Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/idYm34DBDg_vKUR9iabxAciq5kg.roa
File: idYm34DBDg_vKUR9iabxAciq5kg.roa (raw, json)
Hash identifier: txyxK1IniPfYhJb5JlXLYnxCKjFnyem2lgHHC9TPX4c=
Subject key identifier: 89:D6:26:DF:80:C1:0E:0F:EF:29:44:7D:89:A6:F1:01:C8:AA:E6:48
Certificate issuer: /CN=89da60f049dfba34be4b4e8418b9ff492125c449
Certificate serial: 018CC9BC68F2B964E9F79C794FF67C40A53C
Authority key identifier: 89:DA:60:F0:49:DF:BA:34:BE:4B:4E:84:18:B9:FF:49:21:25:C4:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/idYm34DBDg_vKUR9iabxAciq5kg.roa
Signing time: Tue 02 Jan 2024 10:33:37 +0000
ROA not before: Tue 02 Jan 2024 10:33:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57187
IP address blocks: 94.207.32.0/20 maxlen: 24
2a00:f2f::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/idpg8EnfujS-S06EGLn_SSElxEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/idpg8EnfujS-S06EGLn_SSElxEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 07:01:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:68:f2:b9:64:e9:f7:9c:79:4f:f6:7c:40:a5:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89da60f049dfba34be4b4e8418b9ff492125c449
Validity
Not Before: Jan 2 10:33:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89d626df80c10e0fef29447d89a6f101c8aae648
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:fd:ac:63:91:89:8b:67:a1:9f:5c:ca:d8:a5:
ff:a6:8d:ab:a8:68:0a:f5:3a:f7:1e:6b:1d:13:d0:
c0:1f:1a:1e:8f:5c:0f:cb:74:52:bf:8f:83:0a:37:
c0:21:e9:54:bb:90:96:14:d3:41:f0:c2:c5:35:38:
4b:d5:50:f7:b6:43:2a:d2:fa:36:30:2c:52:16:ca:
d4:3a:e8:d3:1c:92:b6:5a:2f:1f:53:5a:49:ce:22:
8e:eb:da:12:05:2a:01:1a:b9:3f:d3:d8:55:fb:47:
18:a2:0d:75:5f:e9:0d:40:3e:8b:2b:b7:5a:58:77:
39:bf:5c:78:3c:6d:d7:91:0d:a6:ca:62:98:64:ed:
60:f5:1e:a5:84:ac:d4:30:6b:ca:4c:63:1e:ef:fd:
d1:1b:1e:3b:ce:6f:45:02:46:19:37:82:98:f3:df:
bf:01:93:46:97:b6:9d:33:3b:14:2c:a8:bd:c6:77:
a5:07:ef:9b:ad:a3:22:e5:71:c8:bf:7c:ff:b0:eb:
25:9a:12:cc:bb:ce:16:6e:a4:60:ef:a4:f2:26:05:
24:56:ff:ba:4a:7a:03:50:9a:99:cc:d3:38:d2:2d:
18:cb:f4:03:3a:e8:55:d6:14:ef:63:91:78:45:5d:
08:be:c3:88:d3:20:8d:b1:1e:3d:d9:51:f4:85:9e:
a8:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:D6:26:DF:80:C1:0E:0F:EF:29:44:7D:89:A6:F1:01:C8:AA:E6:48
X509v3 Authority Key Identifier:
keyid:89:DA:60:F0:49:DF:BA:34:BE:4B:4E:84:18:B9:FF:49:21:25:C4:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/idpg8EnfujS-S06EGLn_SSElxEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/idYm34DBDg_vKUR9iabxAciq5kg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de477f-0785-4026-83be-69890c829e33/1/idpg8EnfujS-S06EGLn_SSElxEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.207.32.0/20
