Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/93149c-0829-4fcd-bd35-0f55ea33afe3/1/iF4Ix_YV-F1GiE1Itwa5izRgXQA.roa
File: iF4Ix_YV-F1GiE1Itwa5izRgXQA.roa (raw, json)
Hash identifier: 2oyXRSfO/YSF1ra4NIw/CYRyVeuQ7qJ8kG3p4KnZsEU=
Subject key identifier: 88:5E:08:C7:F6:15:F8:5D:46:88:4D:48:B7:06:B9:8B:34:60:5D:00
Certificate issuer: /CN=1242466f8f8645c9f39f04874ddadf0d7136f67f
Certificate serial: 018CC3B68D0E4A0BCBC0370230F633F47E31
Authority key identifier: 12:42:46:6F:8F:86:45:C9:F3:9F:04:87:4D:DA:DF:0D:71:36:F6:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EkJGb4-GRcnznwSHTdrfDXE29n8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/93149c-0829-4fcd-bd35-0f55ea33afe3/1/iF4Ix_YV-F1GiE1Itwa5izRgXQA.roa
Signing time: Mon 01 Jan 2024 06:29:29 +0000
ROA not before: Mon 01 Jan 2024 06:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206089
IP address blocks: 89.46.36.0/24 maxlen: 24
89.33.43.0/24 maxlen: 24
89.33.40.0/24 maxlen: 24
89.33.42.0/24 maxlen: 24
185.196.33.0/24 maxlen: 24
185.196.34.0/24 maxlen: 24
185.196.35.0/24 maxlen: 24
185.196.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/93149c-0829-4fcd-bd35-0f55ea33afe3/1/EkJGb4-GRcnznwSHTdrfDXE29n8.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/93149c-0829-4fcd-bd35-0f55ea33afe3/1/EkJGb4-GRcnznwSHTdrfDXE29n8.mft
rsync://rpki.ripe.net/repository/DEFAULT/EkJGb4-GRcnznwSHTdrfDXE29n8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:8d:0e:4a:0b:cb:c0:37:02:30:f6:33:f4:7e:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1242466f8f8645c9f39f04874ddadf0d7136f67f
Validity
Not Before: Jan 1 06:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=885e08c7f615f85d46884d48b706b98b34605d00
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:9c:b3:6f:ff:45:2c:8d:63:20:43:4a:db:d9:
1a:d8:f1:7d:bd:7b:57:0b:4b:cf:df:76:55:ce:4a:
ac:62:2b:a4:36:97:cd:c1:4a:f1:e7:a8:1c:64:f1:
54:33:c3:c7:46:31:5c:39:0c:63:28:de:8a:73:22:
0d:ec:48:f6:bb:58:f6:ce:b8:92:c7:8e:01:84:f1:
5b:86:17:30:4b:3d:3d:06:6d:12:8a:b2:d5:82:ed:
64:b4:17:da:c9:46:60:8f:a8:de:90:d9:84:fd:cf:
9b:a7:5f:89:c7:77:9d:62:7b:3f:e3:d6:b8:83:ce:
6e:05:45:81:f4:00:95:ba:d5:aa:18:f3:f6:91:49:
c0:a1:7e:1b:cb:a8:50:0a:c4:6e:5c:f9:76:d9:f5:
3c:76:07:ab:96:de:77:05:46:51:db:68:95:0f:f9:
23:16:e7:a5:bb:11:c6:da:dd:32:32:36:d9:be:10:
bd:3c:ac:a2:66:55:ff:ad:39:09:a6:db:f0:4c:da:
87:a7:3e:df:44:17:99:98:ae:1b:61:81:cc:f7:f6:
d6:a3:98:03:28:86:c6:fe:89:eb:c6:98:0d:fd:6a:
fc:53:4e:ce:ed:77:39:66:ea:45:38:6b:62:3a:ae:
9f:61:59:73:47:f1:5c:87:55:7e:07:aa:7a:c9:19:
a8:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:5E:08:C7:F6:15:F8:5D:46:88:4D:48:B7:06:B9:8B:34:60:5D:00
X509v3 Authority Key Identifier:
