Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/SNQGDrRug6JMz9XpHqDjtPHbetM.roa
File: SNQGDrRug6JMz9XpHqDjtPHbetM.roa (raw, json)
Hash identifier: +rcebVvxI9mW0MQnSyMiYt7XpEbRVU45pnb9xVJcgF0=
Subject key identifier: 48:D4:06:0E:B4:6E:83:A2:4C:CF:D5:E9:1E:A0:E3:B4:F1:DB:7A:D3
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018EF60C03C28D917813B4D7C2794AAFEB8D
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/SNQGDrRug6JMz9XpHqDjtPHbetM.roa
Signing time: Fri 19 Apr 2024 11:09:26 +0000
ROA not before: Fri 19 Apr 2024 11:09:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3164
IP address blocks: 89.39.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 21 Jun 2024 03:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:f6:0c:03:c2:8d:91:78:13:b4:d7:c2:79:4a:af:eb:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Apr 19 11:09:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=48d4060eb46e83a24ccfd5e91ea0e3b4f1db7ad3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:92:43:69:ad:38:e7:10:48:28:ee:05:30:ee:
84:e7:cb:35:13:b8:c3:b9:9d:86:18:00:42:40:62:
bc:64:ca:ca:e3:a0:ec:69:5a:7e:fc:7b:ab:2e:f4:
a4:87:70:71:b4:64:aa:ad:4c:62:01:3c:5f:b0:8a:
e7:25:dd:d1:34:4e:74:63:58:c0:1d:5b:8d:aa:31:
2e:dd:d3:be:dc:94:4b:00:dc:61:2e:b2:60:00:46:
17:62:07:e3:35:3e:6a:7d:33:e5:75:c3:60:c2:63:
aa:3d:4d:8e:fc:80:f0:73:7a:2f:73:5f:a3:49:f3:
b0:01:9d:8e:8b:51:bc:9d:5a:57:30:0c:44:39:06:
dc:eb:f5:2b:e5:d6:8a:94:db:f1:37:4b:da:e4:da:
39:be:57:f5:ea:68:53:a2:de:04:65:be:f9:e3:cd:
2a:6c:f2:36:72:00:88:90:78:65:16:c0:26:fa:73:
f5:ae:57:c3:56:3a:71:44:cd:ba:91:ac:86:24:15:
81:50:6c:b8:c0:04:ed:99:b6:b4:a3:20:a1:9f:c5:
24:d6:3c:3e:2d:73:17:91:46:8f:ef:25:cf:09:a6:
fc:39:90:00:90:d6:bf:2f:b7:22:93:a7:e9:41:00:
9e:e3:7e:da:18:1c:95:f6:1a:3a:45:d2:12:e5:ca:
2e:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:D4:06:0E:B4:6E:83:A2:4C:CF:D5:E9:1E:A0:E3:B4:F1:DB:7A:D3
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/SNQGDrRug6JMz9XpHqDjtPHbetM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.189.0/24
Signature Algorithm: sha256WithRSAEncryption
29:57:cf:85:24:52:6f:44:f3:be:6f:9b:77:d7:29:cc:97:40:
74:0a:27:67:0e:57:5a:4c:8f:04:39:c7:00:b4:38:1c:07:83:
8c:1b:95:5b:33:55:08:97:46:9a:34:2f:00:25:21:35:15:fd:
c0:59:0d:a3:4a:76:5e:20:e0:30:aa:5d:af:5f:3b:49:3f:bc:
a2:d9:c8:b2:9b:15:80:f4:ce:47:95:93:1e:83:d9:88:d8:e2:
f1:53:6d:5b:39:67:28:12:27:a4:8f:ba:94:8b:e3:f4:47:c3:
34:2b:80:a3:a4:08:71:ea:01:82:f7:c4:f8:6a:ab:7e:96:86:
8c:e8:74:1e:86:48:16:89:de:23:d2:16:f8:1e:e9:5d:56:aa:
61:5f:11:2b:d6:e4:94:f6:a6:06:07:e9:37:e4:b7:b1:52:9a:
df:ca:c1:bf:a0:c7:36:bc:68:23:d2:cb:3b:ed:d8:a1:30:bd:
61:50:90:fd:f5:3c:f5:0d:f1:32:b4:f7:32:5a:9b:41:d6:e8:
95:37:bd:71:12:2b:d1:92:e1:ba:e2:43:d3:7e:1a:2c:11:98:
88:c8:cc:bc:ca:cf:26:14:e6:ce:58:bd:f5:57:0b:2e:f8:30:
0e:24:01:14:4a:6f:de:81:70:e6:5f:8b:37:b5:d9:65:9f:b9:
e5:f5:db:46
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAY72DAPCjZF4E7TXwnlKr+uNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwNDE5MTEwOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGQ0MDYwZWI0NmU4M2EyNGNjZmQ1ZTkxZWEwZTNiNGYxZGI3YWQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgJJDaa045xBIKO4FMO6E58s1E7jD
uZ2GGABCQGK8ZMrK46DsaVp+/HurLvSkh3BxtGSqrUxiATxfsIrnJd3RNE50Y1jA
HVuNqjEu3dO+3JRLANxhLrJgAEYXYgfjNT5qfTPldcNgwmOqPU2O/IDwc3ovc1+j
SfOwAZ2Oi1G8nVpXMAxEOQbc6/Ur5daKlNvxN0va5No5vlf16mhTot4EZb75480q
bPI2cgCIkHhlFsAm+nP1rlfDVjpxRM26kayGJBWBUGy4wATtmba0oyChn8Uk1jw+
LXMXkUaP7yXPCab8OZAAkNa/L7cik6fpQQCe437aGByV9ho6RdIS5couGwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFEjUBg60boOiTM/V6R6g47Tx23rTMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1NOUUdEclJ1ZzZKTXo5WHBIcURqdFBIYmV0TS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABZJ70w
DQYJKoZIhvcNAQELBQADggEBAClXz4UkUm9E875vm3fXKcyXQHQKJ2cOV1pMjwQ5
xwC0OBwHg4wblVszVQiXRpo0LwAlITUV/cBZDaNKdl4g4DCqXa9fO0k/vKLZyLKb
FYD0zkeVkx6D2YjY4vFTbVs5ZygSJ6SPupSL4/RHwzQrgKOkCHHqAYL3xPhqq36W
hozodB6GSBaJ3iPSFvge6V1WqmFfESvW5JT2pgYH6Tfkt7FSmt/Kwb+gxza8aCPS
yzvt2KEwvWFQkP31PPUN8TK09zJam0HW6JU3vXESK9GS4briQ9N+GiwRmIjIzLzK
zyYU5s5YvfVXCy74MA4kARRKb96BcOZfize12WWfueX120Y=
-----END CERTIFICATE-----
Generated at Thu Jun 20 11:36:59 2024 by rpki-client on console-fra.rpki-client.org