IPv6:
2a00:f2f::/32
Signature Algorithm: sha256WithRSAEncryption
19:0e:0f:9a:94:cc:99:72:98:fd:b9:e4:35:1f:43:6e:fa:40:
83:c9:b7:a4:ab:ec:25:88:b7:bd:16:e6:59:90:a8:e3:b2:5c:
d7:31:08:ef:46:c0:0d:c8:66:8a:3f:e8:18:15:c1:58:f9:b4:
b5:6d:54:90:e2:01:da:4b:ed:cc:d4:3c:b9:5a:35:44:41:f8:
dc:48:71:52:e7:cb:f8:40:4e:22:6a:87:d1:22:0a:44:79:0f:
94:b4:3a:c4:7c:4f:4a:bf:82:ee:fe:22:e8:6a:da:4f:be:2b:
3d:9d:62:71:9e:96:c0:b9:ec:e7:ea:26:39:ed:19:0a:57:55:
4c:ba:02:9e:37:82:3c:2d:1c:90:95:97:4f:9f:69:88:5a:45:
f6:49:b0:0b:ca:a4:0d:47:51:50:b8:dc:d1:e7:43:cd:1e:bd:
34:21:8e:2b:e5:84:8e:f5:51:3e:6a:7c:ed:80:14:0a:b6:b4:
bf:af:f6:1d:5e:e2:40:fb:7a:82:ab:62:60:36:d9:42:7c:b7:
59:9f:a1:10:76:f0:d5:d4:45:4e:9a:71:0d:64:66:62:89:0b:
83:4e:53:b7:b3:db:44:75:4e:24:9f:e4:dc:4f:5c:a2:87:fe:
26:52:c3:69:83:7e:5a:d8:08:54:60:6f:4f:48:02:f4:d8:14:
48:54:c7:fb
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvGjyuWTp95x5T/Z8QKU8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5ZGE2MGYwNDlkZmJhMzRiZTRiNGU4NDE4YjlmZjQ5MjEy
NWM0NDkwHhcNMjQwMTAyMTAzMzM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWQ2MjZkZjgwYzEwZTBmZWYyOTQ0N2Q4OWE2ZjEwMWM4YWFlNjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuf2sY5GJi2ehn1zK2KX/po2rqGgK
9Tr3HmsdE9DAHxoej1wPy3RSv4+DCjfAIelUu5CWFNNB8MLFNThL1VD3tkMq0vo2
MCxSFsrUOujTHJK2Wi8fU1pJziKO69oSBSoBGrk/09hV+0cYog11X+kNQD6LK7da
WHc5v1x4PG3XkQ2mymKYZO1g9R6lhKzUMGvKTGMe7/3RGx47zm9FAkYZN4KY89+/
AZNGl7adMzsULKi9xnelB++braMi5XHIv3z/sOslmhLMu84WbqRg76TyJgUkVv+6
SnoDUJqZzNM40i0Yy/QDOuhV1hTvY5F4RV0IvsOI0yCNsR492VH0hZ6o3wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFInWJt+AwQ4P7ylEfYmm8QHIquZIMB8GA1UdIwQY
MBaAFInaYPBJ37o0vktOhBi5/0khJcRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWRwZzhFbmZ1alMtUzA2RUdMbl9TU0VseEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTQ3N2YtMDc4NS00MDI2LTgzYmUt
Njk4OTBjODI5ZTMzLzEvaWRZbTM0REJEZ192S1VSOWlhYnhBY2lxNWtnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTQ3N2YtMDc4NS00MDI2LTgzYmUtNjk4OTBjODI5ZTMz
LzEvaWRwZzhFbmZ1alMtUzA2RUdMbl9TU0VseEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQEXs8gMA0E
AgACMAcDBQAqAA8vMA0GCSqGSIb3DQEBCwUAA4IBAQAZDg+alMyZcpj9ueQ1H0Nu
+kCDybekq+wliLe9FuZZkKjjslzXMQjvRsANyGaKP+gYFcFY+bS1bVSQ4gHaS+3M
1Dy5WjVEQfjcSHFS58v4QE4iaofRIgpEeQ+UtDrEfE9Kv4Lu/iLoatpPvis9nWJx
npbAuezn6iY57RkKV1VMugKeN4I8LRyQlZdPn2mIWkX2SbALyqQNR1FQuNzR50PN
Hr00IY4r5YSO9VE+anztgBQKtrS/r/YdXuJA+3qCq2JgNtlCfLdZn6EQdvDV1EVO
mnENZGZiiQuDTlO3s9tEdU4kn+TcT1yih/4mUsNpg35a2AhUYG9PSAL02BRIVMf7
-----END CERTIFICATE-----
Generated at Mon May 6 16:07:06 2024 by rpki-client on console-fra.rpki-client.org