Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0Ydf7l1EFULnv-kTi-JTOr04Z20.roa
File: 0Ydf7l1EFULnv-kTi-JTOr04Z20.roa (raw, json)
Hash identifier: jKLMMb2eDBGdr5prgLuLZL77qwVf/dhapRzpNry7cCM=
Subject key identifier: D1:87:5F:EE:5D:44:15:42:E7:BF:E9:13:8B:E2:53:3A:BD:38:67:6D
Certificate issuer: /CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Certificate serial: 018CC94DEB3FCFF5FA8C5BFE8CF24437136F
Authority key identifier: D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0Ydf7l1EFULnv-kTi-JTOr04Z20.roa
Signing time: Tue 02 Jan 2024 08:32:56 +0000
ROA not before: Tue 02 Jan 2024 08:32:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62386
IP address blocks: 89.25.35.0/24 maxlen: 24
94.155.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.mft
rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:eb:3f:cf:f5:fa:8c:5b:fe:8c:f2:44:37:13:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d07d7573aacae821c87d6d36431cfe4b2801ab41
Validity
Not Before: Jan 2 08:32:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1875fee5d441542e7bfe9138be2533abd38676d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:55:e6:78:0b:fe:e0:40:7a:b7:97:f8:51:78:
71:07:e8:f8:93:85:65:b2:95:de:d9:dd:e9:e4:18:
b5:a9:8c:a4:ca:ec:aa:28:e3:7d:9a:f8:3d:19:80:
f1:c9:13:0e:21:01:e7:f8:c6:8c:33:19:e2:9d:d9:
ec:cf:79:2a:71:e9:54:d9:22:e2:ad:f3:74:7f:6c:
f8:ed:97:d9:e0:52:19:55:bb:fd:9f:0a:5b:ad:d6:
95:d0:46:da:32:0c:db:7f:b2:f4:7f:e5:19:41:94:
23:da:7a:23:d0:5c:56:b6:61:c7:de:d0:87:97:2f:
6c:77:9d:86:b3:aa:3e:c2:72:dc:22:44:b5:54:92:
de:bf:67:66:4a:ae:2b:cb:a9:31:2e:0d:bf:20:cd:
f8:4a:c3:74:92:38:7b:f7:a9:cc:23:23:1e:20:32:
da:8b:0d:e0:db:77:85:72:fa:d4:92:20:af:be:9b:
e3:3b:73:0e:f8:ad:8e:d2:8c:7b:16:39:b6:dc:53:
0b:28:f6:f3:fb:a2:9d:31:df:54:96:cb:5c:75:7f:
1d:f6:a3:ef:7e:55:fc:b5:e0:7c:70:d8:40:93:02:
24:41:77:e0:f6:ab:02:04:b5:5f:c1:cd:20:01:fe:
e6:ea:98:eb:63:1b:2e:3a:77:cc:76:ab:48:d3:47:
51:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:87:5F:EE:5D:44:15:42:E7:BF:E9:13:8B:E2:53:3A:BD:38:67:6D
X509v3 Authority Key Identifier:
keyid:D0:7D:75:73:AA:CA:E8:21:C8:7D:6D:36:43:1C:FE:4B:28:01:AB:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0H11c6rK6CHIfW02Qxz-SygBq0E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0Ydf7l1EFULnv-kTi-JTOr04Z20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/5725cc-ad70-46f8-bb62-cf9dc5baaa79/1/0H11c6rK6CHIfW02Qxz-SygBq0E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.25.35.0/24
