Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bd/172e0b-8cbb-402e-8f2c-8595b4500884/1/yUsTsuyMKrLuekh2-fBqKpaBXSw.roa
File: yUsTsuyMKrLuekh2-fBqKpaBXSw.roa (raw, json)
Hash identifier: hkLlJEk3BNCucSaRHT8mRargqElhskZ6/qmi0OYEK/o=
Subject key identifier: C9:4B:13:B2:EC:8C:2A:B2:EE:7A:48:76:F9:F0:6A:2A:96:81:5D:2C
Certificate issuer: /CN=731c1382858b0dc95a9adbea4728b31f9e22c0d8
Certificate serial: 018CC56DF79D254DDDC1108E2AF3CA7FC19C
Authority key identifier: 73:1C:13:82:85:8B:0D:C9:5A:9A:DB:EA:47:28:B3:1F:9E:22:C0:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cxwTgoWLDclamtvqRyizH54iwNg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bd/172e0b-8cbb-402e-8f2c-8595b4500884/1/yUsTsuyMKrLuekh2-fBqKpaBXSw.roa
Signing time: Mon 01 Jan 2024 14:29:27 +0000
ROA not before: Mon 01 Jan 2024 14:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216433
IP address blocks: 89.39.123.0/24 maxlen: 24
2a13:b140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bd/172e0b-8cbb-402e-8f2c-8595b4500884/1/cxwTgoWLDclamtvqRyizH54iwNg.crl
rsync://rpki.ripe.net/repository/DEFAULT/bd/172e0b-8cbb-402e-8f2c-8595b4500884/1/cxwTgoWLDclamtvqRyizH54iwNg.mft
rsync://rpki.ripe.net/repository/DEFAULT/cxwTgoWLDclamtvqRyizH54iwNg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f7:9d:25:4d:dd:c1:10:8e:2a:f3:ca:7f:c1:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=731c1382858b0dc95a9adbea4728b31f9e22c0d8
Validity
Not Before: Jan 1 14:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c94b13b2ec8c2ab2ee7a4876f9f06a2a96815d2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:f4:db:58:62:4a:c3:f7:cb:24:a0:14:ae:17:
a1:89:fd:35:a7:d5:a6:aa:79:af:a0:95:e2:03:2c:
34:f1:69:e9:0f:43:97:ee:14:63:2f:cf:66:b2:83:
9d:d8:dd:25:33:ef:fb:79:54:ef:07:1c:30:bb:6a:
54:0f:f9:5f:20:4a:99:b6:e9:b1:50:e0:5e:0f:c9:
8f:3d:9b:f2:cb:40:c3:32:3e:57:47:f8:0d:6b:11:
ee:3b:3b:85:61:40:0e:5d:f8:a2:0e:ff:41:fd:ac:
4f:b0:de:d8:9c:fe:25:c5:0e:66:31:52:cf:93:a5:
63:04:48:d1:13:85:01:f5:5c:f5:54:b3:a0:c9:cd:
7a:65:22:78:23:7e:09:eb:f6:68:f9:2a:9f:47:de:
55:49:9c:48:05:cc:29:78:21:12:54:fa:46:0a:bc:
7d:ba:7d:2b:a5:ec:26:8a:e0:48:4d:6d:77:e1:3b:
0c:75:01:09:9e:20:ad:94:b5:20:41:70:83:6d:15:
e9:c9:e8:9e:47:f3:15:8c:08:6c:9c:12:ca:2a:41:
fc:2e:8c:14:b2:56:1a:fc:75:46:37:34:c8:ef:e5:
0f:53:9e:f4:6b:4c:88:ad:94:fa:2b:ba:98:7d:17:
88:5f:2b:66:16:1c:38:7c:1d:78:00:a0:9e:76:73:
b7:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:4B:13:B2:EC:8C:2A:B2:EE:7A:48:76:F9:F0:6A:2A:96:81:5D:2C
X509v3 Authority Key Identifier:
keyid:73:1C:13:82:85:8B:0D:C9:5A:9A:DB:EA:47:28:B3:1F:9E:22:C0:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cxwTgoWLDclamtvqRyizH54iwNg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/172e0b-8cbb-402e-8f2c-8595b4500884/1/yUsTsuyMKrLuekh2-fBqKpaBXSw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bd/172e0b-8cbb-402e-8f2c-8595b4500884/1/cxwTgoWLDclamtvqRyizH54iwNg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.39.123.0/24
