Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/822b22-8ca3-469d-9083-345b2ab0db18/1/Iwka6VTLPTh8G_8RsqnH19JEdNI.roa
File: Iwka6VTLPTh8G_8RsqnH19JEdNI.roa (raw, json)
Hash identifier: cr7P8F8Z+vWoF5l813j1XOlhhf0ax9Q6W1pZU6ey2PY=
Subject key identifier: 23:09:1A:E9:54:CB:3D:38:7C:1B:FF:11:B2:A9:C7:D7:D2:44:74:D2
Certificate issuer: /CN=ce8a8d40e437adf4acd7cdb38e0402477a2e51a6
Certificate serial: 018CC86F9B0B7B66FA2548A0F7A683AAD16C
Authority key identifier: CE:8A:8D:40:E4:37:AD:F4:AC:D7:CD:B3:8E:04:02:47:7A:2E:51:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zoqNQOQ3rfSs182zjgQCR3ouUaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/822b22-8ca3-469d-9083-345b2ab0db18/1/Iwka6VTLPTh8G_8RsqnH19JEdNI.roa
Signing time: Tue 02 Jan 2024 04:30:06 +0000
ROA not before: Tue 02 Jan 2024 04:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42808
IP address blocks: 194.26.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/822b22-8ca3-469d-9083-345b2ab0db18/1/zoqNQOQ3rfSs182zjgQCR3ouUaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/822b22-8ca3-469d-9083-345b2ab0db18/1/zoqNQOQ3rfSs182zjgQCR3ouUaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zoqNQOQ3rfSs182zjgQCR3ouUaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:9b:0b:7b:66:fa:25:48:a0:f7:a6:83:aa:d1:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce8a8d40e437adf4acd7cdb38e0402477a2e51a6
Validity
Not Before: Jan 2 04:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23091ae954cb3d387c1bff11b2a9c7d7d24474d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7d:40:b3:f8:20:a1:83:78:97:c9:01:0e:d6:
2d:94:7d:b5:61:5a:c1:96:29:9e:ea:8d:6a:c0:83:
be:43:c5:dc:7a:b5:27:bb:d5:c0:e4:bf:93:66:a3:
82:bc:3b:3d:e3:e7:23:a3:dd:b7:ba:b3:6b:4e:27:
dc:1e:57:11:c1:34:1f:49:93:cd:f6:f9:d4:cb:10:
c8:07:2e:eb:c2:6a:89:1d:6e:cd:88:0d:c3:32:74:
ae:b3:88:a5:9f:49:da:2a:bc:a0:2e:24:18:6e:67:
f1:c3:70:a3:14:73:e2:39:7c:c2:5e:28:d1:92:e4:
e7:cf:22:93:d4:e2:20:a0:c2:3b:a1:35:05:ab:be:
2e:29:39:bb:7f:6e:46:06:67:6e:71:85:b9:06:8b:
00:d5:d8:7d:ab:2d:68:29:15:a1:e5:b0:d7:a1:2e:
f9:7a:b6:34:ca:30:6d:d0:52:35:bd:34:0f:87:df:
29:80:6e:97:7c:63:0c:9d:cc:96:ff:34:0f:67:7a:
2e:0c:8b:06:de:fe:92:23:18:20:6a:f2:25:cb:b6:
41:be:4b:2a:5c:15:df:e8:ff:52:05:3c:f0:fe:ae:
41:36:16:bc:50:f6:3c:95:9c:41:4a:d3:a7:57:ef:
ef:a3:3e:9c:20:e3:f4:be:0f:a2:ae:83:0e:9e:3d:
8a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:09:1A:E9:54:CB:3D:38:7C:1B:FF:11:B2:A9:C7:D7:D2:44:74:D2
X509v3 Authority Key Identifier:
keyid:CE:8A:8D:40:E4:37:AD:F4:AC:D7:CD:B3:8E:04:02:47:7A:2E:51:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zoqNQOQ3rfSs182zjgQCR3ouUaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/822b22-8ca3-469d-9083-345b2ab0db18/1/Iwka6VTLPTh8G_8RsqnH19JEdNI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/822b22-8ca3-469d-9083-345b2ab0db18/1/zoqNQOQ3rfSs182zjgQCR3ouUaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.26.118.0/24
