Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/1-oSkEZNl7oOuLWLatV7kIyeGN-Y.roa
File: 1-oSkEZNl7oOuLWLatV7kIyeGN-Y.roa (raw, json)
Hash identifier: U3AcrDTCQeUe22U8SvBUK55lLbyZk0PixDPa7abkeDc=
Subject key identifier: FA:84:A4:11:93:65:EE:83:AE:2D:62:DA:B5:5E:E4:23:27:86:37:E6
Certificate issuer: /CN=ca290db2f72905f0db626b005bacf08878d17bac
Certificate serial: 018CC801B72666E70A0FB5AFED8205A33F13
Authority key identifier: CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/1-oSkEZNl7oOuLWLatV7kIyeGN-Y.roa
Signing time: Tue 02 Jan 2024 02:30:04 +0000
ROA not before: Tue 02 Jan 2024 02:30:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 134926
IP address blocks: 89.47.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.mft
rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:b7:26:66:e7:0a:0f:b5:af:ed:82:05:a3:3f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ca290db2f72905f0db626b005bacf08878d17bac
Validity
Not Before: Jan 2 02:30:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa84a4119365ee83ae2d62dab55ee423278637e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:46:8d:3f:10:7f:64:60:c5:2f:6a:c8:70:ef:
1a:11:36:73:72:0e:5b:00:5d:23:a4:82:58:c0:83:
c4:9a:51:64:0f:e7:d0:b9:f7:bc:23:18:27:3b:f0:
6f:92:b3:7d:c7:92:b6:de:c9:90:1d:61:3c:f7:89:
33:37:5e:79:aa:d5:b5:42:56:cf:60:35:1a:aa:5b:
cd:5b:57:26:83:a9:9b:6c:04:33:f7:35:ef:be:10:
c7:29:31:34:b5:70:5e:f0:76:02:50:26:cd:8a:24:
1a:d6:1a:61:43:95:02:e7:2a:d3:34:d3:e4:b1:ea:
fb:c4:57:10:a8:56:6b:25:1e:12:62:5d:92:84:c0:
a9:c9:9c:a8:62:08:86:b5:fc:f6:da:3b:a6:82:14:
08:56:4a:8f:20:d0:60:35:b2:bd:b5:df:f3:48:62:
83:84:6e:48:22:71:56:eb:2c:8c:77:9e:ba:a6:f3:
f4:7a:e9:56:8f:a9:03:d0:47:6b:94:66:3a:9c:27:
fe:dc:0a:3c:fd:25:78:8d:7b:99:5a:4d:7f:21:9a:
8e:a3:52:f8:33:b2:67:8a:cc:7c:03:6e:e1:12:3d:
98:1b:48:e3:19:cc:3a:17:79:fd:d2:fc:11:f3:14:
bd:f3:02:6a:27:a5:df:7d:23:c7:9b:62:06:29:bd:
73:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:84:A4:11:93:65:EE:83:AE:2D:62:DA:B5:5E:E4:23:27:86:37:E6
X509v3 Authority Key Identifier:
keyid:CA:29:0D:B2:F7:29:05:F0:DB:62:6B:00:5B:AC:F0:88:78:D1:7B:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yikNsvcpBfDbYmsAW6zwiHjRe6w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/1-oSkEZNl7oOuLWLatV7kIyeGN-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/216973-516f-4501-9164-7f435bf5501c/1/yikNsvcpBfDbYmsAW6zwiHjRe6w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.59.0/24
Signature Algorithm: sha256WithRSAEncryption
