Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/8yGLkmK87eRhMHKtXe9vzvHjv2o.roa
File: 8yGLkmK87eRhMHKtXe9vzvHjv2o.roa (raw, json)
Hash identifier: IgO7/eQbV7AtyHgkTa0trzo7kvUj1LliKC4r6D+m9wE=
Subject key identifier: F3:21:8B:92:62:BC:ED:E4:61:30:72:AD:5D:EF:6F:CE:F1:E3:BF:6A
Certificate issuer: /CN=827af17f0499627e4b3c8cc5c333ec4b8e7635e0
Certificate serial: 018CC79508FFDEF12F100D58182040213903
Authority key identifier: 82:7A:F1:7F:04:99:62:7E:4B:3C:8C:C5:C3:33:EC:4B:8E:76:35:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/8yGLkmK87eRhMHKtXe9vzvHjv2o.roa
Signing time: Tue 02 Jan 2024 00:31:21 +0000
ROA not before: Tue 02 Jan 2024 00:31:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31027
IP address blocks: 89.104.221.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/gnrxfwSZYn5LPIzFwzPsS452NeA.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/gnrxfwSZYn5LPIzFwzPsS452NeA.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:08:ff:de:f1:2f:10:0d:58:18:20:40:21:39:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827af17f0499627e4b3c8cc5c333ec4b8e7635e0
Validity
Not Before: Jan 2 00:31:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3218b9262bcede4613072ad5def6fcef1e3bf6a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:94:e9:c7:fa:ea:21:4e:56:2d:e9:66:c3:4e:
79:1e:7d:e1:54:2d:20:cd:63:dd:c8:5a:07:16:62:
35:1e:d3:38:f0:fc:cd:81:ae:52:dd:07:ba:ba:01:
5a:62:c7:25:6b:2d:01:63:a5:61:dc:21:ba:2d:7b:
a5:71:a1:07:ce:17:e0:74:15:b0:8e:b9:97:6b:12:
01:74:29:ac:6e:7b:d9:a3:e7:04:90:25:41:77:27:
0d:14:f1:ee:c9:7e:b7:16:a9:9c:80:12:8a:81:3c:
29:4b:9e:d6:d3:40:da:c9:ad:dc:92:ff:2e:65:c2:
6c:dd:02:df:02:c5:a6:af:98:72:c5:61:72:cf:ec:
4b:de:03:4f:f4:83:0d:27:b7:67:dd:96:9c:86:ac:
07:a0:e7:22:39:40:53:85:0e:c1:44:77:56:03:07:
ec:64:7e:eb:3d:f3:f6:25:d1:04:64:40:7f:62:08:
b1:84:3c:44:75:1f:56:8b:1e:12:91:da:ae:5e:62:
1e:d3:30:3e:a2:17:71:31:bc:01:53:0a:8d:a8:71:
16:a9:76:5b:8e:b9:39:1b:d1:88:18:62:2c:73:66:
2a:bf:01:6c:bd:6e:36:c1:d6:d8:0e:35:0a:78:1d:
5f:12:27:a2:bf:7a:aa:47:39:35:db:ac:4a:d7:97:
ba:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:21:8B:92:62:BC:ED:E4:61:30:72:AD:5D:EF:6F:CE:F1:E3:BF:6A
X509v3 Authority Key Identifier:
keyid:82:7A:F1:7F:04:99:62:7E:4B:3C:8C:C5:C3:33:EC:4B:8E:76:35:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnrxfwSZYn5LPIzFwzPsS452NeA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/8yGLkmK87eRhMHKtXe9vzvHjv2o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/c2ae3d-98b4-446f-ab28-7313c7f3ca3f/1/gnrxfwSZYn5LPIzFwzPsS452NeA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.104.221.0/24