IPv6:
2a13:b140::/29
Signature Algorithm: sha256WithRSAEncryption
a4:71:d2:c9:5d:72:b5:9b:eb:65:ec:36:8f:fc:78:48:b8:36:
6d:9d:dc:54:c3:d9:70:94:ea:d2:cf:06:3a:94:86:0f:aa:83:
8d:c0:b2:39:f9:67:c6:09:c4:83:e7:5f:40:1f:ea:47:d7:3e:
5b:35:88:43:bb:0b:c8:72:0c:41:62:2d:4e:4a:dc:e4:3e:d5:
38:d9:21:db:80:7f:96:ea:da:f7:66:fd:57:cd:67:20:39:da:
75:58:d5:13:12:52:36:5a:c4:6b:eb:5c:ed:24:79:ee:6f:f5:
b3:52:6d:10:02:ac:ea:89:f6:c2:ac:2e:ed:77:8f:5d:52:92:
ed:93:76:75:c7:83:45:53:28:dc:fa:52:84:06:c8:7e:e5:24:
7e:f4:01:4f:9c:9a:66:81:0c:33:28:ec:90:22:2d:5e:4d:4e:
c2:eb:b1:06:16:5d:3f:25:c2:86:b3:c3:d3:d1:a4:a5:62:57:
1c:96:dc:59:f5:cc:d1:71:d6:9a:92:e1:e6:e8:e8:4a:19:cc:
4f:b9:96:1d:a9:61:77:e5:08:1d:a8:d3:bc:00:0c:12:00:5b:
84:0b:3e:4b:97:4d:f9:72:b7:7e:0b:e2:c9:b0:10:73:8c:6e:
1a:e5:dc:ac:fb:2f:2b:49:be:89:cb:08:e8:d5:42:d4:de:01:
f5:8b:c0:05
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbfedJU3dwRCOKvPKf8GcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczMWMxMzgyODU4YjBkYzk1YTlhZGJlYTQ3MjhiMzFmOWUy
MmMwZDgwHhcNMjQwMTAxMTQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTRiMTNiMmVjOGMyYWIyZWU3YTQ4NzZmOWYwNmEyYTk2ODE1ZDJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/TbWGJKw/fLJKAUrhehif01p9Wm
qnmvoJXiAyw08WnpD0OX7hRjL89msoOd2N0lM+/7eVTvBxwwu2pUD/lfIEqZtumx
UOBeD8mPPZvyy0DDMj5XR/gNaxHuOzuFYUAOXfiiDv9B/axPsN7YnP4lxQ5mMVLP
k6VjBEjRE4UB9Vz1VLOgyc16ZSJ4I34J6/Zo+SqfR95VSZxIBcwpeCESVPpGCrx9
un0rpewmiuBITW134TsMdQEJniCtlLUgQXCDbRXpyeieR/MVjAhsnBLKKkH8LowU
slYa/HVGNzTI7+UPU570a0yIrZT6K7qYfReIXytmFhw4fB14AKCednO3swIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMlLE7LsjCqy7npIdvnwaiqWgV0sMB8GA1UdIwQY
MBaAFHMcE4KFiw3JWprb6kcosx+eIsDYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3h3VGdvV0xEY2xhbXR2cVJ5aXpINTRpd05nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZC8xNzJlMGItOGNiYi00MDJlLThmMmMt
ODU5NWI0NTAwODg0LzEveVVzVHN1eU1Lckx1ZWtoMi1mQnFLcGFCWFN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZC8xNzJlMGItOGNiYi00MDJlLThmMmMtODU5NWI0NTAwODg0
LzEvY3h3VGdvV0xEY2xhbXR2cVJ5aXpINTRpd05nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAWSd7MA0E
AgACMAcDBQMqE7FAMA0GCSqGSIb3DQEBCwUAA4IBAQCkcdLJXXK1m+tl7DaP/HhI
uDZtndxUw9lwlOrSzwY6lIYPqoONwLI5+WfGCcSD519AH+pH1z5bNYhDuwvIcgxB
Yi1OStzkPtU42SHbgH+W6tr3Zv1XzWcgOdp1WNUTElI2WsRr61ztJHnub/WzUm0Q
AqzqifbCrC7td49dUpLtk3Z1x4NFUyjc+lKEBsh+5SR+9AFPnJpmgQwzKOyQIi1e
TU7C67EGFl0/JcKGs8PT0aSlYlccltxZ9czRcdaakuHm6OhKGcxPuZYdqWF35Qgd
qNO8AAwSAFuECz5Ll035crd+C+LJsBBzjG4a5dys+y8rSb6Jywjo1ULU3gH1i8AF
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:33:53 2024 by rpki-client on console-ams.rpki-client.org