Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/K5k3j8D48Rw5WTinC2vIY3rti0k.roa
File: K5k3j8D48Rw5WTinC2vIY3rti0k.roa (raw, json)
Hash identifier: fN4O6y9CKPSX5b0eDT9P2jQnYo5zgKBdFYL+rP+IwhA=
Subject key identifier: 2B:99:37:8F:C0:F8:F1:1C:39:59:38:A7:0B:6B:C8:63:7A:ED:8B:49
Certificate issuer: /CN=e482fd07e20d406ea4152e492b000e554ebfcc80
Certificate serial: 018CC79568E0496D5637DBEDF8BAD57E5D56
Authority key identifier: E4:82:FD:07:E2:0D:40:6E:A4:15:2E:49:2B:00:0E:55:4E:BF:CC:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5IL9B-INQG6kFS5JKwAOVU6_zIA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/K5k3j8D48Rw5WTinC2vIY3rti0k.roa
Signing time: Tue 02 Jan 2024 00:31:46 +0000
ROA not before: Tue 02 Jan 2024 00:31:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41625
IP address blocks: 89.31.240.0/21 maxlen: 21
89.31.242.0/24 maxlen: 24
2a00:8900::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/5IL9B-INQG6kFS5JKwAOVU6_zIA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/5IL9B-INQG6kFS5JKwAOVU6_zIA.mft
rsync://rpki.ripe.net/repository/DEFAULT/5IL9B-INQG6kFS5JKwAOVU6_zIA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:68:e0:49:6d:56:37:db:ed:f8:ba:d5:7e:5d:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e482fd07e20d406ea4152e492b000e554ebfcc80
Validity
Not Before: Jan 2 00:31:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2b99378fc0f8f11c395938a70b6bc8637aed8b49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:78:83:25:a8:5d:50:f4:57:b5:ed:ca:c9:1f:
64:63:02:5c:19:dd:c9:a4:83:e0:64:d5:98:43:0a:
f4:29:c2:2d:5b:a4:91:12:17:72:1f:18:69:af:53:
f8:3f:24:77:4d:0c:d3:8d:48:d1:06:0f:66:c4:59:
f0:e1:26:d0:4b:57:c2:c5:88:ed:b4:f0:1a:d8:02:
b1:91:58:d9:94:3e:9e:d4:78:12:8d:de:71:5f:21:
2a:d9:84:c0:78:a7:60:ad:4c:db:42:59:e7:31:a6:
b3:89:d7:d3:65:07:8e:d8:0d:b5:3d:f0:d0:32:1d:
7c:39:f0:b9:70:94:89:e0:72:cc:a7:26:be:ba:74:
25:6b:c2:e2:0d:51:dc:bf:d5:d3:06:8e:e6:c0:48:
6a:99:13:71:ee:e0:48:56:ad:b8:c5:ef:6c:79:75:
46:f7:3f:00:51:16:6e:3d:b1:7a:10:30:f5:24:56:
b7:54:51:73:87:41:8d:e0:e6:67:03:6f:d9:f8:93:
83:78:97:c1:54:a0:75:4a:65:36:c3:82:9d:33:c1:
c4:6e:d5:1d:d4:da:d3:50:20:42:ab:82:d9:1a:43:
f9:0b:02:d3:5e:8b:db:d6:65:4f:c3:76:f4:1f:e9:
73:84:c4:43:23:dd:e8:bf:d3:80:93:66:28:b6:d7:
8d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:99:37:8F:C0:F8:F1:1C:39:59:38:A7:0B:6B:C8:63:7A:ED:8B:49
X509v3 Authority Key Identifier:
keyid:E4:82:FD:07:E2:0D:40:6E:A4:15:2E:49:2B:00:0E:55:4E:BF:CC:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5IL9B-INQG6kFS5JKwAOVU6_zIA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/K5k3j8D48Rw5WTinC2vIY3rti0k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/f7a87a-c184-4904-94e3-2685986f6d01/1/5IL9B-INQG6kFS5JKwAOVU6_zIA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.31.240.0/21
