Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/U8OCabBu9zT-Urh_9nbAXj7gjqk.roa
File: U8OCabBu9zT-Urh_9nbAXj7gjqk.roa (raw, json)
Hash identifier: 4NdD8FvQ/em+M9TsB+uy5+mMW14T2IWouA542+/dKfk=
Subject key identifier: 53:C3:82:69:B0:6E:F7:34:FE:52:B8:7F:F6:76:C0:5E:3E:E0:8E:A9
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019428275CE1483CC1781D4C4362EE6EBB66
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/U8OCabBu9zT-Urh_9nbAXj7gjqk.roa
Signing time: Thu 02 Jan 2025 17:54:15 +0000
ROA not before: Thu 02 Jan 2025 17:54:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 89.35.73.0/24 maxlen: 24
91.132.51.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Feb 2025 09:00:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:28:27:5c:e1:48:3c:c1:78:1d:4c:43:62:ee:6e:bb:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Jan 2 17:54:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53c38269b06ef734fe52b87ff676c05e3ee08ea9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f8:47:d8:73:3c:81:c2:eb:68:56:67:26:e9:
85:4c:f9:42:c1:4c:a0:b4:8f:b5:3f:4b:9c:43:28:
a9:f2:d0:4a:00:f9:1f:99:fc:e2:f6:52:cb:9e:33:
04:e4:74:2a:79:60:75:ee:93:40:6f:d4:31:c3:6a:
57:71:34:22:10:b0:a9:d4:9d:b5:e4:45:37:4a:d5:
79:81:77:63:99:ad:0c:c0:a3:11:5d:8a:9c:12:e1:
8b:43:6e:2d:f7:c6:16:1c:6f:33:4e:81:ff:45:88:
ff:28:b5:15:96:98:48:dc:31:37:0d:5c:81:17:38:
33:ee:0c:7c:06:0c:b7:66:77:6e:64:37:c8:8f:a3:
6e:0e:6e:5f:b2:b5:48:82:b9:41:e8:92:99:fe:22:
99:13:7e:d2:3f:90:1a:a1:3c:b6:4b:13:0e:12:9a:
18:36:29:ca:76:c8:ca:56:3c:93:5f:a5:57:18:63:
27:d6:92:af:db:c2:eb:ed:ae:98:2c:8d:10:5c:68:
f9:3d:17:29:5c:f6:50:46:d8:5e:26:4f:3d:ee:4e:
6b:db:32:f6:2a:d2:9c:a3:dc:1d:e5:dc:9b:6d:4d:
71:47:70:fa:89:a9:b7:36:13:84:8f:6d:4a:be:e7:
f4:20:30:01:1a:65:ac:0d:4d:8c:f8:d4:94:63:3d:
7b:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:C3:82:69:B0:6E:F7:34:FE:52:B8:7F:F6:76:C0:5E:3E:E0:8E:A9
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/U8OCabBu9zT-Urh_9nbAXj7gjqk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.73.0/24
91.132.51.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:96:64:84:e3:67:0d:11:6f:7b:82:4f:66:c7:74:14:60:56:
1a:7b:06:bd:ae:7e:e0:99:c3:29:82:71:6f:86:4a:d4:c7:05:
1c:cf:de:17:81:68:0b:40:d7:05:45:17:9f:f7:6f:f3:56:35:
81:12:69:06:f0:bf:9c:de:f1:ea:29:df:b7:23:b4:a1:75:0f:
80:9a:9b:3e:83:0b:ac:03:5d:a0:36:82:31:6a:22:13:e3:35:
2e:9a:14:50:37:c9:31:9d:81:69:2e:da:ae:12:d4:4a:65:18:
20:99:98:4f:99:1a:e5:cc:62:9e:40:db:59:fc:16:20:eb:c8:
58:4b:de:47:08:48:46:67:bf:b1:ac:2e:c3:6a:5f:d3:b3:b5:
d3:1a:23:83:d7:dc:f4:b3:01:81:01:eb:c6:a3:70:b4:13:87:
07:91:83:9a:ad:16:f5:af:57:8f:30:88:d5:01:7c:7e:d1:37:
09:e8:18:10:1c:60:a7:1f:cb:bb:cc:b7:b1:56:e8:78:ff:5a:
e2:35:b2:5d:ef:00:01:50:52:fe:c1:7c:78:e4:85:91:f0:e5:
34:b0:bd:75:ec:c4:8e:31:5d:bc:8b:4b:40:2f:71:cd:3b:91:
8c:8a:cf:d6:4d:1e:46:cd:c9:21:7e:1e:24:69:14:4e:f2:cc:
0e:d5:41:54
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZQoJ1zhSDzBeB1MQ2LubrtmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUwMTAyMTc1NDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2MzODI2OWIwNmVmNzM0ZmU1MmI4N2ZmNjc2YzA1ZTNlZTA4ZWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvhH2HM8gcLraFZnJumFTPlCwUyg
tI+1P0ucQyip8tBKAPkfmfzi9lLLnjME5HQqeWB17pNAb9Qxw2pXcTQiELCp1J21
5EU3StV5gXdjma0MwKMRXYqcEuGLQ24t98YWHG8zToH/RYj/KLUVlphI3DE3DVyB
Fzgz7gx8Bgy3ZnduZDfIj6NuDm5fsrVIgrlB6JKZ/iKZE37SP5AaoTy2SxMOEpoY
NinKdsjKVjyTX6VXGGMn1pKv28Lr7a6YLI0QXGj5PRcpXPZQRtheJk897k5r2zL2
KtKco9wd5dybbU1xR3D6iam3NhOEj21Kvuf0IDABGmWsDU2M+NSUYz17qwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFPDgmmwbvc0/lK4f/Z2wF4+4I6pMB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvVThPQ2FiQnU5elQtVXJoXzluYkFYajdnanFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSNJAwQA
W4QzMA0GCSqGSIb3DQEBCwUAA4IBAQAalmSE42cNEW97gk9mx3QUYFYaewa9rn7g
mcMpgnFvhkrUxwUcz94XgWgLQNcFRRef92/zVjWBEmkG8L+c3vHqKd+3I7ShdQ+A
mps+gwusA12gNoIxaiIT4zUumhRQN8kxnYFpLtquEtRKZRggmZhPmRrlzGKeQNtZ
/BYg68hYS95HCEhGZ7+xrC7Dal/Ts7XTGiOD19z0swGBAevGo3C0E4cHkYOarRb1
r1ePMIjVAXx+0TcJ6BgQHGCnH8u7zLexVuh4/1riNbJd7wABUFL+wXx45IWR8OU0
sL117MSOMV28i0tAL3HNO5GMis/WTR5Gzckhfh4kaRRO8swO1UFU
-----END CERTIFICATE-----
Generated at Wed Feb 5 12:44:50 2025 by rpki-client