24:df:ce:f8:d7:8a:d2:8e:56:39:53:ba:2d:b9:aa:72:f8:e8:
a2:3d:26:b1:7c:05:18:52:06:fb:1a:bb:f2:d0:51:e9:68:32:
f1:31:a3:f5:e8:49:2c:48:94:80:dc:2f:f4:5d:bc:5e:76:da:
7d:05:ba:8f:a8:e5:14:a9:aa:07:5d:4f:4a:05:de:d2:94:bf:
7d:03:db:3d:2d:b3:39:85:2f:5a:0e:0c:63:dc:21:2c:49:2c:
57:56:a8:3c:2d:15:a0:1c:9a:67:f3:15:f9:68:c1:ce:d1:b6:
08:a3:fd:b4:9f:c5:b6:a9:7d:5b:21:0e:ee:c6:6a:b0:db:29:
be:9e:e3:0a:5d:0c:2f:4a:06:3f:d0:c5:7c:b3:83:8b:a5:38:
17:4e:42:5b:de:89:3c:c0:05:4d:6f:54:61:44:62:7a:9b:07:
45:8c:df:f3:f1:00:37:ee:39:a3:d1:97:c4:72:6e:a2:5d:ee:
84:5b:ad:48:7e:7e:a5:7a:9c:ee:2b:b7:0f:98:c6:b6:54:d1:
de:de:9a:b6:73:ec:bb:89:61:ef:64:f0:4d:f7:9d:b7:3e:7e:
4a:19:d4:09:40:8e:01:c4:6b:c0:6c:5d:fd:31:15:60:5f:83:
74:60:8c:72:ad:bd:60:90:79:79:bb:24:c4:43:ef:0b:2a:2e:
2a:7c:67:56
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAYzIAbcmZucKD7Wv7YIFoz8TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhMjkwZGIyZjcyOTA1ZjBkYjYyNmIwMDViYWNmMDg4Nzhk
MTdiYWMwHhcNMjQwMTAyMDIzMDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTg0YTQxMTkzNjVlZTgzYWUyZDYyZGFiNTVlZTQyMzI3ODYzN2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkEaNPxB/ZGDFL2rIcO8aETZzcg5b
AF0jpIJYwIPEmlFkD+fQufe8IxgnO/BvkrN9x5K23smQHWE894kzN155qtW1QlbP
YDUaqlvNW1cmg6mbbAQz9zXvvhDHKTE0tXBe8HYCUCbNiiQa1hphQ5UC5yrTNNPk
ser7xFcQqFZrJR4SYl2ShMCpyZyoYgiGtfz22jumghQIVkqPINBgNbK9td/zSGKD
hG5IInFW6yyMd566pvP0eulWj6kD0EdrlGY6nCf+3Ao8/SV4jXuZWk1/IZqOo1L4
M7Jnisx8A27hEj2YG0jjGcw6F3n90vwR8xS98wJqJ6XffSPHm2IGKb1z8wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPqEpBGTZe6Dri1i2rVe5CMnhjfmMB8GA1UdIwQY
MBaAFMopDbL3KQXw22JrAFus8Ih40XusMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWlrTnN2Y3BCZkRiWW1zQVc2endpSGpSZTZ3LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8yMTY5NzMtNTE2Zi00NTAxLTkxNjQt
N2Y0MzViZjU1MDFjLzEvMS1vU2tFWk5sN29PdUxXTGF0VjdrSXllR04tWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYmUvMjE2OTczLTUxNmYtNDUwMS05MTY0LTdmNDM1YmY1NTAx
Yy8xL3lpa05zdmNwQmZEYlltc0FXNnp3aUhqUmU2dy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAFkvOzAN
BgkqhkiG9w0BAQsFAAOCAQEAJN/O+NeK0o5WOVO6Lbmqcvjooj0msXwFGFIG+xq7
8tBR6Wgy8TGj9ehJLEiUgNwv9F28XnbafQW6j6jlFKmqB11PSgXe0pS/fQPbPS2z
OYUvWg4MY9whLEksV1aoPC0VoByaZ/MV+WjBztG2CKP9tJ/Ftql9WyEO7sZqsNsp
vp7jCl0ML0oGP9DFfLODi6U4F05CW96JPMAFTW9UYURiepsHRYzf8/EAN+45o9GX
xHJuol3uhFutSH5+pXqc7iu3D5jGtlTR3t6atnPsu4lh72TwTfedtz5+ShnUCUCO
AcRrwGxd/TEVYF+DdGCMcq29YJB5ebskxEPvCyouKnxnVg==
-----END CERTIFICATE-----
Generated at Tue Nov 26 03:13:21 2024 by rpki-client on console-fra.rpki-client.org