Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/dc205b-af5d-4dff-852a-877d31c161c3/1/iX4i9eGEfvWdJcJPv7YiWwiGQ94.roa
File: iX4i9eGEfvWdJcJPv7YiWwiGQ94.roa (raw, json)
Hash identifier: hX765fXD1PunCKeAfAeCT7yAAsy4dj0EaX+4K+jqFBs=
Subject key identifier: 89:7E:22:F5:E1:84:7E:F5:9D:25:C2:4F:BF:B6:22:5B:08:86:43:DE
Certificate issuer: /CN=2144472d1697369d832ba126e5e17232acd5f5f3
Certificate serial: 018CCA9996DC1E69047B06E2CE58E2B7FCCA
Authority key identifier: 21:44:47:2D:16:97:36:9D:83:2B:A1:26:E5:E1:72:32:AC:D5:F5:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IURHLRaXNp2DK6Em5eFyMqzV9fM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/dc205b-af5d-4dff-852a-877d31c161c3/1/iX4i9eGEfvWdJcJPv7YiWwiGQ94.roa
Signing time: Tue 02 Jan 2024 14:35:12 +0000
ROA not before: Tue 02 Jan 2024 14:35:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51083
IP address blocks: 5.183.104.0/22 maxlen: 22
45.92.252.0/22 maxlen: 22
193.23.246.0/23 maxlen: 23
193.23.164.0/23 maxlen: 23
193.23.164.0/24 maxlen: 24
2a10:a080::/29 maxlen: 29
2a0e:c400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/dc205b-af5d-4dff-852a-877d31c161c3/1/IURHLRaXNp2DK6Em5eFyMqzV9fM.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/dc205b-af5d-4dff-852a-877d31c161c3/1/IURHLRaXNp2DK6Em5eFyMqzV9fM.mft
rsync://rpki.ripe.net/repository/DEFAULT/IURHLRaXNp2DK6Em5eFyMqzV9fM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:99:96:dc:1e:69:04:7b:06:e2:ce:58:e2:b7:fc:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2144472d1697369d832ba126e5e17232acd5f5f3
Validity
Not Before: Jan 2 14:35:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=897e22f5e1847ef59d25c24fbfb6225b088643de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:86:37:c0:06:2d:4a:77:86:fb:72:a3:fc:c5:
01:34:3b:f8:b8:ea:e2:1a:2e:cd:4b:0d:d8:b1:98:
3d:bf:2a:ad:75:9e:f5:fe:51:3b:c2:c5:ac:eb:36:
4b:c8:70:98:5b:7f:72:bb:c5:f4:52:83:ec:dc:46:
7f:4a:60:f2:78:09:1f:15:2f:1a:49:90:62:ef:23:
0e:99:ed:82:72:67:25:0c:36:83:9d:a0:47:fa:bc:
ad:87:35:af:64:ff:38:42:5b:4d:18:cf:ad:db:6e:
2e:ef:30:1d:60:c8:fc:fb:98:7f:43:2a:e8:70:e1:
cf:a9:32:25:4e:57:bb:11:f5:61:5b:13:47:a4:0f:
c8:ff:dc:66:27:b4:94:01:41:69:28:81:c0:a2:4d:
95:50:3f:f0:ad:fb:8e:03:de:6d:2c:f7:8e:71:9c:
1c:49:9d:9a:3c:a8:a8:9a:d7:66:85:80:2f:84:58:
1b:92:58:d3:dc:e6:54:12:fe:60:b1:5c:8e:63:44:
70:56:02:cd:42:a0:42:8d:35:07:86:c9:6f:a1:85:
aa:56:18:04:06:91:c5:4f:70:73:00:d8:49:f5:39:
62:f2:25:90:28:2f:4f:bd:83:c4:ad:0a:5f:58:d4:
fa:fa:79:89:11:8c:68:a6:be:83:ab:6b:ca:39:e2:
79:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:7E:22:F5:E1:84:7E:F5:9D:25:C2:4F:BF:B6:22:5B:08:86:43:DE
X509v3 Authority Key Identifier:
keyid:21:44:47:2D:16:97:36:9D:83:2B:A1:26:E5:E1:72:32:AC:D5:F5:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IURHLRaXNp2DK6Em5eFyMqzV9fM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/dc205b-af5d-4dff-852a-877d31c161c3/1/iX4i9eGEfvWdJcJPv7YiWwiGQ94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/dc205b-af5d-4dff-852a-877d31c161c3/1/IURHLRaXNp2DK6Em5eFyMqzV9fM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.104.0/22
