Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/7CEhq9erdaggjSmKQdR1VvJJsDs.roa
File: 7CEhq9erdaggjSmKQdR1VvJJsDs.roa (raw, json)
Hash identifier: 7L7tyGvT3+njIgCQNisG82+c7lCtmYwUxTmrOwCw+K8=
Subject key identifier: EC:21:21:AB:D7:AB:75:A8:20:8D:29:8A:41:D4:75:56:F2:49:B0:3B
Certificate issuer: /CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Certificate serial: 018CC26D1F6ADD41B37969A0921D560B1706
Authority key identifier: F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/7CEhq9erdaggjSmKQdR1VvJJsDs.roa
Signing time: Mon 01 Jan 2024 00:29:40 +0000
ROA not before: Mon 01 Jan 2024 00:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24940
IP address blocks: 89.42.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:1f:6a:dd:41:b3:79:69:a0:92:1d:56:0b:17:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f1d46e0e3e8caaaed4a529bd7d7308bd1ef01c1d
Validity
Not Before: Jan 1 00:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ec2121abd7ab75a8208d298a41d47556f249b03b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:b3:51:24:95:3d:6f:ae:87:6e:31:6b:49:94:
d9:65:ce:0b:a1:3e:0f:69:b0:9c:bf:85:13:ab:ce:
30:e5:9d:7e:2f:43:51:71:3b:70:b3:17:9f:e9:39:
4d:8b:99:a8:41:b0:cc:cb:5a:eb:be:82:da:86:fe:
ef:3a:5a:3b:ae:45:90:70:6e:e4:be:0a:0f:c1:d7:
91:ca:06:ae:6f:f4:d7:1f:ac:b7:8e:40:cd:c2:a4:
fc:97:ef:6c:61:0d:b8:22:7a:31:66:c4:ca:b0:5a:
1d:c8:b8:49:bc:0e:5c:5e:17:fa:3d:86:5e:8a:0c:
3d:24:ce:a2:61:52:f9:cc:4e:c8:fb:c1:89:d9:8c:
01:28:28:72:fb:44:33:7e:84:b2:58:c6:37:bd:b2:
70:47:19:c1:f8:dd:f6:d7:d0:6b:d1:8e:c1:46:19:
18:84:c9:82:02:cf:48:3c:ac:6f:5a:0e:b1:19:ee:
94:db:56:90:d7:14:2b:eb:1a:81:e2:0e:f7:a2:67:
4a:a0:4a:e5:4b:3d:05:ab:fe:58:e9:72:c4:e7:6c:
6a:9b:ad:b7:b9:58:32:e1:38:1a:d4:ff:e5:fd:0b:
b2:42:72:09:bc:93:cd:dc:cc:d3:5e:4a:d3:c7:49:
0b:8b:28:d3:58:af:e2:70:1e:0c:92:d5:96:ab:13:
aa:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:21:21:AB:D7:AB:75:A8:20:8D:29:8A:41:D4:75:56:F2:49:B0:3B
X509v3 Authority Key Identifier:
keyid:F1:D4:6E:0E:3E:8C:AA:AE:D4:A5:29:BD:7D:73:08:BD:1E:F0:1C:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/7CEhq9erdaggjSmKQdR1VvJJsDs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/84eb44-bbdf-46c1-b043-b42f23d828c3/1/8dRuDj6Mqq7UpSm9fXMIvR7wHB0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.83.0/24
Signature Algorithm: sha256WithRSAEncryption
