Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/vOVcOJZAgX_BanYFFIkVkalPmXk.roa
File: vOVcOJZAgX_BanYFFIkVkalPmXk.roa (raw, json)
Hash identifier: gkxVTT4iRqZh0T+GUBxudsX+8qMLNzR4yo7xUi2+NUg=
Subject key identifier: BC:E5:5C:38:96:40:81:7F:C1:6A:76:05:14:89:15:91:A9:4F:99:79
Certificate issuer: /CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Certificate serial: 019112473EBEBAC782CA3EFF1787DB91B7CA
Authority key identifier: D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/vOVcOJZAgX_BanYFFIkVkalPmXk.roa
Signing time: Fri 02 Aug 2024 08:49:04 +0000
ROA not before: Fri 02 Aug 2024 08:49:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212335
IP address blocks: 89.42.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:12:47:3e:be:ba:c7:82:ca:3e:ff:17:87:db:91:b7:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d48a27f44b10404c52f6ffc4e08dc82bf8b5dee4
Validity
Not Before: Aug 2 08:49:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bce55c389640817fc16a760514891591a94f9979
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:a5:ab:bc:47:9b:e1:25:18:eb:97:9d:09:6a:
a5:13:dc:a4:04:ac:eb:3f:66:50:50:2e:94:2c:89:
5a:fc:5e:c9:83:36:f5:40:fa:3f:e0:11:c6:17:e4:
e4:0c:c2:15:08:4a:1a:48:14:a7:ef:0c:27:21:4e:
46:3e:c0:bf:23:b9:52:7c:f2:5e:ad:0c:6a:5d:5d:
4f:0d:e2:c4:f1:66:25:78:5c:e2:f9:48:a5:e8:a5:
6f:aa:37:05:6f:b1:c0:2d:82:21:d7:42:4d:73:af:
0d:68:5a:dc:44:58:9e:ff:bb:10:12:80:29:98:44:
fe:1a:d7:c3:18:61:3d:b9:58:8b:c0:5f:98:fd:d5:
96:06:9c:36:a8:ea:4f:d7:f1:ce:54:37:b7:94:8a:
72:cf:f8:f5:e3:58:78:26:ee:dd:43:1f:1c:36:cd:
d2:10:0c:ef:ca:cc:79:1b:bb:18:e3:74:a3:27:da:
69:3c:46:54:ad:45:06:9a:79:74:c7:12:fe:4f:fd:
45:54:41:ba:09:25:f7:00:89:94:ab:91:c5:d4:7e:
58:ea:63:1b:6b:36:5c:c0:04:bb:8c:04:66:de:c5:
55:58:96:e9:77:34:88:ee:a8:88:5b:52:79:aa:ec:
51:76:af:3d:85:64:e2:e8:3a:8b:f7:1b:d7:b0:f8:
40:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:E5:5C:38:96:40:81:7F:C1:6A:76:05:14:89:15:91:A9:4F:99:79
X509v3 Authority Key Identifier:
keyid:D4:8A:27:F4:4B:10:40:4C:52:F6:FF:C4:E0:8D:C8:2B:F8:B5:DE:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Ion9EsQQExS9v_E4I3IK_i13uQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/vOVcOJZAgX_BanYFFIkVkalPmXk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/4bb5a7-346c-4195-9d0f-59f5984b64ea/1/1Ion9EsQQExS9v_E4I3IK_i13uQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.29.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:53:8e:6c:a8:b0:e9:f8:a6:f2:16:d0:48:f9:e2:b3:e5:23:
