Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/8716d1-eeda-4505-a0c9-078fd395859f/1/9TruYNnifZvDb9SVPVW7iXJ7wYA.roa
File: 9TruYNnifZvDb9SVPVW7iXJ7wYA.roa (raw, json)
Hash identifier: xKpFXoNKmLpqBIduSytI40Tek1KjGO3BXtm0sLeiS0E=
Subject key identifier: F5:3A:EE:60:D9:E2:7D:9B:C3:6F:D4:95:3D:55:BB:89:72:7B:C1:80
Certificate issuer: /CN=8dc8972b4dba0d2049d37c848a4a21d4a43b2e3b
Certificate serial: 018FDD1C42282C857ED9C26F01029895A97E
Authority key identifier: 8D:C8:97:2B:4D:BA:0D:20:49:D3:7C:84:8A:4A:21:D4:A4:3B:2E:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jciXK026DSBJ03yEikoh1KQ7Ljs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/8716d1-eeda-4505-a0c9-078fd395859f/1/9TruYNnifZvDb9SVPVW7iXJ7wYA.roa
Signing time: Mon 03 Jun 2024 07:59:27 +0000
ROA not before: Mon 03 Jun 2024 07:59:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215264
IP address blocks: 89.187.93.0/24 maxlen: 24
2a14:2540::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/8716d1-eeda-4505-a0c9-078fd395859f/1/jciXK026DSBJ03yEikoh1KQ7Ljs.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/8716d1-eeda-4505-a0c9-078fd395859f/1/jciXK026DSBJ03yEikoh1KQ7Ljs.mft
rsync://rpki.ripe.net/repository/DEFAULT/jciXK026DSBJ03yEikoh1KQ7Ljs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:1c:42:28:2c:85:7e:d9:c2:6f:01:02:98:95:a9:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8dc8972b4dba0d2049d37c848a4a21d4a43b2e3b
Validity
Not Before: Jun 3 07:59:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f53aee60d9e27d9bc36fd4953d55bb89727bc180
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:2a:cc:82:74:da:5f:51:b6:72:82:1e:a1:52:
e3:12:32:12:f9:18:84:19:5e:8d:6e:8d:2c:44:f6:
a0:a5:55:4d:44:c1:7a:cd:54:6f:c5:3a:15:f1:13:
46:e8:8f:d2:a3:31:ec:9b:66:6a:42:d8:b7:55:b2:
f4:62:89:63:d6:17:fd:31:97:7c:21:94:f4:53:db:
b4:e9:a4:d6:51:ec:58:c3:41:2a:33:7e:77:de:af:
02:82:39:72:a6:f8:1f:d1:41:c5:31:9c:c3:5e:4c:
16:8f:fe:16:70:51:1f:70:43:02:42:76:fe:a8:ad:
5e:6a:23:39:fb:33:9b:0b:fe:3b:e3:ba:ba:9f:9a:
52:02:31:87:70:39:50:99:2d:5d:d7:73:e8:81:d0:
ca:b0:8d:f7:f6:47:ba:61:11:fe:26:84:80:6e:0c:
dc:c8:a4:b1:bb:c0:89:ce:b1:3e:6b:46:ab:7a:7a:
64:4d:55:89:96:1f:66:ec:c0:33:58:63:95:d5:37:
c6:02:a5:07:fc:cf:c2:75:83:58:89:4e:a3:ca:cc:
46:a6:15:6b:5e:5c:c5:b0:12:83:16:9d:05:bf:fd:
a6:5f:6a:a0:c1:7e:5e:98:cf:3d:8c:88:ca:60:43:
f0:48:0c:3d:a9:40:d1:af:a7:9c:e4:a1:85:30:0a:
31:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:3A:EE:60:D9:E2:7D:9B:C3:6F:D4:95:3D:55:BB:89:72:7B:C1:80
X509v3 Authority Key Identifier:
keyid:8D:C8:97:2B:4D:BA:0D:20:49:D3:7C:84:8A:4A:21:D4:A4:3B:2E:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jciXK026DSBJ03yEikoh1KQ7Ljs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8716d1-eeda-4505-a0c9-078fd395859f/1/9TruYNnifZvDb9SVPVW7iXJ7wYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/8716d1-eeda-4505-a0c9-078fd395859f/1/jciXK026DSBJ03yEikoh1KQ7Ljs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.93.0/24
