Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Ku0KaVgen3MAs8e3hSTXgyaqWRQ.roa
File: Ku0KaVgen3MAs8e3hSTXgyaqWRQ.roa (raw, json)
Hash identifier: RzIsiOZvny9jLGi7xdACBlJPD/fsGn9JNXMusir+GMw=
Subject key identifier: 2A:ED:0A:69:58:1E:9F:73:00:B3:C7:B7:85:24:D7:83:26:AA:59:14
Certificate issuer: /CN=52b9b9e256580c4344bb241445b4d52e54fdd50b
Certificate serial: 018CC5DBEAFD19ED6FF8BBED75FFBBD05E56
Authority key identifier: 52:B9:B9:E2:56:58:0C:43:44:BB:24:14:45:B4:D5:2E:54:FD:D5:0B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Ku0KaVgen3MAs8e3hSTXgyaqWRQ.roa
Signing time: Mon 01 Jan 2024 16:29:33 +0000
ROA not before: Mon 01 Jan 2024 16:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44456
IP address blocks: 89.162.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Urm54lZYDENEuyQURbTVLlT91Qs.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Urm54lZYDENEuyQURbTVLlT91Qs.mft
rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:db:ea:fd:19:ed:6f:f8:bb:ed:75:ff:bb:d0:5e:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52b9b9e256580c4344bb241445b4d52e54fdd50b
Validity
Not Before: Jan 1 16:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2aed0a69581e9f7300b3c7b78524d78326aa5914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:8a:7c:f2:5f:03:c4:ad:93:35:e4:3f:67:28:
3b:7d:cb:08:21:8c:e7:ba:2f:fc:10:9e:fa:1d:7e:
2d:14:a6:dd:77:db:47:28:8f:38:c6:8c:4a:9b:d1:
55:58:64:bc:01:bd:39:35:50:65:09:43:a9:5a:77:
37:7d:bc:ab:bb:35:7a:80:b1:f0:77:4c:6b:ac:ec:
be:e1:a3:b8:cb:de:14:cb:68:32:10:21:fb:72:b1:
a1:98:73:b8:06:9e:c1:c3:90:92:7f:9e:a4:59:91:
89:d7:ff:53:a4:45:94:0e:17:56:7f:93:6e:fa:1c:
e7:41:68:f8:3b:fd:8a:8c:85:2d:18:a5:b8:e2:af:
aa:ae:d7:3d:ed:15:f7:bf:24:37:da:db:88:17:cc:
ff:bc:f9:db:35:27:fc:ea:e8:04:8b:e0:4d:09:e5:
4c:84:04:24:17:64:80:62:fd:1e:55:b4:6f:85:75:
74:2d:c4:5f:0a:89:81:12:21:42:5c:4f:0f:88:c8:
00:b1:bb:6e:71:bd:d2:eb:4e:9c:0f:6f:c0:41:79:
58:18:ea:54:2d:c0:a9:2c:35:10:76:dc:67:b7:d6:
93:73:06:03:a6:90:d0:15:f4:3e:39:08:1a:95:4e:
05:d7:4c:b5:10:1c:3f:5f:9b:20:91:1d:a9:64:94:
8b:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2A:ED:0A:69:58:1E:9F:73:00:B3:C7:B7:85:24:D7:83:26:AA:59:14
X509v3 Authority Key Identifier:
keyid:52:B9:B9:E2:56:58:0C:43:44:BB:24:14:45:B4:D5:2E:54:FD:D5:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Urm54lZYDENEuyQURbTVLlT91Qs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Ku0KaVgen3MAs8e3hSTXgyaqWRQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/eaf81d-a9df-4a6a-b610-de05c54045bb/1/Urm54lZYDENEuyQURbTVLlT91Qs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.162.191.0/24
