Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/s7MXN6TwXg9sCdl4idkDWbGJQwU.roa
File: s7MXN6TwXg9sCdl4idkDWbGJQwU.roa (raw, json)
Hash identifier: NnVYCYPCNwiPzg+pReIDwA9U5DJafvISPB94B9KZsv4=
Subject key identifier: B3:B3:17:37:A4:F0:5E:0F:6C:09:D9:78:89:D9:03:59:B1:89:43:05
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 01913206618D6D9C64F457CD482160A7C390
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/s7MXN6TwXg9sCdl4idkDWbGJQwU.roa
Signing time: Thu 08 Aug 2024 12:46:04 +0000
ROA not before: Thu 08 Aug 2024 12:46:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29802
IP address blocks: 89.32.130.0/24 maxlen: 24
89.32.131.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 17:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:32:06:61:8d:6d:9c:64:f4:57:cd:48:21:60:a7:c3:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 8 12:46:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b3b31737a4f05e0f6c09d97889d90359b1894305
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b2:57:c2:30:17:20:09:1e:53:16:06:7d:f9:
70:d0:5b:20:71:df:9b:25:06:7a:07:ff:29:ff:44:
63:c1:e6:8c:d2:81:e9:78:d4:7c:3e:c2:45:a0:73:
e8:58:48:4e:48:02:44:1e:38:24:6a:c7:bb:52:bc:
99:72:25:a7:de:09:9a:83:8a:13:ea:91:a6:0a:27:
2e:ad:51:0f:4b:fa:3c:e9:a0:59:40:73:25:e2:30:
d7:79:a0:fc:ab:86:f2:8a:eb:54:e0:6d:96:d2:ec:
a6:ba:09:9f:a3:58:a6:73:f7:43:14:4e:28:1a:47:
23:78:81:02:fe:6e:ae:c5:b4:d6:18:15:1b:7a:45:
10:62:02:55:72:7f:22:6a:6a:b6:07:35:a6:13:86:
20:7d:34:a7:17:53:28:1a:f6:2b:8f:bd:e9:50:94:
fc:23:b9:2a:bf:69:87:5f:47:ca:db:94:f3:3c:2b:
72:99:b1:a9:38:58:00:cb:e3:ee:e9:1e:4f:5d:79:
9a:e2:27:74:5f:30:30:97:28:6b:57:c8:6d:1e:68:
35:98:45:1c:ea:7c:57:f9:fd:1e:dd:99:c6:0f:d9:
a5:83:14:3e:b6:d9:ef:9b:92:25:1e:2e:cc:9b:e3:
26:fc:a9:af:5f:0b:4e:63:73:21:92:4e:3d:f8:5f:
d1:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:B3:17:37:A4:F0:5E:0F:6C:09:D9:78:89:D9:03:59:B1:89:43:05
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/s7MXN6TwXg9sCdl4idkDWbGJQwU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.32.130.0/23
Signature Algorithm: sha256WithRSAEncryption
5c:5e:a2:ff:32:b3:36:68:3e:65:4b:78:db:0a:94:91:3a:50:
b2:74:cd:10:73:46:58:9e:54:b6:52:ad:07:80:f2:cc:d3:18:
de:d5:5f:35:ff:aa:e0:3f:f6:4a:26:36:c9:0c:17:22:0d:c2:
ae:61:85:2a:ec:9d:11:63:c3:4b:68:0c:19:45:07:81:21:33:
12:ce:2f:c3:cf:3b:d5:85:a7:32:fd:18:34:12:11:7e:e9:0e:
51:30:75:a3:f4:01:68:bf:43:cd:29:1f:7b:14:40:76:bb:0a:
df:71:94:80:46:f7:ad:56:ad:ff:95:a0:55:85:2f:78:e4:5d:
2a:8c:8d:29:65:b1:3f:22:47:8d:49:5f:c1:63:06:d8:25:57:
97:ab:a4:1a:5e:85:52:bf:1a:97:e8:28:b4:81:13:a2:f9:1e:
ad:6c:e1:d3:23:01:bc:4c:26:32:8a:cf:a3:b0:3f:72:f9:81:
fc:ae:a3:be:0a:fe:79:6b:bb:b1:df:f4:4e:47:f6:35:b9:01:
35:42:6e:4b:59:92:f1:dd:cb:ab:0b:c4:ce:77:00:16:9e:79:
55:96:73:64:72:f4:d1:cd:67:c6:e0:84:59:10:5b:09:9e:68:
b7:e7:91:b7:49:3d:ca:23:c3:4a:1a:a6:ad:2c:77:ae:cf:21:
4c:bc:e7:56
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEyBmGNbZxk9FfNSCFgp8OQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwODA4MTI0NjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2IzMTczN2E0ZjA1ZTBmNmMwOWQ5Nzg4OWQ5MDM1OWIxODk0MzA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7JXwjAXIAkeUxYGfflw0Fsgcd+b
JQZ6B/8p/0RjweaM0oHpeNR8PsJFoHPoWEhOSAJEHjgkase7UryZciWn3gmag4oT
6pGmCicurVEPS/o86aBZQHMl4jDXeaD8q4byiutU4G2W0uymugmfo1imc/dDFE4o
GkcjeIEC/m6uxbTWGBUbekUQYgJVcn8iamq2BzWmE4YgfTSnF1MoGvYrj73pUJT8
I7kqv2mHX0fK25TzPCtymbGpOFgAy+Pu6R5PXXma4id0XzAwlyhrV8htHmg1mEUc
6nxX+f0e3ZnGD9mlgxQ+ttnvm5IlHi7Mm+Mm/KmvXwtOY3Mhkk49+F/RswIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLOzFzek8F4PbAnZeInZA1mxiUMFMB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvczdNWE42VHdYZzlzQ2RsNGlka0RXYkdKUXdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBWSCCMA0G
CSqGSIb3DQEBCwUAA4IBAQBcXqL/MrM2aD5lS3jbCpSROlCydM0Qc0ZYnlS2Uq0H
gPLM0xje1V81/6rgP/ZKJjbJDBciDcKuYYUq7J0RY8NLaAwZRQeBITMSzi/DzzvV
hacy/Rg0EhF+6Q5RMHWj9AFov0PNKR97FEB2uwrfcZSARvetVq3/laBVhS945F0q
jI0pZbE/IkeNSV/BYwbYJVeXq6QaXoVSvxqX6Ci0gROi+R6tbOHTIwG8TCYyis+j
sD9y+YH8rqO+Cv55a7ux3/ROR/Y1uQE1Qm5LWZLx3curC8TOdwAWnnlVlnNkcvTR
zWfG4IRZEFsJnmi355G3ST3KI8NKGqatLHeuzyFMvOdW
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:06:32 2024 by rpki-client on console-ams.rpki-client.org