Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/CrPlde5MBh9VAWaPS880QtuKYEc.roa
File: CrPlde5MBh9VAWaPS880QtuKYEc.roa (raw, json)
Hash identifier: iDTsl5teWbewAeKuWzYzR3WAXZ/yIjwPkjp2NTfnmMw=
Subject key identifier: 0A:B3:E5:75:EE:4C:06:1F:55:01:66:8F:4B:CF:34:42:DB:8A:60:47
Certificate issuer: /CN=af6eaeff123ca67446d0e49401e495057078e174
Certificate serial: 018CC64AC911574A3699B5A23A6E4E0A9F32
Authority key identifier: AF:6E:AE:FF:12:3C:A6:74:46:D0:E4:94:01:E4:95:05:70:78:E1:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/r26u_xI8pnRG0OSUAeSVBXB44XQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/CrPlde5MBh9VAWaPS880QtuKYEc.roa
Signing time: Mon 01 Jan 2024 18:30:39 +0000
ROA not before: Mon 01 Jan 2024 18:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30962
IP address blocks: 93.89.4.0/24 maxlen: 24
93.89.5.0/24 maxlen: 24
93.89.6.0/24 maxlen: 24
93.89.7.0/24 maxlen: 24
2a0b:2300::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/r26u_xI8pnRG0OSUAeSVBXB44XQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/r26u_xI8pnRG0OSUAeSVBXB44XQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/r26u_xI8pnRG0OSUAeSVBXB44XQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:c9:11:57:4a:36:99:b5:a2:3a:6e:4e:0a:9f:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af6eaeff123ca67446d0e49401e495057078e174
Validity
Not Before: Jan 1 18:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ab3e575ee4c061f5501668f4bcf3442db8a6047
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:27:95:df:20:46:c6:7a:11:96:02:e1:e7:bb:
11:83:84:b4:f5:89:f9:12:45:00:0c:3e:14:0f:0f:
54:d0:64:ba:d0:40:0c:8b:9c:b0:3f:96:c2:95:ae:
8f:77:43:ac:75:2a:19:ae:b6:cf:b0:a7:9b:cf:3a:
dc:b2:3e:a2:3d:ff:d6:5b:1a:54:9b:39:41:68:fa:
c5:ab:32:58:82:d2:56:b0:47:73:f4:0a:cd:4a:88:
62:d7:9c:c1:f7:8b:ce:68:f8:89:3f:89:bd:03:ef:
08:8c:f5:6a:89:42:4e:ec:b6:06:af:2d:c7:2f:c7:
eb:fd:e8:09:b9:ab:2d:4c:21:1a:ee:98:6a:26:2b:
b9:94:d1:1a:dd:98:a6:1a:af:d7:77:bb:4a:d2:56:
af:54:c8:3a:42:27:96:51:e6:da:f5:f4:28:e5:73:
8b:5c:83:51:60:15:8e:7f:97:f8:55:a1:9b:60:32:
ae:6a:34:86:39:2c:84:30:71:c7:8d:0f:e9:4a:47:
59:8d:c6:76:57:64:a3:7d:61:65:75:ff:eb:94:ed:
db:cb:2b:b3:10:00:ac:ec:a6:43:e3:ec:ff:0a:a6:
4e:82:5d:b1:ed:f8:37:d0:81:7f:df:19:5b:6e:fd:
79:19:ad:47:ae:5f:52:44:55:dd:05:86:bc:e8:65:
4f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:B3:E5:75:EE:4C:06:1F:55:01:66:8F:4B:CF:34:42:DB:8A:60:47
X509v3 Authority Key Identifier:
keyid:AF:6E:AE:FF:12:3C:A6:74:46:D0:E4:94:01:E4:95:05:70:78:E1:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/r26u_xI8pnRG0OSUAeSVBXB44XQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/CrPlde5MBh9VAWaPS880QtuKYEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/700164-89d1-404f-af35-4ef47fc4bd7f/1/r26u_xI8pnRG0OSUAeSVBXB44XQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.4.0/22
