Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/af8caZ49MyChfZhJFombscsEJcM.roa
File: af8caZ49MyChfZhJFombscsEJcM.roa (raw, json)
Hash identifier: ohP1WPhR16ViS2kWAQneafR5oFNijezxcyJDi7qdXM4=
Subject key identifier: 69:FF:1C:69:9E:3D:33:20:A1:7D:98:49:16:89:9B:B1:CB:04:25:C3
Certificate issuer: /CN=f82554a856a422b061ae64c577630f91d408cd4a
Certificate serial: 018CC94D455CC3AB3026E56B44CB8BA0AB70
Authority key identifier: F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/af8caZ49MyChfZhJFombscsEJcM.roa
Signing time: Tue 02 Jan 2024 08:32:13 +0000
ROA not before: Tue 02 Jan 2024 08:32:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197922
IP address blocks: 89.234.142.0/23 maxlen: 23
89.234.149.0/24 maxlen: 24
89.234.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 18:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:45:5c:c3:ab:30:26:e5:6b:44:cb:8b:a0:ab:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f82554a856a422b061ae64c577630f91d408cd4a
Validity
Not Before: Jan 2 08:32:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=69ff1c699e3d3320a17d984916899bb1cb0425c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:d4:f1:1c:38:5a:c6:47:f9:43:23:ac:ff:f1:
11:79:f8:00:78:d2:14:7b:a6:22:9a:14:98:a7:17:
bc:20:a7:0e:56:7f:23:4c:a8:3b:d5:0c:36:e4:38:
43:4c:c5:81:7c:84:31:1e:7c:50:a1:55:7f:4b:f5:
3b:33:80:09:ef:59:fc:de:e8:88:9f:b6:92:f9:32:
2f:68:cf:e2:5a:f4:4d:8d:0d:6d:b7:c1:b2:19:68:
f8:1e:24:1c:a8:4b:43:f8:08:71:7a:27:d2:b9:de:
7b:5d:26:13:1d:2b:96:a9:a3:c8:3e:fe:d5:2e:14:
7b:e3:ea:f3:af:07:47:79:bd:84:52:ac:a4:ab:41:
c6:84:ae:bf:71:03:13:7b:32:43:77:b0:ed:26:13:
77:b4:d5:69:b0:b4:88:f1:c0:53:36:21:de:b3:9c:
9d:9a:a6:c2:7e:78:de:04:7f:46:ac:0c:df:6f:16:
3b:62:4a:1d:22:81:ae:52:6f:a1:b7:0b:8a:08:e8:
d9:ce:42:31:e6:61:a0:0f:a8:56:05:72:bc:7e:af:
97:04:fa:cc:8e:c1:83:72:f4:92:4a:b9:e5:29:28:
01:9c:eb:6f:40:d0:7e:c1:7e:13:c3:d7:a4:b5:1f:
60:7d:e5:78:d1:7d:a6:43:95:14:12:35:58:29:11:
97:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:FF:1C:69:9E:3D:33:20:A1:7D:98:49:16:89:9B:B1:CB:04:25:C3
X509v3 Authority Key Identifier:
keyid:F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/af8caZ49MyChfZhJFombscsEJcM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.234.142.0/23
89.234.148.0/23
Signature Algorithm: sha256WithRSAEncryption
21:2c:a0:47:89:75:f1:49:df:4b:9e:43:0d:b3:18:fe:56:c5:
c2:c6:a6:79:bd:cf:8a:57:85:b6:69:12:f5:a1:cc:ae:09:72:
77:a0:b4:0d:28:44:30:1c:d1:03:64:55:03:8d:27:21:32:69:
e7:41:9e:67:25:bb:b6:00:b0:43:83:33:d3:a8:f6:9c:ef:41:
bf:22:d9:c4:96:42:45:89:84:ad:21:50:a4:0a:4d:d3:a1:72:
f5:8a:bd:e4:66:17:32:1b:43:31:75:46:24:32:40:c2:a8:75:
6d:ec:2e:b6:08:98:2e:6d:c6:a0:b1:5f:85:30:fe:1c:16:fc:
01:64:fb:e2:ca:97:9a:71:81:d6:92:dc:ed:60:e7:93:81:b7:
1e:76:db:97:70:9c:3f:6b:95:76:f7:8c:15:38:de:ef:b8:7f:
53:a8:a7:7c:70:c3:9b:de:37:ee:2a:42:9a:a9:62:7b:6e:c7:
06:5e:35:28:94:cb:28:ea:2e:b9:f3:7a:a6:6a:4d:66:5d:18:
3f:69:9a:c6:69:52:63:ed:2b:4e:05:f8:8b:b2:6a:3b:59:d2:
83:fc:e5:21:b7:5d:81:bb:30:51:5f:89:85:91:ea:3c:f4:58:
83:29:60:31:c0:02:d7:30:9a:e3:67:13:44:17:89:ad:f9:ab:
c7:87:45:5d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzJTUVcw6swJuVrRMuLoKtwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjU1NGE4NTZhNDIyYjA2MWFlNjRjNTc3NjMwZjkxZDQw
OGNkNGEwHhcNMjQwMTAyMDgzMjEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWZmMWM2OTllM2QzMzIwYTE3ZDk4NDkxNjg5OWJiMWNiMDQyNWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj9TxHDhaxkf5QyOs//ERefgAeNIU
e6YimhSYpxe8IKcOVn8jTKg71Qw25DhDTMWBfIQxHnxQoVV/S/U7M4AJ71n83uiI
n7aS+TIvaM/iWvRNjQ1tt8GyGWj4HiQcqEtD+AhxeifSud57XSYTHSuWqaPIPv7V
LhR74+rzrwdHeb2EUqykq0HGhK6/cQMTezJDd7DtJhN3tNVpsLSI8cBTNiHes5yd
mqbCfnjeBH9GrAzfbxY7YkodIoGuUm+htwuKCOjZzkIx5mGgD6hWBXK8fq+XBPrM
jsGDcvSSSrnlKSgBnOtvQNB+wX4Tw9ektR9gfeV40X2mQ5UUEjVYKRGXIQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFGn/HGmePTMgoX2YSRaJm7HLBCXDMB8GA1UdIwQY
MBaAFPglVKhWpCKwYa5kxXdjD5HUCM1KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DVlVxRmFrSXJCaHJtVEZkMk1Qa2RRSXpVby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNm
LTk2NWQ2ZDYwM2JmYS8xL2FmOGNhWjQ5TXlDaGZaaEpGb21ic2NzRUpjTS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNmLTk2NWQ2ZDYwM2Jm
YS8xLzEtQ1ZVcUZha0lyQmhybVRGZDJNUGtkUUl6VW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwJQYIKwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBAFZ6o4D
BAFZ6pQwDQYJKoZIhvcNAQELBQADggEBACEsoEeJdfFJ30ueQw2zGP5WxcLGpnm9
z4pXhbZpEvWhzK4JcnegtA0oRDAc0QNkVQONJyEyaedBnmclu7YAsEODM9Oo9pzv
Qb8i2cSWQkWJhK0hUKQKTdOhcvWKveRmFzIbQzF1RiQyQMKodW3sLrYImC5txqCx
X4Uw/hwW/AFk++LKl5pxgdaS3O1g55OBtx5225dwnD9rlXb3jBU43u+4f1Oop3xw
w5veN+4qQpqpYntuxwZeNSiUyyjqLrnzeqZqTWZdGD9pmsZpUmPtK04F+IuyajtZ
0oP85SG3XYG7MFFfiYWR6jz0WIMpYDHAAtcwmuNnE0QXia35q8eHRV0=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:04:49 2024 by rpki-client on console-ams.rpki-client.org