IPv6:
2a00:8900::/32
Signature Algorithm: sha256WithRSAEncryption
5e:59:b2:d0:3a:a1:d1:a8:8c:5e:17:44:62:70:ff:44:40:df:
97:65:02:1b:e3:88:6b:f4:bb:80:31:73:39:7e:df:43:4f:e6:
74:45:88:21:e8:7c:c3:60:a6:e3:5f:3a:52:a1:91:90:6d:e2:
31:bd:28:92:79:6c:71:ac:f3:b7:7e:68:16:26:2f:00:e9:91:
bd:64:d0:b0:61:6e:8a:ff:4c:f8:86:a7:e3:03:00:24:39:26:
fd:3f:89:87:48:e4:28:e2:36:06:1e:0f:2e:d9:61:13:53:84:
70:ff:fa:02:44:8c:5a:59:57:0c:4d:bb:c2:f8:0a:e2:86:81:
23:68:7a:24:94:e5:39:71:97:07:75:08:8b:13:a3:ae:c1:83:
8e:16:2e:4a:c2:28:4e:82:3e:2e:d1:cc:99:c7:b3:7b:0c:a7:
25:2e:2c:53:be:66:a3:96:84:49:96:1b:44:1f:c6:64:88:8b:
a4:dd:dd:5d:c7:2a:1e:b4:d6:44:32:09:0c:ec:61:71:96:3e:
74:02:96:e6:a0:44:8c:2d:e2:ee:a0:3a:63:de:72:2e:c5:20:
67:5e:7a:16:6c:c3:be:54:d4:22:6c:3d:ce:78:aa:be:0c:43:
c5:6c:36:01:f9:b1:1b:43:e2:ef:9c:4a:8a:91:dc:d6:f4:02:
66:d1:f9:77
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHlWjgSW1WN9vt+LrVfl1WMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0ODJmZDA3ZTIwZDQwNmVhNDE1MmU0OTJiMDAwZTU1NGVi
ZmNjODAwHhcNMjQwMTAyMDAzMTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyYjk5Mzc4ZmMwZjhmMTFjMzk1OTM4YTcwYjZiYzg2MzdhZWQ4YjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHiDJahdUPRXte3KyR9kYwJcGd3J
pIPgZNWYQwr0KcItW6SREhdyHxhpr1P4PyR3TQzTjUjRBg9mxFnw4SbQS1fCxYjt
tPAa2AKxkVjZlD6e1HgSjd5xXyEq2YTAeKdgrUzbQlnnMaazidfTZQeO2A21PfDQ
Mh18OfC5cJSJ4HLMpya+unQla8LiDVHcv9XTBo7mwEhqmRNx7uBIVq24xe9seXVG
9z8AURZuPbF6EDD1JFa3VFFzh0GN4OZnA2/Z+JODeJfBVKB1SmU2w4KdM8HEbtUd
1NrTUCBCq4LZGkP5CwLTXovb1mVPw3b0H+lzhMRDI93ov9OAk2YotteNMwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFCuZN4/A+PEcOVk4pwtryGN67YtJMB8GA1UdIwQY
MBaAFOSC/QfiDUBupBUuSSsADlVOv8yAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUlMOUItSU5RRzZrRlM1Skt3QU9WVTZfeklBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9mN2E4N2EtYzE4NC00OTA0LTk0ZTMt
MjY4NTk4NmY2ZDAxLzEvSzVrM2o4RDQ4Unc1V1RpbkMydklZM3J0aTBrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9mN2E4N2EtYzE4NC00OTA0LTk0ZTMtMjY4NTk4NmY2ZDAx
LzEvNUlMOUItSU5RRzZrRlM1Skt3QU9WVTZfeklBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDWR/wMA0E
AgACMAcDBQAqAIkAMA0GCSqGSIb3DQEBCwUAA4IBAQBeWbLQOqHRqIxeF0RicP9E
QN+XZQIb44hr9LuAMXM5ft9DT+Z0RYgh6HzDYKbjXzpSoZGQbeIxvSiSeWxxrPO3
fmgWJi8A6ZG9ZNCwYW6K/0z4hqfjAwAkOSb9P4mHSOQo4jYGHg8u2WETU4Rw//oC
RIxaWVcMTbvC+ArihoEjaHoklOU5cZcHdQiLE6OuwYOOFi5KwihOgj4u0cyZx7N7
DKclLixTvmajloRJlhtEH8ZkiIuk3d1dxyoetNZEMgkM7GFxlj50ApbmoESMLeLu
oDpj3nIuxSBnXnoWbMO+VNQibD3OeKq+DEPFbDYB+bEbQ+LvnEqKkdzW9AJm0fl3
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:34:10 2024 by rpki-client on console-ams.rpki-client.org