Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/IrzLGxqFJNr1HbyZId1ZwAxaIu0.roa
File: IrzLGxqFJNr1HbyZId1ZwAxaIu0.roa (raw, json)
Hash identifier: 6kRceCQgWHMci2yNu+E/h3nBgsjgEjfZJhdTBCm5Bio=
Subject key identifier: 22:BC:CB:1B:1A:85:24:DA:F5:1D:BC:99:21:DD:59:C0:0C:5A:22:ED
Certificate issuer: /CN=932460b78f6e8f4662aec7858e92051e856099f5
Certificate serial: 018CC4253AF826B414DB1253B5EFF240F47B
Authority key identifier: 93:24:60:B7:8F:6E:8F:46:62:AE:C7:85:8E:92:05:1E:85:60:99:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kyRgt49uj0ZirseFjpIFHoVgmfU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/IrzLGxqFJNr1HbyZId1ZwAxaIu0.roa
Signing time: Mon 01 Jan 2024 08:30:23 +0000
ROA not before: Mon 01 Jan 2024 08:30:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47836
IP address blocks: 91.208.175.0/24 maxlen: 24
185.161.88.0/22 maxlen: 24
2a00:ddc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/kyRgt49uj0ZirseFjpIFHoVgmfU.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/kyRgt49uj0ZirseFjpIFHoVgmfU.mft
rsync://rpki.ripe.net/repository/DEFAULT/kyRgt49uj0ZirseFjpIFHoVgmfU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 28 Jun 2024 20:47:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:3a:f8:26:b4:14:db:12:53:b5:ef:f2:40:f4:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=932460b78f6e8f4662aec7858e92051e856099f5
Validity
Not Before: Jan 1 08:30:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22bccb1b1a8524daf51dbc9921dd59c00c5a22ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:41:8c:2c:27:c9:04:80:0d:4d:22:be:4d:72:
2a:97:b4:9d:c8:09:3d:66:ea:40:19:94:cd:50:ff:
bc:07:c4:11:21:eb:d6:37:40:72:27:94:00:39:61:
1f:3f:01:e2:a0:30:10:7f:32:46:46:f3:ee:34:ce:
f7:dc:54:78:e1:da:a1:ee:40:c5:1e:78:1c:df:e4:
a7:87:d5:f7:82:7f:08:da:bd:25:a4:f3:32:e3:c8:
fd:d7:14:e8:21:3b:5e:91:ce:53:31:1d:f5:c6:cd:
46:57:34:e2:ce:c2:49:3a:fd:ee:f2:22:cc:68:42:
6e:f0:27:76:30:96:c2:3b:d4:76:aa:14:68:2f:37:
b1:d9:a7:70:02:23:56:0a:9a:1d:6e:d9:3f:48:a3:
a8:d2:50:c2:a6:69:0a:0d:65:f8:38:8d:a0:1b:82:
c1:1d:66:ec:80:3a:4a:27:ec:3b:72:8a:ad:80:c5:
76:31:21:d7:dd:06:43:a6:f3:0b:cb:c4:a6:fa:bf:
2b:3e:59:0c:ce:f8:c6:23:2a:5b:3c:09:cb:8d:ba:
d5:5a:06:01:08:55:54:5a:1a:09:4b:ba:4d:9c:1f:
4e:37:ec:ef:10:f5:e7:4f:60:0a:79:b6:7b:af:e0:
62:ff:52:74:3e:76:b0:ca:c2:16:89:fe:36:ff:83:
b8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:BC:CB:1B:1A:85:24:DA:F5:1D:BC:99:21:DD:59:C0:0C:5A:22:ED
X509v3 Authority Key Identifier:
keyid:93:24:60:B7:8F:6E:8F:46:62:AE:C7:85:8E:92:05:1E:85:60:99:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kyRgt49uj0ZirseFjpIFHoVgmfU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/IrzLGxqFJNr1HbyZId1ZwAxaIu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/c251f1-cb70-4283-8433-8c9fcbb3ec52/1/kyRgt49uj0ZirseFjpIFHoVgmfU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.208.175.0/24
