Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/cAx1SdV267PPkHrvBoCLjINB0Mc.roa
File: cAx1SdV267PPkHrvBoCLjINB0Mc.roa (raw, json)
Hash identifier: YmxRQOLmSxolj278hTnuU5VwS2bdFdiEPEv+yvo7h5g=
Subject key identifier: 70:0C:75:49:D5:76:EB:B3:CF:90:7A:EF:06:80:8B:8C:83:41:D0:C7
Certificate issuer: /CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Certificate serial: 018CC3B693D20E2A001CF82741FA616AB9DF
Authority key identifier: EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/cAx1SdV267PPkHrvBoCLjINB0Mc.roa
Signing time: Mon 01 Jan 2024 06:29:31 +0000
ROA not before: Mon 01 Jan 2024 06:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31244
IP address blocks: 89.38.233.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/6_QugGAq7fWKPHqBiDwaNPadL7Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/6_QugGAq7fWKPHqBiDwaNPadL7Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:93:d2:0e:2a:00:1c:f8:27:41:fa:61:6a:b9:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebf42e80602aedf58a3c7a81883c1a34f69d2fb4
Validity
Not Before: Jan 1 06:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=700c7549d576ebb3cf907aef06808b8c8341d0c7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b1:48:05:a9:83:49:2d:79:65:93:9e:d2:b0:
51:aa:07:eb:82:99:10:80:51:fd:a5:d5:e4:c2:0a:
5a:59:6a:fc:b4:2d:4f:85:bb:99:52:02:01:41:9e:
2b:51:e8:62:d0:74:9e:ab:ae:90:18:90:7c:fb:16:
a1:41:53:c4:a1:57:7a:51:9e:80:1e:15:3e:f8:01:
8d:b1:50:8c:83:b3:45:b8:d1:5b:54:d9:fd:85:39:
85:1f:28:87:6a:32:ef:49:d0:b7:e1:aa:02:9a:82:
66:d0:9a:d5:57:ff:26:4a:66:e5:9b:57:0b:82:d1:
e1:b1:3e:4c:8d:c5:5c:d5:b1:e4:60:e5:09:fa:60:
54:ad:a1:be:c0:f0:96:04:17:e3:2b:2a:b3:ee:84:
5e:4d:1d:87:4b:25:88:4a:5e:a1:b0:84:e6:69:52:
17:6c:c6:87:33:50:45:ef:25:d9:60:9b:5f:7d:4c:
17:24:7d:0f:ad:0a:8f:f8:f8:c5:f6:52:29:bc:ff:
82:1b:54:a4:84:c5:34:0f:76:1a:5b:f0:6e:5c:a8:
10:e5:27:ad:3e:61:4e:13:d7:83:c7:aa:dc:06:e1:
bb:91:a2:37:aa:d2:c4:1d:51:cb:b2:e9:e8:8b:fc:
3a:e1:0b:29:32:98:1e:95:31:8c:ce:f7:fb:18:d8:
4b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:0C:75:49:D5:76:EB:B3:CF:90:7A:EF:06:80:8B:8C:83:41:D0:C7
X509v3 Authority Key Identifier:
keyid:EB:F4:2E:80:60:2A:ED:F5:8A:3C:7A:81:88:3C:1A:34:F6:9D:2F:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6_QugGAq7fWKPHqBiDwaNPadL7Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/cAx1SdV267PPkHrvBoCLjINB0Mc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/0952d4-4a49-447d-ad3c-1903edafa8bf/1/6_QugGAq7fWKPHqBiDwaNPadL7Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.233.0/24
