Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/B8XNd75SwcAXU7MwOR8hDEGoo4w.roa
File: B8XNd75SwcAXU7MwOR8hDEGoo4w.roa (raw, json)
Hash identifier: qOivhZQLosqYBqxnN+1fp5afWYko45j7LbvWPk4BinM=
Subject key identifier: 07:C5:CD:77:BE:52:C1:C0:17:53:B3:30:39:1F:21:0C:41:A8:A3:8C
Certificate issuer: /CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Certificate serial: 018CC94E6ACCE6E3C81A5BD1647582E61FC4
Authority key identifier: DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/B8XNd75SwcAXU7MwOR8hDEGoo4w.roa
Signing time: Tue 02 Jan 2024 08:33:28 +0000
ROA not before: Tue 02 Jan 2024 08:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9050
IP address blocks: 89.39.1.0/24 maxlen: 24
89.39.2.0/24 maxlen: 24
89.39.0.0/24 maxlen: 24
89.39.4.0/24 maxlen: 24
89.39.3.0/24 maxlen: 24
89.39.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 03:00:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:6a:cc:e6:e3:c8:1a:5b:d1:64:75:82:e6:1f:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcef58d4cfa35543f8488a2756e6924e647b4589
Validity
Not Before: Jan 2 08:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=07c5cd77be52c1c01753b330391f210c41a8a38c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f9:d6:d3:a2:d9:d4:bf:f2:8e:9f:1f:f8:ea:
ca:17:b0:a8:19:a4:20:8e:dd:4e:08:d0:51:f5:8e:
2c:a0:a4:9b:15:37:93:97:b0:a2:91:08:7c:41:d8:
54:e5:b7:17:b4:47:55:40:33:e6:5c:cc:a1:45:65:
9e:c0:03:39:be:9d:c0:e9:ed:ac:bd:7e:3f:73:87:
e0:5e:fb:e7:fb:06:1e:cf:09:a1:81:cc:31:b8:8e:
ed:f7:f7:e3:4d:05:1b:20:2e:9b:48:62:d3:a0:d4:
0f:b2:7f:ac:a8:05:b1:fd:28:fc:83:40:dc:62:dd:
e8:80:f9:4f:a5:9f:46:7f:07:83:b3:ba:10:8f:49:
f3:9f:7c:ff:b3:53:76:71:08:18:0f:cd:d7:6d:75:
a4:43:0b:9f:87:00:9a:46:a6:45:4d:b2:1c:16:62:
df:f0:28:42:2f:19:9e:a0:db:4b:58:23:35:a8:42:
65:05:75:7d:ce:c3:d9:ca:8b:a9:74:42:48:82:f1:
3b:44:84:7c:6c:09:fa:13:1d:76:52:ac:3e:90:a0:
4c:00:a7:0d:c8:59:4e:e5:52:33:76:26:81:41:40:
30:39:ba:04:89:48:31:47:ed:29:1a:60:8c:c4:9f:
02:03:cf:3d:a4:9a:c3:4c:cc:eb:eb:bb:b4:a4:29:
d9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:C5:CD:77:BE:52:C1:C0:17:53:B3:30:39:1F:21:0C:41:A8:A3:8C
X509v3 Authority Key Identifier:
keyid:DC:EF:58:D4:CF:A3:55:43:F8:48:8A:27:56:E6:92:4E:64:7B:45:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3O9Y1M-jVUP4SIonVuaSTmR7RYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/B8XNd75SwcAXU7MwOR8hDEGoo4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/aa/ea4455-7836-44c4-b2a3-2ece04e185c2/1/3O9Y1M-jVUP4SIonVuaSTmR7RYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.0.0-89.39.5.255
