Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/IroBev8T8jW8vUNVdXPRxyv-fw8.roa
File: IroBev8T8jW8vUNVdXPRxyv-fw8.roa (raw, json)
Hash identifier: YORFm7o3SSfIxew+tggJQLs4Q0rg+GSj6B8yUHp+nJ8=
Subject key identifier: 22:BA:01:7A:FF:13:F2:35:BC:BD:43:55:75:73:D1:C7:2B:FE:7F:0F
Certificate issuer: /CN=eb7c822d1e94517c88515cc9b3fc2bde129b454c
Certificate serial: 018CCA294EE6E5805F4ED046633745884AA8
Authority key identifier: EB:7C:82:2D:1E:94:51:7C:88:51:5C:C9:B3:FC:2B:DE:12:9B:45:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/63yCLR6UUXyIUVzJs_wr3hKbRUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/IroBev8T8jW8vUNVdXPRxyv-fw8.roa
Signing time: Tue 02 Jan 2024 12:32:34 +0000
ROA not before: Tue 02 Jan 2024 12:32:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42598
IP address blocks: 194.55.4.0/24 maxlen: 24
194.55.6.0/24 maxlen: 24
194.55.5.0/24 maxlen: 24
2a0c:ca40:5::/48 maxlen: 48
2a0c:ca40:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/63yCLR6UUXyIUVzJs_wr3hKbRUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/63yCLR6UUXyIUVzJs_wr3hKbRUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/63yCLR6UUXyIUVzJs_wr3hKbRUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:4e:e6:e5:80:5f:4e:d0:46:63:37:45:88:4a:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb7c822d1e94517c88515cc9b3fc2bde129b454c
Validity
Not Before: Jan 2 12:32:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=22ba017aff13f235bcbd43557573d1c72bfe7f0f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:3a:72:7b:65:68:20:6e:84:f1:ae:5e:0f:a2:
d8:ed:2c:a9:1b:3f:63:4b:6b:f8:9a:2b:71:2d:0f:
5b:c0:63:83:70:ae:18:9e:5d:14:ce:31:d3:2c:20:
74:fd:d0:a9:64:87:06:bf:c8:84:99:2a:35:5c:15:
c6:45:1e:8a:24:1f:98:3d:59:7e:8a:7f:c6:1f:48:
38:05:ab:88:ad:3e:22:99:cf:a6:4c:b5:88:e4:f7:
1b:f0:4b:b3:bd:83:42:35:b4:33:f0:8d:94:7b:7d:
49:22:d8:0d:bf:06:6e:6e:5b:6b:ff:e4:ff:04:2f:
b5:44:ae:af:3b:8d:a2:5f:44:17:62:42:5a:d7:49:
08:de:4f:97:5b:f4:d7:34:88:24:ef:e5:ae:f8:17:
64:51:c4:07:c6:cf:c1:ff:cb:94:11:5a:21:c0:14:
19:16:70:af:b5:4c:af:85:ec:63:67:a4:99:f7:d9:
dd:46:3d:d4:c3:75:85:5d:53:e0:fe:19:84:da:4a:
36:79:19:6f:f9:f4:73:69:3f:93:31:cb:33:6c:2e:
12:ff:e1:a6:9b:a7:2f:01:f2:61:c2:e0:1c:7b:10:
3e:92:09:f4:64:23:1d:db:fd:2f:85:1a:84:2b:d6:
8a:88:b7:5b:d6:03:eb:40:8d:92:75:34:f4:08:9c:
24:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:BA:01:7A:FF:13:F2:35:BC:BD:43:55:75:73:D1:C7:2B:FE:7F:0F
X509v3 Authority Key Identifier:
keyid:EB:7C:82:2D:1E:94:51:7C:88:51:5C:C9:B3:FC:2B:DE:12:9B:45:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/63yCLR6UUXyIUVzJs_wr3hKbRUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/IroBev8T8jW8vUNVdXPRxyv-fw8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/11933b-fc0b-410f-9c34-1064504e2b97/1/63yCLR6UUXyIUVzJs_wr3hKbRUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.55.4.0-194.55.6.255
