Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/rQkL7Yska-G457go25x2qzT_eTU.roa
File: rQkL7Yska-G457go25x2qzT_eTU.roa (raw, json)
Hash identifier: wlC6rGJS2rYKKHVt1+P8jP1ppIHC/pcvL2VbX/rDpOA=
Subject key identifier: AD:09:0B:ED:8B:24:6B:E1:B8:E7:B8:28:DB:9C:76:AB:34:FF:79:35
Certificate issuer: /CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Certificate serial: 01930BB4D8A39F292FB7CF84430245B82B71
Authority key identifier: 62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/rQkL7Yska-G457go25x2qzT_eTU.roa
Signing time: Fri 08 Nov 2024 12:17:01 +0000
ROA not before: Fri 08 Nov 2024 12:17:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6830
IP address blocks: 93.89.219.0/24 maxlen: 24
93.89.221.0/24 maxlen: 24
93.89.222.0/24 maxlen: 24
93.89.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.mft
rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0b:b4:d8:a3:9f:29:2f:b7:cf:84:43:02:45:b8:2b:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62a15cc88659f578cc159c52b3a7e9ec5819fb20
Validity
Not Before: Nov 8 12:17:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ad090bed8b246be1b8e7b828db9c76ab34ff7935
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:e2:a5:44:8f:52:65:b1:c2:0b:83:b3:5c:a4:
52:43:98:8b:33:64:1b:8b:6f:8c:8b:78:1e:ae:71:
aa:29:b9:ab:fd:41:fd:cf:64:6d:93:57:cc:a7:ab:
1e:e0:79:d8:cf:44:bf:e2:16:8f:4b:c7:6e:c0:b5:
20:c9:37:54:64:7d:3e:d2:4f:b7:22:93:09:4f:da:
b9:00:1e:f4:22:fb:26:ba:ad:3e:17:61:93:55:01:
f5:ea:d1:c9:77:e3:4a:a0:77:f7:3d:65:ef:92:6c:
0d:8e:a6:0e:ef:74:23:67:c8:28:6d:3a:be:b0:61:
4e:3a:f4:c2:44:be:66:67:f7:f0:a9:aa:93:f5:a7:
54:0c:5c:0e:1c:41:08:c7:7f:6f:0a:c7:78:c2:51:
61:88:9d:98:02:0c:34:3d:27:34:3f:d4:cd:36:f3:
55:b6:ce:66:b5:97:e1:62:a2:e8:ad:61:1d:b3:3b:
f2:c6:50:19:e5:e9:be:62:e1:98:57:47:5b:06:17:
ae:74:2e:00:45:41:d5:87:19:2b:be:d2:b7:07:0b:
fc:19:f9:a4:13:4c:db:00:06:07:56:18:bb:e5:a2:
ca:e3:b8:b6:52:d8:c6:3f:d1:70:ed:e7:25:55:12:
f4:f7:21:eb:ef:1b:a1:95:c1:2a:df:b7:5a:43:a7:
91:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:09:0B:ED:8B:24:6B:E1:B8:E7:B8:28:DB:9C:76:AB:34:FF:79:35
X509v3 Authority Key Identifier:
keyid:62:A1:5C:C8:86:59:F5:78:CC:15:9C:52:B3:A7:E9:EC:58:19:FB:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/rQkL7Yska-G457go25x2qzT_eTU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/2117bc-1f9e-4590-a550-4269b56bf7d4/1/YqFcyIZZ9XjMFZxSs6fp7FgZ-yA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.89.219.0/24
93.89.221.0-93.89.223.255
