Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/Y4z7YzzIdCTQ2a1TfjrRrbmvCEQ.roa
File: Y4z7YzzIdCTQ2a1TfjrRrbmvCEQ.roa (raw, json)
Hash identifier: RfXdxqlPM69jZsmtRyYNVTeo0sP2JJEyttsXo2GbtYA=
Subject key identifier: 63:8C:FB:63:3C:C8:74:24:D0:D9:AD:53:7E:3A:D1:AD:B9:AF:08:44
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019112482B685A96409CFDAB5632BFFF365C
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/Y4z7YzzIdCTQ2a1TfjrRrbmvCEQ.roa
Signing time: Fri 02 Aug 2024 08:50:05 +0000
ROA not before: Fri 02 Aug 2024 08:50:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212238
IP address blocks: 89.47.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:48:2b:68:5a:96:40:9c:fd:ab:56:32:bf:ff:36:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 2 08:50:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=638cfb633cc87424d0d9ad537e3ad1adb9af0844
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:1f:bc:d3:84:3f:bb:3f:c9:cf:0c:60:61:4e:
8e:4a:b6:63:fb:d2:36:c6:ff:e0:75:b1:82:71:66:
4b:b9:1e:34:de:50:8d:e6:5c:a1:3d:a6:8e:f0:74:
aa:44:cf:7e:31:f5:7b:af:ee:8d:2c:24:85:0d:b8:
b7:53:78:e5:d6:7c:4e:83:b1:78:c8:0b:78:fe:3c:
76:ce:e9:60:a9:00:bd:3b:85:4a:9c:4f:63:8f:f4:
f8:8d:76:2a:0e:48:6f:02:8d:59:5d:0e:76:59:25:
42:d0:d9:24:23:0d:79:f9:51:7b:76:4f:51:43:7a:
3a:16:a1:3e:7c:b1:c6:a7:1f:1b:2c:c9:e0:f5:f4:
ae:b7:93:0a:e9:d7:3d:ea:10:31:a5:87:27:36:18:
7c:35:91:4e:f2:c3:15:ad:14:1b:fe:38:87:9e:4f:
99:3a:8c:3b:db:58:81:72:61:de:25:9c:ce:ac:4b:
37:1d:01:01:92:77:f3:02:06:52:ce:24:bd:a9:f3:
1c:2a:54:62:05:dc:82:3c:ab:da:e0:64:79:52:46:
95:fa:0a:12:71:bb:10:52:05:99:3a:23:3f:09:fb:
94:1f:09:e9:49:71:de:2d:0e:e7:4c:22:20:09:a4:
a0:c4:7d:92:40:b8:dc:70:03:93:0d:cf:46:02:ea:
a6:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:8C:FB:63:3C:C8:74:24:D0:D9:AD:53:7E:3A:D1:AD:B9:AF:08:44
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/Y4z7YzzIdCTQ2a1TfjrRrbmvCEQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.249.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:f3:2b:ad:7d:9a:2f:9e:f9:ba:a3:72:85:a9:f6:b4:62:0e:
3c:36:a6:41:04:d5:e6:89:61:62:2a:8c:9d:4c:0f:14:e9:fe:
22:3d:ea:01:6d:65:cf:8f:f2:b1:84:45:89:12:0c:4d:94:29:
4f:9e:c8:05:a7:e7:e0:da:fe:b7:6a:a9:00:b1:e8:b5:54:8e:
5b:2a:50:90:6a:ba:8f:73:5d:d6:07:06:61:13:9a:d6:02:54:
38:65:94:1b:23:dc:17:7b:48:4d:95:20:05:31:44:3f:f6:58:
d8:ae:9c:c5:be:24:16:6f:22:20:e5:7b:8a:77:8d:14:99:b9:
ae:9c:9d:c2:a1:04:61:af:5c:a5:6c:d6:41:56:22:18:53:20:
d7:c4:64:8d:bb:a6:69:bc:a4:20:56:9c:a4:cf:2a:54:2e:77:
b2:2a:98:03:1a:ae:8a:16:11:77:80:f4:bb:e6:be:04:13:13:
22:26:b8:b0:67:bc:1e:f7:d2:c1:93:1d:9e:c8:9b:3b:c5:be:
c8:af:ae:54:fd:c7:d0:be:8e:83:ea:76:4e:0d:ae:d9:4f:b3:
75:70:a0:f6:9c:b5:54:9a:93:c7:28:65:5b:04:c4:31:b9:fc:
1e:a2:a7:fe:4b:a6:5f:78:4f:59:0a:a2:10:3c:df:46:12:e7:
ed:4d:17:aa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZESSCtoWpZAnP2rVjK//zZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwODAyMDg1MDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzhjZmI2MzNjYzg3NDI0ZDBkOWFkNTM3ZTNhZDFhZGI5YWYwODQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAih+804Q/uz/JzwxgYU6OSrZj+9I2
xv/gdbGCcWZLuR403lCN5lyhPaaO8HSqRM9+MfV7r+6NLCSFDbi3U3jl1nxOg7F4
yAt4/jx2zulgqQC9O4VKnE9jj/T4jXYqDkhvAo1ZXQ52WSVC0NkkIw15+VF7dk9R
Q3o6FqE+fLHGpx8bLMng9fSut5MK6dc96hAxpYcnNhh8NZFO8sMVrRQb/jiHnk+Z
Oow721iBcmHeJZzOrEs3HQEBknfzAgZSziS9qfMcKlRiBdyCPKva4GR5UkaV+goS
cbsQUgWZOiM/CfuUHwnpSXHeLQ7nTCIgCaSgxH2SQLjccAOTDc9GAuqmxQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGOM+2M8yHQk0NmtU3460a25rwhEMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvWTR6N1l6eklkQ1RRMmExVGZqclJyYm12Q0VRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS/5MA0G
CSqGSIb3DQEBCwUAA4IBAQB/8yutfZovnvm6o3KFqfa0Yg48NqZBBNXmiWFiKoyd
TA8U6f4iPeoBbWXPj/KxhEWJEgxNlClPnsgFp+fg2v63aqkAsei1VI5bKlCQarqP
c13WBwZhE5rWAlQ4ZZQbI9wXe0hNlSAFMUQ/9ljYrpzFviQWbyIg5XuKd40Umbmu
nJ3CoQRhr1ylbNZBViIYUyDXxGSNu6ZpvKQgVpykzypULneyKpgDGq6KFhF3gPS7
5r4EExMiJriwZ7we99LBkx2eyJs7xb7Ir65U/cfQvo6D6nZODa7ZT7N1cKD2nLVU
mpPHKGVbBMQxufweoqf+S6ZfeE9ZCqIQPN9GEuftTReq
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:48:07 2024 by rpki-client on console-fra.rpki-client.org