Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/dycx85GWYDhfsVMZvxX1YKC-1gk.roa
File: dycx85GWYDhfsVMZvxX1YKC-1gk.roa (raw, json)
Hash identifier: i9bfdnILAXMZ4zmh8lBJHkzy4rdo3pA9MSRN7cL5IwA=
Subject key identifier: 77:27:31:F3:91:96:60:38:5F:B1:53:19:BF:15:F5:60:A0:BE:D6:09
Certificate issuer: /CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Certificate serial: 018CC94E4AC32EA6837E2C9E82EC9990CE5F
Authority key identifier: 53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/dycx85GWYDhfsVMZvxX1YKC-1gk.roa
Signing time: Tue 02 Jan 2024 08:33:20 +0000
ROA not before: Tue 02 Jan 2024 08:33:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197216
IP address blocks: 89.187.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/U7YqzmFbkGtCqyf0-x0gPfNtVDY.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/U7YqzmFbkGtCqyf0-x0gPfNtVDY.mft
rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:4a:c3:2e:a6:83:7e:2c:9e:82:ec:99:90:ce:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b62ace615b906b42ab27f4fb1d203df36d5436
Validity
Not Before: Jan 2 08:33:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=772731f3919660385fb15319bf15f560a0bed609
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:55:29:62:e0:9c:6c:95:cd:af:78:d9:2b:ce:
ac:1a:bc:c4:c3:e3:81:47:ff:32:de:65:b1:a8:c0:
bc:2c:6c:8d:2d:ff:7f:b4:6b:fa:03:d7:48:a6:2f:
69:ab:6b:e2:78:da:cc:cd:e6:d9:60:17:f4:9f:4e:
39:13:08:88:6f:28:23:a4:fb:19:1c:7e:9a:77:de:
4a:7a:13:84:94:9b:ff:cc:9d:74:3a:7f:b9:a3:d1:
1a:b4:f4:36:9d:c0:12:b1:6b:b4:5a:d2:c0:5c:9b:
1d:36:f7:91:10:93:07:03:f3:5a:e8:f9:d9:b2:71:
44:49:aa:0e:f9:83:08:a4:8a:c0:9d:50:95:cd:c0:
9c:cb:cb:a8:98:67:4d:f8:c7:fb:64:3b:5f:64:a2:
96:9b:8d:31:3e:ea:a7:20:db:8f:c7:43:d4:d3:f1:
54:00:a2:14:8e:51:73:e6:65:95:a7:73:f9:9c:11:
5b:58:2f:13:ef:75:91:d9:36:db:a9:0d:23:4d:6b:
34:4c:7e:40:5c:b7:a9:71:f9:41:43:a1:7c:ad:06:
72:70:1f:3f:1f:90:b3:58:e4:bd:0b:c5:21:54:91:
62:f0:31:13:5f:94:d1:c7:5c:89:e3:e2:94:44:a0:
e7:e0:64:16:b7:91:9f:39:19:3f:ef:7a:a4:92:13:
ac:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:27:31:F3:91:96:60:38:5F:B1:53:19:BF:15:F5:60:A0:BE:D6:09
X509v3 Authority Key Identifier:
keyid:53:B6:2A:CE:61:5B:90:6B:42:AB:27:F4:FB:1D:20:3D:F3:6D:54:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7YqzmFbkGtCqyf0-x0gPfNtVDY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/dycx85GWYDhfsVMZvxX1YKC-1gk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/8b07cd-0ced-4afc-8d02-972a4c3dc3f3/1/U7YqzmFbkGtCqyf0-x0gPfNtVDY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.187.83.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:30:5f:9b:72:7e:96:7d:1e:8c:94:3e:ad:2b:b1:96:38:dc:
33:60:03:a8:05:c8:41:ed:8b:eb:79:ae:b0:c7:cc:ec:bc:4d:
9c:e9:6b:c7:de:0a:5c:ff:fa:b1:77:42:c7:5c:9c:45:98:13:
73:7d:5b:89:bb:63:d5:7b:b0:59:e5:e9:8c:a8:f0:b0:bd:71:
7c:32:59:c0:07:f8:df:4c:e6:71:94:ca:d6:ee:af:d4:19:b8:
92:e0:36:7c:5f:b1:38:82:a2:58:09:cc:44:73:0c:c6:01:2c:
10:c4:76:82:aa:7e:be:50:ab:14:e8:f7:93:92:f5:8c:a7:28:
7f:24:97:58:1e:04:f1:d6:dd:e8:8b:db:b7:d8:a6:58:e0:3f:
09:9f:f0:fb:a7:ac:54:66:c4:37:46:11:bc:1a:c2:9c:f1:f7:
53:32:96:5a:79:3d:f3:01:d8:d3:ab:a8:04:92:06:d6:34:83:
62:8a:bc:53:3e:b9:ad:94:55:95:32:38:b4:ac:0e:04:75:14:
86:39:da:89:3c:90:4a:0a:87:eb:0c:42:63:37:01:55:42:d7:
ed:d6:dc:e1:ae:85:d6:eb:8a:67:e2:dc:83:0c:bb:6b:30:51:
e7:b9:53:d4:3c:e6:d2:04:63:56:08:14:e4:1a:8c:c5:17:b3:
f9:b8:25:bd
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTkrDLqaDfiyeguyZkM5fMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjYyYWNlNjE1YjkwNmI0MmFiMjdmNGZiMWQyMDNkZjM2
ZDU0MzYwHhcNMjQwMTAyMDgzMzIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzI3MzFmMzkxOTY2MDM4NWZiMTUzMTliZjE1ZjU2MGEwYmVkNjA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhVUpYuCcbJXNr3jZK86sGrzEw+OB
R/8y3mWxqMC8LGyNLf9/tGv6A9dIpi9pq2vieNrMzebZYBf0n045EwiIbygjpPsZ
HH6ad95KehOElJv/zJ10On+5o9EatPQ2ncASsWu0WtLAXJsdNveREJMHA/Na6PnZ
snFESaoO+YMIpIrAnVCVzcCcy8uomGdN+Mf7ZDtfZKKWm40xPuqnINuPx0PU0/FU
AKIUjlFz5mWVp3P5nBFbWC8T73WR2TbbqQ0jTWs0TH5AXLepcflBQ6F8rQZycB8/
H5CzWOS9C8UhVJFi8DETX5TRx1yJ4+KURKDn4GQWt5GfORk/73qkkhOscwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFHcnMfORlmA4X7FTGb8V9WCgvtYJMB8GA1UdIwQY
MBaAFFO2Ks5hW5BrQqsn9PsdID3zbVQ2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDIt
OTcyYTRjM2RjM2YzLzEvZHljeDg1R1dZRGhmc1ZNWnZ4WDFZS0MtMWdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC84YjA3Y2QtMGNlZC00YWZjLThkMDItOTcyYTRjM2RjM2Yz
LzEvVTdZcXptRmJrR3RDcXlmMC14MGdQZk50VkRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWbtTMA0G
CSqGSIb3DQEBCwUAA4IBAQAvMF+bcn6WfR6MlD6tK7GWONwzYAOoBchB7Yvrea6w
x8zsvE2c6WvH3gpc//qxd0LHXJxFmBNzfVuJu2PVe7BZ5emMqPCwvXF8MlnAB/jf
TOZxlMrW7q/UGbiS4DZ8X7E4gqJYCcxEcwzGASwQxHaCqn6+UKsU6PeTkvWMpyh/
JJdYHgTx1t3oi9u32KZY4D8Jn/D7p6xUZsQ3RhG8GsKc8fdTMpZaeT3zAdjTq6gE
kgbWNINiirxTPrmtlFWVMji0rA4EdRSGOdqJPJBKCofrDEJjNwFVQtft1tzhroXW
64pn4tyDDLtrMFHnuVPUPObSBGNWCBTkGozFF7P5uCW9
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:11:37 2024 by rpki-client on console-ams.rpki-client.org