10:ee:5b:29:ec:cc:76:f9:b0:ed:25:1d:bc:71:55:33:ea:e2:
7f:e8:26:bd:bf:06:54:25:3b:74:2f:d4:08:fb:c8:7e:be:32:
d2:da:41:35:bc:73:f5:b9:13:50:29:6f:41:3b:96:df:78:12:
8d:77:dd:ab:12:21:19:1a:14:ea:57:8c:20:93:5c:59:68:f6:
70:74:1d:89:44:c4:77:87:e7:46:e4:6d:f3:6d:5b:d2:a1:3a:
a0:e6:31:8e:5b:01:9f:97:f0:3e:7b:a2:ce:0e:30:d6:13:cd:
c5:6c:f4:d4:10:28:0e:58:a4:fa:4e:7e:22:06:e7:fe:5c:ea:
a6:01:22:51:e2:37:d4:19:56:c8:be:b1:cc:67:ea:b5:e4:f1:
bc:99:d5:dc:78:99:60:76:25:56:91:59:6a:44:11:16:af:c1:
e5:33:c7:e8:32:68:3b:52:c8:48:42:2d:29:ad:55:77:b7:71:
01:d1:c4:2d:6f:8c:0f:6a:cf:56:70:43:6a:05:79:4b:e3:45:
a6:39:44:3b:b2:09:02:c1:01:eb:6e:50:5b:36:16:e6:14:89:
20:32:d8:4d:d2:9c:4a:54:fd:9b:b7:2d:1f:41:34:41:39:f9:
10:db:7e:68:37:4b:ae:dc:21:c7:14:d9:49:7f:d3:fa:f0:43:
c5:5b:56:96
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbR9q3UGzeWmgkh1WCxcGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYxZDQ2ZTBlM2U4Y2FhYWVkNGE1MjliZDdkNzMwOGJkMWVm
MDFjMWQwHhcNMjQwMTAxMDAyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzIxMjFhYmQ3YWI3NWE4MjA4ZDI5OGE0MWQ0NzU1NmYyNDliMDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk7NRJJU9b66HbjFrSZTZZc4LoT4P
abCcv4UTq84w5Z1+L0NRcTtwsxef6TlNi5moQbDMy1rrvoLahv7vOlo7rkWQcG7k
vgoPwdeRygaub/TXH6y3jkDNwqT8l+9sYQ24InoxZsTKsFodyLhJvA5cXhf6PYZe
igw9JM6iYVL5zE7I+8GJ2YwBKChy+0QzfoSyWMY3vbJwRxnB+N3219Br0Y7BRhkY
hMmCAs9IPKxvWg6xGe6U21aQ1xQr6xqB4g73omdKoErlSz0Fq/5Y6XLE52xqm623
uVgy4Tga1P/l/QuyQnIJvJPN3MzTXkrTx0kLiyjTWK/icB4MktWWqxOq3QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOwhIavXq3WoII0pikHUdVbySbA7MB8GA1UdIwQY
MBaAFPHUbg4+jKqu1KUpvX1zCL0e8BwdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMt
YjQyZjIzZDgyOGMzLzEvN0NFaHE5ZXJkYWdnalNtS1FkUjFWdkpKc0RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi84NGViNDQtYmJkZi00NmMxLWIwNDMtYjQyZjIzZDgyOGMz
LzEvOGRSdURqNk1xcTdVcFNtOWZYTUl2Ujd3SEIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSpTMA0G
CSqGSIb3DQEBCwUAA4IBAQAQ7lsp7Mx2+bDtJR28cVUz6uJ/6Ca9vwZUJTt0L9QI
+8h+vjLS2kE1vHP1uRNQKW9BO5bfeBKNd92rEiEZGhTqV4wgk1xZaPZwdB2JRMR3
h+dG5G3zbVvSoTqg5jGOWwGfl/A+e6LODjDWE83FbPTUECgOWKT6Tn4iBuf+XOqm
ASJR4jfUGVbIvrHMZ+q15PG8mdXceJlgdiVWkVlqRBEWr8HlM8foMmg7UshIQi0p
rVV3t3EB0cQtb4wPas9WcENqBXlL40WmOUQ7sgkCwQHrblBbNhbmFIkgMthN0pxK
VP2bty0fQTRBOfkQ235oN0uu3CHHFNlJf9P68EPFW1aW
-----END CERTIFICATE-----
Generated at Fri May 3 07:08:15 2024 by rpki-client on console-ams.rpki-client.org