Signature Algorithm: sha256WithRSAEncryption
db:b8:a3:9d:b5:78:f5:39:a9:2c:12:0b:89:ef:85:01:f3:b5:
93:15:b0:8d:19:88:16:1c:49:08:fb:82:ba:20:57:5d:25:b7:
7b:11:71:73:ab:f7:05:41:ef:14:13:e6:29:04:00:9a:da:29:
41:3b:fe:24:91:01:85:f0:ee:73:89:82:d1:b7:67:68:06:db:
ab:c6:ff:41:1d:ee:63:d3:46:37:56:6d:11:2d:6c:db:4c:b6:
f7:ff:cb:10:71:2a:df:de:06:4f:14:ec:c4:b9:e8:10:9f:7f:
e7:e3:86:89:c9:c8:75:24:81:ca:f4:3d:34:d6:4c:21:fa:14:
47:6e:81:95:4e:db:70:fa:05:e1:65:04:f2:e1:17:b7:f1:d5:
ac:d8:fb:30:d7:48:83:2a:f1:6a:f2:f8:38:2d:7f:65:d2:39:
12:b6:05:0c:3a:81:43:26:bf:7a:18:76:f9:c5:20:63:47:72:
a5:6b:6b:63:e0:f7:61:29:0b:b4:ba:0e:f9:64:8c:e9:9e:b2:
bd:2c:41:d9:05:b7:d8:b7:78:7f:f9:12:83:13:ff:29:c8:80:
70:8c:c5:97:c0:97:09:e3:e4:4e:3a:2d:5b:1e:f3:95:dd:69:
93:1a:2b:cb:e6:a8:2e:9b:94:2b:3f:ee:9c:6e:40:8a:a5:ce:
c1:81:5c:9e
-----BEGIN CERTIFICATE-----
MIIFBDCCA+ygAwIBAgISAYzJTmrM5uPIGlvRZHWC5h/EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjZWY1OGQ0Y2ZhMzU1NDNmODQ4OGEyNzU2ZTY5MjRlNjQ3
YjQ1ODkwHhcNMjQwMTAyMDgzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwN2M1Y2Q3N2JlNTJjMWMwMTc1M2IzMzAzOTFmMjEwYzQxYThhMzhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfnW06LZ1L/yjp8f+OrKF7CoGaQg
jt1OCNBR9Y4soKSbFTeTl7CikQh8QdhU5bcXtEdVQDPmXMyhRWWewAM5vp3A6e2s
vX4/c4fgXvvn+wYezwmhgcwxuI7t9/fjTQUbIC6bSGLToNQPsn+sqAWx/Sj8g0Dc
Yt3ogPlPpZ9GfweDs7oQj0nzn3z/s1N2cQgYD83XbXWkQwufhwCaRqZFTbIcFmLf
8ChCLxmeoNtLWCM1qEJlBXV9zsPZyoupdEJIgvE7RIR8bAn6Ex12Uqw+kKBMAKcN
yFlO5VIzdiaBQUAwOboEiUgxR+0pGmCMxJ8CA889pJrDTMzr67u0pCnZfQIDAQAB
o4ICEDCCAgwwHQYDVR0OBBYEFAfFzXe+UsHAF1OzMDkfIQxBqKOMMB8GA1UdIwQY
MBaAFNzvWNTPo1VD+EiKJ1bmkk5ke0WJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMt
MmVjZTA0ZTE4NWMyLzEvQjhYTmQ3NVN3Y0FYVTdNd09SOGhERUdvbzR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYS9lYTQ0NTUtNzgzNi00NGM0LWIyYTMtMmVjZTA0ZTE4NWMy
LzEvM085WTFNLWpWVVA0U0lvblZ1YVNUbVI3UllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCYGCCsGAQUFBwEHAQH/BBcwFTATBAIAATANMAsDAwBZJwME
AVknBDANBgkqhkiG9w0BAQsFAAOCAQEA27ijnbV49TmpLBILie+FAfO1kxWwjRmI
FhxJCPuCuiBXXSW3exFxc6v3BUHvFBPmKQQAmtopQTv+JJEBhfDuc4mC0bdnaAbb
q8b/QR3uY9NGN1ZtES1s20y29//LEHEq394GTxTsxLnoEJ9/5+OGicnIdSSByvQ9
NNZMIfoUR26BlU7bcPoF4WUE8uEXt/HVrNj7MNdIgyrxavL4OC1/ZdI5ErYFDDqB
Qya/ehh2+cUgY0dypWtrY+D3YSkLtLoO+WSM6Z6yvSxB2QW32Ld4f/kSgxP/KciA
cIzFl8CXCePkTjotWx7zld1pkxory+aoLpuUKz/unG5AiqXOwYFcng==
-----END CERTIFICATE-----
Generated at Sun May 19 07:04:45 2024 by rpki-client on console-ams.rpki-client.org