Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/fiB5WWwFcrhstL35ZsbpSygG5W0.roa
File: fiB5WWwFcrhstL35ZsbpSygG5W0.roa (raw, json)
Hash identifier: BgonEgsdYULHysPGc65YHg7xgFd6b+LUbgis5baV8y4=
Subject key identifier: 7E:20:79:59:6C:05:72:B8:6C:B4:BD:F9:66:C6:E9:4B:28:06:E5:6D
Certificate issuer: /CN=9145ead8d3f1284402b6f75614a87257503ce1bc
Certificate serial: 018CC2DADA9B913EAE898D412D473888F5B9
Authority key identifier: 91:45:EA:D8:D3:F1:28:44:02:B6:F7:56:14:A8:72:57:50:3C:E1:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kUXq2NPxKEQCtvdWFKhyV1A84bw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/fiB5WWwFcrhstL35ZsbpSygG5W0.roa
Signing time: Mon 01 Jan 2024 02:29:31 +0000
ROA not before: Mon 01 Jan 2024 02:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43938
IP address blocks: 188.208.30.0/24 maxlen: 24
89.36.89.0/24 maxlen: 24
89.36.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/kUXq2NPxKEQCtvdWFKhyV1A84bw.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/kUXq2NPxKEQCtvdWFKhyV1A84bw.mft
rsync://rpki.ripe.net/repository/DEFAULT/kUXq2NPxKEQCtvdWFKhyV1A84bw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:da:9b:91:3e:ae:89:8d:41:2d:47:38:88:f5:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9145ead8d3f1284402b6f75614a87257503ce1bc
Validity
Not Before: Jan 1 02:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7e2079596c0572b86cb4bdf966c6e94b2806e56d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:f2:88:fd:40:f8:08:5c:f7:88:75:e3:92:e5:
7b:ff:5f:8c:48:04:ec:dd:16:cf:6f:dc:3f:7b:6f:
3e:4b:b7:bd:d8:0b:52:63:8e:42:20:d3:e8:5f:68:
40:57:0b:ee:49:2b:e1:25:32:2b:3c:27:b9:49:2a:
38:d4:52:8d:48:23:ae:05:96:78:a3:e6:91:0d:01:
a3:83:70:db:34:17:a7:bb:d4:d6:fc:38:0d:d5:6e:
58:da:69:69:d5:e1:59:a0:76:ff:2c:d1:ca:89:e5:
9b:9e:37:54:45:ac:99:a3:92:0e:03:b8:05:e1:d4:
f6:12:14:55:45:fe:8b:eb:31:62:72:6c:33:0b:fe:
1a:cf:6e:de:a0:18:97:46:93:0f:03:b4:cf:4a:70:
42:cb:f5:83:13:06:f7:ae:14:f6:f5:ce:ae:b7:37:
a0:22:6b:01:48:09:84:6a:d7:95:0b:fc:5d:d4:24:
d5:d9:39:40:1c:6e:7c:86:c3:51:fe:0b:a9:73:68:
9c:b8:f3:0d:59:6b:ed:e7:40:92:cf:ce:21:86:25:
b6:82:d2:e3:b4:81:26:5d:33:0d:57:95:40:fb:60:
ba:58:5e:23:f3:4b:ba:87:79:fa:3d:92:37:b1:0f:
7c:aa:0f:70:6c:a8:d8:f3:28:ef:6f:a0:71:85:9c:
8a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:20:79:59:6C:05:72:B8:6C:B4:BD:F9:66:C6:E9:4B:28:06:E5:6D
X509v3 Authority Key Identifier:
keyid:91:45:EA:D8:D3:F1:28:44:02:B6:F7:56:14:A8:72:57:50:3C:E1:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kUXq2NPxKEQCtvdWFKhyV1A84bw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/fiB5WWwFcrhstL35ZsbpSygG5W0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/a5235f-62fb-4abb-8037-2ad195264c72/1/kUXq2NPxKEQCtvdWFKhyV1A84bw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.89.0/24
