Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/0dtiP-xxCKyKg4D0duVAF0ikZ9Q.roa
File: 0dtiP-xxCKyKg4D0duVAF0ikZ9Q.roa (raw, json)
Hash identifier: 0JmyQ3RYqvr1rF81i04fY3InAdyS1cLnbQFi3uOCXFM=
Subject key identifier: D1:DB:62:3F:EC:71:08:AC:8A:83:80:F4:76:E5:40:17:48:A4:67:D4
Certificate issuer: /CN=6a17de1887fcfa9244b931d96da82678c0147663
Certificate serial: 018CC8DF75A6A3E55000059CE128CA278B5E
Authority key identifier: 6A:17:DE:18:87:FC:FA:92:44:B9:31:D9:6D:A8:26:78:C0:14:76:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ahfeGIf8-pJEuTHZbagmeMAUdmM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/0dtiP-xxCKyKg4D0duVAF0ikZ9Q.roa
Signing time: Tue 02 Jan 2024 06:32:16 +0000
ROA not before: Tue 02 Jan 2024 06:32:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56821
IP address blocks: 89.239.24.0/21 maxlen: 21
2a02:4007::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/ahfeGIf8-pJEuTHZbagmeMAUdmM.crl
rsync://rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/ahfeGIf8-pJEuTHZbagmeMAUdmM.mft
rsync://rpki.ripe.net/repository/DEFAULT/ahfeGIf8-pJEuTHZbagmeMAUdmM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:75:a6:a3:e5:50:00:05:9c:e1:28:ca:27:8b:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a17de1887fcfa9244b931d96da82678c0147663
Validity
Not Before: Jan 2 06:32:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d1db623fec7108ac8a8380f476e5401748a467d4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ba:03:99:42:2c:b5:aa:f0:51:8f:a2:d1:37:
00:d6:37:0e:f6:f1:c3:7c:29:82:7a:12:dc:36:0c:
b0:82:9e:43:8f:14:18:37:0e:df:3b:f0:ee:3a:81:
51:22:a8:be:4f:09:48:e6:1d:c8:d6:5e:1e:cd:80:
58:41:df:25:91:96:c7:31:6b:c2:2f:de:d5:c4:8f:
70:d3:58:36:0d:97:06:da:a0:1c:91:89:52:23:32:
de:1d:28:63:ea:a3:12:dc:9c:da:b7:31:c7:bc:a7:
97:5e:49:d0:12:fc:0b:a2:64:49:c1:3d:48:01:df:
cf:a3:9f:a6:30:52:08:c3:37:f4:c1:2c:e5:46:51:
7c:aa:ed:ab:53:74:bc:35:13:14:95:cc:fa:2a:b4:
54:24:f9:33:cd:bc:b7:4c:75:40:d0:2b:ea:76:41:
15:d5:6a:b0:71:81:ba:e9:b6:43:30:82:e0:49:f9:
f0:75:82:f0:89:b1:a9:b6:a5:1a:b9:78:8c:e8:28:
e5:de:7f:8d:8e:3f:54:ce:98:d4:c8:ba:8e:85:e2:
6a:2a:81:dc:9a:c0:d2:99:38:e1:5b:5a:1b:19:bb:
93:3f:96:92:28:31:8e:26:9b:00:52:2d:ec:98:a4:
d2:2a:56:d2:e7:2f:5d:bc:62:b4:53:8b:f6:92:ee:
2d:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:DB:62:3F:EC:71:08:AC:8A:83:80:F4:76:E5:40:17:48:A4:67:D4
X509v3 Authority Key Identifier:
keyid:6A:17:DE:18:87:FC:FA:92:44:B9:31:D9:6D:A8:26:78:C0:14:76:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ahfeGIf8-pJEuTHZbagmeMAUdmM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/0dtiP-xxCKyKg4D0duVAF0ikZ9Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/54/ec25bd-219e-4d02-a532-0799a52a6387/1/ahfeGIf8-pJEuTHZbagmeMAUdmM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.239.24.0/21
