Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/goXLpjheFgYVKUr1D5z2B-2G_yw.roa
File: goXLpjheFgYVKUr1D5z2B-2G_yw.roa (raw, json)
Hash identifier: hgPsuhuDYffiMMXKfhX/UEBqKaUynbR0o8NY1QPWSW8=
Subject key identifier: 82:85:CB:A6:38:5E:16:06:15:29:4A:F5:0F:9C:F6:07:ED:86:FF:2C
Certificate issuer: /CN=ca290db2f72905f0db626b005bacf08878d17bac
Certificate serial: 018CC801B5FEED6E2C9AA3309F105BBE7F49
Authority key identifier: CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/goXLpjheFgYVKUr1D5z2B-2G_yw.roa
Signing time: Tue 02 Jan 2024 02:30:04 +0000
ROA not before: Tue 02 Jan 2024 02:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34549
IP address blocks: 185.131.52.0/24 maxlen: 24
89.37.101.0/24 maxlen: 24
89.47.58.0/24 maxlen: 24
188.241.187.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 13 Nov 2024 21:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:b5:fe:ed:6e:2c:9a:a3:30:9f:10:5b:be:7f:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca290db2f72905f0db626b005bacf08878d17bac
Validity
Not Before: Jan 2 02:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8285cba6385e160615294af50f9cf607ed86ff2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:e0:07:56:7e:78:05:38:98:4a:f7:d1:9d:86:
8f:c8:26:14:04:75:f8:57:e1:13:53:1e:7c:a5:b6:
03:67:87:f3:73:70:36:2e:84:2b:38:e6:f3:8c:7b:
42:c9:3f:a9:f1:8c:a7:f6:1f:a7:43:07:6b:05:3c:
af:93:2e:09:07:92:f6:39:a4:e2:34:da:23:0c:0c:
26:e4:11:21:bb:89:6e:f4:cb:b5:b4:7e:0a:8f:93:
1d:e3:3d:ed:be:26:c7:ea:89:e8:4a:c1:f6:68:1e:
75:a6:c2:5a:94:3f:0e:65:77:e0:d3:fb:4d:3d:c2:
0c:c4:97:c2:eb:19:32:c6:4c:dc:ed:cf:ab:c5:b9:
06:f2:9b:ea:3d:50:4f:04:ba:f4:26:5f:fb:6e:61:
1b:07:7b:ee:9b:1f:99:df:c7:c8:1f:d9:7b:6d:43:
f1:d7:51:3b:ae:90:8a:bd:f9:ac:91:c4:1c:a1:27:
aa:6a:9f:f6:b8:f7:1f:fb:1d:89:2b:88:a5:0e:74:
a7:b9:5b:3a:38:b1:d1:41:b5:20:cf:8b:42:72:f8:
b0:38:bb:61:2d:c1:0a:fc:bb:1b:f8:b3:12:cf:52:
44:7d:b6:68:f2:10:fb:3b:8f:c4:5f:0d:ca:62:f8:
f8:56:11:5a:4b:4b:70:84:f7:1a:bb:e6:28:fd:85:
58:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:85:CB:A6:38:5E:16:06:15:29:4A:F5:0F:9C:F6:07:ED:86:FF:2C
X509v3 Authority Key Identifier:
keyid:CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/goXLpjheFgYVKUr1D5z2B-2G_yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.101.0/24
89.47.58.0/24
185.131.52.0/24
188.241.187.0/24
Signature Algorithm: sha256WithRSAEncryption