89.36.193.0/24
188.208.30.0/24
Signature Algorithm: sha256WithRSAEncryption
44:51:ac:e6:19:1b:56:91:30:bb:18:e1:16:58:07:7d:b3:c5:
7c:e2:cc:42:b2:72:ca:fa:61:44:9e:99:81:42:96:c0:6a:4a:
d6:12:05:2d:64:6e:6f:7b:e6:1c:85:a3:e2:47:d3:b2:51:b6:
92:98:b8:9b:cb:d7:c6:68:a2:08:9a:fa:52:5a:20:74:8d:46:
55:c1:c4:20:dc:8f:89:f3:13:07:92:6e:ea:3b:a7:24:dd:56:
3f:42:57:52:de:5a:b1:73:45:68:69:eb:4b:91:21:fc:ea:26:
cb:b6:82:98:bf:83:38:f5:46:ea:af:87:e2:b0:0c:97:1e:f6:
5f:28:be:e3:13:39:07:e5:d3:95:83:1d:ed:f2:44:e1:7e:89:
b6:cc:d4:e0:17:38:92:d0:39:24:7f:a5:f2:31:11:40:88:83:
24:4d:27:1d:14:ec:57:b4:2d:c2:14:bd:ba:5b:40:4f:78:fb:
48:3e:f7:80:10:52:9e:89:da:13:a1:70:73:33:d2:ed:51:bd:
2c:89:df:ed:57:85:f6:42:ce:b0:50:cd:e4:f8:59:4d:90:42:
aa:b3:90:f6:23:08:3f:7d:35:14:fc:49:7b:e2:70:1c:31:d0:
76:da:f2:43:5d:3c:66:6c:e3:68:7b:e2:ac:ad:c2:79:47:f3:
f2:2b:54:f5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzC2tqbkT6uiY1BLUc4iPW5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkxNDVlYWQ4ZDNmMTI4NDQwMmI2Zjc1NjE0YTg3MjU3NTAz
Y2UxYmMwHhcNMjQwMTAxMDIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTIwNzk1OTZjMDU3MmI4NmNiNGJkZjk2NmM2ZTk0YjI4MDZlNTZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgfKI/UD4CFz3iHXjkuV7/1+MSATs
3RbPb9w/e28+S7e92AtSY45CINPoX2hAVwvuSSvhJTIrPCe5SSo41FKNSCOuBZZ4
o+aRDQGjg3DbNBenu9TW/DgN1W5Y2mlp1eFZoHb/LNHKieWbnjdURayZo5IOA7gF
4dT2EhRVRf6L6zFicmwzC/4az27eoBiXRpMPA7TPSnBCy/WDEwb3rhT29c6utzeg
ImsBSAmEateVC/xd1CTV2TlAHG58hsNR/gupc2icuPMNWWvt50CSz84hhiW2gtLj
tIEmXTMNV5VA+2C6WF4j80u6h3n6PZI3sQ98qg9wbKjY8yjvb6BxhZyKbQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFH4geVlsBXK4bLS9+WbG6UsoBuVtMB8GA1UdIwQY
MBaAFJFF6tjT8ShEArb3VhSocldQPOG8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva1VYcTJOUHhLRVFDdHZkV0ZLaHlWMUE4NGJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9hNTIzNWYtNjJmYi00YWJiLTgwMzct
MmFkMTk1MjY0YzcyLzEvZmlCNVdXd0ZjcmhzdEwzNVpzYnBTeWdHNVcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9hNTIzNWYtNjJmYi00YWJiLTgwMzctMmFkMTk1MjY0Yzcy
LzEva1VYcTJOUHhLRVFDdHZkV0ZLaHlWMUE4NGJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAWSRZAwQA
WSTBAwQAvNAeMA0GCSqGSIb3DQEBCwUAA4IBAQBEUazmGRtWkTC7GOEWWAd9s8V8
4sxCsnLK+mFEnpmBQpbAakrWEgUtZG5ve+YchaPiR9OyUbaSmLiby9fGaKIImvpS
WiB0jUZVwcQg3I+J8xMHkm7qO6ck3VY/QldS3lqxc0VoaetLkSH86ibLtoKYv4M4
9Ubqr4fisAyXHvZfKL7jEzkH5dOVgx3t8kThfom2zNTgFziS0Dkkf6XyMRFAiIMk
TScdFOxXtC3CFL26W0BPePtIPveAEFKeidoToXBzM9LtUb0sid/tV4X2Qs6wUM3k
+FlNkEKqs5D2Iwg/fTUU/El74nAcMdB22vJDXTxmbONoe+KsrcJ5R/PyK1T1
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:00:27 2024 by rpki-client on console-ams.rpki-client.org