Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/reNYiWo9S-NrugOXr_4jFbghS_g.roa
File: reNYiWo9S-NrugOXr_4jFbghS_g.roa (raw, json)
Hash identifier: 0z3wlnDlEROtnkWdI8KPfL+waRYLTRMYoibxjUPz4q8=
Subject key identifier: AD:E3:58:89:6A:3D:4B:E3:6B:BA:03:97:AF:FE:23:15:B8:21:4B:F8
Certificate issuer: /CN=df904155ee3acfe3fea8bbfee86e97c58c8991f4
Certificate serial: 018CC725EC3D7CE4CF7CCEF05D4AEA9C68D2
Authority key identifier: DF:90:41:55:EE:3A:CF:E3:FE:A8:BB:FE:E8:6E:97:C5:8C:89:91:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/35BBVe46z-P-qLv-6G6XxYyJkfQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/reNYiWo9S-NrugOXr_4jFbghS_g.roa
Signing time: Mon 01 Jan 2024 22:30:00 +0000
ROA not before: Mon 01 Jan 2024 22:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60793
IP address blocks: 79.99.194.192/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/35BBVe46z-P-qLv-6G6XxYyJkfQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/35BBVe46z-P-qLv-6G6XxYyJkfQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/35BBVe46z-P-qLv-6G6XxYyJkfQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:25:ec:3d:7c:e4:cf:7c:ce:f0:5d:4a:ea:9c:68:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df904155ee3acfe3fea8bbfee86e97c58c8991f4
Validity
Not Before: Jan 1 22:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ade358896a3d4be36bba0397affe2315b8214bf8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:bd:d6:69:fa:92:2d:16:57:a5:95:c6:9d:54:
2b:18:c4:9e:75:d6:57:12:ce:70:12:86:0a:30:aa:
24:e1:93:c4:d3:6d:bb:4b:d6:4a:9c:d6:4e:f5:18:
c0:99:6e:cf:19:98:1e:a4:26:e4:3e:11:11:69:3a:
50:1c:65:72:02:de:91:e7:63:ca:52:20:85:da:17:
9b:96:c2:72:7c:eb:c7:46:8d:6e:a9:f1:da:b2:49:
26:04:55:d8:36:14:5b:01:86:22:d7:11:fc:b5:86:
b1:3e:60:50:76:bc:53:62:9f:7d:2f:a5:a1:3e:8a:
82:ca:98:30:42:f5:6f:37:20:7f:95:d6:eb:94:52:
ad:42:61:a8:4c:de:43:ed:e0:91:68:ec:89:1d:ec:
c2:40:1b:58:99:42:9a:4f:ba:a1:05:97:f4:25:2e:
72:87:43:26:c8:7a:16:4a:39:f3:77:25:77:5e:a9:
1a:b7:34:6b:f7:d2:9b:32:eb:4c:e6:3d:75:9d:e2:
ec:a6:82:06:25:1a:d9:ec:69:26:83:ef:f9:ab:34:
e5:d4:3a:1a:83:51:83:d8:c8:65:ff:ca:b7:c6:0a:
7e:0a:a3:94:d0:0e:74:6e:43:bf:1c:60:79:af:ff:
d4:ff:ea:f2:58:f8:62:1d:c8:79:92:3f:38:6d:92:
ab:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:E3:58:89:6A:3D:4B:E3:6B:BA:03:97:AF:FE:23:15:B8:21:4B:F8
X509v3 Authority Key Identifier:
keyid:DF:90:41:55:EE:3A:CF:E3:FE:A8:BB:FE:E8:6E:97:C5:8C:89:91:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/35BBVe46z-P-qLv-6G6XxYyJkfQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/reNYiWo9S-NrugOXr_4jFbghS_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/442e17-4198-435b-96f4-6467f44b43bf/1/35BBVe46z-P-qLv-6G6XxYyJkfQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.99.194.192/29