IPv6:
2a0b:2300::/32
Signature Algorithm: sha256WithRSAEncryption
05:d0:e0:55:25:c6:9a:6f:ee:b4:27:fc:2f:8d:70:8b:8a:58:
e7:a4:7e:3c:5d:c3:8d:15:0f:5e:ae:0d:05:64:ab:62:b0:87:
b3:29:17:ff:62:d7:05:d6:07:87:5a:01:d2:5d:94:48:99:6a:
60:1c:e8:7c:7c:9c:ec:ce:19:5b:8e:06:02:35:0e:40:37:45:
c4:1c:d0:f2:9f:c2:c5:66:f5:a1:73:5f:16:b8:d4:36:23:4f:
f7:1d:a4:10:b0:36:e2:a8:f1:d7:bb:27:5c:b0:f0:70:5d:c5:
8f:33:8b:8c:95:ca:20:fa:1f:57:3b:3f:42:1f:4e:e7:b0:bc:
89:f6:e8:8a:f9:e9:28:dc:9d:3a:80:f7:63:bc:46:2b:18:c8:
78:f9:e9:70:5d:f6:6c:a4:69:7b:1c:3b:f5:f8:ce:5d:e6:32:
3a:4c:5e:c5:83:ef:80:d6:28:c1:76:0d:28:ed:f6:29:4d:0f:
11:5f:52:f8:51:1b:3d:2c:b8:23:be:ca:1b:37:f0:cb:88:91:
df:4f:59:f9:cb:c1:b8:be:13:27:d5:55:cd:ee:53:7e:2f:59:
12:d2:58:ac:56:41:d8:72:de:1b:37:29:fd:c7:d3:15:96:0c:
ff:f9:58:55:bc:44:80:23:93:b5:6b:3d:95:a4:a1:78:84:ef:
40:18:c4:24
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGSskRV0o2mbWiOm5OCp8yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmNmVhZWZmMTIzY2E2NzQ0NmQwZTQ5NDAxZTQ5NTA1NzA3
OGUxNzQwHhcNMjQwMTAxMTgzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWIzZTU3NWVlNGMwNjFmNTUwMTY2OGY0YmNmMzQ0MmRiOGE2MDQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiSeV3yBGxnoRlgLh57sRg4S09Yn5
EkUADD4UDw9U0GS60EAMi5ywP5bCla6Pd0OsdSoZrrbPsKebzzrcsj6iPf/WWxpU
mzlBaPrFqzJYgtJWsEdz9ArNSohi15zB94vOaPiJP4m9A+8IjPVqiUJO7LYGry3H
L8fr/egJuastTCEa7phqJiu5lNEa3ZimGq/Xd7tK0lavVMg6QieWUeba9fQo5XOL
XINRYBWOf5f4VaGbYDKuajSGOSyEMHHHjQ/pSkdZjcZ2V2SjfWFldf/rlO3byyuz
EACs7KZD4+z/CqZOgl2x7fg30IF/3xlbbv15Ga1Hrl9SRFXdBYa86GVPEwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFAqz5XXuTAYfVQFmj0vPNELbimBHMB8GA1UdIwQY
MBaAFK9urv8SPKZ0RtDklAHklQVweOF0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcjI2dV94SThwblJHME9TVUFlU1ZCWEI0NFhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy83MDAxNjQtODlkMS00MDRmLWFmMzUt
NGVmNDdmYzRiZDdmLzEvQ3JQbGRlNU1CaDlWQVdhUFM4ODBRdHVLWUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy83MDAxNjQtODlkMS00MDRmLWFmMzUtNGVmNDdmYzRiZDdm
LzEvcjI2dV94SThwblJHME9TVUFlU1ZCWEI0NFhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCXVkEMA0E
AgACMAcDBQAqCyMAMA0GCSqGSIb3DQEBCwUAA4IBAQAF0OBVJcaab+60J/wvjXCL
iljnpH48XcONFQ9erg0FZKtisIezKRf/YtcF1geHWgHSXZRImWpgHOh8fJzszhlb
jgYCNQ5AN0XEHNDyn8LFZvWhc18WuNQ2I0/3HaQQsDbiqPHXuydcsPBwXcWPM4uM
lcog+h9XOz9CH07nsLyJ9uiK+eko3J06gPdjvEYrGMh4+elwXfZspGl7HDv1+M5d
5jI6TF7Fg++A1ijBdg0o7fYpTQ8RX1L4URs9LLgjvsobN/DLiJHfT1n5y8G4vhMn
1VXN7lN+L1kS0lisVkHYct4bNyn9x9MVlgz/+VhVvESAI5O1az2VpKF4hO9AGMQk
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:04:21 2024 by rpki-client on console-fra.rpki-client.org