Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/IEXavJYKOXurd6kCJMb0P8VZC9k.roa
File: IEXavJYKOXurd6kCJMb0P8VZC9k.roa (raw, json)
Hash identifier: sK3SDTtCn6mRrHXcoxim7Y/Kuxp0lJEyMTFz1Zz9wXw=
Subject key identifier: 20:45:DA:BC:96:0A:39:7B:AB:77:A9:02:24:C6:F4:3F:C5:59:0B:D9
Certificate issuer: /CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Certificate serial: 018CC7272A722DFFE6A3A9E2270A17DF33D9
Authority key identifier: FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/IEXavJYKOXurd6kCJMb0P8VZC9k.roa
Signing time: Mon 01 Jan 2024 22:31:21 +0000
ROA not before: Mon 01 Jan 2024 22:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54203
IP address blocks: 176.67.85.0/24 maxlen: 24
176.67.80.0/23 maxlen: 23
176.67.86.0/24 maxlen: 24
185.91.120.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:2a:72:2d:ff:e6:a3:a9:e2:27:0a:17:df:33:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe8199e8345567d8516b788fe2e1d397e27c73a4
Validity
Not Before: Jan 1 22:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2045dabc960a397bab77a90224c6f43fc5590bd9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:94:2f:50:38:25:69:a7:12:bb:95:85:4c:7a:
41:bb:2f:3d:34:51:a9:e3:e7:96:6e:48:fb:e5:89:
ee:d5:8c:57:86:3d:12:ea:83:72:6b:07:07:0b:69:
7a:f1:0d:79:f7:c9:30:a5:d2:b1:71:8a:d0:6f:f5:
75:31:e7:6f:9a:4d:16:0d:cf:2d:c3:cc:b9:ff:b8:
89:ce:f7:22:14:97:5b:e1:88:c6:ed:42:3f:f1:24:
b1:bb:86:79:b1:33:b2:7d:cc:e2:c8:15:bb:5e:5d:
20:e6:64:69:2c:99:1e:6b:09:6d:a0:7c:4d:fe:8a:
19:75:b1:13:89:15:22:94:2a:f6:d2:7d:00:d5:57:
89:dc:65:67:64:70:a2:bb:92:db:32:ae:74:cd:d8:
e4:85:b3:ef:df:ba:63:c1:2f:00:04:1c:38:ef:32:
1d:b0:c1:3f:d8:0a:ce:39:03:80:6c:1b:2b:19:4e:
bb:04:f5:00:8b:45:cd:34:39:d3:69:c9:bc:e6:a4:
ff:1d:a0:81:43:fe:55:45:ef:55:0d:99:48:92:e0:
66:96:9c:82:09:57:90:c0:08:ec:3e:82:2f:78:a8:
01:13:a3:d6:92:b8:c1:e4:e8:0a:48:e5:c6:a0:26:
f5:c2:40:a0:27:e5:c3:d9:fc:cd:b5:72:b5:17:02:
b4:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:45:DA:BC:96:0A:39:7B:AB:77:A9:02:24:C6:F4:3F:C5:59:0B:D9
X509v3 Authority Key Identifier:
keyid:FE:81:99:E8:34:55:67:D8:51:6B:78:8F:E2:E1:D3:97:E2:7C:73:A4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/IEXavJYKOXurd6kCJMb0P8VZC9k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/d09e34-cc11-4394-904d-840ccb34b3f5/1/_oGZ6DRVZ9hRa3iP4uHTl-J8c6Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.67.80.0/23
176.67.85.0-176.67.86.255
185.91.120.0/22
Signature Algorithm: sha256WithRSAEncryption