45.92.252.0/22
193.23.164.0/23
193.23.246.0/23
IPv6:
2a0e:c400::/29
2a10:a080::/29
Signature Algorithm: sha256WithRSAEncryption
4b:95:ac:e5:d1:bb:87:d5:a7:f5:87:0e:9f:76:52:db:ce:ac:
db:98:68:d2:6e:83:cc:0c:64:d3:d3:80:e4:83:d9:ac:29:1a:
a9:e8:5d:7c:dc:d5:8a:b3:16:e1:ad:d6:15:2a:52:ea:85:83:
12:e5:2e:d0:6b:23:77:2d:dc:3f:c2:72:1a:b1:c5:2a:e2:bf:
ec:b4:cd:5d:e7:82:2e:e8:d1:21:42:8e:1a:dd:72:43:6d:8f:
0a:ef:3a:fd:0d:1c:e4:bc:c0:6c:44:6e:70:40:25:b2:12:5b:
f4:ff:04:6c:8f:c5:69:91:62:ca:c0:a2:95:11:8e:10:43:40:
07:af:c3:bc:05:34:25:ba:a9:5a:de:8b:60:98:53:9d:f6:61:
7a:77:37:dd:6e:8b:1b:e7:8c:8a:fe:ff:c9:3e:2a:db:79:db:
dd:a3:db:04:00:9b:5d:64:1a:f8:50:30:f5:8e:3d:a5:3e:b0:
10:59:aa:11:87:e3:b6:4d:39:a8:73:cc:22:a9:e5:5f:7d:da:
d7:9c:cb:77:a8:e2:16:10:2a:e9:2f:54:37:b1:1b:82:b0:1d:
1b:52:f9:16:36:8d:ea:3e:2a:80:cc:64:ec:23:75:9a:ca:96:
8b:81:51:10:2d:aa:be:30:76:57:85:69:af:43:bb:8d:47:59:
bc:4f:07:24
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAYzKmZbcHmkEewbizljit/zKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNDQ0NzJkMTY5NzM2OWQ4MzJiYTEyNmU1ZTE3MjMyYWNk
NWY1ZjMwHhcNMjQwMTAyMTQzNTEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTdlMjJmNWUxODQ3ZWY1OWQyNWMyNGZiZmI2MjI1YjA4ODY0M2RlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYY3wAYtSneG+3Kj/MUBNDv4uOri
Gi7NSw3YsZg9vyqtdZ71/lE7wsWs6zZLyHCYW39yu8X0UoPs3EZ/SmDyeAkfFS8a
SZBi7yMOme2CcmclDDaDnaBH+rythzWvZP84QltNGM+t224u7zAdYMj8+5h/Qyro
cOHPqTIlTle7EfVhWxNHpA/I/9xmJ7SUAUFpKIHAok2VUD/wrfuOA95tLPeOcZwc
SZ2aPKiomtdmhYAvhFgbkljT3OZUEv5gsVyOY0RwVgLNQqBCjTUHhslvoYWqVhgE
BpHFT3BzANhJ9Tli8iWQKC9PvYPErQpfWNT6+nmJEYxopr6Dq2vKOeJ5uQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFIl+IvXhhH71nSXCT7+2IlsIhkPeMB8GA1UdIwQY
MBaAFCFERy0WlzadgyuhJuXhcjKs1fXzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVVSSExSYVhOcDJESzZFbTVlRnlNcXpWOWZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9kYzIwNWItYWY1ZC00ZGZmLTg1MmEt
ODc3ZDMxYzE2MWMzLzEvaVg0aTllR0VmdldkSmNKUHY3WWlXd2lHUTk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9kYzIwNWItYWY1ZC00ZGZmLTg1MmEtODc3ZDMxYzE2MWMz
LzEvSVVSSExSYVhOcDJESzZFbTVlRnlNcXpWOWZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAeBAIAATAYAwQCBbdoAwQC
LVz8AwQBwRekAwQBwRf2MBQEAgACMA4DBQMqDsQAAwUDKhCggDANBgkqhkiG9w0B
AQsFAAOCAQEAS5Ws5dG7h9Wn9YcOn3ZS286s25ho0m6DzAxk09OA5IPZrCkaqehd
fNzVirMW4a3WFSpS6oWDEuUu0Gsjdy3cP8JyGrHFKuK/7LTNXeeCLujRIUKOGt1y
Q22PCu86/Q0c5LzAbERucEAlshJb9P8EbI/FaZFiysCilRGOEENAB6/DvAU0Jbqp
Wt6LYJhTnfZhenc33W6LG+eMiv7/yT4q23nb3aPbBACbXWQa+FAw9Y49pT6wEFmq
EYfjtk05qHPMIqnlX33a15zLd6jiFhAq6S9UN7EbgrAdG1L5FjaN6j4qgMxk7CN1
msqWi4FREC2qvjB2V4Vpr0O7jUdZvE8HJA==
-----END CERTIFICATE-----
Generated at Tue Nov 26 21:28:33 2024 by rpki-client on console-fra.rpki-client.org