Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/ITOfT5x8HNaMTRqO1MyAG-MGFx4.roa
File: ITOfT5x8HNaMTRqO1MyAG-MGFx4.roa (raw, json)
Hash identifier: m2VHu0FPkdzfZmXoWvUiZgMffAck24OTu44fsNVBiWI=
Subject key identifier: 21:33:9F:4F:9C:7C:1C:D6:8C:4D:1A:8E:D4:CC:80:1B:E3:06:17:1E
Certificate issuer: /CN=15dc3cb1e07d714b725f51a66d1dcfd87ae1c51a
Certificate serial: 018CC94E69671D1B2B13A8EDDDC0D8BBD193
Authority key identifier: 15:DC:3C:B1:E0:7D:71:4B:72:5F:51:A6:6D:1D:CF:D8:7A:E1:C5:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Fdw8seB9cUtyX1GmbR3P2HrhxRo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/ITOfT5x8HNaMTRqO1MyAG-MGFx4.roa
Signing time: Tue 02 Jan 2024 08:33:28 +0000
ROA not before: Tue 02 Jan 2024 08:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209564
IP address blocks: 185.240.182.0/24 maxlen: 24
185.240.183.0/24 maxlen: 24
82.146.23.0/24 maxlen: 24
84.238.223.0/24 maxlen: 24
185.32.151.0/24 maxlen: 24
185.32.149.0/24 maxlen: 24
185.32.150.0/24 maxlen: 24
185.32.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/Fdw8seB9cUtyX1GmbR3P2HrhxRo.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/Fdw8seB9cUtyX1GmbR3P2HrhxRo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Fdw8seB9cUtyX1GmbR3P2HrhxRo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:69:67:1d:1b:2b:13:a8:ed:dd:c0:d8:bb:d1:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=15dc3cb1e07d714b725f51a66d1dcfd87ae1c51a
Validity
Not Before: Jan 2 08:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21339f4f9c7c1cd68c4d1a8ed4cc801be306171e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:6c:2b:27:bd:03:23:9b:f2:d6:cb:8a:c5:5b:
83:01:03:67:6e:d7:d0:cc:61:eb:e6:75:dc:83:ae:
49:0f:06:67:56:29:28:36:c0:0b:06:b5:b4:04:a9:
49:68:07:f2:40:5d:2b:59:00:d4:46:e3:31:2c:3f:
7d:2f:4d:c6:00:82:3c:f0:1d:d8:be:f9:cc:65:be:
df:f6:41:bb:9f:7c:ea:05:df:58:a3:d4:55:b5:43:
8c:88:41:0c:ff:b1:ff:1f:f3:c2:ac:f2:e1:d5:b8:
07:a6:bc:75:f7:86:c2:90:b6:25:b3:b9:8e:95:16:
cb:09:ae:4a:7a:36:9e:dc:5e:81:cd:bc:fe:bd:58:
a7:47:5c:35:ac:ad:6d:ac:18:96:73:bc:58:8d:98:
a7:a8:7f:46:f2:55:69:88:9e:45:1b:c2:c2:3c:d2:
c8:85:0e:01:f4:2c:8b:13:d3:d8:af:49:bd:ab:1e:
60:ef:de:a7:5b:9e:9a:b9:60:49:f6:7e:c5:3a:e3:
dd:87:f1:69:0e:33:db:5d:34:08:f6:17:cb:5c:90:
8e:9c:4c:fb:2d:77:38:6e:8a:1a:81:9d:13:d9:16:
e9:50:c9:01:b8:d1:30:bd:3f:57:b7:60:06:54:b8:
ea:c5:52:6e:6d:0e:33:18:82:52:78:ce:5f:17:94:
ef:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:33:9F:4F:9C:7C:1C:D6:8C:4D:1A:8E:D4:CC:80:1B:E3:06:17:1E
X509v3 Authority Key Identifier:
keyid:15:DC:3C:B1:E0:7D:71:4B:72:5F:51:A6:6D:1D:CF:D8:7A:E1:C5:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Fdw8seB9cUtyX1GmbR3P2HrhxRo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/ITOfT5x8HNaMTRqO1MyAG-MGFx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/a9cc5d-69e0-4597-ad64-fe2cb431cf2f/1/Fdw8seB9cUtyX1GmbR3P2HrhxRo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.146.23.0/24
