Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ydJGQoVicl_yccq0i1p58yPBXSI.roa
File: ydJGQoVicl_yccq0i1p58yPBXSI.roa (raw, json)
Hash identifier: oBeTe8nXlMDGN1d5TcRiGjdEssd5h1TfxGuF8bcoktE=
Subject key identifier: C9:D2:46:42:85:62:72:5F:F2:71:CA:B4:8B:5A:79:F3:23:C1:5D:22
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0192668E868FA69E34EADE9A463BC861A525
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ydJGQoVicl_yccq0i1p58yPBXSI.roa
Signing time: Mon 07 Oct 2024 10:37:49 +0000
ROA not before: Mon 07 Oct 2024 10:37:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397086
IP address blocks: 89.249.197.0/24 maxlen: 24
89.249.198.0/24 maxlen: 24
212.42.201.0/24 maxlen: 24
212.42.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.mft
rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:66:8e:86:8f:a6:9e:34:ea:de:9a:46:3b:c8:61:a5:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Oct 7 10:37:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c9d246428562725ff271cab48b5a79f323c15d22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:38:c5:75:d3:15:24:17:3b:7d:4a:58:27:a4:
ff:40:eb:19:c5:1a:cd:fa:ec:18:46:de:ea:6c:51:
4e:d0:12:1f:25:81:21:9d:f9:0f:b4:ba:31:1c:b0:
b7:24:93:7c:d7:3a:53:60:88:a5:80:e9:71:70:b2:
88:4e:72:11:a2:4f:61:c5:43:ad:e5:61:a0:1f:2c:
62:82:50:9f:bc:e8:bc:b7:96:3e:46:52:8a:0b:07:
4d:59:b6:3e:be:24:d4:0b:f4:3e:ce:57:c5:30:57:
5d:e4:68:ab:62:7c:54:61:2d:75:be:e4:88:66:b2:
50:64:23:51:91:f8:bf:d3:16:1c:40:5b:2e:c9:bb:
b5:1e:cd:34:bf:91:61:e1:56:91:82:98:a4:d7:25:
ec:f8:9c:0c:e3:ba:d5:02:dc:cc:61:5f:a2:34:b4:
a2:78:e3:3d:9b:d3:60:7d:e1:06:3d:6e:9e:7e:8d:
01:a1:b8:dc:a7:3e:4c:0d:43:a3:3e:db:36:19:1a:
58:7f:43:9d:30:5a:e6:16:89:ea:dd:0c:a2:d0:41:
99:c3:61:a2:d3:b5:32:0d:d0:01:dd:bf:11:c4:11:
48:7f:a0:60:ea:68:5b:3c:8e:e3:92:9e:36:35:b4:
6d:f8:b2:88:83:c1:c6:80:4a:32:05:96:86:a2:67:
8d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:D2:46:42:85:62:72:5F:F2:71:CA:B4:8B:5A:79:F3:23:C1:5D:22
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ydJGQoVicl_yccq0i1p58yPBXSI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.197.0-89.249.198.255
212.42.201.0/24
212.42.204.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:db:57:87:5f:62:aa:ee:e4:2b:18:29:cf:f2:69:ff:92:05:
51:8a:41:bc:72:66:36:70:6b:f8:d4:33:7b:80:0a:97:b1:e7:
14:ae:69:59:2c:0a:f4:7c:5a:13:84:c9:23:59:b1:23:15:64:
2e:01:af:b3:c2:4f:59:ec:ef:f8:6c:66:6b:ed:91:43:9e:f3:
0d:6c:fc:68:d6:75:4d:df:95:3d:70:f9:38:c0:07:ed:4e:70:
54:fc:be:b4:e9:4c:76:e8:3e:de:88:3a:98:5e:8e:16:3c:dc:
2d:d3:e2:c0:f7:1e:85:45:ff:dd:1e:08:ae:74:45:f5:49:ed:
f6:7d:bc:fb:cc:89:c3:10:be:db:7a:4e:34:c4:0c:74:80:3a:
96:88:53:43:21:c4:04:3e:4d:04:33:7c:63:9a:60:35:65:1e:
0d:b3:15:29:7f:19:fa:e2:77:d2:e7:5d:43:0e:ce:76:0f:de:
05:ca:dc:bf:ab:ea:25:32:cb:9c:95:25:b3:60:3e:55:5c:ee:
ae:c5:98:50:9a:95:9f:f6:d4:05:9d:c1:90:54:fc:d2:47:6d:
6c:cb:d7:47:b4:5c:dd:6f:f3:88:f9:fb:bf:6c:11:54:d6:02:
2d:e7:41:9a:29:38:75:76:f6:a6:1f:99:0f:60:3f:78:89:bd:
bf:c2:e6:cb
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZJmjoaPpp406t6aRjvIYaUlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQxMDA3MTAzNzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOWQyNDY0Mjg1NjI3MjVmZjI3MWNhYjQ4YjVhNzlmMzIzYzE1ZDIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnDjFddMVJBc7fUpYJ6T/QOsZxRrN
+uwYRt7qbFFO0BIfJYEhnfkPtLoxHLC3JJN81zpTYIilgOlxcLKITnIRok9hxUOt
5WGgHyxiglCfvOi8t5Y+RlKKCwdNWbY+viTUC/Q+zlfFMFdd5GirYnxUYS11vuSI
ZrJQZCNRkfi/0xYcQFsuybu1Hs00v5Fh4VaRgpik1yXs+JwM47rVAtzMYV+iNLSi
eOM9m9NgfeEGPW6efo0Bobjcpz5MDUOjPts2GRpYf0OdMFrmFonq3Qyi0EGZw2Gi
07UyDdAB3b8RxBFIf6Bg6mhbPI7jkp42NbRt+LKIg8HGgEoyBZaGomeNCQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFMnSRkKFYnJf8nHKtItaefMjwV0iMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEveWRKR1FvVmljbF95Y2NxMGkxcDU4eVBCWFNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABZ+cUD
BABZ+cYDBADUKskDBADUKswwDQYJKoZIhvcNAQELBQADggEBAIvbV4dfYqru5CsY
Kc/yaf+SBVGKQbxyZjZwa/jUM3uACpex5xSuaVksCvR8WhOEySNZsSMVZC4Br7PC
T1ns7/hsZmvtkUOe8w1s/GjWdU3flT1w+TjAB+1OcFT8vrTpTHboPt6IOphejhY8
3C3T4sD3HoVF/90eCK50RfVJ7fZ9vPvMicMQvtt6TjTEDHSAOpaIU0MhxAQ+TQQz
fGOaYDVlHg2zFSl/Gfrid9LnXUMOznYP3gXK3L+r6iUyy5yVJbNgPlVc7q7FmFCa
lZ/21AWdwZBU/NJHbWzL10e0XN1v84j5+79sEVTWAi3nQZopOHV29qYfmQ9gP3iJ
vb/C5ss=
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:49:57 2024 by rpki-client on console-fra.rpki-client.org