Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/utTgU_8C6vLS-_2eJ1bKtos0GG8.roa
File: utTgU_8C6vLS-_2eJ1bKtos0GG8.roa (raw, json)
Hash identifier: bFjDNcySDRJ3ESMkZw50R/IedzaV0IUUO9U5BKAqOVY=
Subject key identifier: BA:D4:E0:53:FF:02:EA:F2:D2:FB:FD:9E:27:56:CA:B6:8B:34:18:6F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0190FA7EFE4FEA34BD10A424A6A1D384259F
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/utTgU_8C6vLS-_2eJ1bKtos0GG8.roa
Signing time: Sun 28 Jul 2024 17:59:04 +0000
ROA not before: Sun 28 Jul 2024 17:59:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60504
IP address blocks: 89.213.0.0/22 maxlen: 24
89.213.215.0/24 maxlen: 24
213.130.140.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:fa:7e:fe:4f:ea:34:bd:10:a4:24:a6:a1:d3:84:25:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 28 17:59:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bad4e053ff02eaf2d2fbfd9e2756cab68b34186f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:31:07:56:d3:30:f8:3b:77:0f:99:3e:6d:6e:
8e:87:aa:a1:cd:98:a7:1a:32:75:4e:7d:7a:d7:c8:
9c:99:68:77:ea:a9:40:4f:ad:d2:7a:d3:9f:30:3b:
22:4d:05:3e:23:e4:c1:65:56:24:0c:45:5a:f3:cf:
c4:7a:2a:e4:4e:5c:02:51:1e:44:5f:d1:55:e8:36:
8f:7b:03:3d:ab:ad:90:58:03:4e:2d:d6:95:86:8b:
12:4f:a5:fd:17:0c:24:52:9d:f8:a1:b1:ec:a4:c5:
91:a1:fa:01:b8:0b:bb:f1:d5:e8:22:d5:24:0e:f9:
c5:3b:c4:75:8c:b1:ac:80:eb:0c:df:00:d3:65:e9:
82:5c:d9:48:a2:70:f8:ff:05:72:af:5b:8c:35:f1:
bc:e2:90:0e:cc:9d:0c:a3:d9:bb:6d:6a:a0:03:0a:
9c:db:af:6b:a5:29:f3:56:57:3b:c4:6a:58:39:60:
36:9c:be:fb:d3:64:e6:99:c0:a7:fb:17:4d:6d:ee:
c3:37:85:88:c2:cd:e7:38:1c:40:38:61:67:c8:b9:
02:20:84:b7:2f:ff:0f:93:04:4a:03:f2:c5:44:48:
f2:b0:99:1b:1e:28:53:be:f9:65:48:f0:e3:48:43:
54:3c:c6:7f:8c:41:07:54:03:8f:46:e2:fd:71:41:
ef:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:D4:E0:53:FF:02:EA:F2:D2:FB:FD:9E:27:56:CA:B6:8B:34:18:6F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/utTgU_8C6vLS-_2eJ1bKtos0GG8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.213.0.0/22
89.213.215.0/24
213.130.140.0/22
Signature Algorithm: sha256WithRSAEncryption
5c:c3:59:3d:4f:cd:19:ed:b7:7e:ee:f5:e0:a5:8e:b0:a5:d3:
03:3c:c2:bc:c4:33:56:00:aa:cd:ea:4d:70:a8:61:2b:3b:92:
3c:b4:6a:8f:96:28:80:f4:99:7c:3a:ad:41:0d:e0:b3:bf:04:
83:8a:6e:d7:d2:85:4e:4d:dd:54:f4:04:9a:1a:00:91:12:db:
73:86:b1:ea:a5:5a:9f:50:3c:f8:02:f3:71:a2:66:1f:67:a1:
0b:05:53:3e:83:ae:0e:b2:f2:a2:dc:cb:6a:d7:c3:24:45:62:
95:3a:0f:ed:32:11:21:a5:5e:44:9f:73:c5:e8:2a:eb:2e:63:
68:05:76:05:83:fa:89:7d:0c:7d:77:e0:9a:f2:2f:74:f3:96:
fb:5d:37:78:34:8a:dd:55:4c:6c:f3:9c:f7:2c:94:d1:17:17:
41:49:73:84:98:1f:33:91:07:d7:c4:ca:5c:a9:fa:c3:e4:ca:
ef:ba:70:7e:31:29:e9:6a:84:ae:d1:7d:cd:ca:55:62:16:15:
e8:30:9e:5b:64:a2:f4:54:64:f0:dc:6f:05:ae:4c:ea:28:3b:
ba:b8:8d:4f:42:ac:b4:71:05:08:94:01:f5:ad:ab:73:c3:27:
0a:f5:2a:86:f3:91:2e:ac:b1:12:3d:7e:e3:d6:af:20:c5:ef:
3a:be:c5:d6
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZD6fv5P6jS9EKQkpqHThCWfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjQwNzI4MTc1OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYWQ0ZTA1M2ZmMDJlYWYyZDJmYmZkOWUyNzU2Y2FiNjhiMzQxODZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArzEHVtMw+Dt3D5k+bW6Oh6qhzZin
GjJ1Tn1618icmWh36qlAT63SetOfMDsiTQU+I+TBZVYkDEVa88/EeirkTlwCUR5E
X9FV6DaPewM9q62QWANOLdaVhosST6X9FwwkUp34obHspMWRofoBuAu78dXoItUk
DvnFO8R1jLGsgOsM3wDTZemCXNlIonD4/wVyr1uMNfG84pAOzJ0Mo9m7bWqgAwqc
269rpSnzVlc7xGpYOWA2nL7702TmmcCn+xdNbe7DN4WIws3nOBxAOGFnyLkCIIS3
L/8PkwRKA/LFREjysJkbHihTvvllSPDjSENUPMZ/jEEHVAOPRuL9cUHv6wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLrU4FP/Aury0vv9nidWyraLNBhvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdXRUZ1VfOEM2dkxTLV8yZUoxYkt0b3MwR0c4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCWdUAAwQA
WdXXAwQC1YKMMA0GCSqGSIb3DQEBCwUAA4IBAQBcw1k9T80Z7bd+7vXgpY6wpdMD
PMK8xDNWAKrN6k1wqGErO5I8tGqPliiA9Jl8Oq1BDeCzvwSDim7X0oVOTd1U9ASa
GgCREttzhrHqpVqfUDz4AvNxomYfZ6ELBVM+g64OsvKi3Mtq18MkRWKVOg/tMhEh
pV5En3PF6CrrLmNoBXYFg/qJfQx9d+Ca8i9085b7XTd4NIrdVUxs85z3LJTRFxdB
SXOEmB8zkQfXxMpcqfrD5MrvunB+MSnpaoSu0X3NylViFhXoMJ5bZKL0VGTw3G8F
rkzqKDu6uI1PQqy0cQUIlAH1ratzwycK9SqG85EurLESPX7j1q8gxe86vsXW
-----END CERTIFICATE-----
Generated at Fri Nov 22 11:57:16 2024 by rpki-client on console-fra.rpki-client.org