Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/s0B0ymurnPOmBK3gvwnIrbVXrjY.roa
File: s0B0ymurnPOmBK3gvwnIrbVXrjY.roa (raw, json)
Hash identifier: pjLsdfdtTAdq1E4TxCZ/whvkQKjiGztAbPkyCI3miM4=
Subject key identifier: B3:40:74:CA:6B:AB:9C:F3:A6:04:AD:E0:BF:09:C8:AD:B5:57:AE:36
Certificate issuer: /CN=13440366007eb56f10e9f99e95204d330508b9b0
Certificate serial: 018CC500D1EA98D2AA4EFA4A01F21E268AEB
Authority key identifier: 13:44:03:66:00:7E:B5:6F:10:E9:F9:9E:95:20:4D:33:05:08:B9:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E0QDZgB-tW8Q6fmelSBNMwUIubA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/s0B0ymurnPOmBK3gvwnIrbVXrjY.roa
Signing time: Mon 01 Jan 2024 12:30:14 +0000
ROA not before: Mon 01 Jan 2024 12:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6453
IP address blocks: 89.31.192.0/21 maxlen: 21
89.31.192.0/24 maxlen: 24
89.31.194.0/24 maxlen: 24
89.31.193.0/24 maxlen: 24
89.31.196.0/24 maxlen: 24
89.31.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/E0QDZgB-tW8Q6fmelSBNMwUIubA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/E0QDZgB-tW8Q6fmelSBNMwUIubA.mft
rsync://rpki.ripe.net/repository/DEFAULT/E0QDZgB-tW8Q6fmelSBNMwUIubA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:d1:ea:98:d2:aa:4e:fa:4a:01:f2:1e:26:8a:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=13440366007eb56f10e9f99e95204d330508b9b0
Validity
Not Before: Jan 1 12:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b34074ca6bab9cf3a604ade0bf09c8adb557ae36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:14:f2:20:b7:dd:99:95:07:b7:08:e3:1b:9e:
ca:f5:d1:45:18:00:af:4a:71:b3:b1:68:46:a7:ba:
43:88:ab:68:45:b6:f2:0a:9e:a6:ae:07:3d:19:a5:
28:68:f8:10:ac:3c:f3:c2:e7:88:8e:7f:e0:03:1b:
76:d9:a7:f6:a4:97:7a:a5:82:f3:dd:b7:51:c0:9b:
0d:c6:5a:d8:e0:30:d5:4e:83:de:4e:fc:9c:77:5b:
32:67:b1:c2:82:a3:fe:61:97:a9:2c:c1:67:1f:fc:
3a:f5:cb:8d:64:0b:db:d1:c9:42:28:86:d4:b1:2e:
78:8b:47:62:e3:f9:0a:27:af:d3:90:e6:6f:8d:47:
ce:f6:bb:05:4d:e4:6f:01:d7:2e:b4:59:9b:83:0c:
62:2d:15:0e:d2:8e:fc:84:ca:c6:75:b5:4e:0c:4c:
7f:cf:6e:90:a8:b6:b0:dc:a2:6b:fc:52:82:c3:20:
8e:b2:9e:93:0b:84:0e:92:95:f3:05:47:70:1e:8c:
d6:53:f4:d1:ef:14:c9:51:02:35:4c:8c:09:29:29:
5b:19:ea:74:b6:0f:af:85:5e:39:d2:1a:7e:fa:9c:
dd:0b:8c:32:5c:17:43:21:63:a9:e9:90:0f:14:ec:
e6:32:9e:de:66:f0:45:a8:c8:76:8b:db:c8:9e:88:
77:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:40:74:CA:6B:AB:9C:F3:A6:04:AD:E0:BF:09:C8:AD:B5:57:AE:36
X509v3 Authority Key Identifier:
keyid:13:44:03:66:00:7E:B5:6F:10:E9:F9:9E:95:20:4D:33:05:08:B9:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E0QDZgB-tW8Q6fmelSBNMwUIubA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/s0B0ymurnPOmBK3gvwnIrbVXrjY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/0b0280-9623-44ba-8ddf-44c1a4eb969c/1/E0QDZgB-tW8Q6fmelSBNMwUIubA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.31.192.0/21