26:77:0c:a3:6e:a6:fa:8a:92:71:ea:4c:0f:69:c6:c2:ac:78:
e8:9a:ed:40:dd:35:29:19:b4:ad:35:81:2b:6c:c7:9e:6a:cb:
51:22:46:f7:1d:55:09:96:8c:0f:2a:32:e4:40:d6:da:31:1b:
43:fb:5f:60:24:2a:bc:74:11:56:0c:df:9b:ec:ee:30:be:d2:
de:1e:7e:e5:c7:24:63:b2:ae:1e:69:36:e1:2a:ad:bd:5a:87:
05:58:06:d1:4f:f0:5c:39:fd:80:67:41:21:05:64:71:33:ed:
54:41:62:e5:97:ea:53:e8:49:83:a9:50:c8:3d:c3:79:da:e4:
9a:28:13:b5:3e:4d:c8:a5:e4:a9:10:ce:2f:3e:69:c5:a1:b5:
26:23:e0:f0:81:c0:ca:e0:37:f4:29:f0:00:e2:66:66:6a:b3:
5b:bf:7b:69:4a:90:8d:e4:1d:13:42:a5:12:47:69:db:42:a0:
72:4b:f7:95:c4:f3:eb:5e:4a:d2:d6:30:17:28:1e:e4:8f:b3:
ed:43:8c:fd:dc:31:bf:06:11:b7:f2:5a:08:02:50:5d:88:55:
e2:2e:a0:48:5b:e4:46:98:c6:e5:50:8a:52:a8:b7:39:fc:3b:
70:5f:ad:6c:49:38:9b:9c:28:00:d6:bc:5d:da:f0:fe:21:17:
dd:39:80:f5
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzHJypyLf/mo6niJwoX3zPZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlODE5OWU4MzQ1NTY3ZDg1MTZiNzg4ZmUyZTFkMzk3ZTI3
YzczYTQwHhcNMjQwMTAxMjIzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDQ1ZGFiYzk2MGEzOTdiYWI3N2E5MDIyNGM2ZjQzZmM1NTkwYmQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3JQvUDglaacSu5WFTHpBuy89NFGp
4+eWbkj75Ynu1YxXhj0S6oNyawcHC2l68Q1598kwpdKxcYrQb/V1Medvmk0WDc8t
w8y5/7iJzvciFJdb4YjG7UI/8SSxu4Z5sTOyfcziyBW7Xl0g5mRpLJkeawltoHxN
/ooZdbETiRUilCr20n0A1VeJ3GVnZHCiu5LbMq50zdjkhbPv37pjwS8ABBw47zId
sME/2ArOOQOAbBsrGU67BPUAi0XNNDnTacm85qT/HaCBQ/5VRe9VDZlIkuBmlpyC
CVeQwAjsPoIveKgBE6PWkrjB5OgKSOXGoCb1wkCgJ+XD2fzNtXK1FwK04QIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCBF2ryWCjl7q3epAiTG9D/FWQvZMB8GA1UdIwQY
MBaAFP6Bmeg0VWfYUWt4j+Lh05fifHOkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQt
ODQwY2NiMzRiM2Y1LzEvSUVYYXZKWUtPWHVyZDZrQ0pNYjBQOFZaQzlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kMDllMzQtY2MxMS00Mzk0LTkwNGQtODQwY2NiMzRiM2Y1
LzEvX29HWjZEUlZaOWhSYTNpUDR1SFRsLUo4YzZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQBsENQMAwD
BACwQ1UDBACwQ1YDBAK5W3gwDQYJKoZIhvcNAQELBQADggEBACZ3DKNupvqKknHq
TA9pxsKseOia7UDdNSkZtK01gStsx55qy1EiRvcdVQmWjA8qMuRA1toxG0P7X2Ak
Krx0EVYM35vs7jC+0t4efuXHJGOyrh5pNuEqrb1ahwVYBtFP8Fw5/YBnQSEFZHEz
7VRBYuWX6lPoSYOpUMg9w3na5JooE7U+Tcil5KkQzi8+acWhtSYj4PCBwMrgN/Qp
8ADiZmZqs1u/e2lKkI3kHRNCpRJHadtCoHJL95XE8+teStLWMBcoHuSPs+1DjP3c
Mb8GEbfyWggCUF2IVeIuoEhb5EaYxuVQilKotzn8O3BfrWxJOJucKADWvF3a8P4h
F905gPU=
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:19:56 2024 by rpki-client on console-ams.rpki-client.org