Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iPJble0T4IN3YY5OvjYwX1J7U0k.roa
File: iPJble0T4IN3YY5OvjYwX1J7U0k.roa (raw, json)
Hash identifier: ETOi9KQ3T1wkXHiRjZ7vnX7PfzVFPcgVOFCJGNGZ8jI=
Subject key identifier: 88:F2:5B:95:ED:13:E0:83:77:61:8E:4E:BE:36:30:5F:52:7B:53:49
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 018D8E5F70442DE48DE3077839A1EBE97E0B
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iPJble0T4IN3YY5OvjYwX1J7U0k.roa
Signing time: Fri 09 Feb 2024 14:57:15 +0000
ROA not before: Fri 09 Feb 2024 14:57:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209043
IP address blocks: 185.194.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 09:57:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:8e:5f:70:44:2d:e4:8d:e3:07:78:39:a1:eb:e9:7e:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Feb 9 14:57:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=88f25b95ed13e08377618e4ebe36305f527b5349
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f3:36:12:24:bf:73:25:4e:27:7b:c8:50:b4:
3a:f9:da:41:04:25:6a:d8:e9:a5:87:39:91:8b:f7:
ec:d6:7f:cf:bc:07:ae:02:77:aa:14:4b:2a:c5:a2:
f5:5d:7c:bf:ff:64:cc:d1:b7:7a:67:a8:db:55:72:
a0:04:b8:bd:80:a1:94:24:80:a5:94:39:5f:28:26:
11:2c:58:4a:70:9c:22:ef:b3:98:b8:86:9d:48:48:
bc:12:08:0c:8b:f0:8d:24:80:87:56:8c:00:98:b4:
c5:32:47:1e:5e:83:54:bc:cb:48:32:0e:1f:e2:ec:
c0:1f:dc:ce:82:bf:e4:f5:fd:2f:80:39:db:46:f0:
db:f7:18:e1:8f:bb:23:35:70:06:c5:58:de:41:a6:
a2:80:d0:8b:c0:c1:af:6e:a0:09:36:c9:2e:77:38:
d4:46:c7:cf:e1:36:30:60:6a:48:7f:2a:29:92:70:
9f:0c:ce:43:e7:0d:41:7e:92:8d:e6:e9:69:c7:ff:
19:15:a0:45:59:8b:5f:07:0d:64:aa:42:c1:63:7b:
32:f7:a2:6e:93:c8:f5:e8:1a:7e:ed:ea:b7:62:b1:
6c:4e:f0:9a:e5:be:e4:43:54:28:ab:5e:40:36:95:
ea:cb:2a:82:bd:83:d3:f3:51:fd:4c:01:00:fd:32:
c3:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:F2:5B:95:ED:13:E0:83:77:61:8E:4E:BE:36:30:5F:52:7B:53:49
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/iPJble0T4IN3YY5OvjYwX1J7U0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.194.176.0/24
Signature Algorithm: sha256WithRSAEncryption
4f:1b:70:7f:72:ac:cc:e5:62:ba:cf:dd:d7:90:05:a5:71:13:
15:9f:7a:00:25:2e:f3:46:eb:8d:16:6d:ac:e1:29:03:30:1a:
97:4c:78:f1:64:be:4b:f4:22:0a:4b:53:e1:da:05:1d:cb:e8:
20:60:85:0b:24:cc:ba:23:86:3e:5d:4a:f0:95:82:2d:00:8b:
a6:8b:c7:00:dd:3a:b1:f7:c5:70:39:7d:50:b3:cc:5b:be:9a:
53:53:9a:61:ac:3c:c4:4a:87:54:06:f9:cb:69:21:97:8a:d2:
1a:ec:2d:af:cd:9c:85:74:8c:ec:54:ca:db:90:b4:e2:76:9c:
e6:81:8f:b8:5f:dd:04:45:e5:ce:e0:9e:fc:df:25:85:29:58:
bc:ec:b7:6f:84:3b:45:40:72:5d:84:88:28:21:5c:75:4f:27:
3a:61:84:1b:91:2d:ef:c7:17:1d:0d:36:aa:94:23:47:4b:c5:
0b:65:77:cd:c6:9d:82:6a:43:0f:67:68:ce:c3:f8:8e:1f:57:
eb:e9:cd:d8:9c:7a:c8:ab:a4:23:e3:ad:0f:73:3b:b5:6c:ed:
53:79:d1:69:9f:c5:62:c3:29:de:38:26:5a:ca:81:43:c7:0c:
9f:65:84:7a:2d:76:2a:9f:22:85:7c:65:f6:69:46:3a:9b:38:
29:bc:5c:6c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY2OX3BELeSN4wd4OaHr6X4LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjQwMjA5MTQ1NzE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGYyNWI5NWVkMTNlMDgzNzc2MThlNGViZTM2MzA1ZjUyN2I1MzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPM2EiS/cyVOJ3vIULQ6+dpBBCVq
2OmlhzmRi/fs1n/PvAeuAneqFEsqxaL1XXy//2TM0bd6Z6jbVXKgBLi9gKGUJICl
lDlfKCYRLFhKcJwi77OYuIadSEi8EggMi/CNJICHVowAmLTFMkceXoNUvMtIMg4f
4uzAH9zOgr/k9f0vgDnbRvDb9xjhj7sjNXAGxVjeQaaigNCLwMGvbqAJNskudzjU
RsfP4TYwYGpIfyopknCfDM5D5w1BfpKN5ulpx/8ZFaBFWYtfBw1kqkLBY3sy96Ju
k8j16Bp+7eq3YrFsTvCa5b7kQ1Qoq15ANpXqyyqCvYPT81H9TAEA/TLDiwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFIjyW5XtE+CDd2GOTr42MF9Se1NJMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvaVBKYmxlMFQ0SU4zWVk1T3ZqWXdYMUo3VTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAucKwMA0G
CSqGSIb3DQEBCwUAA4IBAQBPG3B/cqzM5WK6z93XkAWlcRMVn3oAJS7zRuuNFm2s
4SkDMBqXTHjxZL5L9CIKS1Ph2gUdy+ggYIULJMy6I4Y+XUrwlYItAIumi8cA3Tqx
98VwOX1Qs8xbvppTU5phrDzESodUBvnLaSGXitIa7C2vzZyFdIzsVMrbkLTidpzm
gY+4X90EReXO4J783yWFKVi87LdvhDtFQHJdhIgoIVx1Tyc6YYQbkS3vxxcdDTaq
lCNHS8ULZXfNxp2CakMPZ2jOw/iOH1fr6c3YnHrIq6Qj460Pczu1bO1TedFpn8Vi
wyneOCZayoFDxwyfZYR6LXYqnyKFfGX2aUY6mzgpvFxs
-----END CERTIFICATE-----
Generated at Thu Nov 21 19:27:31 2024 by rpki-client on console-ams.rpki-client.org