Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/rcMp3isrh-6gGPivdUWlKyfDAnE.roa
File: rcMp3isrh-6gGPivdUWlKyfDAnE.roa (raw, json)
Hash identifier: 4dnqrTw3zMIRjq16E0/LiSNbIia5EZa11cijlVWXOLA=
Subject key identifier: AD:C3:29:DE:2B:2B:87:EE:A0:18:F8:AF:75:45:A5:2B:27:C3:02:71
Certificate issuer: /CN=f82554a856a422b061ae64c577630f91d408cd4a
Certificate serial: 018CC94D45CB08CEB3D0103A838405B2A31D
Authority key identifier: F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/rcMp3isrh-6gGPivdUWlKyfDAnE.roa
Signing time: Tue 02 Jan 2024 08:32:13 +0000
ROA not before: Tue 02 Jan 2024 08:32:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198978
IP address blocks: 89.234.131.0/24 maxlen: 24
89.234.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 18:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:45:cb:08:ce:b3:d0:10:3a:83:84:05:b2:a3:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f82554a856a422b061ae64c577630f91d408cd4a
Validity
Not Before: Jan 2 08:32:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=adc329de2b2b87eea018f8af7545a52b27c30271
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4b:45:91:ca:0c:ab:06:ef:2f:38:f9:91:f1:
fd:3d:5e:b2:34:6d:20:fb:a3:6b:bc:49:d7:17:94:
d0:c8:ef:ec:85:e3:5c:d6:14:36:49:b8:fa:a9:75:
c3:8a:85:33:e2:aa:8c:03:c8:02:8f:d4:ef:77:39:
ab:13:73:2d:42:25:9d:ff:5f:1e:4a:05:03:b9:dc:
15:6f:24:2c:cb:a1:19:ca:99:6c:d5:c5:b5:cb:a1:
d6:89:10:b0:18:80:dc:0e:1b:58:7c:75:23:bc:55:
f2:14:0f:70:8d:4a:4d:28:b0:82:0e:b6:52:43:da:
66:ba:b8:32:ff:75:56:cf:dd:13:c5:53:e6:cd:e7:
21:12:fa:5e:97:fe:87:34:63:5d:6a:a1:06:e6:d1:
99:6d:48:87:21:db:98:00:b4:29:cd:e1:68:13:2f:
92:cf:83:e7:b1:b2:04:f7:62:0d:94:ea:66:05:c0:
5c:a4:9c:87:e4:cb:22:6d:f9:1d:a2:d4:64:17:12:
a4:92:f5:07:77:81:d0:5d:80:d1:34:10:21:77:e4:
3d:6f:39:82:e4:0c:f4:a0:7e:8a:46:4b:95:ef:da:
e4:b5:a8:b0:a7:ca:1f:a1:31:f5:8a:ab:0a:0a:91:
b1:a5:22:44:3d:02:c1:f0:bb:fb:cc:83:75:f7:ba:
49:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:C3:29:DE:2B:2B:87:EE:A0:18:F8:AF:75:45:A5:2B:27:C3:02:71
X509v3 Authority Key Identifier:
keyid:F8:25:54:A8:56:A4:22:B0:61:AE:64:C5:77:63:0F:91:D4:08:CD:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-CVUqFakIrBhrmTFd2MPkdQIzUo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/rcMp3isrh-6gGPivdUWlKyfDAnE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/9437a2-07e6-4e6a-aa3f-965d6d603bfa/1/1-CVUqFakIrBhrmTFd2MPkdQIzUo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.234.130.0/23
Signature Algorithm: sha256WithRSAEncryption
