Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/I6gmt4JaSTSTMDonpqzJ8Zj6voo.roa
File: I6gmt4JaSTSTMDonpqzJ8Zj6voo.roa (raw, json)
Hash identifier: cNIIGKH0QD9uzeHGPXlBOs6j1FvMmA44tUBu5HUk1Oo=
Subject key identifier: 23:A8:26:B7:82:5A:49:34:93:30:3A:27:A6:AC:C9:F1:98:FA:BE:8A
Certificate issuer: /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Certificate serial: 018CC94DE693DE3D41E4B947CBD7660C407E
Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/I6gmt4JaSTSTMDonpqzJ8Zj6voo.roa
Signing time: Tue 02 Jan 2024 08:32:54 +0000
ROA not before: Tue 02 Jan 2024 08:32:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41313
IP address blocks: 89.25.20.0/22 maxlen: 22
89.25.21.0/24 maxlen: 24
89.25.22.0/24 maxlen: 24
89.25.23.0/24 maxlen: 24
89.25.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.mft
rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 30 Jun 2024 20:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:e6:93:de:3d:41:e4:b9:47:cb:d7:66:0c:40:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Validity
Not Before: Jan 2 08:32:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=23a826b7825a493493303a27a6acc9f198fabe8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:bb:b5:b4:49:09:43:ee:45:81:39:f7:4e:ce:
57:ac:5e:b9:3a:85:89:24:8a:35:83:85:de:1d:f6:
b2:55:d7:98:c7:08:16:25:a0:94:ec:45:cd:32:02:
8c:78:0c:3e:c2:df:0d:af:1d:f7:fc:9b:19:df:44:
b4:a7:2c:91:9e:5b:e7:4d:ea:b9:34:99:84:9e:4d:
21:84:d3:f0:60:b6:79:dc:41:83:17:9a:88:8f:03:
29:89:3e:39:39:22:43:11:a4:87:ca:b5:be:9f:25:
3b:22:2b:69:66:92:c2:5d:1f:ae:cc:70:46:d3:8e:
7b:5f:fb:e0:05:94:1f:ce:ca:e5:3b:30:56:35:b1:
ba:10:8e:ce:8f:88:9b:f9:5c:42:02:b9:5d:10:6f:
be:70:47:6b:e1:1a:35:17:29:ef:aa:c8:81:da:6f:
18:77:7f:73:f2:e6:82:90:b5:11:db:11:6f:51:92:
17:2d:68:0b:42:ad:74:e1:1f:a1:a2:a8:85:e0:32:
51:38:af:c3:25:03:bd:41:e0:9e:4c:55:9b:2d:40:
9a:85:23:47:3b:a8:c2:91:70:b3:ba:3b:55:a2:32:
b4:90:2d:59:95:83:9b:3a:32:de:56:ee:4c:97:fa:
a0:0e:b9:98:8f:ac:99:e0:79:2f:48:d9:32:d4:f3:
c5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:A8:26:B7:82:5A:49:34:93:30:3A:27:A6:AC:C9:F1:98:FA:BE:8A
X509v3 Authority Key Identifier:
keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/I6gmt4JaSTSTMDonpqzJ8Zj6voo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.25.20.0/22
Signature Algorithm: sha256WithRSAEncryption
2c:fa:23:46:ed:c5:6f:f6:f3:2d:09:95:93:b4:9f:2b:a1:82:
65:86:fd:f6:70:5e:ea:4f:20:75:14:78:bd:8a:dc:25:34:9f:
65:87:07:6c:79:90:33:76:1e:d9:61:1b:5a:cd:6a:cc:63:ae:
ad:ae:5b:12:9d:bd:c6:02:63:61:8d:13:64:d0:92:0e:7e:6e:
4f:c9:54:d7:02:e8:07:f4:e6:a0:76:e2:e2:8b:9b:b9:e7:00:
0c:6a:b6:b6:82:f4:cd:4e:a8:23:61:96:ed:72:4f:72:12:6c:
3f:73:65:29:15:a0:d8:b3:47:8f:67:86:a5:e4:00:2d:4a:b3:
a4:c5:cf:d7:fa:f1:03:cd:35:75:26:ac:6a:e7:13:0b:7b:fe:
84:ba:65:65:61:c4:e7:d9:4d:67:7b:79:aa:04:0e:56:8e:dd:
e1:08:29:32:02:f8:49:be:df:97:12:f2:1c:07:dc:bd:17:ac:
95:f6:07:10:7d:06:b7:48:c6:18:e4:77:7d:ff:99:49:ba:1e:
5d:f7:45:80:e4:79:c0:91:2a:f8:ac:83:5b:80:54:e3:9c:9f:
5c:63:4a:6f:88:df:b8:29:00:aa:52:ee:2d:09:9d:86:30:c6:
e7:da:c0:c0:2b:05:8b:a8:a8:ea:b7:d1:da:20:db:d9:d0:5a:
17:ce:d8:06
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTeaT3j1B5LlHy9dmDEB+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2Q3NTczYWFjYWU4MjFjODdkNmQzNjQzMWNmZTRiMjgw
MWFiNDEwHhcNMjQwMTAyMDgzMjU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2E4MjZiNzgyNWE0OTM0OTMzMDNhMjdhNmFjYzlmMTk4ZmFiZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7u1tEkJQ+5FgTn3Ts5XrF65OoWJ
JIo1g4XeHfayVdeYxwgWJaCU7EXNMgKMeAw+wt8Nrx33/JsZ30S0pyyRnlvnTeq5
NJmEnk0hhNPwYLZ53EGDF5qIjwMpiT45OSJDEaSHyrW+nyU7IitpZpLCXR+uzHBG
0457X/vgBZQfzsrlOzBWNbG6EI7Oj4ib+VxCArldEG++cEdr4Ro1FynvqsiB2m8Y
d39z8uaCkLUR2xFvUZIXLWgLQq104R+hoqiF4DJROK/DJQO9QeCeTFWbLUCahSNH
O6jCkXCzujtVojK0kC1ZlYObOjLeVu5Ml/qgDrmYj6yZ4HkvSNky1PPFVwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCOoJreCWkk0kzA6J6asyfGY+r6KMB8GA1UdIwQY
MBaAFNB9dXOqyughyH1tNkMc/ksoAatBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjIt
Y2Y5ZGM1YmFhYTc5LzEvSTZnbXQ0SmFTVFNUTURvbnBxeko4Wmo2dm9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjItY2Y5ZGM1YmFhYTc5
LzEvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWRkUMA0G
CSqGSIb3DQEBCwUAA4IBAQAs+iNG7cVv9vMtCZWTtJ8roYJlhv32cF7qTyB1FHi9
itwlNJ9lhwdseZAzdh7ZYRtazWrMY66trlsSnb3GAmNhjRNk0JIOfm5PyVTXAugH
9OagduLii5u55wAMara2gvTNTqgjYZbtck9yEmw/c2UpFaDYs0ePZ4al5AAtSrOk
xc/X+vEDzTV1Jqxq5xMLe/6EumVlYcTn2U1ne3mqBA5Wjt3hCCkyAvhJvt+XEvIc
B9y9F6yV9gcQfQa3SMYY5Hd9/5lJuh5d90WA5HnAkSr4rINbgFTjnJ9cY0pviN+4
KQCqUu4tCZ2GMMbn2sDAKwWLqKjqt9HaINvZ0FoXztgG
-----END CERTIFICATE-----
Generated at Sun Jun 30 02:55:54 2024 by rpki-client on console-fra.rpki-client.org