Signature Algorithm: sha256WithRSAEncryption
20:92:e9:ea:12:d6:ca:37:4a:5f:1a:4b:00:79:7e:6d:32:6f:
c1:36:cc:9f:49:4f:f5:0d:71:cb:87:4c:70:1d:a2:6d:66:c5:
6d:d1:f9:88:3c:81:34:41:f9:28:71:09:34:65:f7:50:81:d6:
ad:1f:a7:f8:d3:60:9f:de:65:15:07:2f:4e:92:92:92:ab:ca:
3c:04:38:58:1a:3c:b1:2d:38:36:08:8c:83:3c:2a:8b:2f:a7:
e9:6f:a1:31:bf:c0:00:1b:f2:8f:f6:81:f8:76:8e:fc:32:51:
70:b6:5f:b6:b7:40:68:7c:49:7c:f7:29:51:99:58:00:f8:d9:
47:75:64:9a:c9:ae:12:df:15:1b:47:e7:1d:dd:6a:37:26:ae:
9e:6a:c7:25:ec:3e:97:1f:48:f7:c6:d1:da:ea:d0:b8:70:8a:
13:bf:07:7c:cf:91:72:42:25:97:05:60:ec:e9:4e:9e:90:a6:
6a:9c:60:eb:2b:93:a0:e6:bc:47:a8:10:6d:30:96:8a:71:b2:
54:e7:4d:c7:2d:4f:84:4c:ab:ae:de:7c:83:c4:b7:74:ec:23:
4f:0b:d2:8f:18:28:78:aa:d2:89:77:66:20:d4:6b:e2:43:12:
21:01:47:49:69:1e:9f:0e:aa:af:13:0e:68:3f:29:73:2e:85:
a8:99:a2:fd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzF2+r9Ge1v+Lvtdf+70F5WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyYjliOWUyNTY1ODBjNDM0NGJiMjQxNDQ1YjRkNTJlNTRm
ZGQ1MGIwHhcNMjQwMTAxMTYyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYWVkMGE2OTU4MWU5ZjczMDBiM2M3Yjc4NTI0ZDc4MzI2YWE1OTE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4p88l8DxK2TNeQ/Zyg7fcsIIYzn
ui/8EJ76HX4tFKbdd9tHKI84xoxKm9FVWGS8Ab05NVBlCUOpWnc3fbyruzV6gLHw
d0xrrOy+4aO4y94Uy2gyECH7crGhmHO4Bp7Bw5CSf56kWZGJ1/9TpEWUDhdWf5Nu
+hznQWj4O/2KjIUtGKW44q+qrtc97RX3vyQ32tuIF8z/vPnbNSf86ugEi+BNCeVM
hAQkF2SAYv0eVbRvhXV0LcRfComBEiFCXE8PiMgAsbtucb3S606cD2/AQXlYGOpU
LcCpLDUQdtxnt9aTcwYDppDQFfQ+OQgalU4F10y1EBw/X5sgkR2pZJSLQQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCrtCmlYHp9zALPHt4Uk14MmqlkUMB8GA1UdIwQY
MBaAFFK5ueJWWAxDRLskFEW01S5U/dULMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXJtNTRsWllERU5FdXlRVVJiVFZMbFQ5MVFzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lYWY4MWQtYTlkZi00YTZhLWI2MTAt
ZGUwNWM1NDA0NWJiLzEvS3UwS2FWZ2VuM01BczhlM2hTVFhneWFxV1JRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lYWY4MWQtYTlkZi00YTZhLWI2MTAtZGUwNWM1NDA0NWJi
LzEvVXJtNTRsWllERU5FdXlRVVJiVFZMbFQ5MVFzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWaK/MA0G
CSqGSIb3DQEBCwUAA4IBAQAgkunqEtbKN0pfGksAeX5tMm/BNsyfSU/1DXHLh0xw
HaJtZsVt0fmIPIE0QfkocQk0ZfdQgdatH6f402Cf3mUVBy9OkpKSq8o8BDhYGjyx
LTg2CIyDPCqLL6fpb6Exv8AAG/KP9oH4do78MlFwtl+2t0BofEl89ylRmVgA+NlH
dWSaya4S3xUbR+cd3Wo3Jq6eascl7D6XH0j3xtHa6tC4cIoTvwd8z5FyQiWXBWDs
6U6ekKZqnGDrK5Og5rxHqBBtMJaKcbJU503HLU+ETKuu3nyDxLd07CNPC9KPGCh4
qtKJd2Yg1GviQxIhAUdJaR6fDqqvEw5oPylzLoWomaL9
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:35:32 2024 by rpki-client on console-ams.rpki-client.org