IPv6:
2a02:4007::/32
Signature Algorithm: sha256WithRSAEncryption
6d:1a:5e:ba:36:cb:f5:7d:6a:76:4b:32:58:66:5e:27:40:bb:
29:94:0a:11:c1:83:2a:85:2f:64:dd:a0:01:9b:9f:d4:c3:a5:
3d:d6:1e:d3:54:89:08:01:8d:6c:97:74:75:c8:dd:2f:6e:1e:
59:3e:19:5e:85:ca:12:1c:07:97:0d:ca:c6:99:90:8a:43:e5:
e0:7e:6a:40:4c:ca:34:08:cd:e5:b7:d7:e7:45:ff:eb:61:4f:
06:52:29:b0:84:c9:d0:c1:43:b2:8e:59:57:eb:92:03:c5:a2:
f8:c9:c7:3f:21:c0:0f:46:71:95:21:48:a7:a3:d5:16:2d:f6:
e2:1a:b3:6f:bf:db:fe:50:e1:e3:1d:66:91:84:a5:41:e8:ab:
c0:f8:36:fb:0e:e8:72:40:d1:dd:7a:65:de:7e:b9:2e:bf:c8:
16:fd:06:0d:c4:34:25:d5:c3:dc:9d:03:3c:94:de:11:3b:5e:
a9:70:31:f7:61:aa:1f:88:f3:8b:80:9e:9e:86:f4:0c:39:d6:
08:44:41:45:3c:72:de:5d:40:be:5f:01:1f:2a:74:59:87:97:
ec:37:97:05:b6:f3:57:3d:99:9f:36:bd:bb:23:e5:c6:ff:74:
9d:0d:61:d9:10:97:1d:bc:f4:c8:15:18:67:da:a6:97:30:9b:
43:be:24:14
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzI33Wmo+VQAAWc4SjKJ4teMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMTdkZTE4ODdmY2ZhOTI0NGI5MzFkOTZkYTgyNjc4YzAx
NDc2NjMwHhcNMjQwMTAyMDYzMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMWRiNjIzZmVjNzEwOGFjOGE4MzgwZjQ3NmU1NDAxNzQ4YTQ2N2Q0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj7oDmUIstarwUY+i0TcA1jcO9vHD
fCmCehLcNgywgp5DjxQYNw7fO/DuOoFRIqi+TwlI5h3I1l4ezYBYQd8lkZbHMWvC
L97VxI9w01g2DZcG2qAckYlSIzLeHShj6qMS3JzatzHHvKeXXknQEvwLomRJwT1I
Ad/Po5+mMFIIwzf0wSzlRlF8qu2rU3S8NRMUlcz6KrRUJPkzzby3THVA0CvqdkEV
1WqwcYG66bZDMILgSfnwdYLwibGptqUauXiM6Cjl3n+Njj9UzpjUyLqOheJqKoHc
msDSmTjhW1obGbuTP5aSKDGOJpsAUi3smKTSKlbS5y9dvGK0U4v2ku4t0QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNHbYj/scQisioOA9HblQBdIpGfUMB8GA1UdIwQY
MBaAFGoX3hiH/PqSRLkx2W2oJnjAFHZjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWhmZUdJZjgtcEpFdVRIWmJhZ21lTUFVZG1NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NC9lYzI1YmQtMjE5ZS00ZDAyLWE1MzIt
MDc5OWE1MmE2Mzg3LzEvMGR0aVAteHhDS3lLZzREMGR1VkFGMGlrWjlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NC9lYzI1YmQtMjE5ZS00ZDAyLWE1MzItMDc5OWE1MmE2Mzg3
LzEvYWhmZUdJZjgtcEpFdVRIWmJhZ21lTUFVZG1NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDWe8YMA0E
AgACMAcDBQAqAkAHMA0GCSqGSIb3DQEBCwUAA4IBAQBtGl66Nsv1fWp2SzJYZl4n
QLsplAoRwYMqhS9k3aABm5/Uw6U91h7TVIkIAY1sl3R1yN0vbh5ZPhlehcoSHAeX
DcrGmZCKQ+XgfmpATMo0CM3lt9fnRf/rYU8GUimwhMnQwUOyjllX65IDxaL4ycc/
IcAPRnGVIUino9UWLfbiGrNvv9v+UOHjHWaRhKVB6KvA+Db7DuhyQNHdemXefrku
v8gW/QYNxDQl1cPcnQM8lN4RO16pcDH3YaofiPOLgJ6ehvQMOdYIREFFPHLeXUC+
XwEfKnRZh5fsN5cFtvNXPZmfNr27I+XG/3SdDWHZEJcdvPTIFRhn2qaXMJtDviQU
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:40:10 2024 by rpki-client on console-ams.rpki-client.org