Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/198c6b-d715-47b6-86c0-4d22c6b5b1fe/1/PRVW7Y7RBC_IeiHGrg1YmVghN0U.roa
File: PRVW7Y7RBC_IeiHGrg1YmVghN0U.roa (raw, json)
Hash identifier: +B8nCqi6fDzZ3hYs6jG/wAdeE7lrYJ+EYbQ7BxH9dz0=
Subject key identifier: 3D:15:56:ED:8E:D1:04:2F:C8:7A:21:C6:AE:0D:58:99:58:21:37:45
Certificate issuer: /CN=762656c5e66b82c04654be1a25629b1fd6a59456
Certificate serial: 018CC8015CDE0BB225B04C677E7E0CDB30CF
Authority key identifier: 76:26:56:C5:E6:6B:82:C0:46:54:BE:1A:25:62:9B:1F:D6:A5:94:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/diZWxeZrgsBGVL4aJWKbH9allFY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/198c6b-d715-47b6-86c0-4d22c6b5b1fe/1/PRVW7Y7RBC_IeiHGrg1YmVghN0U.roa
Signing time: Tue 02 Jan 2024 02:29:41 +0000
ROA not before: Tue 02 Jan 2024 02:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39520
IP address blocks: 89.255.208.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/198c6b-d715-47b6-86c0-4d22c6b5b1fe/1/diZWxeZrgsBGVL4aJWKbH9allFY.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/198c6b-d715-47b6-86c0-4d22c6b5b1fe/1/diZWxeZrgsBGVL4aJWKbH9allFY.mft
rsync://rpki.ripe.net/repository/DEFAULT/diZWxeZrgsBGVL4aJWKbH9allFY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:5c:de:0b:b2:25:b0:4c:67:7e:7e:0c:db:30:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=762656c5e66b82c04654be1a25629b1fd6a59456
Validity
Not Before: Jan 2 02:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3d1556ed8ed1042fc87a21c6ae0d589958213745
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8e:d1:30:f5:f3:f4:c9:44:25:4a:26:d7:e5:
84:ee:1f:c6:e3:81:05:3c:7c:67:4b:b6:71:40:f2:
63:7c:ab:d0:ae:ab:53:f1:68:6e:26:b0:7c:ef:36:
c0:8f:7f:d8:b5:68:3a:92:cc:9e:a1:3d:e0:a6:92:
da:46:73:11:f7:6f:af:e8:78:d3:76:43:9c:21:ad:
cf:47:77:41:d0:47:ea:d2:b7:fa:07:b8:bf:65:ac:
dc:d9:a1:42:03:88:77:34:aa:d8:8a:ad:b1:7c:d8:
e2:9a:34:9d:f3:6b:8b:14:00:aa:f6:09:45:3d:3c:
79:08:23:46:d9:45:42:9b:a6:e7:c0:cc:46:fe:13:
a2:ae:ef:e6:93:ae:78:4f:46:1d:fe:96:73:72:a0:
ea:23:fc:e4:cd:77:78:6e:ed:12:8c:3a:d3:11:34:
b5:d6:2c:d3:ec:25:41:4b:33:dd:0c:3d:61:7d:38:
7e:f0:d4:71:3d:f7:eb:e2:76:8d:52:57:2a:cf:05:
0c:0a:41:e1:87:02:e1:db:0d:cc:11:25:25:9a:e3:
a7:83:d9:1b:b0:8a:56:04:fc:fb:6e:59:a7:dd:8b:
19:0a:69:8d:7f:47:7a:92:12:f4:ee:2c:b7:89:87:
35:18:ba:33:8f:9c:b0:91:8d:fb:c0:de:2a:a4:f2:
42:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:15:56:ED:8E:D1:04:2F:C8:7A:21:C6:AE:0D:58:99:58:21:37:45
X509v3 Authority Key Identifier:
keyid:76:26:56:C5:E6:6B:82:C0:46:54:BE:1A:25:62:9B:1F:D6:A5:94:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/diZWxeZrgsBGVL4aJWKbH9allFY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/198c6b-d715-47b6-86c0-4d22c6b5b1fe/1/PRVW7Y7RBC_IeiHGrg1YmVghN0U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/198c6b-d715-47b6-86c0-4d22c6b5b1fe/1/diZWxeZrgsBGVL4aJWKbH9allFY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.255.208.0/22
