Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/iYNqca58Jp0XGXOK5zQ5pXBUfPk.roa
File: iYNqca58Jp0XGXOK5zQ5pXBUfPk.roa (raw, json)
Hash identifier: U8qJZdDgvF2JZ1PWKI3P/lUfSdBCcoPWNx2nJXlKNQc=
Subject key identifier: 89:83:6A:71:AE:7C:26:9D:17:19:73:8A:E7:34:39:A5:70:54:7C:F9
Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Certificate serial: 018E7C963F0DDCDAA9A7D17FAE51AE240070
Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/iYNqca58Jp0XGXOK5zQ5pXBUfPk.roa
Signing time: Tue 26 Mar 2024 21:06:45 +0000
ROA not before: Tue 26 Mar 2024 21:06:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16509
IP address blocks: 87.58.64.0/24 maxlen: 24
87.58.65.0/24 maxlen: 24
194.9.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7c:96:3f:0d:dc:da:a9:a7:d1:7f:ae:51:ae:24:00:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Validity
Not Before: Mar 26 21:06:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89836a71ae7c269d1719738ae73439a570547cf9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:12:ad:23:63:7e:b9:61:3e:08:0c:b1:99:a8:
1c:b2:b4:54:22:6f:bd:72:06:cb:bf:35:41:02:37:
ec:bd:84:4b:73:d7:84:ea:c9:c0:06:d9:00:81:c4:
ad:76:a9:5d:38:28:1e:9b:4a:68:ea:d3:61:56:44:
4a:f5:ef:ea:f3:15:64:35:20:ad:53:b2:8d:84:64:
13:2c:95:86:94:9c:cb:2d:a2:55:62:77:f2:d7:13:
87:57:21:c6:ac:0a:c3:21:0f:25:63:6d:38:dc:51:
41:7d:cf:67:a2:f8:07:a1:46:b0:5c:92:f1:f2:4d:
02:5e:f8:d9:c7:86:c0:cd:7f:f6:3a:39:57:b1:b9:
e0:ad:4c:49:88:5e:dc:44:33:b2:b3:45:8a:77:94:
9d:a6:b9:1e:89:80:40:71:a1:f5:56:9f:da:c9:4a:
19:37:92:db:af:4b:63:2e:3d:bd:df:f0:c2:e3:55:
1f:75:a9:a8:96:86:1c:01:a1:82:e0:11:31:b1:ed:
b0:83:94:53:26:79:60:cb:1f:de:60:f8:1d:78:24:
90:d6:1a:96:f6:78:30:66:da:b5:2e:fa:3e:fe:02:
b9:35:12:46:3f:df:19:16:17:bd:9b:e8:2b:d9:50:
4d:c1:ef:c2:d9:30:13:db:5c:c8:c8:e3:13:d4:37:
c9:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:83:6A:71:AE:7C:26:9D:17:19:73:8A:E7:34:39:A5:70:54:7C:F9
X509v3 Authority Key Identifier:
keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/iYNqca58Jp0XGXOK5zQ5pXBUfPk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.58.64.0/23
194.9.116.0/24
Signature Algorithm: sha256WithRSAEncryption
23:ea:45:e9:61:ab:5f:07:2d:a7:2f:ab:67:99:ae:f6:45:87:
a2:d5:29:79:c2:7d:7d:6f:ee:4d:55:aa:58:98:d4:29:fd:0d:
26:73:13:e1:6f:29:37:d5:f6:66:ae:65:d3:8b:97:47:6c:46:
e8:bb:f3:65:93:61:1b:fd:63:f7:d5:14:bd:e6:03:9d:35:56:
f1:bf:26:ea:0d:48:f0:cc:7f:6d:f1:1b:6d:40:d1:bc:d0:d2:
f0:24:b0:fd:ce:ce:4e:03:b8:7a:ba:2f:f5:5d:9d:26:49:d9:
7a:8b:f5:82:d2:fb:8b:80:8d:33:e7:28:01:fa:b2:69:80:76:
bb:32:22:9b:a6:22:84:6b:b2:93:fc:8b:1f:31:a8:ff:ff:99:
e0:5f:d5:54:48:36:79:50:88:16:fb:0a:51:84:fe:28:ae:24:
2b:ea:13:2f:01:dc:78:e3:58:65:5f:44:53:92:2d:27:18:61:
b3:05:4a:42:f5:b9:bd:d1:63:6d:71:60:47:16:16:af:d9:6d:
29:28:5f:0d:de:85:50:83:5d:22:9c:d4:58:6d:57:8a:fb:96:
0b:4a:2f:2a:21:98:d6:ba:69:3e:bc:5c:4d:e7:10:50:d3:64:
83:4a:b2:53:f9:81:b6:02:f7:43:eb:7d:84:b8:d4:ac:22:3f:
51:e4:c1:ff
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY58lj8N3Nqpp9F/rlGuJABwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi
OGFhMjAwHhcNMjQwMzI2MjEwNjQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTgzNmE3MWFlN2MyNjlkMTcxOTczOGFlNzM0MzlhNTcwNTQ3Y2Y5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5BKtI2N+uWE+CAyxmagcsrRUIm+9
cgbLvzVBAjfsvYRLc9eE6snABtkAgcStdqldOCgem0po6tNhVkRK9e/q8xVkNSCt
U7KNhGQTLJWGlJzLLaJVYnfy1xOHVyHGrArDIQ8lY2043FFBfc9novgHoUawXJLx
8k0CXvjZx4bAzX/2OjlXsbngrUxJiF7cRDOys0WKd5SdprkeiYBAcaH1Vp/ayUoZ
N5Lbr0tjLj293/DC41UfdamoloYcAaGC4BExse2wg5RTJnlgyx/eYPgdeCSQ1hqW
9ngwZtq1Lvo+/gK5NRJGP98ZFhe9m+gr2VBNwe/C2TAT21zIyOMT1DfJGwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFImDanGufCadFxlziuc0OaVwVHz5MB8GA1UdIwQY
MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt
YjliNjU0MDJiOTI4LzEvaVlOcWNhNThKcDBYR1hPSzV6UTVwWEJVZlBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4
LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBVzpAAwQA
wgl0MA0GCSqGSIb3DQEBCwUAA4IBAQAj6kXpYatfBy2nL6tnma72RYei1Sl5wn19
b+5NVapYmNQp/Q0mcxPhbyk31fZmrmXTi5dHbEbou/Nlk2Eb/WP31RS95gOdNVbx
vybqDUjwzH9t8RttQNG80NLwJLD9zs5OA7h6ui/1XZ0mSdl6i/WC0vuLgI0z5ygB
+rJpgHa7MiKbpiKEa7KT/IsfMaj//5ngX9VUSDZ5UIgW+wpRhP4oriQr6hMvAdx4
41hlX0RTki0nGGGzBUpC9bm90WNtcWBHFhav2W0pKF8N3oVQg10inNRYbVeK+5YL
Si8qIZjWumk+vFxN5xBQ02SDSrJT+YG2AvdD632EuNSsIj9R5MH/
-----END CERTIFICATE-----
Generated at Thu May 2 15:14:28 2024 by rpki-client on console-fra.rpki-client.org