Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/b4673b-210b-4e5a-876a-dc059e69b1d0/1/IwvESSEZeVzqqOFQBT2cpx35Yec.roa
File: IwvESSEZeVzqqOFQBT2cpx35Yec.roa (raw, json)
Hash identifier: VCa67MvJSTsUL90me3f5SsS/YzHIgscPqUdMj6oaeh4=
Subject key identifier: 23:0B:C4:49:21:19:79:5C:EA:A8:E1:50:05:3D:9C:A7:1D:F9:61:E7
Certificate issuer: /CN=ef678469574acc03d782e63281ff44faaab3f847
Certificate serial: 018CCA2914602A662277662C4AB1868293D4
Authority key identifier: EF:67:84:69:57:4A:CC:03:D7:82:E6:32:81:FF:44:FA:AA:B3:F8:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/72eEaVdKzAPXguYygf9E-qqz-Ec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/b4673b-210b-4e5a-876a-dc059e69b1d0/1/IwvESSEZeVzqqOFQBT2cpx35Yec.roa
Signing time: Tue 02 Jan 2024 12:32:18 +0000
ROA not before: Tue 02 Jan 2024 12:32:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208037
IP address blocks: 89.232.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/b4673b-210b-4e5a-876a-dc059e69b1d0/1/72eEaVdKzAPXguYygf9E-qqz-Ec.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/b4673b-210b-4e5a-876a-dc059e69b1d0/1/72eEaVdKzAPXguYygf9E-qqz-Ec.mft
rsync://rpki.ripe.net/repository/DEFAULT/72eEaVdKzAPXguYygf9E-qqz-Ec.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:14:60:2a:66:22:77:66:2c:4a:b1:86:82:93:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef678469574acc03d782e63281ff44faaab3f847
Validity
Not Before: Jan 2 12:32:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=230bc4492119795ceaa8e150053d9ca71df961e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:6b:81:dc:4a:1b:c5:dc:56:c3:59:ab:d7:55:
2f:43:a6:c2:16:7d:48:56:8c:5b:7c:81:50:55:5d:
e2:fe:4a:47:c1:4b:54:c8:25:9f:e6:1f:ce:28:2d:
e9:a1:3c:d4:77:68:02:72:1c:88:38:00:b8:9b:83:
6b:47:dd:60:84:35:5f:5f:eb:a0:d1:ea:2b:9b:5c:
c1:a0:a4:53:a1:37:39:a1:c3:04:2a:ec:cf:0f:dc:
fa:37:8e:38:7d:83:27:79:02:27:69:a2:ba:7b:dd:
30:b4:2f:28:c4:b9:57:85:2b:78:51:54:31:6c:c6:
5a:3a:78:f3:af:22:64:73:67:98:17:81:3d:be:28:
f1:01:94:37:cd:65:12:c5:2b:a5:a3:2f:e8:c3:bc:
ea:83:f0:ee:1d:b9:78:76:4a:ca:6b:eb:42:5c:bc:
e4:0e:5d:aa:3f:10:13:68:74:70:e3:82:7d:94:79:
ff:4a:c3:fa:d6:91:00:19:01:e2:f5:0a:ca:e6:36:
21:95:86:ff:b3:ca:f3:ea:22:e9:98:40:09:da:c5:
db:37:06:7b:3b:16:91:9a:76:17:f6:28:93:2d:45:
31:07:5a:20:59:a5:27:3c:25:50:68:30:67:e0:24:
4d:b6:38:79:85:67:6a:88:bb:de:cd:a3:f9:58:6a:
8f:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:0B:C4:49:21:19:79:5C:EA:A8:E1:50:05:3D:9C:A7:1D:F9:61:E7
X509v3 Authority Key Identifier:
keyid:EF:67:84:69:57:4A:CC:03:D7:82:E6:32:81:FF:44:FA:AA:B3:F8:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/72eEaVdKzAPXguYygf9E-qqz-Ec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/b4673b-210b-4e5a-876a-dc059e69b1d0/1/IwvESSEZeVzqqOFQBT2cpx35Yec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/b4673b-210b-4e5a-876a-dc059e69b1d0/1/72eEaVdKzAPXguYygf9E-qqz-Ec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.232.172.0/24