Signature Algorithm: sha256WithRSAEncryption
93:46:ea:ea:5d:02:8b:df:6b:5a:44:13:46:0e:7d:57:3a:5d:
3a:b1:eb:bb:71:74:46:86:ee:32:2b:7e:13:6d:ef:8e:00:22:
05:73:7a:99:56:04:60:23:9b:53:2c:92:ed:ed:07:56:1e:0d:
51:87:0c:bb:31:a0:83:9f:f0:09:41:8d:5e:1e:ea:88:48:d8:
4b:2b:fc:f4:be:f8:1e:1b:c5:8e:dd:9d:d4:0f:04:9b:f3:ea:
66:23:e9:df:5c:e0:35:cb:6e:ae:26:e3:1d:53:17:87:8c:fb:
98:4d:1a:2a:eb:50:ec:47:fa:31:f0:d2:f5:58:05:46:5a:72:
68:2c:1d:e8:a0:87:9a:90:d0:57:b0:51:fa:6a:7a:e3:41:b2:
40:89:47:62:90:a3:92:9a:c2:d5:2b:72:9c:82:36:f7:7e:3d:
82:f0:ab:93:16:68:e9:67:d3:80:d4:a4:5e:0c:0a:23:4b:2c:
62:c4:f6:c4:7a:a1:be:f8:8e:ae:35:04:01:46:42:4a:83:2f:
1c:f1:c1:03:7f:83:5a:65:16:4d:99:ab:55:59:9b:ee:17:cd:
51:65:73:7c:bc:7e:eb:98:23:82:a3:d9:c3:b8:d2:bf:41:d6:
89:8c:d4:bb:63:f4:3b:da:43:4e:b4:48:22:a0:8f:e8:66:c2:
d4:d4:2c:eb
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzHJew9fOTPfM7wXUrqnGjSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmOTA0MTU1ZWUzYWNmZTNmZWE4YmJmZWU4NmU5N2M1OGM4
OTkxZjQwHhcNMjQwMTAxMjIzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGUzNTg4OTZhM2Q0YmUzNmJiYTAzOTdhZmZlMjMxNWI4MjE0YmY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg73WafqSLRZXpZXGnVQrGMSeddZX
Es5wEoYKMKok4ZPE0227S9ZKnNZO9RjAmW7PGZgepCbkPhERaTpQHGVyAt6R52PK
UiCF2heblsJyfOvHRo1uqfHaskkmBFXYNhRbAYYi1xH8tYaxPmBQdrxTYp99L6Wh
PoqCypgwQvVvNyB/ldbrlFKtQmGoTN5D7eCRaOyJHezCQBtYmUKaT7qhBZf0JS5y
h0MmyHoWSjnzdyV3XqkatzRr99KbMutM5j11neLspoIGJRrZ7Gkmg+/5qzTl1Doa
g1GD2Mhl/8q3xgp+CqOU0A50bkO/HGB5r//U/+ryWPhiHch5kj84bZKrqwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFK3jWIlqPUvja7oDl6/+IxW4IUv4MB8GA1UdIwQY
MBaAFN+QQVXuOs/j/qi7/uhul8WMiZH0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMzVCQlZlNDZ6LVAtcUx2LTZHNlh4WXlKa2ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS80NDJlMTctNDE5OC00MzViLTk2ZjQt
NjQ2N2Y0NGI0M2JmLzEvcmVOWWlXbzlTLU5ydWdPWHJfNGpGYmdoU19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS80NDJlMTctNDE5OC00MzViLTk2ZjQtNjQ2N2Y0NGI0M2Jm
LzEvMzVCQlZlNDZ6LVAtcUx2LTZHNlh4WXlKa2ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAATAHAwUDT2PCwDAN
BgkqhkiG9w0BAQsFAAOCAQEAk0bq6l0Ci99rWkQTRg59VzpdOrHru3F0RobuMit+
E23vjgAiBXN6mVYEYCObUyyS7e0HVh4NUYcMuzGgg5/wCUGNXh7qiEjYSyv89L74
HhvFjt2d1A8Em/PqZiPp31zgNcturibjHVMXh4z7mE0aKutQ7Ef6MfDS9VgFRlpy
aCwd6KCHmpDQV7BR+mp640GyQIlHYpCjkprC1StynII29349gvCrkxZo6WfTgNSk
XgwKI0ssYsT2xHqhvviOrjUEAUZCSoMvHPHBA3+DWmUWTZmrVVmb7hfNUWVzfLx+
65gjgqPZw7jSv0HWiYzUu2P0O9pDTrRIIqCP6GbC1NQs6w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:52:23 2024 by rpki-client on console-fra.rpki-client.org