Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/k39x78AVA0gK80-nbdMSfIX5Bus.roa
File: k39x78AVA0gK80-nbdMSfIX5Bus.roa (raw, json)
Hash identifier: 6gYKw9/Qlj9wkc3r/sfGRP2dol0HzVQhQJPRLKWuhRU=
Subject key identifier: 93:7F:71:EF:C0:15:03:48:0A:F3:4F:A7:6D:D3:12:7C:85:F9:06:EB
Certificate issuer: /CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Certificate serial: 018E5245B9D4C0616E2ACF631B18F8321DBF
Authority key identifier: FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/k39x78AVA0gK80-nbdMSfIX5Bus.roa
Signing time: Mon 18 Mar 2024 15:54:45 +0000
ROA not before: Mon 18 Mar 2024 15:54:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31554
IP address blocks: 89.33.5.0/24 maxlen: 24
89.33.248.0/23 maxlen: 23
89.35.160.0/23 maxlen: 23
89.37.156.0/23 maxlen: 23
89.39.110.0/24 maxlen: 24
89.44.214.0/23 maxlen: 23
188.212.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 27 Jun 2024 08:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:52:45:b9:d4:c0:61:6e:2a:cf:63:1b:18:f8:32:1d:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe58952d393935f0d3bce814fd9178d04693aeb9
Validity
Not Before: Mar 18 15:54:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=937f71efc01503480af34fa76dd3127c85f906eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6b:09:77:97:c7:24:f9:2e:7e:90:f2:1d:f0:
f1:da:5e:f4:2c:c8:2b:93:14:d1:cc:d5:08:e6:05:
b8:65:3c:c9:a5:42:b0:2f:5f:be:0e:6f:f4:7b:e4:
16:9e:c3:b7:4f:ca:5f:60:62:92:cc:21:b7:8a:3e:
60:1f:a8:19:52:87:9a:99:61:ee:18:1a:cc:80:6d:
b9:d2:ef:51:96:33:e3:5a:32:38:c5:7a:40:94:e1:
ee:8c:23:3c:84:e2:ee:79:06:70:b7:5a:12:8f:aa:
b8:c3:52:0a:f1:b3:d2:b1:8f:d9:ed:ab:7b:9a:3f:
64:98:35:49:65:f1:25:ae:69:f5:35:79:1f:34:51:
48:15:fd:5c:f8:48:3b:c9:02:f1:06:41:2d:c9:11:
7e:f6:8c:d2:74:ec:6e:9e:14:30:d3:51:19:d1:4a:
9d:e8:79:b8:4a:f5:7b:40:fc:ad:65:da:3d:2f:b3:
59:59:1d:e3:8a:93:3a:05:6a:1c:bb:16:ed:5f:61:
3c:39:e4:65:ec:b2:e4:74:27:0c:39:c9:ac:57:a7:
bf:15:de:a3:89:d0:0c:9c:6e:2d:f2:d9:84:af:0e:
2d:c7:2d:7d:7a:ad:77:6f:ac:df:16:38:04:ac:62:
dd:47:4d:f5:e5:9c:73:bf:2e:ee:d5:a7:64:33:e3:
af:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:7F:71:EF:C0:15:03:48:0A:F3:4F:A7:6D:D3:12:7C:85:F9:06:EB
X509v3 Authority Key Identifier:
keyid:FE:58:95:2D:39:39:35:F0:D3:BC:E8:14:FD:91:78:D0:46:93:AE:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_liVLTk5NfDTvOgU_ZF40EaTrrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/k39x78AVA0gK80-nbdMSfIX5Bus.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/b26aa8-ace7-4fa6-9e8e-5d48b65ce573/1/_liVLTk5NfDTvOgU_ZF40EaTrrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.33.5.0/24
