Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/ee714a-21ac-4386-82f5-e8176102c5ff/1/MYg2sMPuLyrCXtDZKgde1DUbiGk.roa
File: MYg2sMPuLyrCXtDZKgde1DUbiGk.roa (raw, json)
Hash identifier: a5HvjcRYo0wOyvFAnQ4dXcj9fyvSnsr+BVrgX+rgbbY=
Subject key identifier: 31:88:36:B0:C3:EE:2F:2A:C2:5E:D0:D9:2A:07:5E:D4:35:1B:88:69
Certificate issuer: /CN=fd89b349c84fc7b3412a52d65ff260d2cc289ab9
Certificate serial: 018CC42468F69AA46B3400E77CB7C4366612
Authority key identifier: FD:89:B3:49:C8:4F:C7:B3:41:2A:52:D6:5F:F2:60:D2:CC:28:9A:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_YmzSchPx7NBKlLWX_Jg0swomrk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/ee714a-21ac-4386-82f5-e8176102c5ff/1/MYg2sMPuLyrCXtDZKgde1DUbiGk.roa
Signing time: Mon 01 Jan 2024 08:29:29 +0000
ROA not before: Mon 01 Jan 2024 08:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20860
IP address blocks: 149.255.96.0/20 maxlen: 24
2a03:ca80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/ee714a-21ac-4386-82f5-e8176102c5ff/1/_YmzSchPx7NBKlLWX_Jg0swomrk.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/ee714a-21ac-4386-82f5-e8176102c5ff/1/_YmzSchPx7NBKlLWX_Jg0swomrk.mft
rsync://rpki.ripe.net/repository/DEFAULT/_YmzSchPx7NBKlLWX_Jg0swomrk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:24:68:f6:9a:a4:6b:34:00:e7:7c:b7:c4:36:66:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd89b349c84fc7b3412a52d65ff260d2cc289ab9
Validity
Not Before: Jan 1 08:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=318836b0c3ee2f2ac25ed0d92a075ed4351b8869
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:1e:ca:6e:87:1a:be:c4:e5:6c:39:63:2e:be:
68:82:96:58:60:2b:2d:76:7e:f9:0e:25:04:98:48:
fb:fe:c1:64:10:38:d8:72:48:19:f4:aa:aa:17:89:
99:5e:b1:af:7f:db:5b:a0:d6:de:31:73:21:ba:2a:
9c:93:4c:6d:65:8d:a7:4b:e8:4a:23:bf:2b:72:92:
26:b1:b5:89:77:c1:69:e9:e7:18:76:49:ed:0e:77:
2b:0b:ff:26:e1:e0:c7:71:d9:a6:1a:6d:fd:85:de:
7c:58:b2:65:51:d0:0f:29:82:60:be:3e:f7:ee:5a:
d6:b8:8e:d2:6b:df:16:61:f6:e3:47:00:1d:ac:e5:
32:0a:02:c2:83:3e:5f:52:c7:e3:24:8c:db:4b:e2:
66:dd:87:85:69:3c:72:dd:23:02:f6:18:d4:45:a4:
f2:1c:28:8c:14:28:83:d1:61:2d:4b:bc:ce:e3:eb:
d8:68:36:ea:5c:6f:05:9f:cc:b7:21:b6:32:68:43:
4b:d7:98:9f:1d:82:50:56:91:47:d9:a4:6d:15:c5:
ab:af:1d:8e:13:02:d9:26:3d:c4:59:30:a6:3e:42:
90:0f:a0:33:6f:b7:9d:d5:8e:09:48:f9:a7:d2:96:
7c:49:54:ea:cb:7e:7b:58:f1:88:54:2b:82:a6:e2:
c0:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:88:36:B0:C3:EE:2F:2A:C2:5E:D0:D9:2A:07:5E:D4:35:1B:88:69
X509v3 Authority Key Identifier:
keyid:FD:89:B3:49:C8:4F:C7:B3:41:2A:52:D6:5F:F2:60:D2:CC:28:9A:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_YmzSchPx7NBKlLWX_Jg0swomrk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ee714a-21ac-4386-82f5-e8176102c5ff/1/MYg2sMPuLyrCXtDZKgde1DUbiGk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/ee714a-21ac-4386-82f5-e8176102c5ff/1/_YmzSchPx7NBKlLWX_Jg0swomrk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.255.96.0/20
