Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/89MQc9PBG2GbBnZnzHirezjOq-w.roa
File: 89MQc9PBG2GbBnZnzHirezjOq-w.roa (raw, json)
Hash identifier: MeVXh1ylLNYviko99mI8RcV6v+SKzha2FD74wTHPGes=
Subject key identifier: F3:D3:10:73:D3:C1:1B:61:9B:06:76:67:CC:78:AB:7B:38:CE:AB:EC
Certificate issuer: /CN=6511ce5e2f53b7bb8cac8f39e294e89a45b20029
Certificate serial: 018CC79503A99997335ADBE29A0464AB80EE
Authority key identifier: 65:11:CE:5E:2F:53:B7:BB:8C:AC:8F:39:E2:94:E8:9A:45:B2:00:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZRHOXi9Tt7uMrI854pTomkWyACk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/89MQc9PBG2GbBnZnzHirezjOq-w.roa
Signing time: Tue 02 Jan 2024 00:31:20 +0000
ROA not before: Tue 02 Jan 2024 00:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20495
IP address blocks: 84.244.128.0/18 maxlen: 18
84.244.128.0/19 maxlen: 32
92.48.224.0/20 maxlen: 32
92.48.224.0/19 maxlen: 19
92.48.240.0/20 maxlen: 32
92.48.192.0/20 maxlen: 32
92.48.192.0/19 maxlen: 19
92.48.192.0/18 maxlen: 18
92.48.208.0/20 maxlen: 32
84.244.160.0/19 maxlen: 32
217.148.160.0/20 maxlen: 32
217.148.160.0/19 maxlen: 19
217.148.176.0/20 maxlen: 32
2001:15c8::/32 maxlen: 32
2001:15c8:8000::/33 maxlen: 128
2001:15c8::/33 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/ZRHOXi9Tt7uMrI854pTomkWyACk.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/ZRHOXi9Tt7uMrI854pTomkWyACk.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZRHOXi9Tt7uMrI854pTomkWyACk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:03:a9:99:97:33:5a:db:e2:9a:04:64:ab:80:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6511ce5e2f53b7bb8cac8f39e294e89a45b20029
Validity
Not Before: Jan 2 00:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f3d31073d3c11b619b067667cc78ab7b38ceabec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:73:8d:48:b6:81:03:d8:cb:9c:28:3b:f6:96:
d9:b0:75:c8:fb:29:c4:11:9d:5c:63:ff:da:8c:35:
85:11:da:f9:c6:8b:a6:6a:e1:b3:ab:04:d8:70:c5:
6d:3f:e2:5a:5e:73:b9:a5:7a:9a:88:35:e7:33:e4:
93:97:d9:31:0e:d1:e8:8b:10:ab:00:80:58:06:9f:
61:64:19:c1:ac:a5:4d:2e:71:c3:05:52:a5:3d:73:
24:8f:85:f3:a4:b0:8f:53:65:2a:9b:9a:1e:c9:9b:
34:67:b5:f6:e7:f2:8f:57:55:ec:ae:42:c0:c2:67:
6d:86:09:57:59:97:84:9e:b4:56:64:9f:22:67:f3:
88:a4:1d:25:f4:73:f0:44:08:af:e2:2c:7b:27:29:
b7:4c:8a:f7:2e:39:7b:a6:9d:e4:0a:d8:44:50:43:
60:92:84:f3:c3:8f:c7:83:e8:8e:fd:8c:a7:2a:ec:
89:8b:fa:92:5a:09:ae:e2:79:8b:57:5a:9a:82:20:
c1:fb:75:03:b3:19:ab:e9:35:5e:12:a6:ec:3b:1c:
b5:dd:40:dc:8c:3c:1f:a7:02:4b:b5:d1:a5:74:3f:
d7:d2:81:bb:a0:3c:86:47:00:7f:04:40:6f:21:95:
06:76:cb:6f:35:6f:ed:10:99:bd:ed:e0:c5:6d:a9:
c0:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:D3:10:73:D3:C1:1B:61:9B:06:76:67:CC:78:AB:7B:38:CE:AB:EC
X509v3 Authority Key Identifier:
