:11:
62:13:62:85:7e:de:20:4c:30:86:6b:db:87:84:4b:
f3:0b:5d:4e:ad:5e:cd:25:88:7a:7f:74:ab:ba:0a:
8c:a0:84:85:37:74:11:9f:a0:d1:51:3c:c5:3c:1e:
e1:33:ae:54:e6:42:46:2c:40:21:71:1c:a0:a6:de:
af:44:47:15:fe:94:c3:4a:41:c9:2e:26:d0:57:79:
39:c4:fa:b9:b6:21:14:e1:a1:3b:fe:32:ff:ff:50:
4e:00:ad:48:3c:e1:92:3e:16:13:fd:a1:60:13:0d:
51:36:d2:b1:c5:53:2d:c8:22:87:45:3a:21:aa:ca:
36:8d:e3:2b:04:e2:d9:71:c9:68:03:42:03:f4:ca:
83:df:b0:60:ba:11:ed:cd:5b:ce:ce:f7:73:82:ac:
ad:ec:06:11:a3:5c:bc:72:b9:49:e3:1b:3a:3b:58:
0e:08:40:2b:3c:28:9b:4a:43:88:49:0f:ff:2e:81:
8b:41:01:2d:72:46:dc:19:67:64:d4:f4:8b:0c:00:
da:cd:af:64:09:cf:54:d9:eb:b8:94:9b:8b:6e:c1:
11:69:a5:47:10:6b:d8:60:c2:e9:a2:e7:1c:9f:c2:
8d:6f:7b:2f:3c:d6:db:33:ee:67:7a:d2:82:e4:b2:
c0:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:EB:C7:90:5B:9D:AD:08:08:01:CD:BA:8B:4B:76:55:C1:82:A0:20
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/IuvHkFudrQgIAc26i0t2VcGCoCA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.142.240.0/21
95.131.160.0/21
185.127.144.0/22
IPv6:
2a03:62c0::/32
Signature Algorithm: sha256WithRSAEncryption
19:a5:79:16:ba:d4:2f:56:d2:53:96:b8:33:61:da:ba:48:19:
02:e6:c0:f3:d3:90:79:47:49:d0:20:20:35:2b:ba:db:38:e7:
86:b7:17:57:62:b5:94:95:69:8b:19:30:a4:68:cb:36:c3:cf:
58:6b:fb:a6:fb:fc:5d:78:c2:98:73:8e:a8:82:25:d9:34:37:
fa:68:77:42:cc:99:0f:36:92:00:72:35:e2:e2:d6:ac:85:b6:
ba:f6:7b:08:90:0a:14:4e:c3:a6:1f:ee:74:77:1b:1a:9f:d8:
dc:53:19:c8:b8:d9:05:a2:e1:71:05:ca:b6:f3:eb:10:53:20:
68:a3:7d:cb:87:56:2c:f6:33:d0:08:49:f9:07:c9:47:63:09:
37:89:17:ed:a1:d5:bf:ff:dd:dd:7a:33:55:0d:52:2e:36:27:
a9:3c:bf:07:6b:33:5e:83:6b:20:00:52:c1:27:fc:d0:e3:b5:
82:4a:02:ad:ae:6e:af:dc:fb:44:e2:a5:f8:f5:ae:16:11:ee:
c1:3c:81:01:ab:8d:80:b2:e8:4c:76:80:55:51:7c:03:4d:2c:
03:8d:44:4d:97:fb:d1:b6:ee:db:97:9d:28:f8:8d:05:d8:2f:
dd:3f:c0:3a:88:76:89:20:34:cf:4f:48:79:8b:51:6d:4e:ba:
5b:72:d2:ea
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzC2sERnPXFpD/Ymsf1fCuTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjQwMTAxMDIyOTI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmViYzc5MDViOWRhZDA4MDgwMWNkYmE4YjRiNzY1NWMxODJhMDIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi9b3uuX2UIestdJB3xFiE2KFft4g
TDCGa9uHhEvzC11OrV7NJYh6f3SrugqMoISFN3QRn6DRUTzFPB7hM65U5kJGLEAh
cRygpt6vREcV/pTDSkHJLibQV3k5xPq5tiEU4aE7/jL//1BOAK1IPOGSPhYT/aFg
Ew1RNtKxxVMtyCKHRTohqso2jeMrBOLZccloA0ID9MqD37BguhHtzVvOzvdzgqyt
7AYRo1y8crlJ4xs6O1gOCEArPCibSkOISQ//LoGLQQEtckbcGWdk1PSLDADaza9k
Cc9U2eu4lJuLbsERaaVHEGvYYMLpouccn8KNb3svPNbbM+5netKC5LLAawIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCLrx5Bbna0ICAHNuotLdlXBgqAgMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvSXV2SGtGdWRyUWdJQWMyNmkwdDJWY0dDb0NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDU47wAwQD
X4OgAwQCuX+QMA0EAgACMAcDBQAqA2LAMA0GCSqGSIb3DQEBCwUAA4IBAQAZpXkW
utQvVtJTlrgzYdq6SBkC5sDz05B5R0nQICA1K7rbOOeGtxdXYrWUlWmLGTCkaMs2
w89Ya/um+/xdeMKYc46ogiXZNDf6aHdCzJkPNpIAcjXi4tashba69nsIkAoUTsOm
H+50dxsan9jcUxnIuNkFouFxBcq28+sQUyBoo33Lh1Ys9jPQCEn5B8lHYwk3iRft
odW//93dejNVDVIuNiepPL8HazNeg2sgAFLBJ/zQ47WCSgKtrm6v3PtE4qX49a4W
Ee7BPIEBq42AsuhMdoBVUXwDTSwDjURNl/vRtu7bl50o+I0F2C/dP8A6iHaJIDTP
T0h5i1FtTrpbctLq
-----END CERTIFICATE-----
Generated at Sat Sep 28 16:16:01 2024 by rpki-client on console-fra.rpki-client.org