Signature Algorithm: sha256WithRSAEncryption
5c:26:5e:c0:02:fe:dc:bf:f9:c9:41:7f:3f:8e:82:6e:08:f7:
77:14:83:80:2e:28:b5:c5:17:b3:12:4f:5a:fc:d1:29:fd:fc:
82:40:bf:cf:5c:1d:50:03:53:57:8f:11:a1:6e:b8:f3:a4:cc:
43:00:81:94:0a:11:c9:db:4c:d9:4b:71:2f:1c:59:ef:df:0b:
f4:2d:43:17:13:12:62:17:5f:1c:97:60:04:5b:8e:9c:d0:f8:
b1:23:ec:5c:cb:11:4a:30:6d:f4:98:0e:22:65:89:ad:9f:61:
04:2f:21:1f:e3:fa:a7:42:b3:f1:80:c2:78:80:b4:af:a4:ac:
5b:4c:4c:24:1d:a2:3c:81:69:79:d1:8a:7c:ec:bf:e8:f1:92:
57:a9:a7:90:6c:ea:34:6d:4e:6c:36:8f:15:43:87:71:35:5d:
19:9a:cb:95:eb:71:be:de:25:76:13:e9:7f:fd:4b:6f:37:8b:
73:58:50:19:2c:9b:40:90:af:db:39:8c:c4:8f:98:fa:2f:fd:
1a:e8:36:8a:7f:0a:f3:97:fb:40:28:0e:7e:d5:68:48:88:90:
a1:e7:3c:8f:82:de:cd:7d:7a:41:c8:76:03:ff:ca:b5:49:43:
e3:72:96:c8:54:e7:4a:6d:49:53:fd:00:30:63:fb:99:06:f1:
fc:3b:47:1f
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZMLtNijnykvt8+EQwJFuCtxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyYTE1Y2M4ODY1OWY1NzhjYzE1OWM1MmIzYTdlOWVjNTgx
OWZiMjAwHhcNMjQxMTA4MTIxNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDA5MGJlZDhiMjQ2YmUxYjhlN2I4MjhkYjljNzZhYjM0ZmY3OTM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjeKlRI9SZbHCC4OzXKRSQ5iLM2Qb
i2+Mi3gernGqKbmr/UH9z2Rtk1fMp6se4HnYz0S/4haPS8duwLUgyTdUZH0+0k+3
IpMJT9q5AB70Ivsmuq0+F2GTVQH16tHJd+NKoHf3PWXvkmwNjqYO73QjZ8gobTq+
sGFOOvTCRL5mZ/fwqaqT9adUDFwOHEEIx39vCsd4wlFhiJ2YAgw0PSc0P9TNNvNV
ts5mtZfhYqLorWEdszvyxlAZ5em+YuGYV0dbBheudC4ARUHVhxkrvtK3Bwv8Gfmk
E0zbAAYHVhi75aLK47i2UtjGP9Fw7eclVRL09yHr7xuhlcEq37daQ6eRuwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFK0JC+2LJGvhuOe4KNucdqs0/3k1MB8GA1UdIwQY
MBaAFGKhXMiGWfV4zBWcUrOn6exYGfsgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAt
NDI2OWI1NmJmN2Q0LzEvclFrTDdZc2thLUc0NTdnbzI1eDJxelRfZVRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi8yMTE3YmMtMWY5ZS00NTkwLWE1NTAtNDI2OWI1NmJmN2Q0
LzEvWXFGY3lJWlo5WGpNRlp4U3M2ZnA3RmdaLXlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAXVnbMAwD
BABdWd0DBAVdWcAwDQYJKoZIhvcNAQELBQADggEBAFwmXsAC/ty/+clBfz+Ogm4I
93cUg4AuKLXFF7MST1r80Sn9/IJAv89cHVADU1ePEaFuuPOkzEMAgZQKEcnbTNlL
cS8cWe/fC/QtQxcTEmIXXxyXYARbjpzQ+LEj7FzLEUowbfSYDiJlia2fYQQvIR/j
+qdCs/GAwniAtK+krFtMTCQdojyBaXnRinzsv+jxklepp5Bs6jRtTmw2jxVDh3E1
XRmay5Xrcb7eJXYT6X/9S283i3NYUBksm0CQr9s5jMSPmPov/RroNop/CvOX+0Ao
Dn7VaEiIkKHnPI+C3s19ekHIdgP/yrVJQ+NylshU50ptSVP9ADBj+5kG8fw7Rx8=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:02:10 2024 by rpki-client on console-ams.rpki-client.org