Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/R1vBdG8FX0LI5_5OPJKVmh2smJk.roa
File: R1vBdG8FX0LI5_5OPJKVmh2smJk.roa (raw, json)
Hash identifier: Nto4i/nJW1GJWb9GY5JjdvPa8pnBbRHFX0QyMvf2ask=
Subject key identifier: 47:5B:C1:74:6F:05:5F:42:C8:E7:FE:4E:3C:92:95:9A:1D:AC:98:99
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 018CC7958F4CB39612C50FC59C1E1A493B3A
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/R1vBdG8FX0LI5_5OPJKVmh2smJk.roa
Signing time: Tue 02 Jan 2024 00:31:56 +0000
ROA not before: Tue 02 Jan 2024 00:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211590
IP address blocks: 89.104.126.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.mft
rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:8f:4c:b3:96:12:c5:0f:c5:9c:1e:1a:49:3b:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 2 00:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=475bc1746f055f42c8e7fe4e3c92959a1dac9899
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:af:90:0b:88:58:7b:ac:74:3c:70:f6:c6:9d:
21:28:f7:7e:12:e6:05:e7:b1:ab:32:2b:69:6f:02:
a8:90:41:9f:8b:97:02:86:d9:ba:a5:71:d2:22:b1:
e8:10:00:24:d0:6a:a3:9c:1a:ae:7c:7d:79:42:0f:
a9:35:3a:88:b7:09:57:e2:45:5b:08:a2:af:b8:7c:
52:4f:f7:42:6b:ba:f8:23:f4:c7:3a:05:ec:d2:3c:
5c:7c:18:99:cc:44:e9:86:75:78:42:fe:9d:87:d0:
96:b2:d3:40:73:e5:8e:07:5d:d9:62:f8:05:0a:1a:
3f:b4:c6:40:03:6c:76:95:44:45:a2:18:17:64:08:
34:f7:c0:19:5d:70:e2:92:39:a8:ab:c6:d6:7d:85:
3b:75:bd:66:bd:3c:aa:82:4b:c6:13:97:ed:8e:9f:
2d:fc:02:f0:3d:57:e7:53:f3:95:aa:9b:06:32:c6:
d7:15:08:01:ea:5a:4b:11:cb:c8:00:08:39:37:78:
1c:8c:b0:b1:24:95:08:06:ca:ff:da:2a:c6:d6:2b:
cb:de:45:10:07:24:55:2c:ab:58:c8:a6:94:0c:6f:
6c:5b:92:35:56:94:1b:b9:8e:6a:53:35:b3:8b:a6:
1f:7b:d0:0b:5c:3d:53:15:16:c3:d5:39:3a:c6:5f:
94:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:5B:C1:74:6F:05:5F:42:C8:E7:FE:4E:3C:92:95:9A:1D:AC:98:99
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/R1vBdG8FX0LI5_5OPJKVmh2smJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.104.126.0/24
Signature Algorithm: sha256WithRSAEncryption
08:e2:f1:53:76:f5:37:ac:78:e3:b6:64:df:07:db:c9:52:ef:
46:da:90:28:9a:65:a1:18:5a:70:c8:a9:01:3a:cc:e6:af:0c:
14:95:ce:9f:1e:b5:92:7d:10:42:2f:ad:3d:89:63:60:30:13:
52:5d:30:59:91:66:cd:c5:40:6a:4f:58:80:28:c4:b8:34:fc:
f8:9c:79:0b:4e:87:90:9f:b0:a9:0a:08:38:5b:a7:32:36:01:
15:d8:50:3e:38:d0:22:48:06:35:39:67:b0:e3:a3:f9:a4:a4:
a1:6c:2a:9e:11:78:6d:fb:c9:a5:26:52:c6:1c:09:f4:27:28:
1b:fd:5b:96:de:94:fb:8c:1c:19:a1:0e:e7:fb:82:a4:3e:12:
30:de:45:02:a0:22:63:3c:03:d3:75:56:d3:d1:89:53:1e:60:
80:87:5c:4b:2f:8b:84:66:64:83:10:4e:d6:47:a3:a8:81:03:
cb:cd:ba:78:d6:76:58:13:6b:59:55:06:33:52:58:1b:7b:c8:
63:6e:a6:6a:5d:eb:6c:4b:dd:b1:32:ea:1a:35:d7:81:e8:79:
1f:96:5d:88:dc:b7:d8:fe:65:c6:a8:b1:1c:7f:7e:d7:92:b4:
03:41:71:81:5d:67:c4:95:78:b5:3d:84:69:b4:11:ce:c2:f2:
a4:f2:d7:89
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlY9Ms5YSxQ/FnB4aSTs6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjQwMTAyMDAzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzViYzE3NDZmMDU1ZjQyYzhlN2ZlNGUzYzkyOTU5YTFkYWM5ODk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv6+QC4hYe6x0PHD2xp0hKPd+EuYF
57GrMitpbwKokEGfi5cChtm6pXHSIrHoEAAk0GqjnBqufH15Qg+pNTqItwlX4kVb
CKKvuHxST/dCa7r4I/THOgXs0jxcfBiZzETphnV4Qv6dh9CWstNAc+WOB13ZYvgF
Cho/tMZAA2x2lURFohgXZAg098AZXXDikjmoq8bWfYU7db1mvTyqgkvGE5ftjp8t
/ALwPVfnU/OVqpsGMsbXFQgB6lpLEcvIAAg5N3gcjLCxJJUIBsr/2irG1ivL3kUQ
ByRVLKtYyKaUDG9sW5I1VpQbuY5qUzWzi6Yfe9ALXD1TFRbD1Tk6xl+UZQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEdbwXRvBV9CyOf+TjySlZodrJiZMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvUjF2QmRHOEZYMExJNV81T1BKS1ZtaDJzbUprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWWh+MA0G
CSqGSIb3DQEBCwUAA4IBAQAI4vFTdvU3rHjjtmTfB9vJUu9G2pAommWhGFpwyKkB
OszmrwwUlc6fHrWSfRBCL609iWNgMBNSXTBZkWbNxUBqT1iAKMS4NPz4nHkLToeQ
n7CpCgg4W6cyNgEV2FA+ONAiSAY1OWew46P5pKShbCqeEXht+8mlJlLGHAn0Jygb
/VuW3pT7jBwZoQ7n+4KkPhIw3kUCoCJjPAPTdVbT0YlTHmCAh1xLL4uEZmSDEE7W
R6OogQPLzbp41nZYE2tZVQYzUlgbe8hjbqZqXetsS92xMuoaNdeB6Hkfll2I3LfY
/mXGqLEcf37XkrQDQXGBXWfElXi1PYRptBHOwvKk8teJ
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:21:26 2024 by rpki-client on console-ams.rpki-client.org