89.33.248.0/23
89.35.160.0/23
89.37.156.0/23
89.39.110.0/24
89.44.214.0/23
188.212.134.0/24
Signature Algorithm: sha256WithRSAEncryption
48:d2:99:30:06:73:50:b7:fc:66:64:d8:67:d6:cc:fd:db:4b:
35:0c:c3:c1:c2:1b:4e:4d:81:9b:b1:a9:17:00:8e:41:84:8a:
03:e3:01:ff:09:38:3a:33:da:9e:e1:5e:bd:3b:cc:4a:85:73:
49:a0:0f:e9:91:af:74:57:7d:dc:ac:c2:3d:20:1b:13:4b:07:
ea:06:b7:fb:0c:e7:3a:7e:14:19:a0:3b:86:f2:f2:b6:e2:e2:
32:13:b6:69:2f:8f:ca:09:4c:e3:5c:2c:1f:15:fb:92:22:51:
62:45:4a:74:25:e8:70:7e:bd:51:8c:5b:b2:06:50:8d:06:79:
0a:c3:1c:e2:8f:df:c7:b3:75:b5:14:a1:5f:b6:97:71:41:23:
4d:fc:dc:fe:3d:75:81:74:0c:05:91:ee:1b:f4:ec:4d:66:91:
c4:e3:79:4e:98:b9:3a:75:03:4b:27:06:84:44:67:a8:10:83:
e1:63:f8:86:82:57:a9:96:40:98:fb:0e:d5:08:8d:cb:42:85:
b5:26:ca:a7:3d:76:5c:f7:a9:07:a3:8b:58:ef:41:b6:24:31:
01:d9:4e:ae:2c:cc:98:68:85:c3:7c:87:e9:d3:38:2e:d3:49:
cf:81:c3:c4:d1:ae:ad:b6:30:27:ac:3d:29:61:9a:be:8b:9c:
3b:a8:a0:02
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY5SRbnUwGFuKs9jGxj4Mh2/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTg5NTJkMzkzOTM1ZjBkM2JjZTgxNGZkOTE3OGQwNDY5
M2FlYjkwHhcNMjQwMzE4MTU1NDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzdmNzFlZmMwMTUwMzQ4MGFmMzRmYTc2ZGQzMTI3Yzg1ZjkwNmViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2sJd5fHJPkufpDyHfDx2l70LMgr
kxTRzNUI5gW4ZTzJpUKwL1++Dm/0e+QWnsO3T8pfYGKSzCG3ij5gH6gZUoeamWHu
GBrMgG250u9RljPjWjI4xXpAlOHujCM8hOLueQZwt1oSj6q4w1IK8bPSsY/Z7at7
mj9kmDVJZfElrmn1NXkfNFFIFf1c+Eg7yQLxBkEtyRF+9ozSdOxunhQw01EZ0Uqd
6Hm4SvV7QPytZdo9L7NZWR3jipM6BWocuxbtX2E8OeRl7LLkdCcMOcmsV6e/Fd6j
idAMnG4t8tmErw4txy19eq13b6zfFjgErGLdR0315Zxzvy7u1adkM+OvpwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFJN/ce/AFQNICvNPp23TEnyF+QbrMB8GA1UdIwQY
MBaAFP5YlS05OTXw07zoFP2ReNBGk665MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUt
NWQ0OGI2NWNlNTczLzEvazM5eDc4QVZBMGdLODAtbmJkTVNmSVg1QnVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9iMjZhYTgtYWNlNy00ZmE2LTllOGUtNWQ0OGI2NWNlNTcz
LzEvX2xpVkxUazVOZkRUdk9nVV9aRjQwRWFUcnJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAWSEFAwQB
WSH4AwQBWSOgAwQBWSWcAwQAWSduAwQBWSzWAwQAvNSGMA0GCSqGSIb3DQEBCwUA
A4IBAQBI0pkwBnNQt/xmZNhn1sz920s1DMPBwhtOTYGbsakXAI5BhIoD4wH/CTg6
M9qe4V69O8xKhXNJoA/pka90V33crMI9IBsTSwfqBrf7DOc6fhQZoDuG8vK24uIy
E7ZpL4/KCUzjXCwfFfuSIlFiRUp0Jehwfr1RjFuyBlCNBnkKwxzij9/Hs3W1FKFf
tpdxQSNN/Nz+PXWBdAwFke4b9OxNZpHE43lOmLk6dQNLJwaERGeoEIPhY/iGglep
lkCY+w7VCI3LQoW1JsqnPXZc96kHo4tY70G2JDEB2U6uLMyYaIXDfIfp0zgu00nP
gcPE0a6ttjAnrD0pYZq+i5w7qKAC
-----END CERTIFICATE-----
Generated at Wed Jun 26 12:23:30 2024 by rpki-client on console-ams.rpki-client.org