Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/1-ooCJk3MHNZ_uUyR6o3Ef6F5ulU.roa
File: 1-ooCJk3MHNZ_uUyR6o3Ef6F5ulU.roa (raw, json)
Hash identifier: o/EkVuhvpHKDXbm4AaQz1Xb9wFLpvAFP9iOiYssxhLQ=
Subject key identifier: FA:8A:02:26:4D:CC:1C:D6:7F:B9:4C:91:EA:8D:C4:7F:A1:79:BA:55
Certificate issuer: /CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Certificate serial: 018CC6B8EC449B514B8D1FAAAB2253BEF929
Authority key identifier: B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/1-ooCJk3MHNZ_uUyR6o3Ef6F5ulU.roa
Signing time: Mon 01 Jan 2024 20:30:57 +0000
ROA not before: Mon 01 Jan 2024 20:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197889
IP address blocks: 89.107.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/ubNQoK4y5z5mDEFsPxQG7dNhX4I.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/ubNQoK4y5z5mDEFsPxQG7dNhX4I.mft
rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:ec:44:9b:51:4b:8d:1f:aa:ab:22:53:be:f9:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b9b350a0ae32e73e660c416c3f1406edd3615f82
Validity
Not Before: Jan 1 20:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa8a02264dcc1cd67fb94c91ea8dc47fa179ba55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:c9:68:32:59:3c:58:6f:31:aa:77:df:c0:88:
2e:25:4e:6c:d5:45:f2:b6:2d:81:a9:ff:93:e9:28:
e2:27:70:59:17:0a:7d:68:1c:4b:88:0f:ff:5e:ad:
bb:39:47:57:bc:a2:20:61:ce:83:3b:42:a5:0d:6d:
10:b2:50:2f:80:3a:b7:62:cc:d5:04:04:5a:73:7e:
af:3d:6e:0d:14:50:1a:be:32:1a:90:60:1c:fb:5d:
12:95:da:bd:ac:38:e0:ac:3e:2f:b5:83:b3:78:b8:
29:21:b6:f5:77:38:4c:de:f7:0a:07:2a:3e:bb:f2:
f9:6b:df:19:eb:5b:0d:fc:ae:1b:23:bc:64:34:18:
03:1b:3f:aa:80:75:84:89:bc:7c:0a:a7:e5:33:f0:
61:69:47:81:f2:c1:d1:53:c9:8d:48:40:85:0f:74:
11:ea:83:62:0e:7b:57:bf:61:67:92:38:02:2f:10:
a7:b3:bd:ac:b0:6f:2b:2f:ee:03:1c:ee:06:da:8a:
da:8f:d8:e8:46:33:fa:13:a8:d7:e4:7e:f3:46:9d:
1d:5b:70:f6:d7:7d:60:dd:65:86:5a:63:1a:70:97:
a0:39:7b:63:e7:60:ca:14:c2:95:8b:da:91:6c:13:
5e:a3:42:47:5e:36:b4:e4:31:e7:0e:04:51:95:5d:
45:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:8A:02:26:4D:CC:1C:D6:7F:B9:4C:91:EA:8D:C4:7F:A1:79:BA:55
X509v3 Authority Key Identifier:
keyid:B9:B3:50:A0:AE:32:E7:3E:66:0C:41:6C:3F:14:06:ED:D3:61:5F:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ubNQoK4y5z5mDEFsPxQG7dNhX4I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/1-ooCJk3MHNZ_uUyR6o3Ef6F5ulU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/627e60-00a6-4d26-b93a-ef73b7b4ca3c/1/ubNQoK4y5z5mDEFsPxQG7dNhX4I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.254.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:07:ec:6f:34:89:76:8b:b8:f7:4a:17:e5:0f:d1:e8:b6:46:
48:57:2d:46:89:cc:12:2d:82:ad:d7:3a:b9:6a:bc:dc:15:38:
ca:14:db:b5:bc:37:e9:2c:ac:47:7c:e5:81:05:e7:96:9e:78:
45:ac:2c:91:73:60:94:f0:bf:a3:0d:eb:52:9d:7c:a7:e2:8b:
d8:c3:47:f1:0d:b1:f9:e7:a2:48:83:ed:07:f8:a1:b2:79:8b:
97:c4:c6:d7:c2:01:2c:f4:ea:4f:e7:7c:38:4e:c1:e4:79:2a:
94:9d:6b:0b:01:3d:b3:ab:a0:d2:86:ba:f5:97:30:a9:11:78:
15:2f:0f:ce:9f:bf:9a:b9:2f:75:4a:01:4f:58:b2:a2:8c:cd:
8d:76:43:5e:9b:2c:d8:a2:1e:5a:78:dd:44:34:85:89:c1:eb:
15:0a:d1:ca:c6:53:c2:96:bd:69:1d:4a:2c:7d:76:5e:7a:75:
ff:59:b2:6f:be:1b:3c:75:3a:b5:e0:e8:db:ab:54:a6:ef:0b:
de:0a:1a:80:3f:8f:66:c7:0b:65:29:f6:d3:98:cb:22:31:ca:
79:3b:c3:8d:2e:78:32:6f:95:6d:6d:11:72:c0:3e:49:29:c1:
b9:bb:76:5d:67:cf:0e:8b:a5:64:9b:88:18:33:04:e7:ac:b3:
fc:bb:63:11
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzGuOxEm1FLjR+qqyJTvvkpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5YjM1MGEwYWUzMmU3M2U2NjBjNDE2YzNmMTQwNmVkZDM2
MTVmODIwHhcNMjQwMTAxMjAzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYThhMDIyNjRkY2MxY2Q2N2ZiOTRjOTFlYThkYzQ3ZmExNzliYTU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn8loMlk8WG8xqnffwIguJU5s1UXy
ti2Bqf+T6SjiJ3BZFwp9aBxLiA//Xq27OUdXvKIgYc6DO0KlDW0QslAvgDq3YszV
BARac36vPW4NFFAavjIakGAc+10Sldq9rDjgrD4vtYOzeLgpIbb1dzhM3vcKByo+
u/L5a98Z61sN/K4bI7xkNBgDGz+qgHWEibx8CqflM/BhaUeB8sHRU8mNSECFD3QR
6oNiDntXv2FnkjgCLxCns72ssG8rL+4DHO4G2oraj9joRjP6E6jX5H7zRp0dW3D2
131g3WWGWmMacJegOXtj52DKFMKVi9qRbBNeo0JHXja05DHnDgRRlV1FqQIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPqKAiZNzBzWf7lMkeqNxH+hebpVMB8GA1UdIwQY
MBaAFLmzUKCuMuc+ZgxBbD8UBu3TYV+CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdWJOUW9LNHk1ejVtREVGc1B4UUc3ZE5oWDRJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS82MjdlNjAtMDBhNi00ZDI2LWI5M2Et
ZWY3M2I3YjRjYTNjLzEvMS1vb0NKazNNSE5aX3VVeVI2bzNFZjZGNXVsVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMDEvNjI3ZTYwLTAwYTYtNGQyNi1iOTNhLWVmNzNiN2I0Y2Ez
Yy8xL3ViTlFvSzR5NXo1bURFRnNQeFFHN2ROaFg0SS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFlr/jAN
BgkqhkiG9w0BAQsFAAOCAQEAfwfsbzSJdou490oX5Q/R6LZGSFctRonMEi2Crdc6
uWq83BU4yhTbtbw36SysR3zlgQXnlp54RawskXNglPC/ow3rUp18p+KL2MNH8Q2x
+eeiSIPtB/ihsnmLl8TG18IBLPTqT+d8OE7B5HkqlJ1rCwE9s6ug0oa69ZcwqRF4
FS8Pzp+/mrkvdUoBT1iyoozNjXZDXpss2KIeWnjdRDSFicHrFQrRysZTwpa9aR1K
LH12Xnp1/1myb74bPHU6teDo26tUpu8L3goagD+PZscLZSn205jLIjHKeTvDjS54
Mm+VbW0RcsA+SSnBubt2XWfPDoulZJuIGDME56yz/LtjEQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:55:27 2024 by rpki-client on console-ams.rpki-client.org