Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/f4ba63-cd9a-4311-b416-64f231dd4042/1/IxM0s-85AuNxgUuEMT5Qu9YMEdY.roa
File: IxM0s-85AuNxgUuEMT5Qu9YMEdY.roa (raw, json)
Hash identifier: Ycs6UQZzpbeXyJ5sZPGOi+JnvihlsKS0u2gVE6T+P/I=
Subject key identifier: 23:13:34:B3:EF:39:02:E3:71:81:4B:84:31:3E:50:BB:D6:0C:11:D6
Certificate issuer: /CN=5534e9bb0ee4d30c31e76afa691adc9279b3f356
Certificate serial: 018FC8AC3EF5285D4119330B680588C894FB
Authority key identifier: 55:34:E9:BB:0E:E4:D3:0C:31:E7:6A:FA:69:1A:DC:92:79:B3:F3:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VTTpuw7k0wwx52r6aRrcknmz81Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/f4ba63-cd9a-4311-b416-64f231dd4042/1/IxM0s-85AuNxgUuEMT5Qu9YMEdY.roa
Signing time: Thu 30 May 2024 08:44:42 +0000
ROA not before: Thu 30 May 2024 08:44:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20878
IP address blocks: 176.74.0.0/21 maxlen: 21
176.74.1.0/24 maxlen: 24
176.74.3.0/24 maxlen: 24
176.74.7.0/24 maxlen: 24
185.66.32.0/22 maxlen: 22
185.66.33.0/24 maxlen: 24
185.66.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/f4ba63-cd9a-4311-b416-64f231dd4042/1/VTTpuw7k0wwx52r6aRrcknmz81Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/f4ba63-cd9a-4311-b416-64f231dd4042/1/VTTpuw7k0wwx52r6aRrcknmz81Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/VTTpuw7k0wwx52r6aRrcknmz81Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c8:ac:3e:f5:28:5d:41:19:33:0b:68:05:88:c8:94:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5534e9bb0ee4d30c31e76afa691adc9279b3f356
Validity
Not Before: May 30 08:44:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=231334b3ef3902e371814b84313e50bbd60c11d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:6a:89:56:23:cb:be:26:d9:35:db:d1:39:27:
c4:29:8e:a9:bf:90:66:6f:5b:3e:f7:b3:6a:c1:d4:
67:02:91:6d:8a:28:1d:78:e8:fc:fb:a8:23:2a:ec:
18:b0:5c:bc:c2:3c:b8:01:07:a5:b7:16:2d:b5:17:
06:5f:d5:c5:df:85:89:cf:a9:6c:c8:98:17:69:b0:
89:76:5e:6f:f4:8a:14:8a:74:b7:0f:1f:19:fc:0f:
22:fd:7a:47:12:46:5f:19:b8:1e:29:39:58:2e:49:
0f:89:c2:68:f3:bb:df:e4:e9:e6:ae:9b:db:37:6d:
f8:3a:ac:f0:36:e5:83:e6:f5:e8:c4:c2:ba:32:f7:
3b:0c:48:0b:cf:4b:de:b6:d1:9f:a1:5c:77:3c:09:
d5:4b:51:91:a4:2b:bb:6c:0d:bd:0f:c1:58:cc:49:
c0:ed:2e:91:28:b7:b1:44:7d:ec:17:8f:ad:82:32:
a2:bc:10:78:13:5d:3e:35:cd:3b:f9:8e:01:b1:e8:
a0:c1:03:81:69:34:bc:31:0a:f1:cd:aa:c4:ef:60:
b0:14:3f:48:44:5c:39:f6:87:15:9e:87:54:fb:8c:
43:ae:a7:da:b4:06:43:e8:67:b6:ba:f1:cb:c6:28:
97:59:93:d0:ab:60:b0:7b:a3:be:48:a0:bc:33:22:
b4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:13:34:B3:EF:39:02:E3:71:81:4B:84:31:3E:50:BB:D6:0C:11:D6
X509v3 Authority Key Identifier:
keyid:55:34:E9:BB:0E:E4:D3:0C:31:E7:6A:FA:69:1A:DC:92:79:B3:F3:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VTTpuw7k0wwx52r6aRrcknmz81Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f4ba63-cd9a-4311-b416-64f231dd4042/1/IxM0s-85AuNxgUuEMT5Qu9YMEdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/f4ba63-cd9a-4311-b416-64f231dd4042/1/VTTpuw7k0wwx52r6aRrcknmz81Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.74.0.0/21
185.66.32.0/22
Signature Algorithm: sha256WithRSAEncryption
32:62:ed:3a:ba:d5:24:f1:74:a9:60:bf:f0:65:92:57:d6:c5:
59:47:e8:36:6f:73:41:77:6f:14:32:63:90:bb:de:6e:f4:a0:
69:bd:a6:10:a3:5f:95:08:a2:b6:12:23:ca:dd:99:99:60:10:
19:de:61:92:57:34:ea:ca:9f:6e:8c:69:23:69:0f:86:18:bc:
76:ab:55:c4:da:7b:c3:36:ad:57:46:2d:8b:a1:63:29:25:11:
f9:b3:6c:7e:35:9a:3c:b4:be:a0:8e:3e:61:03:54:1b:48:b2:
c8:9a:e2:fd:13:f0:1e:66:77:ae:8a:70:98:63:5f:64:e2:9e:
e2:76:1a:57:de:83:12:04:1d:ff:0c:85:1b:93:06:1c:48:f1:
9a:d4:72:26:d4:52:d4:89:b7:58:de:ec:39:0a:a3:ec:e5:ef:
a3:3d:30:14:55:90:b1:67:89:56:90:b7:c9:7c:26:35:69:1c:
7b:75:30:b7:fd:dd:5c:4f:6e:8f:37:dd:34:e8:06:91:9b:b0:
16:1d:bc:07:b6:a1:81:ec:ff:91:db:8f:d4:1e:f8:c7:4b:98:
8a:1c:7c:89:92:12:68:84:fe:91:1c:a0:d0:e9:c2:c1:31:40:
f3:16:e4:47:15:87:3a:86:e0:a2:fe:bc:cc:d6:3d:d8:ed:6b:
16:31:80:11
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/IrD71KF1BGTMLaAWIyJT7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MzRlOWJiMGVlNGQzMGMzMWU3NmFmYTY5MWFkYzkyNzli
M2YzNTYwHhcNMjQwNTMwMDg0NDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzEzMzRiM2VmMzkwMmUzNzE4MTRiODQzMTNlNTBiYmQ2MGMxMWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5mqJViPLvibZNdvROSfEKY6pv5Bm
b1s+97NqwdRnApFtiigdeOj8+6gjKuwYsFy8wjy4AQeltxYttRcGX9XF34WJz6ls
yJgXabCJdl5v9IoUinS3Dx8Z/A8i/XpHEkZfGbgeKTlYLkkPicJo87vf5Onmrpvb
N234OqzwNuWD5vXoxMK6Mvc7DEgLz0vettGfoVx3PAnVS1GRpCu7bA29D8FYzEnA
7S6RKLexRH3sF4+tgjKivBB4E10+Nc07+Y4BseigwQOBaTS8MQrxzarE72CwFD9I
RFw59ocVnodU+4xDrqfatAZD6Ge2uvHLxiiXWZPQq2Cwe6O+SKC8MyK0cwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFCMTNLPvOQLjcYFLhDE+ULvWDBHWMB8GA1UdIwQY
MBaAFFU06bsO5NMMMedq+mka3JJ5s/NWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlRUcHV3N2swd3d4NTJyNmFScmNrbm16ODFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9mNGJhNjMtY2Q5YS00MzExLWI0MTYt
NjRmMjMxZGQ0MDQyLzEvSXhNMHMtODVBdU54Z1V1RU1UNVF1OVlNRWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9mNGJhNjMtY2Q5YS00MzExLWI0MTYtNjRmMjMxZGQ0MDQy
LzEvVlRUcHV3N2swd3d4NTJyNmFScmNrbm16ODFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDsEoAAwQC
uUIgMA0GCSqGSIb3DQEBCwUAA4IBAQAyYu06utUk8XSpYL/wZZJX1sVZR+g2b3NB
d28UMmOQu95u9KBpvaYQo1+VCKK2EiPK3ZmZYBAZ3mGSVzTqyp9ujGkjaQ+GGLx2
q1XE2nvDNq1XRi2LoWMpJRH5s2x+NZo8tL6gjj5hA1QbSLLImuL9E/AeZneuinCY
Y19k4p7idhpX3oMSBB3/DIUbkwYcSPGa1HIm1FLUibdY3uw5CqPs5e+jPTAUVZCx
Z4lWkLfJfCY1aRx7dTC3/d1cT26PN9006AaRm7AWHbwHtqGB7P+R24/UHvjHS5iK
HHyJkhJohP6RHKDQ6cLBMUDzFuRHFYc6huCi/rzM1j3Y7WsWMYAR
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:18:41 2024 by rpki-client on console-fra.rpki-client.org