9e:df:96:3b:6e:6b:e6:4b:ef:4a:1a:18:be:0e:a3:ae:af:3c:
47:6a:33:fd:e1:c6:86:aa:f6:40:a2:59:c6:4a:1f:50:89:2f:
0d:9e:50:c4:3b:3d:4c:5e:30:9d:8a:be:de:bf:ad:26:e5:f4:
a9:b1:bf:dc:6c:f8:b6:63:1b:4f:1a:a2:19:96:d5:e5:d7:d6:
a2:0e:06:01:ea:7e:7a:4f:0a:b9:bf:6a:8d:a8:27:76:6e:fc:
be:44:de:39:b1:7c:c7:38:55:6d:06:f6:6c:e1:e7:a1:6e:c2:
58:db:f1:51:49:50:ee:4c:bb:80:d8:a5:02:8c:11:6d:87:70:
1a:c1:43:75:0d:f1:56:f1:f2:9d:7a:8d:c5:19:b3:56:70:dd:
a0:91:c3:e1:03:5f:ba:c1:f6:5c:8c:54:66:78:51:c1:77:7e:
a9:06:c5:7c:e1:c6:c7:f0:08:12:69:8f:7e:5d:93:83:09:bb:
eb:e8:ee:89:12:63:f2:d2:d5:65:e1:9e:88:56:34:60:f4:dc:
1b:db:51:f3:fc:e4:00:f4:af:28:cd:be:e7:1c:f3:50:7d:6b:
59:f7:af:0f:a2:df:30:06:74:e9:c0:ca:12:11:9b:a2:c3:cf:
aa:2e:f6:86
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZESRz6+useCyj7/F4fbkbfKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OGEyN2Y0NGIxMDQwNGM1MmY2ZmZjNGUwOGRjODJiZjhi
NWRlZTQwHhcNMjQwODAyMDg0OTA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2U1NWMzODk2NDA4MTdmYzE2YTc2MDUxNDg5MTU5MWE5NGY5OTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnqWrvEeb4SUY65edCWqlE9ykBKzr
P2ZQUC6ULIla/F7Jgzb1QPo/4BHGF+TkDMIVCEoaSBSn7wwnIU5GPsC/I7lSfPJe
rQxqXV1PDeLE8WYleFzi+Uil6KVvqjcFb7HALYIh10JNc68NaFrcRFie/7sQEoAp
mET+GtfDGGE9uViLwF+Y/dWWBpw2qOpP1/HOVDe3lIpyz/j141h4Ju7dQx8cNs3S
EAzvysx5G7sY43SjJ9ppPEZUrUUGmnl0xxL+T/1FVEG6CSX3AImUq5HF1H5Y6mMb
azZcwAS7jARm3sVVWJbpdzSI7qiIW1J5quxRdq89hWTi6DqL9xvXsPhALwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLzlXDiWQIF/wWp2BRSJFZGpT5l5MB8GA1UdIwQY
MBaAFNSKJ/RLEEBMUvb/xOCNyCv4td7kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYt
NTlmNTk4NGI2NGVhLzEvdk9WY09KWkFnWF9CYW5ZRkZJa1ZrYWxQbVhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS80YmI1YTctMzQ2Yy00MTk1LTlkMGYtNTlmNTk4NGI2NGVh
LzEvMUlvbjlFc1FRRXhTOXZfRTRJM0lLX2kxM3VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSodMA0G
CSqGSIb3DQEBCwUAA4IBAQAcU45sqLDp+KbyFtBI+eKz5SOe35Y7bmvmS+9KGhi+
DqOurzxHajP94caGqvZAolnGSh9QiS8NnlDEOz1MXjCdir7ev60m5fSpsb/cbPi2
YxtPGqIZltXl19aiDgYB6n56Twq5v2qNqCd2bvy+RN45sXzHOFVtBvZs4eehbsJY
2/FRSVDuTLuA2KUCjBFth3AawUN1DfFW8fKdeo3FGbNWcN2gkcPhA1+6wfZcjFRm
eFHBd36pBsV84cbH8AgSaY9+XZODCbvr6O6JEmPy0tVl4Z6IVjRg9Nwb21Hz/OQA
9K8ozb7nHPNQfWtZ968Pot8wBnTpwMoSEZuiw8+qLvaG
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:55:47 2024 by rpki-client on console-fra.rpki-client.org