185.161.88.0/22
IPv6:
2a00:ddc0::/32
Signature Algorithm: sha256WithRSAEncryption
25:bb:84:9d:fa:98:42:55:e3:34:ef:8c:9f:a1:c1:c0:08:fd:
01:f3:b3:52:70:90:f3:ca:c6:ab:e8:74:37:d7:b9:d8:4b:e1:
c4:49:e5:4f:7b:5c:55:5c:2c:9b:b4:b4:d4:e0:d9:17:ca:01:
d8:39:9a:e2:7e:62:16:0c:63:dd:53:b2:3b:a2:b9:b5:28:7a:
68:3c:56:9d:20:be:8c:0f:21:65:11:44:13:5d:ee:45:3c:95:
ac:a3:60:20:3c:84:a1:ee:8b:e8:a3:99:1b:be:4f:ac:88:e8:
31:87:c6:66:79:be:bb:fa:60:93:d4:93:07:46:66:9a:93:41:
06:0b:b9:ed:9b:e2:44:45:95:57:bf:3b:f6:74:30:56:64:5a:
1d:76:89:88:41:fb:c0:0c:cb:15:12:4b:09:77:c1:06:e6:22:
af:d7:c6:14:01:60:20:75:ce:a2:c5:c7:55:ba:39:d3:95:f0:
34:f1:c5:2a:e8:60:33:eb:3a:a8:00:ff:4f:3d:39:08:ab:a5:
7e:07:43:cb:a5:ed:9b:e6:fd:75:f4:4f:11:56:0e:52:29:4e:
84:6b:63:8a:42:9a:0a:ed:9a:f4:2d:a0:5f:db:56:9c:4e:09:
c3:db:dd:48:74:a9:b2:58:a7:33:0a:0d:e8:37:81:10:6c:3b:
cc:58:34:17
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzEJTr4JrQU2xJTte/yQPR7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzMjQ2MGI3OGY2ZThmNDY2MmFlYzc4NThlOTIwNTFlODU2
MDk5ZjUwHhcNMjQwMTAxMDgzMDIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmJjY2IxYjFhODUyNGRhZjUxZGJjOTkyMWRkNTljMDBjNWEyMmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhkGMLCfJBIANTSK+TXIql7SdyAk9
ZupAGZTNUP+8B8QRIevWN0ByJ5QAOWEfPwHioDAQfzJGRvPuNM733FR44dqh7kDF
Hngc3+Snh9X3gn8I2r0lpPMy48j91xToITtekc5TMR31xs1GVzTizsJJOv3u8iLM
aEJu8Cd2MJbCO9R2qhRoLzex2adwAiNWCpodbtk/SKOo0lDCpmkKDWX4OI2gG4LB
HWbsgDpKJ+w7coqtgMV2MSHX3QZDpvMLy8Sm+r8rPlkMzvjGIypbPAnLjbrVWgYB
CFVUWhoJS7pNnB9ON+zvEPXnT2AKebZ7r+Bi/1J0PnawysIWif42/4O4KQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCK8yxsahSTa9R28mSHdWcAMWiLtMB8GA1UdIwQY
MBaAFJMkYLePbo9GYq7HhY6SBR6FYJn1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3lSZ3Q0OXVqMFppcnNlRmpwSUZIb1ZnbWZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9jMjUxZjEtY2I3MC00MjgzLTg0MzMt
OGM5ZmNiYjNlYzUyLzEvSXJ6TEd4cUZKTnIxSGJ5WklkMVp3QXhhSXUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9jMjUxZjEtY2I3MC00MjgzLTg0MzMtOGM5ZmNiYjNlYzUy
LzEva3lSZ3Q0OXVqMFppcnNlRmpwSUZIb1ZnbWZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAW9CvAwQC
uaFYMA0EAgACMAcDBQAqAN3AMA0GCSqGSIb3DQEBCwUAA4IBAQAlu4Sd+phCVeM0
74yfocHACP0B87NScJDzysar6HQ317nYS+HESeVPe1xVXCybtLTU4NkXygHYOZri
fmIWDGPdU7I7orm1KHpoPFadIL6MDyFlEUQTXe5FPJWso2AgPISh7ovoo5kbvk+s
iOgxh8Zmeb67+mCT1JMHRmaak0EGC7ntm+JERZVXvzv2dDBWZFoddomIQfvADMsV
EksJd8EG5iKv18YUAWAgdc6ixcdVujnTlfA08cUq6GAz6zqoAP9PPTkIq6V+B0PL
pe2b5v119E8RVg5SKU6Ea2OKQpoK7Zr0LaBf21acTgnD291IdKmyWKczCg3oN4EQ
bDvMWDQX
-----END CERTIFICATE-----
Generated at Fri Jun 28 02:12:48 2024 by rpki-client on console-ams.rpki-client.org