94.155.175.0/24
Signature Algorithm: sha256WithRSAEncryption
b8:e3:ed:ee:bf:89:29:fe:75:c4:a3:67:f8:c8:99:42:f9:74:
5e:fd:d9:79:da:a0:ba:32:34:07:bb:81:61:35:b9:1d:ca:f9:
9a:50:fe:5a:63:5c:eb:f6:33:e4:c3:23:d2:46:ca:fa:19:54:
ea:9e:e5:5b:35:4c:2b:a3:94:ae:21:3c:24:9e:00:91:7b:12:
b8:24:77:dc:48:79:c7:b7:c5:24:9a:2a:53:69:75:de:2e:f1:
20:7a:8e:a0:be:30:c9:02:04:00:aa:51:d2:02:1b:67:0c:ba:
7e:ae:a3:99:6d:53:c5:de:e1:42:c5:92:d3:de:43:0d:f0:eb:
06:55:1c:57:05:bf:16:12:2b:ec:58:45:d7:c3:62:fe:fb:a5:
ca:95:f5:ca:8f:c3:62:66:b7:9d:c4:2f:65:4e:41:5d:6d:cf:
d0:51:1e:9f:bc:bb:5e:a6:d8:9c:99:d4:f4:89:42:df:88:e7:
f6:35:12:c8:cb:63:cf:3b:1c:8a:d5:14:94:29:88:8e:a6:69:
f3:43:19:7a:fa:50:a8:4b:84:fa:30:65:69:c5:c9:54:15:42:
db:44:d1:0f:8c:dd:af:ea:f5:61:e9:2a:6a:fa:60:78:70:ff:
85:9e:8b:25:7e:58:a2:79:b7:51:3a:b0:c2:07:ba:a3:9c:f2:
44:f4:67:e0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTes/z/X6jFv+jPJENxNvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwN2Q3NTczYWFjYWU4MjFjODdkNmQzNjQzMWNmZTRiMjgw
MWFiNDEwHhcNMjQwMTAyMDgzMjU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTg3NWZlZTVkNDQxNTQyZTdiZmU5MTM4YmUyNTMzYWJkMzg2NzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmVXmeAv+4EB6t5f4UXhxB+j4k4Vl
spXe2d3p5Bi1qYykyuyqKON9mvg9GYDxyRMOIQHn+MaMMxnindnsz3kqcelU2SLi
rfN0f2z47ZfZ4FIZVbv9nwpbrdaV0EbaMgzbf7L0f+UZQZQj2noj0FxWtmHH3tCH
ly9sd52Gs6o+wnLcIkS1VJLev2dmSq4ry6kxLg2/IM34SsN0kjh796nMIyMeIDLa
iw3g23eFcvrUkiCvvpvjO3MO+K2O0ox7Fjm23FMLKPbz+6KdMd9UlstcdX8d9qPv
flX8teB8cNhAkwIkQXfg9qsCBLVfwc0gAf7m6pjrYxsuOnfMdqtI00dRFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNGHX+5dRBVC57/pE4viUzq9OGdtMB8GA1UdIwQY
MBaAFNB9dXOqyughyH1tNkMc/ksoAatBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjIt
Y2Y5ZGM1YmFhYTc5LzEvMFlkZjdsMUVGVUxudi1rVGktSlRPcjA0WjIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi81NzI1Y2MtYWQ3MC00NmY4LWJiNjItY2Y5ZGM1YmFhYTc5
LzEvMEgxMWM2cks2Q0hJZlcwMlF4ei1TeWdCcTBFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWRkjAwQA
XpuvMA0GCSqGSIb3DQEBCwUAA4IBAQC44+3uv4kp/nXEo2f4yJlC+XRe/dl52qC6
MjQHu4FhNbkdyvmaUP5aY1zr9jPkwyPSRsr6GVTqnuVbNUwro5SuITwkngCRexK4
JHfcSHnHt8UkmipTaXXeLvEgeo6gvjDJAgQAqlHSAhtnDLp+rqOZbVPF3uFCxZLT
3kMN8OsGVRxXBb8WEivsWEXXw2L++6XKlfXKj8NiZredxC9lTkFdbc/QUR6fvLte
pticmdT0iULfiOf2NRLIy2PPOxyK1RSUKYiOpmnzQxl6+lCoS4T6MGVpxclUFULb
RNEPjN2v6vVh6Spq+mB4cP+FnoslfliiebdROrDCB7qjnPJE9Gfg
-----END CERTIFICATE-----
Generated at Fri Nov 22 23:41:31 2024 by rpki-client on console-fra.rpki-client.org