Signature Algorithm: sha256WithRSAEncryption
48:f4:93:3f:b4:eb:a3:6e:17:c3:62:87:1f:c5:3e:cc:f2:2b:
e3:8c:48:b3:57:44:22:a6:90:f2:77:f7:67:28:91:61:35:15:
66:f1:24:ef:f2:5d:0c:91:3a:19:6c:cf:32:5f:ef:c5:27:7a:
39:37:3e:a4:72:21:98:bd:4f:8e:1c:f2:6e:13:58:6e:60:63:
b2:bc:6a:30:c3:d3:66:2b:e3:81:cf:3f:ba:88:e5:7e:e1:13:
52:72:66:dc:e5:96:fe:ef:5c:9b:f7:76:c9:8c:3a:a2:5b:74:
4c:01:41:13:26:fc:d1:7c:50:05:12:72:ac:2d:a1:24:99:a7:
05:d6:bd:c2:8a:c6:4f:7b:45:46:5f:2b:f0:02:ba:ff:98:f7:
73:13:51:d3:be:fa:21:3e:76:ec:65:42:3e:1a:7f:d9:a0:54:
7b:53:ea:e6:8e:9e:3a:6f:72:33:8a:e0:27:7c:20:4b:28:16:
2e:d1:5f:58:b5:fa:4e:b4:19:b2:14:c1:f6:49:e3:5e:f9:7d:
9b:53:d6:72:53:92:40:1b:c6:4c:0f:93:d3:3d:3b:12:15:45:
c7:7c:ec:9c:d6:7e:51:9f:22:3f:0a:77:7e:93:b0:23:bd:e7:
a5:30:32:b4:98:3a:0b:a8:5b:d2:55:37:f9:5f:0b:f1:74:f1:
10:6e:71:97
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFANHqmNKqTvpKAfIeJorrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNDQwMzY2MDA3ZWI1NmYxMGU5Zjk5ZTk1MjA0ZDMzMDUw
OGI5YjAwHhcNMjQwMTAxMTIzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzQwNzRjYTZiYWI5Y2YzYTYwNGFkZTBiZjA5YzhhZGI1NTdhZTM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RTyILfdmZUHtwjjG57K9dFFGACv
SnGzsWhGp7pDiKtoRbbyCp6mrgc9GaUoaPgQrDzzwueIjn/gAxt22af2pJd6pYLz
3bdRwJsNxlrY4DDVToPeTvycd1syZ7HCgqP+YZepLMFnH/w69cuNZAvb0clCKIbU
sS54i0di4/kKJ6/TkOZvjUfO9rsFTeRvAdcutFmbgwxiLRUO0o78hMrGdbVODEx/
z26QqLaw3KJr/FKCwyCOsp6TC4QOkpXzBUdwHozWU/TR7xTJUQI1TIwJKSlbGep0
tg+vhV450hp++pzdC4wyXBdDIWOp6ZAPFOzmMp7eZvBFqMh2i9vInoh3PwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLNAdMprq5zzpgSt4L8JyK21V642MB8GA1UdIwQY
MBaAFBNEA2YAfrVvEOn5npUgTTMFCLmwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTBRRFpnQi10VzhRNmZtZWxTQk5Nd1VJdWJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS8wYjAyODAtOTYyMy00NGJhLThkZGYt
NDRjMWE0ZWI5NjljLzEvczBCMHltdXJuUE9tQkszZ3Z3bklyYlZYcmpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS8wYjAyODAtOTYyMy00NGJhLThkZGYtNDRjMWE0ZWI5Njlj
LzEvRTBRRFpnQi10VzhRNmZtZWxTQk5Nd1VJdWJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDWR/AMA0G
CSqGSIb3DQEBCwUAA4IBAQBI9JM/tOujbhfDYocfxT7M8ivjjEizV0QippDyd/dn
KJFhNRVm8STv8l0MkToZbM8yX+/FJ3o5Nz6kciGYvU+OHPJuE1huYGOyvGoww9Nm
K+OBzz+6iOV+4RNScmbc5Zb+71yb93bJjDqiW3RMAUETJvzRfFAFEnKsLaEkmacF
1r3CisZPe0VGXyvwArr/mPdzE1HTvvohPnbsZUI+Gn/ZoFR7U+rmjp46b3IziuAn
fCBLKBYu0V9YtfpOtBmyFMH2SeNe+X2bU9ZyU5JAG8ZMD5PTPTsSFUXHfOyc1n5R
nyI/Cnd+k7AjveelMDK0mDoLqFvSVTf5XwvxdPEQbnGX
-----END CERTIFICATE-----
Generated at Fri May 17 11:06:11 2024 by rpki-client on console-fra.rpki-client.org