IPv6:
2a03:ca80::/29
Signature Algorithm: sha256WithRSAEncryption
89:cd:37:2f:0c:85:ed:ed:1c:6f:16:6d:01:d0:4e:a3:c2:ef:
0e:ab:ff:30:9c:07:96:8a:6f:31:31:b4:91:e4:e3:85:42:6f:
5e:71:b8:24:d2:f5:6e:e4:92:9d:b5:38:2e:0c:17:43:6b:d3:
9d:18:2a:af:e4:1d:ef:91:c0:fe:9a:bc:38:e0:45:19:c8:36:
65:9f:dd:f2:41:ad:c0:5d:e1:02:c5:94:5e:dc:58:3c:8c:91:
2b:02:0e:5a:f8:2d:69:ed:6f:99:8a:4e:92:84:f4:0e:e3:a6:
a9:97:3b:b5:1d:3c:37:6e:97:40:8a:d8:d1:cc:46:6f:80:a7:
4e:62:b2:f9:a0:49:ee:44:2c:bb:02:8c:4b:a0:05:9d:48:d7:
fa:06:a7:c2:24:d4:78:98:af:5c:ce:04:ac:d8:a6:22:e3:1f:
48:ce:30:3d:13:67:8c:30:c7:d7:cc:49:bf:40:15:c8:a8:66:
cc:52:67:5d:4e:dc:ef:dd:a3:d5:d9:4c:51:f1:4c:69:a8:fa:
4e:42:90:1a:af:14:df:73:6c:14:6e:0f:13:35:c4:81:90:42:
f8:47:de:59:55:bc:71:62:93:75:72:2c:82:9f:3e:a8:0f:b4:
32:c9:8e:8a:33:33:41:f1:68:05:0d:b5:5e:f6:bd:88:c9:bb:
9d:7e:25:cb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzEJGj2mqRrNADnfLfENmYSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkODliMzQ5Yzg0ZmM3YjM0MTJhNTJkNjVmZjI2MGQyY2My
ODlhYjkwHhcNMjQwMTAxMDgyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTg4MzZiMGMzZWUyZjJhYzI1ZWQwZDkyYTA3NWVkNDM1MWI4ODY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwx7KbocavsTlbDljLr5ogpZYYCst
dn75DiUEmEj7/sFkEDjYckgZ9KqqF4mZXrGvf9tboNbeMXMhuiqck0xtZY2nS+hK
I78rcpImsbWJd8Fp6ecYdkntDncrC/8m4eDHcdmmGm39hd58WLJlUdAPKYJgvj73
7lrWuI7Sa98WYfbjRwAdrOUyCgLCgz5fUsfjJIzbS+Jm3YeFaTxy3SMC9hjURaTy
HCiMFCiD0WEtS7zO4+vYaDbqXG8Fn8y3IbYyaENL15ifHYJQVpFH2aRtFcWrrx2O
EwLZJj3EWTCmPkKQD6Azb7ed1Y4JSPmn0pZ8SVTqy357WPGIVCuCpuLAvwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDGINrDD7i8qwl7Q2SoHXtQ1G4hpMB8GA1UdIwQY
MBaAFP2Js0nIT8ezQSpS1l/yYNLMKJq5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1ltelNjaFB4N05CS2xMV1hfSmcwc3dvbXJrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9lZTcxNGEtMjFhYy00Mzg2LTgyZjUt
ZTgxNzYxMDJjNWZmLzEvTVlnMnNNUHVMeXJDWHREWktnZGUxRFViaUdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9lZTcxNGEtMjFhYy00Mzg2LTgyZjUtZTgxNzYxMDJjNWZm
LzEvX1ltelNjaFB4N05CS2xMV1hfSmcwc3dvbXJrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQElf9gMA0E
AgACMAcDBQMqA8qAMA0GCSqGSIb3DQEBCwUAA4IBAQCJzTcvDIXt7RxvFm0B0E6j
wu8Oq/8wnAeWim8xMbSR5OOFQm9ecbgk0vVu5JKdtTguDBdDa9OdGCqv5B3vkcD+
mrw44EUZyDZln93yQa3AXeECxZRe3Fg8jJErAg5a+C1p7W+Zik6ShPQO46aplzu1
HTw3bpdAitjRzEZvgKdOYrL5oEnuRCy7AoxLoAWdSNf6BqfCJNR4mK9czgSs2KYi
4x9IzjA9E2eMMMfXzEm/QBXIqGbMUmddTtzv3aPV2UxR8UxpqPpOQpAarxTfc2wU
bg8TNcSBkEL4R95ZVbxxYpN1ciyCnz6oD7QyyY6KMzNB8WgFDbVe9r2IybudfiXL
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:37:25 2024 by rpki-client on console-fra.rpki-client.org