Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/77Zw7FDepP4hT6u3icIQUSIw3Do.roa
File: 77Zw7FDepP4hT6u3icIQUSIw3Do.roa (raw, json)
Hash identifier: wTcSXGKU69tpREU3VOv4XXAkJhLVVXG4ZgSZTSA9C7U=
Subject key identifier: EF:B6:70:EC:50:DE:A4:FE:21:4F:AB:B7:89:C2:10:51:22:30:DC:3A
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 018D20FDF9A9B9F947EFA68EF66DC343E96A
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/77Zw7FDepP4hT6u3icIQUSIw3Do.roa
Signing time: Fri 19 Jan 2024 09:12:11 +0000
ROA not before: Fri 19 Jan 2024 09:12:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215741
IP address blocks: 89.213.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 01:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:20:fd:f9:a9:b9:f9:47:ef:a6:8e:f6:6d:c3:43:e9:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jan 19 09:12:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=efb670ec50dea4fe214fabb789c210512230dc3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:f5:b3:01:49:b2:9c:d0:81:24:82:1f:9a:7c:
01:f0:a2:ff:9c:de:92:16:4e:22:fd:9c:9e:fc:8c:
f7:16:7a:60:f6:64:9e:ce:d4:fd:68:b5:da:f6:63:
22:f1:6e:f3:e9:cf:44:7f:56:aa:2a:47:0a:c7:be:
47:01:a3:ed:d8:46:25:b7:b2:2c:fc:ef:44:bb:a0:
2e:fa:3b:c7:a4:b3:22:2e:4f:fb:56:52:a5:28:52:
2a:a8:74:d9:98:b9:cc:5e:e1:7a:9c:b5:0d:b1:fb:
c8:e8:44:e6:7f:11:6d:27:e0:40:9c:69:95:15:8a:
0a:f0:54:2a:7b:73:44:59:28:b7:a5:4f:1d:d9:6c:
d7:49:34:4d:ec:2d:db:84:fd:94:8f:50:e1:34:f4:
14:a9:9b:a0:fc:4f:3f:ec:76:f3:1f:a9:ad:9a:ee:
1d:1b:70:6c:af:05:bc:8c:99:cf:4f:26:a3:7a:bd:
65:f8:6e:1a:e4:19:8a:7b:3f:0a:35:2d:39:d9:3f:
08:41:fc:00:64:4f:46:f2:95:84:90:38:8f:25:10:
93:8c:03:44:ad:80:34:0c:04:29:8f:08:e3:2a:66:
87:6d:c0:43:60:ef:ea:f0:e1:78:ad:0a:26:33:0f:
d7:98:97:10:c7:ff:5b:74:88:9a:44:4c:a3:34:9b:
5c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:B6:70:EC:50:DE:A4:FE:21:4F:AB:B7:89:C2:10:51:22:30:DC:3A
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/77Zw7FDepP4hT6u3icIQUSIw3Do.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.169.0/24
Signature Algorithm: sha256WithRSAEncryption
37:dd:45:00:55:6d:f1:a8:dd:30:d7:33:b1:92:03:a6:a7:7b:
bc:95:f0:7f:2d:a0:a5:08:39:1a:24:6f:17:cb:7c:2a:41:02:
d8:f5:00:03:07:29:dc:75:6b:e3:ca:96:72:97:8c:bd:5b:49:
d4:91:8d:5a:be:ac:31:0e:78:ed:51:db:d9:26:32:fa:4e:51:
0e:08:b7:f6:b3:e8:87:af:4f:4f:f5:a7:ce:cd:74:5b:13:e6:
c6:be:7f:01:50:04:91:c0:a8:e9:6c:99:a2:71:bb:13:41:f4:
a4:7a:d7:3d:f7:f5:e4:5e:e7:fc:53:48:6d:76:50:30:60:df:
4e:74:56:7e:a8:fb:f4:bb:e3:fa:b6:25:ae:30:1e:87:09:fd:
e1:02:be:63:64:90:3f:67:ce:4a:83:62:b0:9a:19:fe:78:3a:
c0:9f:33:03:ea:45:da:1d:56:5f:65:f7:79:02:90:13:e1:76:
46:58:2a:5f:be:1f:4b:fa:11:eb:fc:b6:4e:91:c1:c3:ad:2d:
6f:2e:6f:00:01:97:d4:19:7b:11:d6:f7:f7:18:d5:c7:05:38:
70:e2:16:11:04:a0:6e:4d:40:89:79:5a:0f:aa:40:01:da:84:
e8:2d:74:1a:28:73:4b:3c:f0:0e:61:98:bc:b5:68:6f:ee:0e:
2d:fc:4e:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY0g/fmpuflH76aO9m3DQ+lqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwMTE5MDkxMjExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmI2NzBlYzUwZGVhNGZlMjE0ZmFiYjc4OWMyMTA1MTIyMzBkYzNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjvWzAUmynNCBJIIfmnwB8KL/nN6S
Fk4i/Zye/Iz3Fnpg9mSeztT9aLXa9mMi8W7z6c9Ef1aqKkcKx75HAaPt2EYlt7Is
/O9Eu6Au+jvHpLMiLk/7VlKlKFIqqHTZmLnMXuF6nLUNsfvI6ETmfxFtJ+BAnGmV
FYoK8FQqe3NEWSi3pU8d2WzXSTRN7C3bhP2Uj1DhNPQUqZug/E8/7HbzH6mtmu4d
G3BsrwW8jJnPTyajer1l+G4a5BmKez8KNS052T8IQfwAZE9G8pWEkDiPJRCTjANE
rYA0DAQpjwjjKmaHbcBDYO/q8OF4rQomMw/XmJcQx/9bdIiaREyjNJtcowIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO+2cOxQ3qT+IU+rt4nCEFEiMNw6MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNzdadzdGRGVwUDRoVDZ1M2ljSVFVU0l3M0RvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWdWpMA0G
CSqGSIb3DQEBCwUAA4IBAQA33UUAVW3xqN0w1zOxkgOmp3u8lfB/LaClCDkaJG8X
y3wqQQLY9QADByncdWvjypZyl4y9W0nUkY1avqwxDnjtUdvZJjL6TlEOCLf2s+iH
r09P9afOzXRbE+bGvn8BUASRwKjpbJmicbsTQfSketc99/XkXuf8U0htdlAwYN9O
dFZ+qPv0u+P6tiWuMB6HCf3hAr5jZJA/Z85Kg2Kwmhn+eDrAnzMD6kXaHVZfZfd5
ApAT4XZGWCpfvh9L+hHr/LZOkcHDrS1vLm8AAZfUGXsR1vf3GNXHBThw4hYRBKBu
TUCJeVoPqkAB2oToLXQaKHNLPPAOYZi8tWhv7g4t/E49
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:54:22 2024 by rpki-client on console-ams.rpki-client.org