Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5c/9e1d5b-de61-4d9a-84bd-02792f9cf07b/1/PsFj0jBOlnK8Si6GXWiKFli7hSg.roa
File: PsFj0jBOlnK8Si6GXWiKFli7hSg.roa (raw, json)
Hash identifier: AD3m5UOgu1pbKBnQ0Y3C9Uo7m8klm0a5IoMoz3rTIms=
Subject key identifier: 3E:C1:63:D2:30:4E:96:72:BC:4A:2E:86:5D:68:8A:16:58:BB:85:28
Certificate issuer: /CN=c3042f5c4789c97c4f92ef2177e7b8938c8dd5c4
Certificate serial: 01904F7AECBF9CEED6D6B053AB69B0ABC5B4
Authority key identifier: C3:04:2F:5C:47:89:C9:7C:4F:92:EF:21:77:E7:B8:93:8C:8D:D5:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wwQvXEeJyXxPku8hd-e4k4yN1cQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5c/9e1d5b-de61-4d9a-84bd-02792f9cf07b/1/PsFj0jBOlnK8Si6GXWiKFli7hSg.roa
Signing time: Tue 25 Jun 2024 12:59:34 +0000
ROA not before: Tue 25 Jun 2024 12:59:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2856
IP address blocks: 89.145.172.0/22 maxlen: 22
89.145.172.0/23 maxlen: 23
89.145.172.0/24 maxlen: 24
89.145.173.0/24 maxlen: 24
185.177.64.0/22 maxlen: 22
185.177.64.0/23 maxlen: 23
185.177.64.0/24 maxlen: 24
185.177.65.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5c/9e1d5b-de61-4d9a-84bd-02792f9cf07b/1/wwQvXEeJyXxPku8hd-e4k4yN1cQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/5c/9e1d5b-de61-4d9a-84bd-02792f9cf07b/1/wwQvXEeJyXxPku8hd-e4k4yN1cQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/wwQvXEeJyXxPku8hd-e4k4yN1cQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4f:7a:ec:bf:9c:ee:d6:d6:b0:53:ab:69:b0:ab:c5:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3042f5c4789c97c4f92ef2177e7b8938c8dd5c4
Validity
Not Before: Jun 25 12:59:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3ec163d2304e9672bc4a2e865d688a1658bb8528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:1a:97:7f:74:26:3a:9e:9d:56:c2:be:d9:d8:
d5:5a:7a:55:ea:01:d0:07:23:61:86:a1:99:3c:65:
8f:8a:19:96:01:34:a0:ad:4f:e3:82:03:7f:9d:f5:
65:f8:a6:7d:22:e8:15:22:6d:da:60:a7:af:01:5a:
dd:dd:24:b3:86:10:7b:9f:81:5f:3c:3b:e3:82:96:
fb:2d:5d:55:f5:4a:54:2b:49:bc:92:54:67:c3:e8:
df:c5:d5:3e:5d:d1:29:48:be:e3:8c:78:ae:1a:12:
0d:e8:25:23:47:d1:b0:35:76:bd:7b:ff:d6:ed:a6:
5d:40:04:60:ac:bc:c8:22:41:f3:cf:46:52:b5:b5:
80:90:23:1d:fa:80:6d:17:d3:6a:3e:31:cc:a5:7f:
b7:f1:40:c2:03:2e:dd:53:d9:f6:09:d0:50:52:19:
80:45:84:29:ab:6a:60:23:a6:8a:28:b2:6d:3e:7e:
8a:96:71:63:b2:73:64:75:e0:e8:4c:81:85:3a:d2:
50:4d:8b:c3:94:bd:5b:f6:bc:99:dc:42:ee:27:a3:
3f:1f:68:09:93:5d:05:c8:60:6b:1b:5b:dd:05:ac:
32:49:a1:b0:41:02:66:7a:70:4a:3f:2b:53:13:a4:
7f:0b:45:6f:cb:36:de:7b:52:1a:93:d8:41:46:60:
21:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:C1:63:D2:30:4E:96:72:BC:4A:2E:86:5D:68:8A:16:58:BB:85:28
X509v3 Authority Key Identifier:
keyid:C3:04:2F:5C:47:89:C9:7C:4F:92:EF:21:77:E7:B8:93:8C:8D:D5:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wwQvXEeJyXxPku8hd-e4k4yN1cQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/9e1d5b-de61-4d9a-84bd-02792f9cf07b/1/PsFj0jBOlnK8Si6GXWiKFli7hSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5c/9e1d5b-de61-4d9a-84bd-02792f9cf07b/1/wwQvXEeJyXxPku8hd-e4k4yN1cQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.145.172.0/22
185.177.64.0/22
Signature Algorithm: sha256WithRSAEncryption
48:b4:c3:65:ac:1a:36:2d:b8:a1:c4:34:53:6c:ed:c9:d5:52:
25:e9:4f:b7:6f:a4:9a:96:5e:a0:fd:21:9c:29:5e:23:a5:a6:
23:cd:8c:77:b8:05:1c:cc:a3:c8:c9:81:30:9f:65:96:02:50:
9a:35:04:c0:ee:22:74:44:88:10:94:be:74:f1:ac:46:9c:7a:
92:44:98:aa:4a:59:3d:ea:f8:02:80:43:2b:e3:9f:ac:1f:09:
50:dd:e6:0f:9c:eb:c8:23:e9:8b:aa:a8:de:14:b6:ae:3e:65:
fa:e3:3b:c0:33:96:01:3a:dd:f7:a1:e1:ef:16:57:56:af:98:
54:00:be:1a:d3:05:95:de:be:26:f5:08:21:fd:8f:fc:a0:fe:
2a:3f:86:55:f5:38:9d:db:cb:fd:27:d2:f4:0a:00:3f:7f:44:
31:50:96:eb:0a:09:f2:43:56:f0:8a:e9:84:a8:87:1c:da:3c:
b6:e5:22:9f:6e:9c:e5:8e:e5:08:3a:4d:75:48:da:7b:9b:b6:
83:d0:ac:19:25:51:38:fb:aa:d0:98:23:49:dc:82:a4:e7:5f:
be:19:f4:d5:e3:ac:00:71:d8:e2:ad:da:e7:be:9a:49:c7:2d:
46:0d:77:73:a4:26:da:44:76:ba:6a:05:a1:29:12:fc:1d:a6:
0b:01:80:e6
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZBPeuy/nO7W1rBTq2mwq8W0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMDQyZjVjNDc4OWM5N2M0ZjkyZWYyMTc3ZTdiODkzOGM4
ZGQ1YzQwHhcNMjQwNjI1MTI1OTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWMxNjNkMjMwNGU5NjcyYmM0YTJlODY1ZDY4OGExNjU4YmI4NTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRqXf3QmOp6dVsK+2djVWnpV6gHQ
ByNhhqGZPGWPihmWATSgrU/jggN/nfVl+KZ9IugVIm3aYKevAVrd3SSzhhB7n4Ff
PDvjgpb7LV1V9UpUK0m8klRnw+jfxdU+XdEpSL7jjHiuGhIN6CUjR9GwNXa9e//W
7aZdQARgrLzIIkHzz0ZStbWAkCMd+oBtF9NqPjHMpX+38UDCAy7dU9n2CdBQUhmA
RYQpq2pgI6aKKLJtPn6KlnFjsnNkdeDoTIGFOtJQTYvDlL1b9ryZ3ELuJ6M/H2gJ
k10FyGBrG1vdBawySaGwQQJmenBKPytTE6R/C0Vvyzbee1Iak9hBRmAhCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD7BY9IwTpZyvEouhl1oihZYu4UoMB8GA1UdIwQY
MBaAFMMEL1xHicl8T5LvIXfnuJOMjdXEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3dRdlhFZUp5WHhQa3U4aGQtZTRrNHlOMWNRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yy85ZTFkNWItZGU2MS00ZDlhLTg0YmQt
MDI3OTJmOWNmMDdiLzEvUHNGajBqQk9sbks4U2k2R1hXaUtGbGk3aFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yy85ZTFkNWItZGU2MS00ZDlhLTg0YmQtMDI3OTJmOWNmMDdi
LzEvd3dRdlhFZUp5WHhQa3U4aGQtZTRrNHlOMWNRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWZGsAwQC
ubFAMA0GCSqGSIb3DQEBCwUAA4IBAQBItMNlrBo2LbihxDRTbO3J1VIl6U+3b6Sa
ll6g/SGcKV4jpaYjzYx3uAUczKPIyYEwn2WWAlCaNQTA7iJ0RIgQlL508axGnHqS
RJiqSlk96vgCgEMr45+sHwlQ3eYPnOvII+mLqqjeFLauPmX64zvAM5YBOt33oeHv
FldWr5hUAL4a0wWV3r4m9Qgh/Y/8oP4qP4ZV9Tid28v9J9L0CgA/f0QxUJbrCgny
Q1bwiumEqIcc2jy25SKfbpzljuUIOk11SNp7m7aD0KwZJVE4+6rQmCNJ3IKk51++
GfTV46wAcdjirdrnvppJxy1GDXdzpCbaRHa6agWhKRL8HaYLAYDm
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:31:21 2024 by rpki-client on console-ams.rpki-client.org