Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/aGFQ5BxbE5SZdaNtM0XsEsnlGkU.roa
File: aGFQ5BxbE5SZdaNtM0XsEsnlGkU.roa (raw, json)
Hash identifier: qpGxiekc8e3lZId1B1RHEu3EHI8maK95NZFhKLYIc3c=
Subject key identifier: 68:61:50:E4:1C:5B:13:94:99:75:A3:6D:33:45:EC:12:C9:E5:1A:45
Certificate issuer: /CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Certificate serial: 018CC56E1C07E5A206B47C74F0A28ECA164E
Authority key identifier: E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/aGFQ5BxbE5SZdaNtM0XsEsnlGkU.roa
Signing time: Mon 01 Jan 2024 14:29:36 +0000
ROA not before: Mon 01 Jan 2024 14:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35394
IP address blocks: 89.29.176.0/21 maxlen: 21
213.181.76.0/24 maxlen: 24
89.29.184.0/23 maxlen: 23
213.181.74.0/24 maxlen: 24
213.181.75.0/24 maxlen: 24
213.181.84.0/23 maxlen: 23
213.181.80.0/23 maxlen: 23
213.181.86.0/23 maxlen: 23
213.181.88.0/24 maxlen: 24
185.64.242.0/24 maxlen: 24
176.57.97.0/24 maxlen: 24
89.29.160.0/20 maxlen: 20
89.29.244.0/23 maxlen: 23
89.29.248.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.mft
rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Nov 2024 12:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:1c:07:e5:a2:06:b4:7c:74:f0:a2:8e:ca:16:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e92c415d1775ae9993e900a7536b46ab144a9aa2
Validity
Not Before: Jan 1 14:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=686150e41c5b13949975a36d3345ec12c9e51a45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:72:e7:94:f1:47:7a:52:1b:f0:cf:6c:59:95:
65:c3:e3:0e:ae:e1:d4:2d:18:d9:ab:01:ec:3f:a8:
b1:13:96:e0:35:67:e7:1a:2e:f9:bc:2d:df:5b:1b:
55:43:0b:ca:f4:30:d0:fd:18:86:18:b7:02:29:db:
f9:df:07:f5:5a:6b:2a:3c:7e:3b:37:89:e1:2d:62:
46:50:e9:ba:58:57:6b:87:27:37:e7:db:57:e3:18:
de:72:39:db:3b:c8:fe:cd:7f:5b:c4:64:b7:ea:69:
d4:22:d8:f3:20:01:91:7d:67:fc:9d:60:78:56:98:
76:8e:d4:00:68:62:b3:4e:ca:31:33:82:07:09:ab:
9b:78:ae:0a:87:0f:4c:5a:0f:65:ba:5d:56:a6:78:
96:65:1d:97:0c:fc:b2:c1:dd:4a:cb:30:17:2d:67:
b8:e5:b4:11:3f:b2:22:93:72:c5:24:27:fc:0b:f9:
a2:3a:17:9f:3b:4b:4f:7f:9c:08:ad:c0:54:50:5f:
0c:fa:7a:df:60:3b:d0:44:a6:b7:47:70:48:95:2d:
3e:8f:6d:da:d6:f1:2f:3c:b2:8e:61:53:e4:6c:ff:
d7:69:b4:a9:c9:99:a7:0f:aa:b3:f2:bd:d3:8c:6f:
dc:e5:51:65:83:fd:dc:31:71:07:69:b8:5f:17:ad:
76:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:61:50:E4:1C:5B:13:94:99:75:A3:6D:33:45:EC:12:C9:E5:1A:45
X509v3 Authority Key Identifier:
keyid:E9:2C:41:5D:17:75:AE:99:93:E9:00:A7:53:6B:46:AB:14:4A:9A:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6SxBXRd1rpmT6QCnU2tGqxRKmqI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/aGFQ5BxbE5SZdaNtM0XsEsnlGkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/0898be-b037-429f-b504-1d934a048474/1/6SxBXRd1rpmT6QCnU2tGqxRKmqI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.29.160.0-89.29.185.255