IPv6:
2a0c:ca40:5::-2a0c:ca40:6:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
98:5a:85:e4:ec:67:c9:23:47:c1:46:09:69:ac:77:d3:5d:02:
7b:12:93:3f:6c:d2:85:a5:c0:3f:a9:71:fe:5d:cc:08:90:52:
5e:5c:e3:81:f0:da:52:c5:c9:c0:78:39:de:50:65:6c:2e:8b:
ae:69:ea:1f:ee:66:33:d7:46:fe:c1:b5:de:6c:11:78:e2:ae:
a0:a9:49:18:94:29:2d:69:ca:39:ca:be:06:09:90:fd:c8:ca:
38:9c:ef:1d:4f:de:55:76:57:3f:0e:b1:a3:54:03:86:f9:47:
9f:73:2c:33:8c:f1:06:d7:ab:3c:23:8b:42:d3:28:63:5c:c5:
ba:f2:0c:9c:ee:61:1a:ca:a0:88:f9:1f:f2:15:f7:46:e0:01:
43:e6:a2:59:87:55:49:0f:88:7e:e6:b9:bf:d4:de:1d:24:91:
aa:bb:c3:f8:75:3a:33:10:c2:9d:84:be:61:d3:fa:bf:c1:ed:
9b:43:98:9b:06:1b:3d:0c:f2:a0:f0:3e:71:01:2e:ac:09:e1:
ab:c6:c9:0c:73:30:9d:be:86:7c:39:ef:cf:93:67:7d:68:f7:
c7:7b:51:d0:84:ae:22:40:f9:24:93:f3:cb:98:d6:ab:4b:92:
ad:1c:14:7a:7f:ed:d0:cb:d6:61:a2:cc:51:59:34:4d:c2:57:
22:6d:99:77
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAYzKKU7m5YBfTtBGYzdFiEqoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViN2M4MjJkMWU5NDUxN2M4ODUxNWNjOWIzZmMyYmRlMTI5
YjQ1NGMwHhcNMjQwMTAyMTIzMjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMmJhMDE3YWZmMTNmMjM1YmNiZDQzNTU3NTczZDFjNzJiZmU3ZjBmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAizpye2VoIG6E8a5eD6LY7SypGz9j
S2v4mitxLQ9bwGODcK4Ynl0UzjHTLCB0/dCpZIcGv8iEmSo1XBXGRR6KJB+YPVl+
in/GH0g4BauIrT4imc+mTLWI5Pcb8EuzvYNCNbQz8I2Ue31JItgNvwZubltr/+T/
BC+1RK6vO42iX0QXYkJa10kI3k+XW/TXNIgk7+Wu+BdkUcQHxs/B/8uUEVohwBQZ
FnCvtUyvhexjZ6SZ99ndRj3Uw3WFXVPg/hmE2ko2eRlv+fRzaT+TMcszbC4S/+Gm
m6cvAfJhwuAcexA+kgn0ZCMd2/0vhRqEK9aKiLdb1gPrQI2SdTT0CJwk2QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFCK6AXr/E/I1vL1DVXVz0ccr/n8PMB8GA1UdIwQY
MBaAFOt8gi0elFF8iFFcybP8K94Sm0VMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNjN5Q0xSNlVVWHlJVVZ6SnNfd3IzaEtiUlV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC8xMTkzM2ItZmMwYi00MTBmLTljMzQt
MTA2NDUwNGUyYjk3LzEvSXJvQmV2OFQ4alc4dlVOVmRYUFJ4eXYtZnc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC8xMTkzM2ItZmMwYi00MTBmLTljMzQtMTA2NDUwNGUyYjk3
LzEvNjN5Q0xSNlVVWHlJVVZ6SnNfd3IzaEtiUlV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAUBAIAATAOMAwDBALCNwQD
BADCNwYwGgQCAAIwFDASAwcAKgzKQAAFAwcAKgzKQAAGMA0GCSqGSIb3DQEBCwUA
A4IBAQCYWoXk7GfJI0fBRglprHfTXQJ7EpM/bNKFpcA/qXH+XcwIkFJeXOOB8NpS
xcnAeDneUGVsLouuaeof7mYz10b+wbXebBF44q6gqUkYlCktaco5yr4GCZD9yMo4
nO8dT95Vdlc/DrGjVAOG+UefcywzjPEG16s8I4tC0yhjXMW68gyc7mEayqCI+R/y
FfdG4AFD5qJZh1VJD4h+5rm/1N4dJJGqu8P4dTozEMKdhL5h0/q/we2bQ5ibBhs9
DPKg8D5xAS6sCeGrxskMczCdvoZ8Oe/Pk2d9aPfHe1HQhK4iQPkkk/PLmNarS5Kt
HBR6f+3Qy9ZhosxRWTRNwlcibZl3
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:16:39 2024 by rpki-client on console-fra.rpki-client.org