84.238.223.0/24
185.32.148.0/22
185.240.182.0/23
Signature Algorithm: sha256WithRSAEncryption
8d:31:2b:07:cf:69:6b:27:4f:60:ec:5b:f6:87:13:66:97:d7:
d3:5a:6b:02:1e:d6:6f:98:c1:8e:5a:83:25:87:2d:ea:13:3c:
1d:40:99:ff:45:f6:13:6b:2c:e6:cf:53:1a:d5:d5:b6:63:77:
c4:42:52:25:08:4f:88:66:a7:86:7c:70:db:1d:fd:3e:49:f6:
c6:5f:be:9c:74:d3:d9:4b:51:0f:8e:52:c4:ab:70:0a:45:09:
64:17:af:db:c5:8f:12:8e:4d:80:f4:5f:17:2a:21:ed:71:da:
d9:cd:4b:0b:a5:0a:63:16:53:e7:f5:4f:2f:f8:ad:2b:3a:d3:
b8:8e:db:cf:a1:35:73:9c:d2:a2:f4:a4:15:4d:95:06:ef:95:
ae:52:d1:3e:0f:d8:0e:0d:fb:b7:d4:25:99:a6:ed:12:69:a3:
92:72:07:fd:87:3d:5d:fb:e9:3c:03:7a:b3:5b:ec:48:5b:53:
44:e2:81:6c:03:89:2f:34:ad:e1:20:5f:47:46:9c:c3:ea:79:
f5:e0:89:0b:74:79:19:15:1b:d5:8e:84:d3:4c:51:38:db:8a:
e8:68:fe:fb:0a:3e:e9:2b:ff:a8:0f:d0:83:bc:57:85:da:36:
7e:d0:fb:46:94:8d:ca:aa:53:09:35:23:60:85:2e:ea:71:b6:
5c:a2:b6:7d
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJTmlnHRsrE6jt3cDYu9GTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE1ZGMzY2IxZTA3ZDcxNGI3MjVmNTFhNjZkMWRjZmQ4N2Fl
MWM1MWEwHhcNMjQwMTAyMDgzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTMzOWY0ZjljN2MxY2Q2OGM0ZDFhOGVkNGNjODAxYmUzMDYxNzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhGwrJ70DI5vy1suKxVuDAQNnbtfQ
zGHr5nXcg65JDwZnVikoNsALBrW0BKlJaAfyQF0rWQDURuMxLD99L03GAII88B3Y
vvnMZb7f9kG7n3zqBd9Yo9RVtUOMiEEM/7H/H/PCrPLh1bgHprx194bCkLYls7mO
lRbLCa5Kejae3F6Bzbz+vVinR1w1rK1trBiWc7xYjZinqH9G8lVpiJ5FG8LCPNLI
hQ4B9CyLE9PYr0m9qx5g796nW56auWBJ9n7FOuPdh/FpDjPbXTQI9hfLXJCOnEz7
LXc4booagZ0T2RbpUMkBuNEwvT9Xt2AGVLjqxVJubQ4zGIJSeM5fF5TvYQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCEzn0+cfBzWjE0ajtTMgBvjBhceMB8GA1UdIwQY
MBaAFBXcPLHgfXFLcl9Rpm0dz9h64cUaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmR3OHNlQjljVXR5WDFHbWJSM1AySHJoeFJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9hOWNjNWQtNjllMC00NTk3LWFkNjQt
ZmUyY2I0MzFjZjJmLzEvSVRPZlQ1eDhITmFNVFJxTzFNeUFHLU1HRng0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9hOWNjNWQtNjllMC00NTk3LWFkNjQtZmUyY2I0MzFjZjJm
LzEvRmR3OHNlQjljVXR5WDFHbWJSM1AySHJoeFJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpIXAwQA
VO7fAwQCuSCUAwQBufC2MA0GCSqGSIb3DQEBCwUAA4IBAQCNMSsHz2lrJ09g7Fv2
hxNml9fTWmsCHtZvmMGOWoMlhy3qEzwdQJn/RfYTayzmz1Ma1dW2Y3fEQlIlCE+I
ZqeGfHDbHf0+SfbGX76cdNPZS1EPjlLEq3AKRQlkF6/bxY8Sjk2A9F8XKiHtcdrZ
zUsLpQpjFlPn9U8v+K0rOtO4jtvPoTVznNKi9KQVTZUG75WuUtE+D9gODfu31CWZ
pu0SaaOScgf9hz1d++k8A3qzW+xIW1NE4oFsA4kvNK3hIF9HRpzD6nn14IkLdHkZ
FRvVjoTTTFE424roaP77Cj7pK/+oD9CDvFeF2jZ+0PtGlI3KqlMJNSNghS7qcbZc
orZ9
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:58:31 2024 by rpki-client on console-ams.rpki-client.org