keyid:65:11:CE:5E:2F:53:B7:BB:8C:AC:8F:39:E2:94:E8:9A:45:B2:00:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRHOXi9Tt7uMrI854pTomkWyACk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/89MQc9PBG2GbBnZnzHirezjOq-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/91b093-acb7-4cb7-bf8f-5cb934a55b0d/1/ZRHOXi9Tt7uMrI854pTomkWyACk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.244.128.0/18
92.48.192.0/18
217.148.160.0/19
IPv6:
2001:15c8::/32
Signature Algorithm: sha256WithRSAEncryption
79:76:cf:bb:7d:3e:ed:fa:e0:5a:1e:f8:ca:a1:7a:79:1e:c5:
10:07:62:54:00:91:91:e1:ce:49:bf:83:f7:5f:ea:36:67:1f:
56:d3:b3:8f:15:a4:7b:71:bf:6f:f1:5c:6c:e3:9b:2a:3a:b6:
6e:b0:8e:52:fa:36:35:17:80:0e:53:18:ab:42:68:74:3c:49:
df:76:79:ab:ea:27:ca:c0:8a:e9:9f:b0:c9:9b:37:dc:9d:2a:
89:71:c2:b6:8e:37:0d:60:6c:fc:f1:84:d1:84:34:06:c7:78:
e2:35:90:37:61:1d:bd:6e:b4:15:43:a3:07:88:c0:2a:f4:a3:
c5:f0:fd:d7:56:eb:8b:6c:ee:95:2e:f8:06:d3:7e:12:df:a3:
4b:8e:c2:c0:b7:10:29:41:60:5d:9a:84:ec:2f:f4:8d:8c:26:
26:9c:94:56:ab:23:7a:74:44:06:0a:15:ae:f3:db:16:1f:a5:
6f:1f:2c:19:6a:02:85:92:41:ff:4c:ba:19:84:e2:88:d4:f4:
38:76:07:b5:cc:ed:34:a4:73:c3:c4:46:07:f8:b9:62:d5:a0:
e0:44:ef:94:0a:bd:88:7b:c9:b1:65:c7:c2:38:f1:a3:5f:44:
3f:61:8e:67:43:e0:03:ba:c5:5a:fb:a4:7f:ce:e3:60:c5:5e:
cf:2c:cb:b6
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHlQOpmZczWtvimgRkq4DuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MTFjZTVlMmY1M2I3YmI4Y2FjOGYzOWUyOTRlODlhNDVi
MjAwMjkwHhcNMjQwMTAyMDAzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2QzMTA3M2QzYzExYjYxOWIwNjc2NjdjYzc4YWI3YjM4Y2VhYmVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXONSLaBA9jLnCg79pbZsHXI+ynE
EZ1cY//ajDWFEdr5xoumauGzqwTYcMVtP+JaXnO5pXqaiDXnM+STl9kxDtHoixCr
AIBYBp9hZBnBrKVNLnHDBVKlPXMkj4XzpLCPU2Uqm5oeyZs0Z7X25/KPV1XsrkLA
wmdthglXWZeEnrRWZJ8iZ/OIpB0l9HPwRAiv4ix7Jym3TIr3Ljl7pp3kCthEUENg
koTzw4/Hg+iO/YynKuyJi/qSWgmu4nmLV1qagiDB+3UDsxmr6TVeEqbsOxy13UDc
jDwfpwJLtdGldD/X0oG7oDyGRwB/BEBvIZUGdstvNW/tEJm97eDFbanAlQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFPPTEHPTwRthmwZ2Z8x4q3s4zqvsMB8GA1UdIwQY
MBaAFGURzl4vU7e7jKyPOeKU6JpFsgApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJIT1hpOVR0N3VNckk4NTRwVG9ta1d5QUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS85MWIwOTMtYWNiNy00Y2I3LWJmOGYt
NWNiOTM0YTU1YjBkLzEvODlNUWM5UEJHMkdiQm5abnpIaXJlempPcS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS85MWIwOTMtYWNiNy00Y2I3LWJmOGYtNWNiOTM0YTU1YjBk
LzEvWlJIT1hpOVR0N3VNckk4NTRwVG9ta1d5QUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGVPSAAwQG
XDDAAwQF2ZSgMA0EAgACMAcDBQAgARXIMA0GCSqGSIb3DQEBCwUAA4IBAQB5ds+7
fT7t+uBaHvjKoXp5HsUQB2JUAJGR4c5Jv4P3X+o2Zx9W07OPFaR7cb9v8Vxs45sq
OrZusI5S+jY1F4AOUxirQmh0PEnfdnmr6ifKwIrpn7DJmzfcnSqJccK2jjcNYGz8
8YTRhDQGx3jiNZA3YR29brQVQ6MHiMAq9KPF8P3XVuuLbO6VLvgG034S36NLjsLA
txApQWBdmoTsL/SNjCYmnJRWqyN6dEQGChWu89sWH6VvHywZagKFkkH/TLoZhOKI
1PQ4dge1zO00pHPDxEYH+Lli1aDgRO+UCr2Ie8mxZcfCOPGjX0Q/YY5nQ+ADusVa
+6R/zuNgxV7PLMu2
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:07:46 2024 by rpki-client on console-fra.rpki-client.org