Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/89uW4BcdXOcG9jF_rDy14CsPTGY.roa
File: 89uW4BcdXOcG9jF_rDy14CsPTGY.roa (raw, json)
Hash identifier: jOeDZqaPcEOS8p/zVPLBOoh8+9qAO0pUtcriyryGVGs=
Subject key identifier: F3:DB:96:E0:17:1D:5C:E7:06:F6:31:7F:AC:3C:B5:E0:2B:0F:4C:66
Certificate issuer: /CN=4540daa4c245a4725f38041402b6bffded15ea78
Certificate serial: 018CED8E63FF2162A88778038E7A9C29F915
Authority key identifier: 45:40:DA:A4:C2:45:A4:72:5F:38:04:14:02:B6:BF:FD:ED:15:EA:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RUDapMJFpHJfOAQUAra__e0V6ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/89uW4BcdXOcG9jF_rDy14CsPTGY.roa
Signing time: Tue 09 Jan 2024 09:29:41 +0000
ROA not before: Tue 09 Jan 2024 09:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201746
IP address blocks: 178.236.125.0/24 maxlen: 24
217.61.224.0/22 maxlen: 24
185.49.168.0/22 maxlen: 24
2a01:9f20::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/RUDapMJFpHJfOAQUAra__e0V6ng.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/RUDapMJFpHJfOAQUAra__e0V6ng.mft
rsync://rpki.ripe.net/repository/DEFAULT/RUDapMJFpHJfOAQUAra__e0V6ng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 18:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ed:8e:63:ff:21:62:a8:87:78:03:8e:7a:9c:29:f9:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4540daa4c245a4725f38041402b6bffded15ea78
Validity
Not Before: Jan 9 09:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3db96e0171d5ce706f6317fac3cb5e02b0f4c66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:71:2d:fe:16:ee:00:92:e9:b0:db:08:13:d3:
c6:5c:3f:01:83:dd:8a:37:1f:d2:d5:e7:f0:70:8c:
ee:f4:08:d6:11:9d:3a:d2:78:7e:d4:5f:82:81:98:
e5:01:47:5a:5a:ed:28:df:5f:8e:75:4c:d0:46:9b:
82:76:f2:67:08:b1:37:08:c4:6f:cf:d9:37:a0:89:
8a:f1:d3:5c:45:84:c5:eb:ea:71:ac:dc:89:ce:a8:
82:26:86:55:88:62:22:a3:cf:95:42:20:eb:36:0d:
e3:7b:4c:53:0d:09:47:3e:40:b9:fb:4c:12:ba:75:
4f:1a:87:99:58:b6:da:50:38:4c:46:cf:10:08:e2:
34:08:a5:1d:28:22:35:28:82:7a:b7:0b:f8:5e:2f:
bd:c8:a6:af:4c:f7:58:f2:7d:e2:55:87:94:e5:a8:
bc:ed:b1:c4:fa:86:ab:1d:c1:7c:dc:35:0b:02:1a:
bd:ca:a6:5b:3e:e1:54:e4:10:5c:fa:fd:07:ce:45:
db:9e:80:a6:3d:de:a4:78:c2:8c:4b:bb:0f:71:c1:
95:8c:5b:82:c4:02:20:ad:34:4f:29:03:80:b1:70:
3a:4f:16:2b:47:35:73:69:e7:73:bf:8d:15:0d:93:
e3:44:e4:a4:c8:b4:0b:02:f9:ac:ad:05:cc:c1:89:
c3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:DB:96:E0:17:1D:5C:E7:06:F6:31:7F:AC:3C:B5:E0:2B:0F:4C:66
X509v3 Authority Key Identifier:
keyid:45:40:DA:A4:C2:45:A4:72:5F:38:04:14:02:B6:BF:FD:ED:15:EA:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RUDapMJFpHJfOAQUAra__e0V6ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/89uW4BcdXOcG9jF_rDy14CsPTGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/RUDapMJFpHJfOAQUAra__e0V6ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.125.0/24