bf:31:d9:86:cd:a6:d9:ad:2f:6f:d2:7c:23:c2:19:be:de:6a:
c4:06:ac:0a:9f:ea:96:d6:ad:16:7e:e7:e9:8c:bd:52:81:c6:
b3:08:ff:c2:a3:77:3d:f6:0d:dd:e9:4a:1d:06:e8:fe:d8:e1:
04:e5:bb:a9:d5:6c:1e:c2:18:b5:0c:cc:ef:b3:4a:a4:20:19:
80:bb:b2:d5:6b:47:6d:a3:f4:97:6e:d6:bd:2f:f7:2c:5f:e4:
05:53:52:42:1e:7a:8a:b8:90:69:3b:0b:6b:dd:24:fa:6a:0b:
ac:39:7d:7f:0b:20:68:2b:ca:a6:7d:ce:15:3f:22:7b:07:00:
8c:29:61:2c:12:ab:53:47:70:8c:af:c6:22:5a:a7:e0:ce:97:
32:32:0f:f1:5d:c8:95:0c:4a:68:0a:3a:fc:18:76:16:86:67:
00:c0:6d:c1:e4:13:6a:f3:fd:c4:62:65:57:fd:cd:a6:fc:9c:
92:f9:31:57:b8:54:d4:f0:4d:d3:61:62:d4:c6:6d:34:f9:5b:
4f:a9:18:25:b7:1b:49:66:9f:b0:5e:b8:4c:fa:9b:23:8b:85:
7a:1e:a0:67:e1:9e:80:ca:bf:5f:52:25:0b:14:d4:b4:18:f0:
a2:a2:79:a8:ff:7d:3c:56:cc:7f:6d:6f:1c:23:e9:eb:0c:c9:
e3:7f:48:08
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzJTUXLCM6z0BA6g4QFsqMdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4MjU1NGE4NTZhNDIyYjA2MWFlNjRjNTc3NjMwZjkxZDQw
OGNkNGEwHhcNMjQwMTAyMDgzMjEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGMzMjlkZTJiMmI4N2VlYTAxOGY4YWY3NTQ1YTUyYjI3YzMwMjcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqktFkcoMqwbvLzj5kfH9PV6yNG0g
+6NrvEnXF5TQyO/sheNc1hQ2Sbj6qXXDioUz4qqMA8gCj9TvdzmrE3MtQiWd/18e
SgUDudwVbyQsy6EZypls1cW1y6HWiRCwGIDcDhtYfHUjvFXyFA9wjUpNKLCCDrZS
Q9pmurgy/3VWz90TxVPmzechEvpel/6HNGNdaqEG5tGZbUiHIduYALQpzeFoEy+S
z4PnsbIE92INlOpmBcBcpJyH5MsibfkdotRkFxKkkvUHd4HQXYDRNBAhd+Q9bzmC
5Az0oH6KRkuV79rktaiwp8ofoTH1iqsKCpGxpSJEPQLB8Lv7zIN197pJBwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFK3DKd4rK4fuoBj4r3VFpSsnwwJxMB8GA1UdIwQY
MBaAFPglVKhWpCKwYa5kxXdjD5HUCM1KMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1DVlVxRmFrSXJCaHJtVEZkMk1Qa2RRSXpVby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNm
LTk2NWQ2ZDYwM2JmYS8xL3JjTXAzaXNyaC02Z0dQaXZkVVdsS3lmREFuRS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNGYvOTQzN2EyLTA3ZTYtNGU2YS1hYTNmLTk2NWQ2ZDYwM2Jm
YS8xLzEtQ1ZVcUZha0lyQmhybVRGZDJNUGtkUUl6VW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAFZ6oIw
DQYJKoZIhvcNAQELBQADggEBAL8x2YbNptmtL2/SfCPCGb7easQGrAqf6pbWrRZ+
5+mMvVKBxrMI/8Kjdz32Dd3pSh0G6P7Y4QTlu6nVbB7CGLUMzO+zSqQgGYC7stVr
R22j9Jdu1r0v9yxf5AVTUkIeeoq4kGk7C2vdJPpqC6w5fX8LIGgryqZ9zhU/InsH
AIwpYSwSq1NHcIyvxiJap+DOlzIyD/FdyJUMSmgKOvwYdhaGZwDAbcHkE2rz/cRi
ZVf9zab8nJL5MVe4VNTwTdNhYtTGbTT5W0+pGCW3G0lmn7BeuEz6myOLhXoeoGfh
noDKv19SJQsU1LQY8KKieaj/fTxWzH9tbxwj6esMyeN/SAg=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:04:49 2024 by rpki-client on console-ams.rpki-client.org