Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/VLdlSoX1beDIU_8vxBCxbHUTHMQ.roa
File: VLdlSoX1beDIU_8vxBCxbHUTHMQ.roa (raw, json)
Hash identifier: kHctGKB5vzhvjM+LaeyBciSMiGjsyJrKcJLq/4As12c=
Subject key identifier: 54:B7:65:4A:85:F5:6D:E0:C8:53:FF:2F:C4:10:B1:6C:75:13:1C:C4
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018CC94E0732906E2E6D2CE0D193F883D16A
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/VLdlSoX1beDIU_8vxBCxbHUTHMQ.roa
Signing time: Tue 02 Jan 2024 08:33:03 +0000
ROA not before: Tue 02 Jan 2024 08:33:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216314
IP address blocks: 89.43.42.0/24 maxlen: 24
89.43.40.0/24 maxlen: 24
89.43.44.0/24 maxlen: 24
89.43.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:07:32:90:6e:2e:6d:2c:e0:d1:93:f8:83:d1:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Jan 2 08:33:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=54b7654a85f56de0c853ff2fc410b16c75131cc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:34:5a:54:fe:fa:a9:16:a7:7c:d8:bd:35:4b:
9b:9f:3e:91:b3:ea:34:41:21:b1:9b:b7:af:db:d4:
bb:1e:bf:ac:53:b5:62:aa:01:94:96:a2:cc:05:f6:
13:c7:7d:08:d3:a5:c8:c3:b7:6f:98:1b:50:97:99:
85:4d:04:98:f2:9c:e9:40:eb:96:4f:e5:b1:3f:f6:
37:7f:08:36:ff:6d:5a:6e:4b:2a:c0:09:10:db:f5:
57:d8:47:24:20:f3:fa:a5:ac:ee:9e:62:d7:e8:f3:
f1:cf:25:68:b3:a4:63:05:47:d5:e8:b0:f0:85:51:
e2:59:12:21:91:92:b0:73:40:7a:f0:42:b5:88:6f:
cb:f7:93:d9:95:96:6e:33:cc:4c:54:9c:88:09:c8:
df:e5:56:a8:be:a2:6a:a4:62:3c:49:df:5f:b6:6d:
b3:97:0b:f3:70:83:a4:03:01:9d:19:a9:c6:61:b1:
97:cc:80:ae:31:2c:df:b6:8a:bd:1e:2f:6e:b0:4a:
72:c5:84:e5:06:27:30:28:28:b3:58:a3:da:d4:22:
81:42:63:b9:4e:03:7e:9c:e7:2f:86:a7:c7:bf:86:
9c:7d:32:3b:c6:03:cd:83:da:ed:12:d9:06:ba:47:
32:df:8e:c6:3d:ac:8a:3c:90:cd:f9:2c:00:ce:1f:
74:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:B7:65:4A:85:F5:6D:E0:C8:53:FF:2F:C4:10:B1:6C:75:13:1C:C4
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/VLdlSoX1beDIU_8vxBCxbHUTHMQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.43.40.0/24
89.43.42.0-89.43.44.255
Signature Algorithm: sha256WithRSAEncryption
5e:ad:0c:68:06:ff:25:d6:e3:c3:03:50:f4:8b:b3:95:02:bd:
db:c2:2d:60:47:8a:b3:62:17:a4:a6:e4:73:1a:4c:b5:05:1b:
f1:a4:08:1b:d4:4b:8a:e5:d6:81:87:40:48:5a:18:63:95:45:
0b:62:64:59:0e:fb:30:98:dc:9d:ff:eb:23:5b:4d:35:ba:73:
b3:3f:31:b2:f9:a4:0f:c7:04:f0:ad:b5:c4:47:ca:d7:d7:95:
48:78:d5:3b:dc:52:b1:2b:96:52:eb:9a:e2:19:b3:84:1b:bc:
40:cf:74:94:7b:92:b3:04:0a:a7:e0:68:df:79:19:18:04:a2:
5f:22:7c:a0:10:40:ef:f7:ec:ff:2f:a0:40:b0:89:0a:f3:b4:
ba:74:48:80:74:82:61:72:06:33:75:0a:c5:90:43:a8:3c:e3:
05:31:e7:f0:f2:41:64:5e:ed:fb:60:92:78:16:db:b7:28:b4:
8b:50:b1:d9:47:0e:aa:ca:a4:f4:5e:17:d1:4f:7b:c6:b2:41:
80:c0:09:a8:6c:33:68:b4:c9:33:ab:b3:38:24:45:19:59:66:
d5:a6:2b:f6:dd:a4:f2:5f:38:45:81:72:a5:2b:f6:09:af:98:
07:e6:ba:e8:05:c5:8c:71:ef:65:ea:df:d2:bf:a2:71:fb:a5:
24:88:4b:4c
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzJTgcykG4ubSzg0ZP4g9FqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwMTAyMDgzMzAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NGI3NjU0YTg1ZjU2ZGUwYzg1M2ZmMmZjNDEwYjE2Yzc1MTMxY2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApzRaVP76qRanfNi9NUubnz6Rs+o0
QSGxm7ev29S7Hr+sU7ViqgGUlqLMBfYTx30I06XIw7dvmBtQl5mFTQSY8pzpQOuW
T+WxP/Y3fwg2/21abksqwAkQ2/VX2EckIPP6pazunmLX6PPxzyVos6RjBUfV6LDw
hVHiWRIhkZKwc0B68EK1iG/L95PZlZZuM8xMVJyICcjf5VaovqJqpGI8Sd9ftm2z
lwvzcIOkAwGdGanGYbGXzICuMSzftoq9Hi9usEpyxYTlBicwKCizWKPa1CKBQmO5
TgN+nOcvhqfHv4acfTI7xgPNg9rtEtkGukcy347GPayKPJDN+SwAzh90PQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFFS3ZUqF9W3gyFP/L8QQsWx1ExzEMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvVkxkbFNvWDFiZURJVV84dnhCQ3hiSFVUSE1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAWSsoMAwD
BAFZKyoDBABZKywwDQYJKoZIhvcNAQELBQADggEBAF6tDGgG/yXW48MDUPSLs5UC
vdvCLWBHirNiF6Sm5HMaTLUFG/GkCBvUS4rl1oGHQEhaGGOVRQtiZFkO+zCY3J3/
6yNbTTW6c7M/MbL5pA/HBPCttcRHytfXlUh41TvcUrErllLrmuIZs4QbvEDPdJR7
krMECqfgaN95GRgEol8ifKAQQO/37P8voECwiQrztLp0SIB0gmFyBjN1CsWQQ6g8
4wUx5/DyQWRe7ftgkngW27cotItQsdlHDqrKpPReF9FPe8ayQYDACahsM2i0yTOr
szgkRRlZZtWmK/bdpPJfOEWBcqUr9gmvmAfmuugFxYxx72Xq39K/onH7pSSIS0w=
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:34:47 2024 by rpki-client on console-fra.rpki-client.org