Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/_JUBTlfgUgutf-oX7lr06sNNDUw.roa
File: _JUBTlfgUgutf-oX7lr06sNNDUw.roa (raw, json)
Hash identifier: ZrjW+UWuMTe/KPN7Y0IfMkC9e1VK9PKIUzKLSSzkEKM=
Subject key identifier: FC:95:01:4E:57:E0:52:0B:AD:7F:EA:17:EE:5A:F4:EA:C3:4D:0D:4C
Certificate issuer: /CN=01d1a1353f7f8b505fc98750e86787f4e046432e
Certificate serial: 0191BB7AF271ACDED554ABA9D4B6889535A3
Authority key identifier: 01:D1:A1:35:3F:7F:8B:50:5F:C9:87:50:E8:67:87:F4:E0:46:43:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/_JUBTlfgUgutf-oX7lr06sNNDUw.roa
Signing time: Wed 04 Sep 2024 05:21:22 +0000
ROA not before: Wed 04 Sep 2024 05:21:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8638
IP address blocks: 89.247.125.0/24 maxlen: 24
89.247.220.0/24 maxlen: 24
2001:1438:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 29 Nov 2024 23:00:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bb:7a:f2:71:ac:de:d5:54:ab:a9:d4:b6:88:95:35:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01d1a1353f7f8b505fc98750e86787f4e046432e
Validity
Not Before: Sep 4 05:21:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fc95014e57e0520bad7fea17ee5af4eac34d0d4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:ab:00:ec:af:be:18:85:dc:41:57:f2:a4:58:
66:1a:37:3e:0f:d3:4c:84:49:85:83:46:de:4a:35:
85:15:09:17:71:41:db:a2:0c:83:b3:21:13:48:d1:
ed:10:93:fe:64:74:93:5d:7b:7f:ab:63:af:d0:c1:
28:81:62:ed:87:d4:f3:37:a3:30:72:bc:71:eb:f6:
34:96:ba:a7:c8:3d:29:21:06:77:c0:23:74:8c:a2:
19:a6:6c:16:aa:dd:30:00:20:52:52:df:18:a5:1e:
f7:d0:87:81:00:f7:35:7d:cc:22:c9:e7:19:16:8e:
6a:e7:07:e8:4e:60:05:b8:d1:22:3a:d3:5d:72:21:
cf:8b:e7:b7:5d:c3:e2:5d:7a:24:4e:6f:54:f5:63:
b7:ea:a1:fa:b1:34:7b:c2:fe:97:e5:65:06:76:b3:
f7:62:ff:7c:20:3c:d9:4e:57:c2:7d:e5:11:58:69:
ca:1d:63:d3:60:c1:33:b9:8d:05:dd:1b:0f:0a:5e:
1a:35:00:ba:7d:bb:7b:41:3e:bd:cc:6e:29:bb:ee:
81:ac:26:a2:ab:4e:ac:55:43:dc:5f:5b:74:6b:84:
5b:51:90:98:76:fb:ff:8b:a9:a5:46:a7:46:0d:6f:
34:db:7f:52:76:00:6c:98:21:fe:04:c3:c3:76:29:
f3:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:95:01:4E:57:E0:52:0B:AD:7F:EA:17:EE:5A:F4:EA:C3:4D:0D:4C
X509v3 Authority Key Identifier:
keyid:01:D1:A1:35:3F:7F:8B:50:5F:C9:87:50:E8:67:87:F4:E0:46:43:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/_JUBTlfgUgutf-oX7lr06sNNDUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.247.125.0/24
89.247.220.0/24
IPv6:
2001:1438:f000::/36
Signature Algorithm: sha256WithRSAEncryption
8c:9b:1b:59:55:ad:07:4f:c1:61:49:6c:5b:bc:fb:a2:d4:50:
ef:d4:e5:58:07:71:47:00:4d:43:fb:4d:49:40:63:dc:1d:e1:
95:6b:9e:64:52:5b:db:c5:11:fd:89:7a:a4:6c:89:d9:55:d6:
e1:fa:7b:b0:a9:59:97:a9:8b:65:9a:df:ba:05:fa:ba:d3:7d:
08:28:ba:dd:07:9a:6a:c0:c7:25:3d:da:28:33:e4:79:1d:9f:
50:9d:99:b8:55:60:ec:1d:e0:ed:39:36:fa:41:75:14:65:ba:
82:51:e7:ef:4c:ba:d1:3b:7d:24:f4:d7:fe:dd:cd:96:4a:78:
5f:b8:94:4e:4a:e1:a5:8e:d4:5c:9f:a6:db:17:bb:56:ce:e8:
33:1a:8b:4c:55:e0:91:d7:96:8a:c4:9e:61:34:6d:38:be:88:
f0:88:fe:d1:ce:0a:e1:ef:44:96:46:fd:d1:88:16:aa:a5:53:
32:18:3f:84:14:cf:cb:16:73:00:af:b4:75:7d:2d:30:4b:b0:
55:d2:ae:eb:d6:dc:0a:7b:d1:83:39:c4:a7:8d:cb:ba:32:68:
08:01:44:a2:d7:d9:64:d5:25:f1:ff:c1:29:d8:76:b9:cb:ba:
54:32:f3:be:e6:f2:6a:ee:df:09:e6:6b:d6:f0:f8:48:4c:38:
11:dd:4f:98
-----BEGIN CERTIFICATE-----
MIIFEzCCA/ugAwIBAgISAZG7evJxrN7VVKup1LaIlTWjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZDFhMTM1M2Y3ZjhiNTA1ZmM5ODc1MGU4Njc4N2Y0ZTA0
NjQzMmUwHhcNMjQwOTA0MDUyMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzk1MDE0ZTU3ZTA1MjBiYWQ3ZmVhMTdlZTVhZjRlYWMzNGQwZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuasA7K++GIXcQVfypFhmGjc+D9NM
hEmFg0beSjWFFQkXcUHbogyDsyETSNHtEJP+ZHSTXXt/q2Ov0MEogWLth9TzN6Mw
crxx6/Y0lrqnyD0pIQZ3wCN0jKIZpmwWqt0wACBSUt8YpR730IeBAPc1fcwiyecZ
Fo5q5wfoTmAFuNEiOtNdciHPi+e3XcPiXXokTm9U9WO36qH6sTR7wv6X5WUGdrP3
Yv98IDzZTlfCfeURWGnKHWPTYMEzuY0F3RsPCl4aNQC6fbt7QT69zG4pu+6BrCai
q06sVUPcX1t0a4RbUZCYdvv/i6mlRqdGDW80239SdgBsmCH+BMPDdinz+wIDAQAB
o4ICHzCCAhswHQYDVR0OBBYEFPyVAU5X4FILrX/qF+5a9OrDTQ1MMB8GA1UdIwQY
MBaAFAHRoTU/f4tQX8mHUOhnh/TgRkMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWRHaE5UOV9pMUJmeVlkUTZHZUg5T0JHUXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iMTM5M2QtY2NhOC00YTk3LTgxYWEt
NjQzYTQxNTlhYjQ2LzEvX0pVQlRsZmdVZ3V0Zi1vWDdscjA2c05ORFV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iMTM5M2QtY2NhOC00YTk3LTgxYWEtNjQzYTQxNTlhYjQ2
LzEvQWRHaE5UOV9pMUJmeVlkUTZHZUg5T0JHUXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDUGCCsGAQUFBwEHAQH/BCYwJDASBAIAATAMAwQAWfd9AwQA
WffcMA4EAgACMAgDBgQgARQ48DANBgkqhkiG9w0BAQsFAAOCAQEAjJsbWVWtB0/B
YUlsW7z7otRQ79TlWAdxRwBNQ/tNSUBj3B3hlWueZFJb28UR/Yl6pGyJ2VXW4fp7
sKlZl6mLZZrfugX6utN9CCi63QeaasDHJT3aKDPkeR2fUJ2ZuFVg7B3g7Tk2+kF1
FGW6glHn70y60Tt9JPTX/t3Nlkp4X7iUTkrhpY7UXJ+m2xe7Vs7oMxqLTFXgkdeW
isSeYTRtOL6I8Ij+0c4K4e9Elkb90YgWqqVTMhg/hBTPyxZzAK+0dX0tMEuwVdKu
69bcCnvRgznEp43LujJoCAFEotfZZNUl8f/BKdh2ucu6VDLzvubyau7fCeZr1vD4
SEw4Ed1PmA==
-----END CERTIFICATE-----
Generated at Fri Nov 29 07:12:09 2024 by rpki-client on console-ams.rpki-client.org