Signature Algorithm: sha256WithRSAEncryption
28:f4:12:61:e3:8b:01:92:55:3f:ff:aa:8c:c5:27:55:29:3b:
8f:8e:36:63:8e:db:6e:59:70:12:c8:fb:1d:6e:43:48:35:e4:
4f:23:92:29:56:5b:04:80:7f:0c:db:c4:a4:b9:57:bb:b0:8e:
90:5d:be:83:15:5c:41:75:7a:f3:5f:73:5d:4e:80:a7:ac:8d:
9e:b6:08:90:79:7f:3d:ab:40:99:40:25:6b:ef:5a:c4:a2:2a:
83:4b:03:c2:91:08:70:1e:b3:cc:46:65:42:01:50:05:a4:1b:
b2:28:0f:1b:fd:80:a4:45:1c:f0:3a:6b:3a:9a:d6:0a:06:1a:
e9:31:93:a2:ee:be:f2:3b:a0:61:05:3f:e0:b0:33:bf:54:41:
25:e5:aa:18:89:7f:fb:b8:5c:c2:90:42:c8:09:d7:46:e2:b8:
10:65:22:32:d5:2d:cb:e1:85:2f:50:6b:7b:20:a3:8f:76:ba:
4f:dc:77:5a:1a:d8:9c:3e:c6:77:ab:1a:a9:52:dc:d9:2d:50:
66:ef:62:43:df:7f:a1:cb:4f:3b:a7:a4:af:a5:ff:87:0a:da:
ec:84:f3:d2:29:93:ac:ac:bf:f5:6d:cb:17:cd:7e:ef:76:3b:
b5:42:d6:a1:a5:08:8c:9c:b1:cd:d4:61:f8:af:59:be:87:c5:
f3:47:a7:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlQj/3vEvEA1YGCBAITkDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyN2FmMTdmMDQ5OTYyN2U0YjNjOGNjNWMzMzNlYzRiOGU3
NjM1ZTAwHhcNMjQwMTAyMDAzMTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzIxOGI5MjYyYmNlZGU0NjEzMDcyYWQ1ZGVmNmZjZWYxZTNiZjZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg5Tpx/rqIU5WLelmw055Hn3hVC0g
zWPdyFoHFmI1HtM48PzNga5S3Qe6ugFaYsclay0BY6Vh3CG6LXulcaEHzhfgdBWw
jrmXaxIBdCmsbnvZo+cEkCVBdycNFPHuyX63FqmcgBKKgTwpS57W00Daya3ckv8u
ZcJs3QLfAsWmr5hyxWFyz+xL3gNP9IMNJ7dn3ZachqwHoOciOUBThQ7BRHdWAwfs
ZH7rPfP2JdEEZEB/YgixhDxEdR9Wix4SkdquXmIe0zA+ohdxMbwBUwqNqHEWqXZb
jrk5G9GIGGIsc2YqvwFsvW42wdbYDjUKeB1fEieiv3qqRzk126xK15e62QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFPMhi5JivO3kYTByrV3vb87x479qMB8GA1UdIwQY
MBaAFIJ68X8EmWJ+SzyMxcMz7EuOdjXgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25yeGZ3U1pZbjVMUEl6Rnd6UHNTNDUyTmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC9jMmFlM2QtOThiNC00NDZmLWFiMjgt
NzMxM2M3ZjNjYTNmLzEvOHlHTGttSzg3ZVJoTUhLdFhlOXZ6dkhqdjJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC9jMmFlM2QtOThiNC00NDZmLWFiMjgtNzMxM2M3ZjNjYTNm
LzEvZ25yeGZ3U1pZbjVMUEl6Rnd6UHNTNDUyTmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWWjdMA0G
CSqGSIb3DQEBCwUAA4IBAQAo9BJh44sBklU//6qMxSdVKTuPjjZjjttuWXASyPsd
bkNINeRPI5IpVlsEgH8M28SkuVe7sI6QXb6DFVxBdXrzX3NdToCnrI2etgiQeX89
q0CZQCVr71rEoiqDSwPCkQhwHrPMRmVCAVAFpBuyKA8b/YCkRRzwOms6mtYKBhrp
MZOi7r7yO6BhBT/gsDO/VEEl5aoYiX/7uFzCkELICddG4rgQZSIy1S3L4YUvUGt7
IKOPdrpP3HdaGticPsZ3qxqpUtzZLVBm72JD33+hy087p6Svpf+HCtrshPPSKZOs
rL/1bcsXzX7vdju1QtahpQiMnLHN1GH4r1m+h8XzR6fH
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:16:05 2024 by rpki-client on console-ams.rpki-client.org