Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/24a817-24a6-4ac0-9336-7d7814c7a5f7/1/IYwOiQoomtCBZ16cw4iWiZy1t3c.roa
File: IYwOiQoomtCBZ16cw4iWiZy1t3c.roa (raw, json)
Hash identifier: TWR4YbzP7IbO7oOnmFWMM9AHpqc7yS2gE7K44Acnax8=
Subject key identifier: 21:8C:0E:89:0A:28:9A:D0:81:67:5E:9C:C3:88:96:89:9C:B5:B7:77
Certificate issuer: /CN=48e99a3feec64d6bad098d1b2df0b536a0388ea3
Certificate serial: 018CC50025F79EA406CE25FEB4EA8157E919
Authority key identifier: 48:E9:9A:3F:EE:C6:4D:6B:AD:09:8D:1B:2D:F0:B5:36:A0:38:8E:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SOmaP-7GTWutCY0bLfC1NqA4jqM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/24a817-24a6-4ac0-9336-7d7814c7a5f7/1/IYwOiQoomtCBZ16cw4iWiZy1t3c.roa
Signing time: Mon 01 Jan 2024 12:29:30 +0000
ROA not before: Mon 01 Jan 2024 12:29:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44943
IP address blocks: 178.22.48.0/21 maxlen: 21
185.34.240.0/24 maxlen: 24
185.34.241.0/24 maxlen: 24
2a00:b880::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/24a817-24a6-4ac0-9336-7d7814c7a5f7/1/SOmaP-7GTWutCY0bLfC1NqA4jqM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/24a817-24a6-4ac0-9336-7d7814c7a5f7/1/SOmaP-7GTWutCY0bLfC1NqA4jqM.mft
rsync://rpki.ripe.net/repository/DEFAULT/SOmaP-7GTWutCY0bLfC1NqA4jqM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 12:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:25:f7:9e:a4:06:ce:25:fe:b4:ea:81:57:e9:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=48e99a3feec64d6bad098d1b2df0b536a0388ea3
Validity
Not Before: Jan 1 12:29:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=218c0e890a289ad081675e9cc38896899cb5b777
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:85:f2:08:e8:35:20:cc:63:73:1f:82:5d:f8:
b4:1b:c9:6a:b9:b3:55:4f:95:fd:41:a3:0a:f6:57:
98:b8:c1:03:ae:8a:bc:e7:3a:70:f6:94:a3:1d:e9:
de:15:dc:68:23:0c:05:da:37:01:48:db:65:a4:73:
a1:32:7b:fa:0f:44:b6:8e:52:8a:6f:be:a1:9e:61:
e8:cc:60:48:a3:43:b5:db:9f:ac:0a:9c:b2:28:7a:
db:d7:c8:73:aa:d0:cb:9e:4a:3b:06:bd:27:66:25:
90:61:07:12:76:26:ba:96:ce:99:45:38:82:d7:2b:
8b:51:6f:37:55:c5:e9:67:6a:c8:23:80:74:01:ca:
76:ec:cc:4b:40:d8:25:11:bd:a1:c8:f9:a3:f7:6f:
7f:bf:90:92:d8:99:3a:6d:2b:85:4e:e1:00:6b:51:
e6:3e:8b:d3:53:01:40:5a:7d:43:05:7e:33:f7:3d:
0a:6f:6d:02:e4:73:f1:3f:a7:47:58:cd:d0:d3:38:
ec:9b:3b:6a:5c:3b:56:be:ad:22:a7:50:d7:79:4e:
e8:21:7c:bb:c7:f4:4d:78:00:b1:00:c6:6c:34:6f:
a7:62:e1:7a:ed:33:9a:c9:8a:e3:c4:b4:42:ab:dd:
b3:f4:3b:71:fb:92:30:50:09:c0:80:52:3f:b5:d2:
2e:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:8C:0E:89:0A:28:9A:D0:81:67:5E:9C:C3:88:96:89:9C:B5:B7:77
X509v3 Authority Key Identifier:
keyid:48:E9:9A:3F:EE:C6:4D:6B:AD:09:8D:1B:2D:F0:B5:36:A0:38:8E:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SOmaP-7GTWutCY0bLfC1NqA4jqM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/24a817-24a6-4ac0-9336-7d7814c7a5f7/1/IYwOiQoomtCBZ16cw4iWiZy1t3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/24a817-24a6-4ac0-9336-7d7814c7a5f7/1/SOmaP-7GTWutCY0bLfC1NqA4jqM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.22.48.0/21
185.34.240.0/23
IPv6:
2a00:b880::/32
Signature Algorithm: sha256WithRSAEncryption
16:61:0e:bd:75:9a:99:d8:db:71:31:0b:c6:91:90:97:8c:95:
fe:1b:8f:c3:e1:8e:01:2e:33:b9:5c:9d:83:f6:dd:8b:57:b3:
8a:90:46:03:58:ef:4f:74:c9:31:1f:e1:99:42:5e:84:cf:63:
df:4d:28:c7:cf:af:63:37:30:9d:b3:d5:42:16:41:f4:85:5d:
e2:e3:09:d7:db:28:39:09:9e:d4:b2:8e:b6:cd:b0:db:3c:9b:
c7:1d:bb:c4:81:df:ba:73:54:a1:43:2e:d3:6d:61:1f:4f:cd:
1a:9b:6a:85:4a:95:e5:62:18:89:f0:0d:b2:49:ab:d2:71:6b:
92:ac:d4:9b:5e:58:a3:92:a1:97:9b:01:db:ec:16:cb:12:fe:
48:a9:78:b6:71:b1:6c:7b:b1:67:b2:2f:00:11:65:c6:22:2f:
5e:31:33:69:88:b9:d1:90:78:ac:1c:1d:af:27:8b:60:2e:b6:
7b:79:57:3a:9d:e6:2b:39:8a:dd:86:03:91:a8:bd:f8:cf:42:
07:c2:02:89:cf:ef:1d:f1:34:b0:4e:6f:8b:f7:64:05:2e:c5:
81:6e:69:12:bd:7f:7e:7a:b4:1b:9f:6f:71:8f:a8:e5:20:58:
c1:44:17:67:b0:bf:82:a0:1a:c2:0d:45:5b:48:9c:41:6d:e7:
85:95:4d:15
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFACX3nqQGziX+tOqBV+kZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4ZTk5YTNmZWVjNjRkNmJhZDA5OGQxYjJkZjBiNTM2YTAz
ODhlYTMwHhcNMjQwMTAxMTIyOTMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMThjMGU4OTBhMjg5YWQwODE2NzVlOWNjMzg4OTY4OTljYjViNzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsIXyCOg1IMxjcx+CXfi0G8lqubNV
T5X9QaMK9leYuMEDroq85zpw9pSjHeneFdxoIwwF2jcBSNtlpHOhMnv6D0S2jlKK
b76hnmHozGBIo0O125+sCpyyKHrb18hzqtDLnko7Br0nZiWQYQcSdia6ls6ZRTiC
1yuLUW83VcXpZ2rII4B0Acp27MxLQNglEb2hyPmj929/v5CS2Jk6bSuFTuEAa1Hm
PovTUwFAWn1DBX4z9z0Kb20C5HPxP6dHWM3Q0zjsmztqXDtWvq0ip1DXeU7oIXy7
x/RNeACxAMZsNG+nYuF67TOayYrjxLRCq92z9Dtx+5IwUAnAgFI/tdIuTwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCGMDokKKJrQgWdenMOIlomctbd3MB8GA1UdIwQY
MBaAFEjpmj/uxk1rrQmNGy3wtTagOI6jMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU09tYVAtN0dUV3V0Q1kwYkxmQzFOcUE0anFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yNGE4MTctMjRhNi00YWMwLTkzMzYt
N2Q3ODE0YzdhNWY3LzEvSVl3T2lRb29tdENCWjE2Y3c0aVdpWnkxdDNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yNGE4MTctMjRhNi00YWMwLTkzMzYtN2Q3ODE0YzdhNWY3
LzEvU09tYVAtN0dUV3V0Q1kwYkxmQzFOcUE0anFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDshYwAwQB
uSLwMA0EAgACMAcDBQAqALiAMA0GCSqGSIb3DQEBCwUAA4IBAQAWYQ69dZqZ2Ntx
MQvGkZCXjJX+G4/D4Y4BLjO5XJ2D9t2LV7OKkEYDWO9PdMkxH+GZQl6Ez2PfTSjH
z69jNzCds9VCFkH0hV3i4wnX2yg5CZ7Uso62zbDbPJvHHbvEgd+6c1ShQy7TbWEf
T80am2qFSpXlYhiJ8A2ySavScWuSrNSbXlijkqGXmwHb7BbLEv5IqXi2cbFse7Fn
si8AEWXGIi9eMTNpiLnRkHisHB2vJ4tgLrZ7eVc6neYrOYrdhgORqL34z0IHwgKJ
z+8d8TSwTm+L92QFLsWBbmkSvX9+erQbn29xj6jlIFjBRBdnsL+CoBrCDUVbSJxB
beeFlU0V
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:56:38 2024 by rpki-client on console-ams.rpki-client.org