185.49.168.0/22
217.61.224.0/22
IPv6:
2a01:9f20::/37
Signature Algorithm: sha256WithRSAEncryption
4f:5e:f9:a4:cd:72:5b:98:50:70:62:e8:44:1f:30:35:c1:0b:
5f:b9:74:ca:81:89:1c:50:61:cd:70:7d:ab:8e:e4:0a:9e:46:
d3:05:d7:5d:19:db:3e:31:e1:05:0a:ef:8e:dc:4f:82:b0:b6:
25:8f:05:e2:f4:16:3e:49:b3:b9:25:e6:cf:d8:82:e2:08:19:
2b:3b:42:3b:61:aa:46:b2:1d:41:6b:3f:9b:fc:87:54:df:4a:
06:2a:96:71:64:ac:e9:5e:1d:a5:65:e4:e0:5b:3a:cb:39:fb:
36:88:ed:de:5e:3a:9d:3c:35:6c:4a:8b:fd:d0:19:97:cc:bd:
8c:20:cf:74:1b:02:09:c2:10:4b:6a:22:ea:8d:98:2b:97:65:
9a:e9:ee:e2:a6:0f:9c:07:97:79:18:c6:88:55:0d:99:57:3f:
a5:a0:6e:90:64:e0:c3:e1:f8:a0:ba:c7:4b:d1:e4:ff:39:d9:
63:a0:84:ed:f0:7a:d2:8b:1c:4a:2a:ab:90:b2:31:07:c1:bc:
77:5b:a7:a4:41:d3:7e:51:8a:79:56:d1:48:b2:52:f4:ee:cf:
e2:a2:24:41:43:06:66:b6:43:2a:d5:23:97:24:0e:68:d9:43:
7c:70:4d:c6:26:42:50:52:dc:08:57:ae:54:ab:67:83:d4:c7:
6c:10:0e:24
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAYztjmP/IWKoh3gDjnqcKfkVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NDBkYWE0YzI0NWE0NzI1ZjM4MDQxNDAyYjZiZmZkZWQx
NWVhNzgwHhcNMjQwMTA5MDkyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2RiOTZlMDE3MWQ1Y2U3MDZmNjMxN2ZhYzNjYjVlMDJiMGY0YzY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAynEt/hbuAJLpsNsIE9PGXD8Bg92K
Nx/S1efwcIzu9AjWEZ060nh+1F+CgZjlAUdaWu0o31+OdUzQRpuCdvJnCLE3CMRv
z9k3oImK8dNcRYTF6+pxrNyJzqiCJoZViGIio8+VQiDrNg3je0xTDQlHPkC5+0wS
unVPGoeZWLbaUDhMRs8QCOI0CKUdKCI1KIJ6twv4Xi+9yKavTPdY8n3iVYeU5ai8
7bHE+oarHcF83DULAhq9yqZbPuFU5BBc+v0HzkXbnoCmPd6keMKMS7sPccGVjFuC
xAIgrTRPKQOAsXA6TxYrRzVzaedzv40VDZPjROSkyLQLAvmsrQXMwYnDOQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFPPbluAXHVznBvYxf6w8teArD0xmMB8GA1UdIwQY
MBaAFEVA2qTCRaRyXzgEFAK2v/3tFep4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlVEYXBNSkZwSEpmT0FRVUFyYV9fZTBWNm5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jMGJhNmYtZGY2Zi00MTQ4LThmY2Et
ZDI1YWFhODA0MTQ1LzEvODl1VzRCY2RYT2NHOWpGX3JEeTE0Q3NQVEdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jMGJhNmYtZGY2Zi00MTQ4LThmY2EtZDI1YWFhODA0MTQ1
LzEvUlVEYXBNSkZwSEpmT0FRVUFyYV9fZTBWNm5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQAsux9AwQC
uTGoAwQC2T3gMA4EAgACMAgDBgMqAZ8gADANBgkqhkiG9w0BAQsFAAOCAQEAT175
pM1yW5hQcGLoRB8wNcELX7l0yoGJHFBhzXB9q47kCp5G0wXXXRnbPjHhBQrvjtxP
grC2JY8F4vQWPkmzuSXmz9iC4ggZKztCO2GqRrIdQWs/m/yHVN9KBiqWcWSs6V4d
pWXk4Fs6yzn7Nojt3l46nTw1bEqL/dAZl8y9jCDPdBsCCcIQS2oi6o2YK5dlmunu
4qYPnAeXeRjGiFUNmVc/paBukGTgw+H4oLrHS9Hk/znZY6CE7fB60oscSiqrkLIx
B8G8d1unpEHTflGKeVbRSLJS9O7P4qIkQUMGZrZDKtUjlyQOaNlDfHBNxiZCUFLc
CFeuVKtng9THbBAOJA==
-----END CERTIFICATE-----
Generated at Sun Jun 23 02:40:18 2024 by rpki-client on console-ams.rpki-client.org