Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ROxK71begmjdjOJB9LwgubR0R5M.roa
File: ROxK71begmjdjOJB9LwgubR0R5M.roa (raw, json)
Hash identifier: pldv2ohIFe8mNPnqJ12UuGHoez+mSC730+QK+5yNs6k=
Subject key identifier: 44:EC:4A:EF:56:DE:82:68:DD:8C:E2:41:F4:BC:20:B9:B4:74:47:93
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0192668E858EC2B87DCDD7F4246B2876201C
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ROxK71begmjdjOJB9LwgubR0R5M.roa
Signing time: Mon 07 Oct 2024 10:37:48 +0000
ROA not before: Mon 07 Oct 2024 10:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 395954
IP address blocks: 89.249.192.0/24 maxlen: 24
212.42.192.0/24 maxlen: 24
212.42.195.0/24 maxlen: 24
212.42.199.0/24 maxlen: 24
212.42.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.mft
rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:66:8e:85:8e:c2:b8:7d:cd:d7:f4:24:6b:28:76:20:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Oct 7 10:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=44ec4aef56de8268dd8ce241f4bc20b9b4744793
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:d8:e3:b8:57:65:7a:c0:ad:c6:ee:0d:ac:6c:
70:10:85:02:2e:fb:d4:02:eb:2d:2a:ff:44:a2:12:
7f:26:f9:32:f3:7e:6b:2d:7a:d8:fc:48:99:1a:14:
1b:d3:e1:0e:9e:da:c5:42:aa:23:68:cf:c4:cf:39:
e3:cf:b0:fa:6b:fe:de:df:65:7b:b8:3e:03:ee:15:
d3:06:91:c0:17:ec:91:5c:08:7b:f2:37:57:c0:d3:
c8:7c:e5:dd:e5:e7:80:a6:99:16:4c:17:32:44:23:
bb:f3:89:ba:dd:42:6a:04:d6:ef:03:e1:33:ec:98:
78:8a:25:e7:24:47:a3:6a:93:94:73:33:6a:04:b0:
1f:b0:36:8e:c9:c5:9b:ac:f8:91:b1:ab:8e:c5:1b:
98:07:8a:a3:90:40:c4:cc:f5:9b:f7:90:94:41:4b:
8a:a6:98:61:7c:d2:61:ba:7a:56:78:d0:d7:9c:07:
96:0d:87:2c:68:56:e4:17:a9:47:80:3d:96:5b:89:
cf:7c:1b:a6:96:3f:a7:ee:90:4f:81:39:24:e9:4d:
33:dc:e8:d9:df:42:3c:30:45:0e:b1:25:c6:bb:29:
22:02:9b:3a:35:99:5b:9d:d5:b8:b0:ce:b1:e4:b2:
85:e9:de:95:2f:57:c3:d4:af:53:6b:c4:88:a1:6c:
d2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:EC:4A:EF:56:DE:82:68:DD:8C:E2:41:F4:BC:20:B9:B4:74:47:93
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/ROxK71begmjdjOJB9LwgubR0R5M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.192.0/24
212.42.192.0/24
212.42.195.0/24
212.42.199.0/24
212.42.203.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:cd:c8:75:2e:4b:69:58:73:f8:d1:e8:a3:48:6a:79:9d:84:
42:60:c1:4b:cf:bf:d6:b7:a0:d6:93:d8:b5:60:c5:91:4a:52:
9c:8f:a6:8a:6c:07:cd:c9:ed:cd:dc:0c:b2:db:89:63:0b:e2:
ca:59:12:14:11:75:75:6f:35:80:2b:3e:9d:4f:29:b8:be:ce:
2f:94:ee:19:95:49:f5:56:2d:ed:96:08:f6:a2:60:64:27:32:
97:81:35:2a:d7:8d:e0:0c:40:3c:c0:6c:c6:cf:eb:17:ef:93:
7b:70:db:f0:45:46:85:d8:cb:6b:32:9f:bf:48:63:df:27:0c:
4d:98:f8:69:fd:02:97:f1:53:e9:9f:bd:2d:73:96:b2:31:8e:
90:8d:cf:e1:5e:6b:d3:18:41:c2:82:24:fc:35:64:7a:c1:e1:
4a:e2:c8:76:d4:e3:15:a0:b3:a0:9d:e9:f9:ad:94:be:42:f5:
04:57:fa:ba:15:c5:1d:e0:30:a8:5c:5d:f4:3a:b8:74:f6:e9:
a8:76:10:5f:2a:ac:95:c7:d3:f3:c7:3e:6e:9f:d4:87:de:c6:
9d:77:5d:a1:68:79:ec:ac:f8:35:75:8a:5b:69:1a:a8:55:56:
32:0c:f3:03:3c:96:e6:98:26:63:00:8b:78:ca:4a:dd:f6:26:
24:6a:2a:4c
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZJmjoWOwrh9zdf0JGsodiAcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQxMDA3MTAzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGVjNGFlZjU2ZGU4MjY4ZGQ4Y2UyNDFmNGJjMjBiOWI0NzQ0NzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAztjjuFdlesCtxu4NrGxwEIUCLvvU
AustKv9EohJ/Jvky835rLXrY/EiZGhQb0+EOntrFQqojaM/Ezznjz7D6a/7e32V7
uD4D7hXTBpHAF+yRXAh78jdXwNPIfOXd5eeAppkWTBcyRCO784m63UJqBNbvA+Ez
7Jh4iiXnJEejapOUczNqBLAfsDaOycWbrPiRsauOxRuYB4qjkEDEzPWb95CUQUuK
pphhfNJhunpWeNDXnAeWDYcsaFbkF6lHgD2WW4nPfBumlj+n7pBPgTkk6U0z3OjZ
30I8MEUOsSXGuykiAps6NZlbndW4sM6x5LKF6d6VL1fD1K9Ta8SIoWzS6QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFETsSu9W3oJo3YziQfS8ILm0dEeTMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvUk94SzcxYmVnbWpkak9KQjlMd2d1YlIwUjVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWfnAAwQA
1CrAAwQA1CrDAwQA1CrHAwQA1CrLMA0GCSqGSIb3DQEBCwUAA4IBAQBqzch1Lktp
WHP40eijSGp5nYRCYMFLz7/Wt6DWk9i1YMWRSlKcj6aKbAfNye3N3Ayy24ljC+LK
WRIUEXV1bzWAKz6dTym4vs4vlO4ZlUn1Vi3tlgj2omBkJzKXgTUq143gDEA8wGzG
z+sX75N7cNvwRUaF2MtrMp+/SGPfJwxNmPhp/QKX8VPpn70tc5ayMY6Qjc/hXmvT
GEHCgiT8NWR6weFK4sh21OMVoLOgnen5rZS+QvUEV/q6FcUd4DCoXF30Orh09umo
dhBfKqyVx9Pzxz5un9SH3sadd12haHnsrPg1dYpbaRqoVVYyDPMDPJbmmCZjAIt4
ykrd9iYkaipM
-----END CERTIFICATE-----
Generated at Mon Nov 25 04:46:12 2024 by rpki-client on console-ams.rpki-client.org