9c:88:71:5f:b2:04:f7:bf:81:35:cd:b7:c2:6e:c3:1c:e3:ed:
46:35:1e:84:4e:2f:db:b6:fc:cd:b4:34:47:1e:b9:03:89:3e:
17:85:1d:04:11:2e:e2:71:60:20:e8:6b:c1:bb:62:40:e6:34:
eb:2c:70:03:d1:42:2e:71:95:fc:cc:42:72:a0:d1:92:22:c5:
06:b6:f5:44:d0:2a:70:6b:fe:2f:3d:42:ce:fb:63:7a:0e:e0:
bc:dc:a3:03:8b:12:0f:5a:46:ab:b3:3c:db:81:c3:bb:86:13:
55:2f:8e:13:63:81:0e:18:d3:ac:97:d3:6b:f1:21:f3:68:16:
ef:4c:95:f7:8e:e5:ac:7e:85:c9:aa:43:0c:fe:61:8d:6e:0e:
11:d3:e9:37:75:3d:3a:cc:23:66:68:45:1c:80:cd:71:60:6c:
bf:21:e5:68:06:a6:9e:e4:70:2f:d3:7d:7f:f2:df:26:8c:62:
45:b7:2d:25:5f:82:97:aa:88:1b:ad:75:bd:cb:6a:db:7b:1a:
fe:11:24:c0:f5:33:74:60:7e:e7:51:c0:10:84:b7:8e:63:cc:
46:10:e2:7c:85:d1:3b:68:5c:cc:e6:53:2e:19:fe:c8:88:a4:
7f:1d:f6:18:bd:42:8a:6b:08:88:52:84:e8:34:46:9c:b8:35:
23:e5:10:35
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzIAbX+7W4smqMwnxBbvn9JMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjkwZGIyZjcyOTA1ZjBkYjYyNmIwMDViYWNmMDg4Nzhk
MTdiYWMwHhcNMjQwMTAyMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Mjg1Y2JhNjM4NWUxNjA2MTUyOTRhZjUwZjljZjYwN2VkODZmZjJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhOAHVn54BTiYSvfRnYaPyCYUBHX4
V+ETUx58pbYDZ4fzc3A2LoQrOObzjHtCyT+p8Yyn9h+nQwdrBTyvky4JB5L2OaTi
NNojDAwm5BEhu4lu9Mu1tH4Kj5Md4z3tvibH6onoSsH2aB51psJalD8OZXfg0/tN
PcIMxJfC6xkyxkzc7c+rxbkG8pvqPVBPBLr0Jl/7bmEbB3vumx+Z38fIH9l7bUPx
11E7rpCKvfmskcQcoSeqap/2uPcf+x2JK4ilDnSnuVs6OLHRQbUgz4tCcviwOLth
LcEK/Lsb+LMSz1JEfbZo8hD7O4/EXw3KYvj4VhFaS0twhPcau+Yo/YVYNQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIKFy6Y4XhYGFSlK9Q+c9gfthv8sMB8GA1UdIwQY
MBaAFMopDbL3KQXw22JrAFus8Ih40XusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQt
N2Y0MzViZjU1MDFjLzEvZ29YTHBqaGVGZ1lWS1VyMUQ1ejJCLTJHX3l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQtN2Y0MzViZjU1MDFj
LzEveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWSVlAwQA
WS86AwQAuYM0AwQAvPG7MA0GCSqGSIb3DQEBCwUAA4IBAQCciHFfsgT3v4E1zbfC
bsMc4+1GNR6ETi/btvzNtDRHHrkDiT4XhR0EES7icWAg6GvBu2JA5jTrLHAD0UIu
cZX8zEJyoNGSIsUGtvVE0Cpwa/4vPULO+2N6DuC83KMDixIPWkarszzbgcO7hhNV
L44TY4EOGNOsl9Nr8SHzaBbvTJX3juWsfoXJqkMM/mGNbg4R0+k3dT06zCNmaEUc
gM1xYGy/IeVoBqae5HAv031/8t8mjGJFty0lX4KXqogbrXW9y2rbexr+ESTA9TN0
YH7nUcAQhLeOY8xGEOJ8hdE7aFzM5lMuGf7IiKR/HfYYvUKKawiIUoToNEacuDUj
5RA1
-----END CERTIFICATE-----
Generated at Wed Nov 13 04:37:36 2024 by rpki-client on console-fra.rpki-client.org