Signature Algorithm: sha256WithRSAEncryption
0f:5e:c6:9e:05:ff:13:b8:5a:21:20:82:3c:2c:bf:09:f5:97:
64:9f:b1:8e:8e:28:96:1d:bb:b1:b1:85:07:d2:d1:12:0a:b5:
a9:a4:06:e7:e5:60:65:c9:ca:f6:48:47:85:33:92:aa:5b:fe:
62:2e:ec:8f:9a:49:37:4e:98:ef:4d:f5:aa:9e:43:8b:f0:15:
42:da:df:c6:5a:cb:ba:bd:87:94:ae:29:c9:c8:1e:47:26:eb:
68:b9:b0:7e:8c:12:0f:ca:b1:bf:32:96:c4:e1:7a:07:d7:9d:
af:21:19:4e:88:fb:1b:59:7d:16:36:83:4b:81:98:58:3a:ce:
fe:b2:d4:45:f5:be:83:2c:3a:de:67:ef:29:a1:0d:fb:60:a2:
8d:b8:00:81:1e:1b:76:9f:de:ac:2f:6f:3d:92:5f:58:ba:af:
f7:2c:9d:77:04:50:c9:5f:06:25:4a:9e:37:47:2f:1b:8d:5c:
6a:b6:4c:a9:46:6b:22:23:ab:08:85:06:32:15:cd:e9:df:58:
1c:c3:02:3c:6b:c3:41:9e:bb:43:9d:23:8d:3a:7d:60:fb:9a:
b5:ee:b9:50:9a:0c:6b:50:a6:d1:98:29:74:3f:05:0d:3a:ce:
7d:df:ad:c4:36:18:c9:d7:2c:cc:31:84:9c:d8:27:eb:45:0d:
ca:50:36:71
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIAVzeC7IlsExnfn4M2zDPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2MjY1NmM1ZTY2YjgyYzA0NjU0YmUxYTI1NjI5YjFmZDZh
NTk0NTYwHhcNMjQwMTAyMDIyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDE1NTZlZDhlZDEwNDJmYzg3YTIxYzZhZTBkNTg5OTU4MjEzNzQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxY7RMPXz9MlEJUom1+WE7h/G44EF
PHxnS7ZxQPJjfKvQrqtT8WhuJrB87zbAj3/YtWg6ksyeoT3gppLaRnMR92+v6HjT
dkOcIa3PR3dB0Efq0rf6B7i/Zazc2aFCA4h3NKrYiq2xfNjimjSd82uLFACq9glF
PTx5CCNG2UVCm6bnwMxG/hOiru/mk654T0Yd/pZzcqDqI/zkzXd4bu0SjDrTETS1
1izT7CVBSzPdDD1hfTh+8NRxPffr4naNUlcqzwUMCkHhhwLh2w3MESUlmuOng9kb
sIpWBPz7blmn3YsZCmmNf0d6khL07iy3iYc1GLozj5ywkY37wN4qpPJCqQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFD0VVu2O0QQvyHohxq4NWJlYITdFMB8GA1UdIwQY
MBaAFHYmVsXma4LARlS+GiVimx/WpZRWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGlaV3hlWnJnc0JHVkw0YUpXS2JIOWFsbEZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC8xOThjNmItZDcxNS00N2I2LTg2YzAt
NGQyMmM2YjViMWZlLzEvUFJWVzdZN1JCQ19JZWlIR3JnMVltVmdoTjBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC8xOThjNmItZDcxNS00N2I2LTg2YzAtNGQyMmM2YjViMWZl
LzEvZGlaV3hlWnJnc0JHVkw0YUpXS2JIOWFsbEZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCWf/QMA0G
CSqGSIb3DQEBCwUAA4IBAQAPXsaeBf8TuFohIII8LL8J9Zdkn7GOjiiWHbuxsYUH
0tESCrWppAbn5WBlycr2SEeFM5KqW/5iLuyPmkk3TpjvTfWqnkOL8BVC2t/GWsu6
vYeUrinJyB5HJutoubB+jBIPyrG/MpbE4XoH152vIRlOiPsbWX0WNoNLgZhYOs7+
stRF9b6DLDreZ+8poQ37YKKNuACBHht2n96sL289kl9Yuq/3LJ13BFDJXwYlSp43
Ry8bjVxqtkypRmsiI6sIhQYyFc3p31gcwwI8a8NBnrtDnSONOn1g+5q17rlQmgxr
UKbRmCl0PwUNOs59363ENhjJ1yzMMYSc2CfrRQ3KUDZx
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:18:55 2024 by rpki-client on console-fra.rpki-client.org