Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/M8bz8RqeqZc2T2BWE2LWBmkvIac.roa
File: M8bz8RqeqZc2T2BWE2LWBmkvIac.roa (raw, json)
Hash identifier: ZDLx7Q2UCC0LRgvHe7vaxz6vBlt20mclLRP30/3yDwo=
Subject key identifier: 33:C6:F3:F1:1A:9E:A9:97:36:4F:60:56:13:62:D6:06:69:2F:21:A7
Certificate issuer: /CN=f82554a856a422b061ae64c577630f91d408cd4a
Certificate serial: 018CC94D468B4F57B380BFD046654C95AE7F
Authority key identifier: F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/M8bz8RqeqZc2T2BWE2LWBmkvIac.roa
Signing time: Tue 02 Jan 2024 08:32:13 +0000
ROA not before: Tue 02 Jan 2024 08:32:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204092
IP address blocks: 89.234.186.0/24 maxlen: 24
2a00:5884::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:46:8b:4f:57:b3:80:bf:d0:46:65:4c:95:ae:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f82554a856a422b061ae64c577630f91d408cd4a
Validity
Not Before: Jan 2 08:32:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=33c6f3f11a9ea997364f60561362d606692f21a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ef:e2:fb:b2:93:24:bd:e6:67:a9:bc:87:3f:
bd:21:52:02:91:b4:d2:db:33:6c:46:59:fc:51:06:
90:22:1b:49:98:6e:89:ea:45:2a:56:6f:be:b4:31:
e2:5d:94:c1:30:db:98:6f:7b:7d:24:8c:f6:3a:0d:
2c:1e:89:85:94:78:6d:e0:64:91:c5:21:52:cb:8c:
a7:4d:50:20:90:2f:83:b7:77:35:4d:d1:2c:79:50:
e1:9d:d4:36:05:86:0b:35:14:29:50:02:a1:6e:5d:
bb:83:42:1e:24:8b:ae:a9:fe:82:2a:b5:df:3a:09:
b5:4d:83:14:3f:83:d1:2c:fe:37:6d:e4:5b:fc:53:
8b:e0:12:45:2e:ef:70:14:bd:82:84:a9:83:d1:c7:
30:3c:04:51:30:f4:7d:d1:3f:2b:e5:34:d4:0f:0e:
95:36:1b:b3:7e:15:b7:86:9e:a5:a6:46:28:95:5a:
20:29:5c:02:33:f2:90:15:b1:e5:8a:8f:bb:2f:8c:
48:09:35:f0:6f:47:e6:21:a6:eb:7d:5c:cb:4d:f9:
f3:0a:e9:6e:aa:e9:70:f6:f7:70:bb:8b:f5:af:df:
06:54:f4:30:62:ad:3c:9f:00:05:fe:c1:52:b0:29:
dd:74:5a:c5:4e:7f:1c:1e:2c:eb:a1:98:63:87:e0:
c1:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:C6:F3:F1:1A:9E:A9:97:36:4F:60:56:13:62:D6:06:69:2F:21:A7
X509v3 Authority Key Identifier:
keyid:F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/M8bz8RqeqZc2T2BWE2LWBmkvIac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.234.186.0/24
IPv6:
2a00:5884::/32
Signature Algorithm: sha256WithRSAEncryption
14:c1:f0:a7:cb:d0:fc:d7:42:4c:2e:04:d6:75:cb:1e:1d:f7:
8c:a4:80:d2:39:1b:e2:87:46:5e:4c:20:be:83:0d:5a:b4:54:
47:21:a0:46:ce:ea:75:65:88:50:9e:24:92:aa:7e:5c:af:16:
4b:e8:fe:42:48:3a:cb:58:d0:65:6c:c4:35:c2:bc:e0:3c:5a:
f3:5a:61:3e:0c:c9:e8:cf:24:bd:cd:bf:71:3b:f3:73:2f:76:
8f:e3:a6:e2:c9:da:48:22:b4:e1:48:d9:c3:c3:93:ff:fa:87:
93:54:aa:f9:a1:7d:55:7b:8d:28:c9:99:0e:57:f6:96:88:9e:
07:a0:ad:d8:f6:86:d8:c6:21:92:ad:8c:1a:9c:a4:d0:80:65:
da:eb:1a:10:f8:15:2a:2e:44:23:e7:93:68:cd:7b:1b:3a:a6:
bb:96:75:6a:ac:94:f8:fa:1d:8e:26:de:98:99:0c:48:5c:54:
8f:5a:bd:b8:f7:b4:ea:db:f4:ff:21:fc:3b:19:1f:43:d2:75:
19:7a:6f:18:b5:52:66:2a:f4:e6:71:0e:cc:46:c2:fd:12:db:
bd:d4:73:0c:73:c1:d0:d4:0d:67:a4:35:75:6e:cd:c5:9c:ce:
64:dc:c4:7e:cd:6a:6b:25:05:29:b2:4e:b7:82:e8:6c:b3:49:
32:a8:77:13
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJTUaLT1ezgL/QRmVMla5/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjU1NGE4NTZhNDIyYjA2MWFlNjRjNTc3NjMwZjkxZDQw
OGNkNGEwHhcNMjQwMTAyMDgzMjEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzM2M2ZjNmMTFhOWVhOTk3MzY0ZjYwNTYxMzYyZDYwNjY5MmYyMWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApe/i+7KTJL3mZ6m8hz+9IVICkbTS
2zNsRln8UQaQIhtJmG6J6kUqVm++tDHiXZTBMNuYb3t9JIz2Og0sHomFlHht4GSR
xSFSy4ynTVAgkC+Dt3c1TdEseVDhndQ2BYYLNRQpUAKhbl27g0IeJIuuqf6CKrXf
Ogm1TYMUP4PRLP43beRb/FOL4BJFLu9wFL2ChKmD0ccwPARRMPR90T8r5TTUDw6V
NhuzfhW3hp6lpkYolVogKVwCM/KQFbHlio+7L4xICTXwb0fmIabrfVzLTfnzCulu
qulw9vdwu4v1r98GVPQwYq08nwAF/sFSsCnddFrFTn8cHizroZhjh+DBDwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFDPG8/EanqmXNk9gVhNi1gZpLyGnMB8GA1UdIwQY
MBaAFPglVKhWpCKwYa5kxXdjD5HUCM1KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DVlVxRmFrSXJCaHJtVEZkMk1Qa2RRSXpVby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNm
LTk2NWQ2ZDYwM2JmYS8xL004Yno4UnFlcVpjMlQyQldFMkxXQm1rdklhYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNmLTk2NWQ2ZDYwM2Jm
YS8xLzEtQ1ZVcUZha0lyQmhybVRGZDJNUGtkUUl6VW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwLgYIKwYBBQUHAQcBAf8EHzAdMAwEAgABMAYDBABZ6row
DQQCAAIwBwMFACoAWIQwDQYJKoZIhvcNAQELBQADggEBABTB8KfL0PzXQkwuBNZ1
yx4d94ykgNI5G+KHRl5MIL6DDVq0VEchoEbO6nVliFCeJJKqflyvFkvo/kJIOstY
0GVsxDXCvOA8WvNaYT4MyejPJL3Nv3E783Mvdo/jpuLJ2kgitOFI2cPDk//6h5NU
qvmhfVV7jSjJmQ5X9paIngegrdj2htjGIZKtjBqcpNCAZdrrGhD4FSouRCPnk2jN
exs6pruWdWqslPj6HY4m3piZDEhcVI9avbj3tOrb9P8h/DsZH0PSdRl6bxi1UmYq
9OZxDsxGwv0S273UcwxzwdDUDWekNXVuzcWczmTcxH7NamslBSmyTreC6GyzSTKo
dxM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:06:43 2024 by rpki-client on console-ams.rpki-client.org