89.29.244.0/23
89.29.248.0/23
176.57.97.0/24
185.64.242.0/24
213.181.74.0-213.181.76.255
213.181.80.0/23
213.181.84.0-213.181.88.255
Signature Algorithm: sha256WithRSAEncryption
23:5d:9e:7b:ae:ad:85:48:db:4c:dc:23:ec:82:df:76:96:a3:
f2:30:f6:ec:9d:92:b9:52:ad:46:7c:86:b8:13:ea:d4:7a:c2:
a1:6b:d1:ce:4b:54:d7:c7:10:37:f6:3c:e3:2c:3c:a3:92:8c:
52:5c:1f:82:ca:19:10:b4:e8:ce:27:bd:51:e1:68:dd:62:43:
6f:d6:1a:8e:b7:1c:37:33:1d:b3:2d:2c:1e:25:bb:06:78:87:
fd:c4:a7:36:e9:ce:15:10:08:35:4a:7f:a1:8c:7d:5a:76:66:
0f:68:1d:4a:0b:1d:a8:b1:5b:74:a4:54:60:05:0a:7a:8e:13:
b7:bf:c5:68:93:f3:bd:ff:d0:4e:8e:7f:78:5b:13:84:e2:e1:
9d:8d:5f:8a:b6:96:d1:41:14:2e:08:b2:c8:94:c5:18:78:9b:
26:79:51:c0:37:08:d2:8d:ab:a9:bd:2e:8a:2c:21:ed:8f:92:
8a:bc:89:61:c0:4d:c8:47:d2:c6:1c:da:86:13:ed:8a:e5:31:
d2:0e:31:83:0d:87:85:14:6e:63:61:a5:a0:df:63:a4:1a:62:
16:f2:81:c2:33:55:3c:ab:11:1a:f8:d5:af:e0:8d:3a:0b:55:
f5:b4:4c:5d:22:14:4e:a2:60:ea:e1:fb:5d:03:00:d4:81:28:
10:60:be:a8
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAYzFbhwH5aIGtHx08KKOyhZOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MmM0MTVkMTc3NWFlOTk5M2U5MDBhNzUzNmI0NmFiMTQ0
YTlhYTIwHhcNMjQwMTAxMTQyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODYxNTBlNDFjNWIxMzk0OTk3NWEzNmQzMzQ1ZWMxMmM5ZTUxYTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuXLnlPFHelIb8M9sWZVlw+MOruHU
LRjZqwHsP6ixE5bgNWfnGi75vC3fWxtVQwvK9DDQ/RiGGLcCKdv53wf1WmsqPH47
N4nhLWJGUOm6WFdrhyc359tX4xjecjnbO8j+zX9bxGS36mnUItjzIAGRfWf8nWB4
Vph2jtQAaGKzTsoxM4IHCaubeK4Khw9MWg9lul1WpniWZR2XDPyywd1KyzAXLWe4
5bQRP7Iik3LFJCf8C/miOhefO0tPf5wIrcBUUF8M+nrfYDvQRKa3R3BIlS0+j23a
1vEvPLKOYVPkbP/XabSpyZmnD6qz8r3TjG/c5VFlg/3cMXEHabhfF612oQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGhhUOQcWxOUmXWjbTNF7BLJ5RpFMB8GA1UdIwQY
MBaAFOksQV0Xda6Zk+kAp1NrRqsUSpqiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQt
MWQ5MzRhMDQ4NDc0LzEvYUdGUTVCeGJFNVNaZGFOdE0wWHNFc25sR2tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS8wODk4YmUtYjAzNy00MjlmLWI1MDQtMWQ5MzRhMDQ4NDc0
LzEvNlN4QlhSZDFycG1UNlFDblUydEdxeFJLbXFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIMAwDBAVZHaAD
BAFZHbgDBAFZHfQDBAFZHfgDBACwOWEDBAC5QPIwDAMEAdW1SgMEANW1TAMEAdW1
UDAMAwQC1bVUAwQA1bVYMA0GCSqGSIb3DQEBCwUAA4IBAQAjXZ57rq2FSNtM3CPs
gt92lqPyMPbsnZK5Uq1GfIa4E+rUesKha9HOS1TXxxA39jzjLDyjkoxSXB+CyhkQ
tOjOJ71R4WjdYkNv1hqOtxw3Mx2zLSweJbsGeIf9xKc26c4VEAg1Sn+hjH1admYP
aB1KCx2osVt0pFRgBQp6jhO3v8Vok/O9/9BOjn94WxOE4uGdjV+KtpbRQRQuCLLI
lMUYeJsmeVHANwjSjaupvS6KLCHtj5KKvIlhwE3IR9LGHNqGE+2K5THSDjGDDYeF
FG5jYaWg32OkGmIW8oHCM1U8qxEa+NWv4I06C1X1tExdIhROomDq4ftdAwDUgSgQ
YL6o
-----END CERTIFICATE-----
Generated at Sun Nov 10 17:11:57 2024 by rpki-client on console-ams.rpki-client.org