Signature Algorithm: sha256WithRSAEncryption
60:3b:bc:70:15:75:51:1f:f0:ae:c6:1a:5b:94:ee:09:91:56:
0b:fb:36:b9:81:7f:3d:52:08:96:ff:91:f3:1e:54:a8:21:c0:
b9:a5:48:90:07:25:84:66:21:81:1a:02:ec:63:8d:41:30:94:
b0:f5:58:46:fd:4b:bf:e2:18:df:7a:b1:76:c2:8e:ac:1c:6c:
19:cd:d9:8d:5f:d4:95:3e:9d:f7:95:bc:b9:96:d2:e0:2b:38:
37:bc:70:d3:f4:c9:d3:da:7b:37:84:5f:5d:79:b3:70:fa:8b:
15:c5:4b:7e:80:c6:4d:ef:26:b0:4a:f8:7a:f7:f1:7d:a3:a0:
76:42:6b:43:6d:9c:92:f4:f6:c2:40:a6:ac:a4:3d:1d:96:89:
e7:71:f2:12:ad:97:a4:fd:d8:09:e2:50:0b:7f:a8:96:1a:ae:
e5:0c:ac:d8:9f:e3:c5:93:c7:39:a0:2a:5b:a0:ec:17:ad:23:
df:05:1a:a1:a8:69:39:a0:97:6c:a4:f0:4d:38:50:b0:dc:54:
b6:1d:60:a1:25:ca:1c:2a:42:4e:7a:6d:33:82:e1:45:0a:50:
d4:b0:e4:41:81:cb:22:56:ee:68:8a:f3:86:7a:e6:cb:05:ca:
3b:0f:1a:54:a1:94:8a:3e:4b:01:5f:1a:27:a4:65:bc:0e:53:
49:5e:ac:85
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKRRgKmYid2YsSrGGgpPUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNjc4NDY5NTc0YWNjMDNkNzgyZTYzMjgxZmY0NGZhYWFi
M2Y4NDcwHhcNMjQwMTAyMTIzMjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzBiYzQ0OTIxMTk3OTVjZWFhOGUxNTAwNTNkOWNhNzFkZjk2MWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWuB3EobxdxWw1mr11UvQ6bCFn1I
VoxbfIFQVV3i/kpHwUtUyCWf5h/OKC3poTzUd2gCchyIOAC4m4NrR91ghDVfX+ug
0eorm1zBoKRToTc5ocMEKuzPD9z6N444fYMneQInaaK6e90wtC8oxLlXhSt4UVQx
bMZaOnjzryJkc2eYF4E9vijxAZQ3zWUSxSuloy/ow7zqg/DuHbl4dkrKa+tCXLzk
Dl2qPxATaHRw44J9lHn/SsP61pEAGQHi9QrK5jYhlYb/s8rz6iLpmEAJ2sXbNwZ7
OxaRmnYX9iiTLUUxB1ogWaUnPCVQaDBn4CRNtjh5hWdqiLvezaP5WGqPWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFCMLxEkhGXlc6qjhUAU9nKcd+WHnMB8GA1UdIwQY
MBaAFO9nhGlXSswD14LmMoH/RPqqs/hHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzJlRWFWZEt6QVBYZ3VZeWdmOUUtcXF6LUVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9iNDY3M2ItMjEwYi00ZTVhLTg3NmEt
ZGMwNTllNjliMWQwLzEvSXd2RVNTRVplVnpxcU9GUUJUMmNweDM1WWVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9iNDY3M2ItMjEwYi00ZTVhLTg3NmEtZGMwNTllNjliMWQw
LzEvNzJlRWFWZEt6QVBYZ3VZeWdmOUUtcXF6LUVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWeisMA0G
CSqGSIb3DQEBCwUAA4IBAQBgO7xwFXVRH/CuxhpblO4JkVYL+za5gX89UgiW/5Hz
HlSoIcC5pUiQByWEZiGBGgLsY41BMJSw9VhG/Uu/4hjferF2wo6sHGwZzdmNX9SV
Pp33lby5ltLgKzg3vHDT9MnT2ns3hF9debNw+osVxUt+gMZN7yawSvh69/F9o6B2
QmtDbZyS9PbCQKaspD0dlonncfISrZek/dgJ4lALf6iWGq7lDKzYn+PFk8c5oCpb
oOwXrSPfBRqhqGk5oJdspPBNOFCw3FS2HWChJcocKkJOem0zguFFClDUsORBgcsi
Vu5oivOGeubLBco7DxpUoZSKPksBXxonpGW8DlNJXqyF
-----END CERTIFICATE-----
Generated at Sat Dec 28 02:55:18 2024 by rpki-client on console-ams.rpki-client.org