Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lBg68Hhi-KRbVRIDaIoXpPN0Nkk.roa
File: lBg68Hhi-KRbVRIDaIoXpPN0Nkk.roa (raw, json)
Hash identifier: rI1PvK9Gt6DoNG6wQAK6dqyk/UTpSQszLm39ZH0DJQE=
Subject key identifier: 94:18:3A:F0:78:62:F8:A4:5B:55:12:03:68:8A:17:A4:F3:74:36:49
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018FC3CA8E5681472996DA12E75C7E4D9812
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lBg68Hhi-KRbVRIDaIoXpPN0Nkk.roa
Signing time: Wed 29 May 2024 09:59:42 +0000
ROA not before: Wed 29 May 2024 09:59:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214882
IP address blocks: 89.213.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 06:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:c3:ca:8e:56:81:47:29:96:da:12:e7:5c:7e:4d:98:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: May 29 09:59:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94183af07862f8a45b551203688a17a4f3743649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:12:a8:0e:c9:3a:2f:65:ee:07:7e:13:21:54:
ac:c2:f5:85:6e:9d:ad:0a:73:71:c6:31:98:a8:e1:
7c:c8:d3:40:b5:24:1c:0e:ca:30:46:50:17:b4:e2:
7e:2b:0c:f7:f6:2a:d8:b4:44:af:2e:35:e1:bb:8b:
08:53:52:be:42:6b:5d:25:9e:ae:9e:6e:33:2b:a2:
c3:2d:d7:e2:4c:16:50:b4:27:58:6a:0c:e1:6e:30:
36:b5:1e:6a:84:2f:12:64:a5:f2:89:90:6d:ab:c0:
26:02:48:9c:7f:17:70:cd:01:9d:7d:b1:92:10:8f:
02:d5:2b:63:bf:f8:1b:ad:26:80:76:05:6b:42:7a:
16:d8:46:69:fb:18:a9:86:d0:52:ee:ca:3f:1c:00:
7f:5f:d1:20:d6:b9:49:ad:51:12:fe:16:cc:74:e6:
15:8f:e7:05:ab:df:94:3e:53:2a:02:fe:c4:56:e8:
94:95:29:c3:c3:36:eb:ab:0b:f0:8f:c1:c0:53:4d:
95:d2:6b:28:41:08:25:c7:87:54:99:83:c7:46:8d:
4e:02:82:fa:fd:cb:fa:5f:1c:1a:ca:24:e6:f0:8a:
fb:9d:09:dd:79:10:45:68:40:82:ab:70:9b:ca:e0:
1c:17:5b:6e:1b:78:57:e4:0a:3f:91:10:61:eb:71:
d1:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:18:3A:F0:78:62:F8:A4:5B:55:12:03:68:8A:17:A4:F3:74:36:49
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/lBg68Hhi-KRbVRIDaIoXpPN0Nkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.211.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:26:d5:82:a9:fb:e9:e5:5c:b0:4b:8a:91:8c:1f:77:96:7c:
86:32:87:ee:9c:04:0d:26:a7:48:e6:b5:c8:59:f5:02:6d:9d:
2f:e5:01:88:5f:b7:c9:18:bd:99:97:e2:c0:2e:da:4e:4c:f5:
b5:9c:28:43:7e:89:d8:1f:19:4f:90:81:0c:35:d2:a0:5f:12:
f3:92:ee:02:5c:2d:fd:2d:1d:19:09:e8:a3:ec:f9:5d:1e:aa:
7a:64:88:cc:61:20:66:20:61:75:b4:90:54:1f:9e:f5:b8:7f:
a9:f4:85:17:d3:4a:84:4f:82:96:78:16:11:d6:f2:aa:e8:7a:
ba:b3:0b:a0:b4:2d:1e:d0:22:40:c1:04:6a:2c:f3:6e:be:75:
92:5f:ab:46:27:b5:0e:1e:f5:35:ee:73:bf:9e:c3:50:90:58:
ec:06:08:34:e2:2c:bd:33:2f:3c:50:df:19:35:85:95:3d:5f:
b5:ea:b5:78:80:61:49:b2:2e:7a:ea:bd:1a:72:9d:47:3e:64:
00:53:ea:89:f5:df:54:ad:76:1d:97:fc:d2:17:8d:7b:f1:43:
e3:2a:05:2b:f6:bf:2e:45:dd:8b:27:cd:2d:52:7a:fb:64:ee:
74:83:03:96:c6:81:84:6e:04:14:5d:19:e8:e2:d4:e9:96:f0:
4c:d7:42:39
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY/Dyo5WgUcpltoS51x+TZgSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNTI5MDk1OTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDE4M2FmMDc4NjJmOGE0NWI1NTEyMDM2ODhhMTdhNGYzNzQzNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtxKoDsk6L2XuB34TIVSswvWFbp2t
CnNxxjGYqOF8yNNAtSQcDsowRlAXtOJ+Kwz39irYtESvLjXhu4sIU1K+QmtdJZ6u
nm4zK6LDLdfiTBZQtCdYagzhbjA2tR5qhC8SZKXyiZBtq8AmAkicfxdwzQGdfbGS
EI8C1Stjv/gbrSaAdgVrQnoW2EZp+xiphtBS7so/HAB/X9Eg1rlJrVES/hbMdOYV
j+cFq9+UPlMqAv7EVuiUlSnDwzbrqwvwj8HAU02V0msoQQglx4dUmYPHRo1OAoL6
/cv6XxwayiTm8Ir7nQndeRBFaECCq3CbyuAcF1tuG3hX5Ao/kRBh63HRmwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJQYOvB4YvikW1USA2iKF6TzdDZJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvbEJnNjhIaGktS1JiVlJJRGFJb1hwUE4wTmtrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdXTMA0G
CSqGSIb3DQEBCwUAA4IBAQBdJtWCqfvp5VywS4qRjB93lnyGMofunAQNJqdI5rXI
WfUCbZ0v5QGIX7fJGL2Zl+LALtpOTPW1nChDfonYHxlPkIEMNdKgXxLzku4CXC39
LR0ZCeij7PldHqp6ZIjMYSBmIGF1tJBUH571uH+p9IUX00qET4KWeBYR1vKq6Hq6
swugtC0e0CJAwQRqLPNuvnWSX6tGJ7UOHvU17nO/nsNQkFjsBgg04iy9My88UN8Z
NYWVPV+16rV4gGFJsi566r0acp1HPmQAU+qJ9d9UrXYdl/zSF4178UPjKgUr9r8u
Rd2LJ80tUnr7ZO50gwOWxoGEbgQUXRno4tTplvBM10I5
-----END CERTIFICATE-----
Generated at Mon Jul 1 10:38:34 2024 by rpki-client on console-ams.rpki-client.org