Signature Algorithm: sha256WithRSAEncryption
33:17:d5:d1:bc:f5:66:c5:ec:a2:d8:43:fd:ba:08:36:bc:d8:
95:32:bc:26:a5:14:fb:d4:e9:d8:4f:8b:c9:da:22:e2:95:ab:
4a:61:f8:73:43:53:55:85:4d:be:b6:14:98:c5:c4:5d:5c:a2:
c2:74:6b:ad:a4:83:41:24:b3:73:99:44:4b:ce:94:50:82:ce:
1e:95:ff:bf:89:5c:94:c4:66:98:97:93:c2:0e:98:89:1d:3c:
54:ab:51:be:bc:89:69:6e:06:3e:eb:0f:eb:1a:51:21:e0:8a:
23:66:48:5e:a3:7c:b0:b7:8f:cf:1e:10:eb:0d:04:aa:4b:c6:
92:c9:a0:aa:11:c4:9d:be:f3:74:cd:99:e0:34:1e:b4:02:dd:
65:35:1f:cb:b1:b1:30:9e:7c:61:e3:c2:bb:4d:0a:43:e7:66:
20:fa:ce:59:87:91:c8:6a:a1:03:bc:50:e5:f3:86:b5:66:9a:
dd:51:53:79:55:ef:e9:2c:66:01:7e:ef:24:91:19:d6:03:0c:
24:5b:89:97:02:a3:3e:c0:ef:a7:3c:05:2c:89:c4:a2:7c:b5:
a5:db:cf:b5:d9:5c:ed:2e:49:c4:1e:1e:87:88:ce:0c:5a:6b:
60:f7:65:99:03:8e:67:83:db:a6:1a:93:b1:93:22:9d:a7:48:
f8:7e:ae:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb5sLe2b6JUig96aDqtFsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlOGE4ZDQwZTQzN2FkZjRhY2Q3Y2RiMzhlMDQwMjQ3N2Ey
ZTUxYTYwHhcNMjQwMTAyMDQzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzA5MWFlOTU0Y2IzZDM4N2MxYmZmMTFiMmE5YzdkN2QyNDQ3NGQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy31As/ggoYN4l8kBDtYtlH21YVrB
lime6o1qwIO+Q8XcerUnu9XA5L+TZqOCvDs94+cjo923urNrTifcHlcRwTQfSZPN
9vnUyxDIBy7rwmqJHW7NiA3DMnSus4iln0naKrygLiQYbmfxw3CjFHPiOXzCXijR
kuTnzyKT1OIgoMI7oTUFq74uKTm7f25GBmducYW5BosA1dh9qy1oKRWh5bDXoS75
erY0yjBt0FI1vTQPh98pgG6XfGMMncyW/zQPZ3ouDIsG3v6SIxggavIly7ZBvksq
XBXf6P9SBTzw/q5BNha8UPY8lZxBStOnV+/voz6cIOP0vg+iroMOnj2KwwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMJGulUyz04fBv/EbKpx9fSRHTSMB8GA1UdIwQY
MBaAFM6KjUDkN630rNfNs44EAkd6LlGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem9xTlFPUTNyZlNzMTgyempnUUNSM291VWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS84MjJiMjItOGNhMy00NjlkLTkwODMt
MzQ1YjJhYjBkYjE4LzEvSXdrYTZWVExQVGg4R184UnNxbkgxOUpFZE5JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS84MjJiMjItOGNhMy00NjlkLTkwODMtMzQ1YjJhYjBkYjE4
LzEvem9xTlFPUTNyZlNzMTgyempnUUNSM291VWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwhp2MA0G
CSqGSIb3DQEBCwUAA4IBAQAzF9XRvPVmxeyi2EP9ugg2vNiVMrwmpRT71OnYT4vJ
2iLilatKYfhzQ1NVhU2+thSYxcRdXKLCdGutpINBJLNzmURLzpRQgs4elf+/iVyU
xGaYl5PCDpiJHTxUq1G+vIlpbgY+6w/rGlEh4IojZkheo3ywt4/PHhDrDQSqS8aS
yaCqEcSdvvN0zZngNB60At1lNR/LsbEwnnxh48K7TQpD52Yg+s5Zh5HIaqEDvFDl
84a1ZprdUVN5Ve/pLGYBfu8kkRnWAwwkW4mXAqM+wO+nPAUsicSifLWl28+12Vzt
LknEHh6HiM4MWmtg92WZA45ng9umGpOxkyKdp0j4fq5A
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:43:31 2024 by rpki-client on console-fra.rpki-client.org