keyid:12:42:46:6F:8F:86:45:C9:F3:9F:04:87:4D:DA:DF:0D:71:36:F6:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EkJGb4-GRcnznwSHTdrfDXE29n8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/93149c-0829-4fcd-bd35-0f55ea33afe3/1/iF4Ix_YV-F1GiE1Itwa5izRgXQA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/93149c-0829-4fcd-bd35-0f55ea33afe3/1/EkJGb4-GRcnznwSHTdrfDXE29n8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.40.0/24
89.33.42.0/23
89.46.36.0/24
185.196.32.0/22
Signature Algorithm: sha256WithRSAEncryption
94:6f:f1:d7:03:22:24:42:ac:1d:5d:2e:cf:48:c7:a0:af:f2:
ec:ee:24:16:19:36:4a:02:38:23:73:4f:7f:27:ce:90:b0:57:
e9:e4:10:80:8f:f4:81:e0:4c:a6:0e:44:6f:2f:06:71:82:32:
41:10:5f:da:b5:3d:b1:ed:9c:90:5c:93:a1:5b:fb:e6:27:51:
50:3e:9a:39:dc:bb:a4:87:2b:97:0d:9a:f1:8e:ca:8b:d2:d0:
65:ae:a2:17:a5:38:1d:c0:2e:b2:49:d8:39:b0:b7:b0:0c:6f:
6c:b6:5f:10:8a:b2:56:b3:cb:12:bb:e2:40:50:40:59:65:18:
82:16:21:9f:17:86:7d:ef:6d:18:ec:a1:ae:a1:f9:5f:2a:56:
59:20:b7:7a:4c:62:7e:55:8d:d2:c9:7e:de:c6:49:5b:a3:a0:
d2:c1:4c:2d:cc:ad:2a:f7:27:d6:ca:b1:ed:47:b7:59:60:bd:
87:5d:00:cb:de:29:ea:a9:36:67:9b:be:7e:bd:ad:27:84:b7:
0d:5f:3d:14:37:bd:9c:ee:06:7c:1d:29:ef:92:4d:cf:22:1c:
1a:f6:54:9d:53:46:d6:7b:3e:a5:4d:64:fb:f1:3c:16:21:7d:
79:bc:9a:e7:41:24:e7:1b:39:fc:83:a6:0a:ce:21:c3:e9:b5:
06:b2:c6:61
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzDto0OSgvLwDcCMPYz9H4xMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNDI0NjZmOGY4NjQ1YzlmMzlmMDQ4NzRkZGFkZjBkNzEz
NmY2N2YwHhcNMjQwMTAxMDYyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODVlMDhjN2Y2MTVmODVkNDY4ODRkNDhiNzA2Yjk4YjM0NjA1ZDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmJyzb/9FLI1jIENK29ka2PF9vXtX
C0vP33ZVzkqsYiukNpfNwUrx56gcZPFUM8PHRjFcOQxjKN6KcyIN7Ej2u1j2zriS
x44BhPFbhhcwSz09Bm0SirLVgu1ktBfayUZgj6jekNmE/c+bp1+Jx3edYns/49a4
g85uBUWB9ACVutWqGPP2kUnAoX4by6hQCsRuXPl22fU8dgerlt53BUZR22iVD/kj
FueluxHG2t0yMjbZvhC9PKyiZlX/rTkJptvwTNqHpz7fRBeZmK4bYYHM9/bWo5gD
KIbG/onrxpgN/Wr8U07O7Xc5ZupFOGtiOq6fYVlzR/Fch1V+B6p6yRmorQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIheCMf2FfhdRohNSLcGuYs0YF0AMB8GA1UdIwQY
MBaAFBJCRm+PhkXJ858Eh03a3w1xNvZ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWtKR2I0LUdSY256bndTSFRkcmZEWEUyOW44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC85MzE0OWMtMDgyOS00ZmNkLWJkMzUt
MGY1NWVhMzNhZmUzLzEvaUY0SXhfWVYtRjFHaUUxSXR3YTVpelJnWFFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC85MzE0OWMtMDgyOS00ZmNkLWJkMzUtMGY1NWVhMzNhZmUz
LzEvRWtKR2I0LUdSY256bndTSFRkcmZEWEUyOW44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSEoAwQB
WSEqAwQAWS4kAwQCucQgMA0GCSqGSIb3DQEBCwUAA4IBAQCUb/HXAyIkQqwdXS7P
SMegr/Ls7iQWGTZKAjgjc09/J86QsFfp5BCAj/SB4EymDkRvLwZxgjJBEF/atT2x
7ZyQXJOhW/vmJ1FQPpo53LukhyuXDZrxjsqL0tBlrqIXpTgdwC6ySdg5sLewDG9s
tl8QirJWs8sSu+JAUEBZZRiCFiGfF4Z9720Y7KGuoflfKlZZILd6TGJ+VY3SyX7e
xklbo6DSwUwtzK0q9yfWyrHtR7dZYL2HXQDL3inqqTZnm75+va0nhLcNXz0UN72c
7gZ8HSnvkk3PIhwa9lSdU0bWez6lTWT78TwWIX15vJrnQSTnGzn8g6YKziHD6bUG
ssZh
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:40:44 2024 by rpki-client on console-fra.rpki-client.org