Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/7RgnMPWIFNhlJYDFCkvQw2l56eA.roa
File: 7RgnMPWIFNhlJYDFCkvQw2l56eA.roa (raw, json)
Hash identifier: A08+clRBwT/O3Rn7KYPV9Wcni9VvwrepT8LUNLo6Tlk=
Subject key identifier: ED:18:27:30:F5:88:14:D8:65:25:80:C5:0A:4B:D0:C3:69:79:E9:E0
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018CC94DFFB05389650BBA8BB8CD51119F8B
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/7RgnMPWIFNhlJYDFCkvQw2l56eA.roa
Signing time: Tue 02 Jan 2024 08:33:01 +0000
ROA not before: Tue 02 Jan 2024 08:33:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35348
IP address blocks: 89.44.228.0/24 maxlen: 24
89.44.229.0/24 maxlen: 24
89.44.230.0/24 maxlen: 24
89.44.231.0/24 maxlen: 24
89.36.20.0/24 maxlen: 24
89.36.198.0/24 maxlen: 24
85.204.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:ff:b0:53:89:65:0b:ba:8b:b8:cd:51:11:9f:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 2 08:33:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ed182730f58814d8652580c50a4bd0c36979e9e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:34:5b:45:04:1d:74:92:f7:38:82:ad:12:be:
3e:74:5b:af:10:4f:ab:16:14:97:7d:c6:0a:d0:11:
20:1d:b5:74:21:88:d6:d3:0d:ca:ea:6a:40:6c:61:
47:8f:88:22:77:3f:79:8c:5d:a4:07:83:01:03:6b:
49:ae:f1:78:3d:ed:77:d3:7b:85:93:4b:2d:4c:ea:
24:dc:5c:98:15:d4:80:0a:5c:be:64:5c:fd:86:13:
e0:0e:59:1e:97:51:34:76:ce:e6:59:ad:67:1b:d0:
96:3f:07:e4:ad:12:b8:08:b2:a5:76:49:f9:77:b2:
06:6f:28:78:ef:6b:c2:6e:20:3e:63:70:39:b4:d0:
e8:c9:57:79:2e:6a:f6:bd:99:7c:c7:42:19:fd:30:
6e:63:a0:b9:47:f1:d8:0c:6f:75:2d:fc:09:06:4d:
07:56:68:f1:5f:e4:84:d4:e6:82:36:5b:82:7e:f3:
13:5d:dc:3d:28:01:68:33:fa:fb:da:ef:50:ed:20:
c7:41:d0:e3:76:92:27:ee:b7:3f:b9:b5:d5:87:cc:
34:6a:43:d6:5e:25:31:e9:7a:4a:fa:70:ca:87:24:
b8:c4:26:65:1f:b2:b1:b5:6b:54:d9:5f:91:bb:05:
8c:1c:3a:df:94:54:d1:a5:6c:93:c0:be:c8:9a:0d:
9c:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:18:27:30:F5:88:14:D8:65:25:80:C5:0A:4B:D0:C3:69:79:E9:E0
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/7RgnMPWIFNhlJYDFCkvQw2l56eA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.98.0/24
89.36.20.0/24
89.36.198.0/24
89.44.228.0/22
Signature Algorithm: sha256WithRSAEncryption
cd:b7:33:e6:87:67:f6:d9:70:11:d4:74:d7:07:f5:e1:d5:e9:
ca:5f:57:04:04:74:89:52:73:80:81:f9:15:23:93:5a:07:be:
f0:78:d6:c2:50:98:0c:e3:76:14:3f:ce:cc:ed:e8:1e:86:13:
50:b2:ec:45:04:75:d4:19:5d:74:9b:25:ee:4c:ef:80:5a:ba:
e2:d3:4d:4a:f4:65:bb:4a:da:0e:26:89:cf:bb:1d:1e:a3:4b:
ac:64:c7:7a:3b:30:07:37:af:b6:83:e6:ec:08:f1:b1:4e:6b:
df:28:ef:29:bd:08:84:72:34:be:1e:d1:51:f1:8b:5d:98:14:
4f:58:d2:d7:05:6d:33:10:2e:de:c0:74:65:d5:c7:4b:1e:44:
f5:2f:c4:da:3c:ee:bf:84:e4:1b:11:b4:c0:00:50:00:c1:19:
95:48:29:d8:0d:3b:7e:45:5d:a9:71:78:8a:5b:14:05:44:42:
5d:c0:48:80:77:1f:40:b9:41:9f:e9:08:86:0b:c4:e3:68:0e:
dc:cb:1f:db:6e:7c:94:d7:81:8e:de:26:61:34:67:0a:ba:a1:
02:63:a7:f3:41:f0:4f:e1:89:c8:3e:4d:b8:10:9f:a9:c7:29:
1d:1f:df:de:7b:7a:0d:ab:18:fa:ae:90:ff:fb:72:a4:ee:93:
dc:f7:91:3f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzJTf+wU4llC7qLuM1REZ+LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwMTAyMDgzMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDE4MjczMGY1ODgxNGQ4NjUyNTgwYzUwYTRiZDBjMzY5NzllOWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDRbRQQddJL3OIKtEr4+dFuvEE+r
FhSXfcYK0BEgHbV0IYjW0w3K6mpAbGFHj4gidz95jF2kB4MBA2tJrvF4Pe1303uF
k0stTOok3FyYFdSACly+ZFz9hhPgDlkel1E0ds7mWa1nG9CWPwfkrRK4CLKldkn5
d7IGbyh472vCbiA+Y3A5tNDoyVd5Lmr2vZl8x0IZ/TBuY6C5R/HYDG91LfwJBk0H
VmjxX+SE1OaCNluCfvMTXdw9KAFoM/r72u9Q7SDHQdDjdpIn7rc/ubXVh8w0akPW
XiUx6XpK+nDKhyS4xCZlH7KxtWtU2V+RuwWMHDrflFTRpWyTwL7Img2cQwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFO0YJzD1iBTYZSWAxQpL0MNpeengMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvN1Jnbk1QV0lGTmhsSllERkNrdlF3Mmw1NmVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVcxiAwQA
WSQUAwQAWSTGAwQCWSzkMA0GCSqGSIb3DQEBCwUAA4IBAQDNtzPmh2f22XAR1HTX
B/Xh1enKX1cEBHSJUnOAgfkVI5NaB77weNbCUJgM43YUP87M7egehhNQsuxFBHXU
GV10myXuTO+AWrri001K9GW7StoOJonPux0eo0usZMd6OzAHN6+2g+bsCPGxTmvf
KO8pvQiEcjS+HtFR8YtdmBRPWNLXBW0zEC7ewHRl1cdLHkT1L8TaPO6/hOQbEbTA
AFAAwRmVSCnYDTt+RV2pcXiKWxQFREJdwEiAdx9AuUGf6QiGC8TjaA7cyx/bbnyU
14GO3iZhNGcKuqECY6fzQfBP4YnIPk24EJ+pxykdH9/ee3oNqxj6rpD/+3Kk7pPc
95E/
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:33:06 2024 by rpki-client on console-ams.rpki-client.org