Signature Algorithm: sha256WithRSAEncryption
39:a3:09:5f:34:f3:94:03:43:6b:d1:08:02:4b:b4:a0:cf:dc:
23:df:46:97:85:0d:6f:18:f0:4f:a2:e9:d4:02:54:2f:4f:03:
81:32:24:01:71:34:e9:db:b0:d5:42:26:97:07:43:44:2c:20:
7c:cf:63:b2:9c:a0:43:c3:df:49:e8:d8:cb:89:72:56:00:49:
34:1b:56:d8:59:fa:ed:79:0f:3e:8d:f9:d4:ed:75:44:61:fb:
4d:15:ee:d3:34:44:e3:54:db:2e:9d:27:41:c2:6f:cd:f6:8f:
3b:9d:34:e4:49:4c:2a:b6:c1:93:90:58:17:c5:be:19:ec:6b:
a5:2f:c2:01:89:ea:7c:b5:4b:ac:3b:41:53:b7:4b:58:a2:42:
8b:73:dd:d4:89:f2:e6:00:ca:9a:ba:2c:02:e1:eb:2d:4e:50:
d6:ba:a2:30:d4:9a:4d:2e:e5:7a:40:af:79:63:36:10:07:35:
b9:0b:b4:a3:a0:d6:53:14:d0:51:64:7c:31:ad:81:95:c0:14:
6c:f2:ee:97:b7:f5:1f:3c:70:f0:92:99:0c:6f:56:3e:bd:c9:
cf:c3:d6:cf:c0:a6:0d:23:ba:5a:f3:60:ad:cb:08:d3:2a:99:
f8:95:98:f8:de:d0:6a:5a:83:b5:d9:51:9c:2e:f1:5a:3f:8c:
73:02:15:f2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtpPSDioAHPgnQfpharnfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZjQyZTgwNjAyYWVkZjU4YTNjN2E4MTg4M2MxYTM0ZjY5
ZDJmYjQwHhcNMjQwMTAxMDYyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDBjNzU0OWQ1NzZlYmIzY2Y5MDdhZWYwNjgwOGI4YzgzNDFkMGM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbFIBamDSS15ZZOe0rBRqgfrgpkQ
gFH9pdXkwgpaWWr8tC1PhbuZUgIBQZ4rUehi0HSeq66QGJB8+xahQVPEoVd6UZ6A
HhU++AGNsVCMg7NFuNFbVNn9hTmFHyiHajLvSdC34aoCmoJm0JrVV/8mSmblm1cL
gtHhsT5MjcVc1bHkYOUJ+mBUraG+wPCWBBfjKyqz7oReTR2HSyWISl6hsITmaVIX
bMaHM1BF7yXZYJtffUwXJH0PrQqP+PjF9lIpvP+CG1SkhMU0D3YaW/BuXKgQ5Set
PmFOE9eDx6rcBuG7kaI3qtLEHVHLsunoi/w64QspMpgelTGMzvf7GNhLLwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHAMdUnVduuzz5B67waAi4yDQdDHMB8GA1UdIwQY
MBaAFOv0LoBgKu31ijx6gYg8GjT2nS+0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2Mt
MTkwM2VkYWZhOGJmLzEvY0F4MVNkVjI2N1BQa0hydkJvQ0xqSU5CME1jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS8wOTUyZDQtNGE0OS00NDdkLWFkM2MtMTkwM2VkYWZhOGJm
LzEvNl9RdWdHQXE3ZldLUEhxQmlEd2FOUGFkTDdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSbpMA0G
CSqGSIb3DQEBCwUAA4IBAQA5owlfNPOUA0Nr0QgCS7Sgz9wj30aXhQ1vGPBPounU
AlQvTwOBMiQBcTTp27DVQiaXB0NELCB8z2OynKBDw99J6NjLiXJWAEk0G1bYWfrt
eQ8+jfnU7XVEYftNFe7TNETjVNsunSdBwm/N9o87nTTkSUwqtsGTkFgXxb4Z7Gul
L8IBiep8tUusO0FTt0tYokKLc93UifLmAMqauiwC4estTlDWuqIw1JpNLuV6QK95
YzYQBzW5C7SjoNZTFNBRZHwxrYGVwBRs8u6Xt/UfPHDwkpkMb1Y+vcnPw9bPwKYN
I7pa82CtywjTKpn4lZj43tBqWoO12VGcLvFaP4xzAhXy
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:15:56 2024 by rpki-client on console-fra.rpki-client.org