IPv6:
2a14:2540::/29
Signature Algorithm: sha256WithRSAEncryption
24:a2:f3:fa:fe:35:70:5c:af:24:be:81:8f:5d:64:ef:fb:36:
fe:83:06:03:7d:16:fb:c6:1d:63:04:6f:b5:52:ed:c0:96:10:
f5:72:eb:11:23:89:0f:41:c0:96:02:9f:47:0f:bb:0d:0a:74:
65:49:09:99:7b:06:36:9f:e3:7f:8d:2b:fe:e1:c5:75:4d:1f:
8f:1c:d4:84:58:ca:b2:81:da:1c:09:34:70:a6:db:cb:aa:27:
62:43:86:ea:fc:89:e1:7c:a8:e1:d2:37:77:7d:e1:93:f6:ae:
8d:bf:d1:3f:ae:66:37:da:30:e6:a1:14:a6:f3:cd:de:04:78:
ed:8a:39:41:d4:da:a3:b5:c4:fc:be:ab:1c:02:56:98:53:77:
a4:44:9f:ab:f9:f3:67:72:a5:fc:2b:f5:b7:43:a9:da:1b:e9:
77:79:ea:53:af:da:88:af:da:ad:47:33:53:39:48:5b:54:d2:
24:d0:08:ac:63:d8:bf:66:8d:0f:a5:9c:92:19:67:10:7a:1f:
a0:48:90:2f:1a:e7:0c:07:b7:30:cd:8a:1f:0c:f7:8b:31:2d:
f3:d9:9e:0a:9a:5d:8a:b1:de:12:9e:67:9c:10:46:11:1f:91:
21:2f:b1:b8:90:97:d3:4d:b9:47:de:fb:cf:65:d6:55:3a:83:
fe:44:77:ec
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY/dHEIoLIV+2cJvAQKYlal+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkYzg5NzJiNGRiYTBkMjA0OWQzN2M4NDhhNGEyMWQ0YTQz
YjJlM2IwHhcNMjQwNjAzMDc1OTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNTNhZWU2MGQ5ZTI3ZDliYzM2ZmQ0OTUzZDU1YmI4OTcyN2JjMTgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArSrMgnTaX1G2coIeoVLjEjIS+RiE
GV6Nbo0sRPagpVVNRMF6zVRvxToV8RNG6I/SozHsm2ZqQti3VbL0Yolj1hf9MZd8
IZT0U9u06aTWUexYw0EqM3533q8Cgjlypvgf0UHFMZzDXkwWj/4WcFEfcEMCQnb+
qK1eaiM5+zObC/4747q6n5pSAjGHcDlQmS1d13PogdDKsI339ke6YRH+JoSAbgzc
yKSxu8CJzrE+a0arenpkTVWJlh9m7MAzWGOV1TfGAqUH/M/CdYNYiU6jysxGphVr
XlzFsBKDFp0Fv/2mX2qgwX5emM89jIjKYEPwSAw9qUDRr6ec5KGFMAoxbQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFPU67mDZ4n2bw2/UlT1Vu4lye8GAMB8GA1UdIwQY
MBaAFI3IlytNug0gSdN8hIpKIdSkOy47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvamNpWEswMjZEU0JKMDN5RWlrb2gxS1E3TGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi84NzE2ZDEtZWVkYS00NTA1LWEwYzkt
MDc4ZmQzOTU4NTlmLzEvOVRydVlObmlmWnZEYjlTVlBWVzdpWEo3d1lBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi84NzE2ZDEtZWVkYS00NTA1LWEwYzktMDc4ZmQzOTU4NTlm
LzEvamNpWEswMjZEU0JKMDN5RWlrb2gxS1E3TGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAWbtdMA0E
AgACMAcDBQMqFCVAMA0GCSqGSIb3DQEBCwUAA4IBAQAkovP6/jVwXK8kvoGPXWTv
+zb+gwYDfRb7xh1jBG+1Uu3AlhD1cusRI4kPQcCWAp9HD7sNCnRlSQmZewY2n+N/
jSv+4cV1TR+PHNSEWMqygdocCTRwptvLqidiQ4bq/InhfKjh0jd3feGT9q6Nv9E/
rmY32jDmoRSm883eBHjtijlB1NqjtcT8vqscAlaYU3ekRJ+r+fNncqX8K/W3Q6na
G+l3eepTr9qIr9qtRzNTOUhbVNIk0AisY9i/Zo0PpZySGWcQeh+gSJAvGucMB7cw
zYofDPeLMS3z2Z4Kml2Ksd4SnmecEEYRH5EhL7G4kJfTTblH3vvPZdZVOoP+RHfs
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:29:28 2024 by rpki-client on console-ams.rpki-client.org