Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-fLcEwqe6ihEYDoFMPzXAqyEB-M.roa
File: 1-fLcEwqe6ihEYDoFMPzXAqyEB-M.roa (raw, json)
Hash identifier: wP3EQOy7KrJZzqzEWkVzzxSYbtu/kcZfbM/KsBhwwqM=
Subject key identifier: F9:F2:DC:13:0A:9E:EA:28:44:60:3A:05:30:FC:D7:02:AC:84:07:E3
Certificate issuer: /CN=f82554a856a422b061ae64c577630f91d408cd4a
Certificate serial: 018ED35A53D2B1D00FC47248769D6A7B86F7
Authority key identifier: F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-fLcEwqe6ihEYDoFMPzXAqyEB-M.roa
Signing time: Fri 12 Apr 2024 17:28:15 +0000
ROA not before: Fri 12 Apr 2024 17:28:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205669
IP address blocks: 89.234.160.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:d3:5a:53:d2:b1:d0:0f:c4:72:48:76:9d:6a:7b:86:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f82554a856a422b061ae64c577630f91d408cd4a
Validity
Not Before: Apr 12 17:28:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f9f2dc130a9eea2844603a0530fcd702ac8407e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:f5:65:12:86:3c:e7:59:76:7c:1f:c8:b0:9f:
0a:18:69:45:50:87:bf:c1:0f:c5:b3:e1:f9:55:fc:
84:af:c5:37:73:d9:e3:70:07:8e:46:fd:c9:60:2d:
99:ac:34:ae:ef:06:ff:59:51:f2:cc:fc:90:26:fc:
66:51:2c:54:22:6d:58:ed:e6:61:72:ca:4b:9d:16:
69:f1:74:2c:70:20:81:1c:ab:f8:4a:1e:fe:65:02:
bb:8c:7b:6c:23:09:91:b2:a0:41:aa:ca:cc:d8:b0:
5f:74:af:ce:8f:5a:61:c6:95:94:cc:3c:20:f2:d3:
d2:c0:34:7d:20:36:8d:03:93:f9:43:71:5b:52:8c:
39:42:63:c9:4f:72:29:bf:3a:6e:4f:e6:6f:db:3a:
5f:40:36:8e:3d:a5:27:05:bc:5e:e2:0e:56:21:72:
ba:ef:98:91:61:1f:3a:23:f6:3e:df:e7:05:76:f3:
b6:f0:6f:b7:11:bc:e3:5d:51:46:c0:26:01:a9:e0:
c4:cc:0c:dd:6a:ed:3c:a5:29:42:56:16:09:27:30:
13:d5:01:4e:a1:31:8c:a4:dd:9d:0f:d4:14:bf:62:
90:15:9e:04:60:f6:6b:65:3f:75:dc:ff:87:27:37:
0e:b7:ae:ca:8d:93:72:5b:7f:d9:c3:59:99:8b:7b:
35:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:F2:DC:13:0A:9E:EA:28:44:60:3A:05:30:FC:D7:02:AC:84:07:E3
X509v3 Authority Key Identifier:
keyid:F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-fLcEwqe6ihEYDoFMPzXAqyEB-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.234.160.0/21
Signature Algorithm: sha256WithRSAEncryption
c8:80:f1:fe:3b:45:90:a6:7f:8d:97:26:85:bf:6f:2b:1c:de:
c0:08:65:e9:97:68:ef:d5:ff:ac:a0:ce:87:18:45:51:fb:5f:
cb:b5:57:aa:1e:7f:9c:64:44:93:4d:10:aa:b4:fb:5b:ea:f4:
7a:13:56:6a:5f:07:4a:ee:59:e0:01:f6:96:5c:77:63:66:d5:
2e:4d:74:60:b1:c8:21:31:21:59:17:af:d1:c3:ec:55:97:c2:
87:3e:3c:93:03:b3:1f:eb:d7:d0:b4:13:f9:1c:fe:42:74:1c:
d8:3e:df:45:64:2d:42:1d:f8:c4:8a:a9:89:22:3d:d4:9a:9e:
a7:0f:c0:5f:6b:03:47:af:ff:18:0d:3c:c3:59:8a:89:2a:be:
56:50:4a:27:69:f5:c4:0c:f7:5f:ff:0a:1b:7c:92:2a:5b:a8:
da:45:4d:58:b1:a0:9b:ac:6a:c7:4b:44:d6:d3:b7:02:3b:92:
e5:ee:d0:e3:ac:a9:d6:f4:b3:3d:3a:3b:eb:46:23:fc:9d:0c:
f3:39:47:f5:85:c6:15:c8:91:19:b6:ed:41:59:8d:bf:26:21:
c1:49:e8:a1:78:e9:c6:8c:02:f5:8c:8a:93:11:2a:67:87:e1:
23:50:33:62:2e:bb:a5:32:4a:63:a2:dc:2c:0c:ba:cc:5d:b2:
f3:61:f9:a5
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAY7TWlPSsdAPxHJIdp1qe4b3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjU1NGE4NTZhNDIyYjA2MWFlNjRjNTc3NjMwZjkxZDQw
OGNkNGEwHhcNMjQwNDEyMTcyODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWYyZGMxMzBhOWVlYTI4NDQ2MDNhMDUzMGZjZDcwMmFjODQwN2UzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqfVlEoY851l2fB/IsJ8KGGlFUIe/
wQ/Fs+H5VfyEr8U3c9njcAeORv3JYC2ZrDSu7wb/WVHyzPyQJvxmUSxUIm1Y7eZh
cspLnRZp8XQscCCBHKv4Sh7+ZQK7jHtsIwmRsqBBqsrM2LBfdK/Oj1phxpWUzDwg
8tPSwDR9IDaNA5P5Q3FbUow5QmPJT3IpvzpuT+Zv2zpfQDaOPaUnBbxe4g5WIXK6
75iRYR86I/Y+3+cFdvO28G+3EbzjXVFGwCYBqeDEzAzdau08pSlCVhYJJzAT1QFO
oTGMpN2dD9QUv2KQFZ4EYPZrZT913P+HJzcOt67KjZNyW3/Zw1mZi3s17QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFPny3BMKnuooRGA6BTD81wKshAfjMB8GA1UdIwQY
MBaAFPglVKhWpCKwYa5kxXdjD5HUCM1KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DVlVxRmFrSXJCaHJtVEZkMk1Qa2RRSXpVby5jZXIw
gY4GCCsGAQUFBwELBIGBMH8wfQYIKwYBBQUHMAuGcXJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNm
LTk2NWQ2ZDYwM2JmYS8xLzEtZkxjRXdxZTZpaEVZRG9GTVB6WEFxeUVCLU0ucm9h
MIGCBgNVHR8EezB5MHegdaBzhnFyc3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3Np
dG9yeS9ERUZBVUxULzRmLzk0MzdhMi0wN2U2LTRlNmEtYWEzZi05NjVkNmQ2MDNi
ZmEvMS8xLUNWVXFGYWtJckJocm1URmQyTVBrZFFJelVvLmNybDAYBgNVHSABAf8E
DjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWeqg
MA0GCSqGSIb3DQEBCwUAA4IBAQDIgPH+O0WQpn+NlyaFv28rHN7ACGXpl2jv1f+s
oM6HGEVR+1/LtVeqHn+cZESTTRCqtPtb6vR6E1ZqXwdK7lngAfaWXHdjZtUuTXRg
scghMSFZF6/Rw+xVl8KHPjyTA7Mf69fQtBP5HP5CdBzYPt9FZC1CHfjEiqmJIj3U
mp6nD8BfawNHr/8YDTzDWYqJKr5WUEonafXEDPdf/wobfJIqW6jaRU1YsaCbrGrH
S0TW07cCO5Ll7tDjrKnW9LM9OjvrRiP8nQzzOUf1hcYVyJEZtu1BWY2/JiHBSeih
eOnGjAL1jIqTESpnh+EjUDNiLrulMkpjotwsDLrMXbLzYfml
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:06:43 2024 by rpki-client on console-ams.rpki-client.org