Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/T2otlntzY_papWMahPpRtq3xiPo.roa
File: T2otlntzY_papWMahPpRtq3xiPo.roa (raw, json)
Hash identifier: DSdohlnpfBcACKU95jhR1vlmcHRsiDuzlPJJk9mWte4=
Subject key identifier: 4F:6A:2D:96:7B:73:63:FA:5A:A5:63:1A:84:FA:51:B6:AD:F1:88:FA
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 018CC7958DEAC1D6B3E7F23331340063D8F8
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/T2otlntzY_papWMahPpRtq3xiPo.roa
Signing time: Tue 02 Jan 2024 00:31:56 +0000
ROA not before: Tue 02 Jan 2024 00:31:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208371
IP address blocks: 89.223.98.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.mft
rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:8d:ea:c1:d6:b3:e7:f2:33:31:34:00:63:d8:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 2 00:31:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f6a2d967b7363fa5aa5631a84fa51b6adf188fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:cf:38:23:c8:22:c1:c5:d7:bd:f9:36:0b:de:
0e:4f:9b:aa:9f:1c:8d:af:59:e2:48:a4:63:6b:f9:
2c:09:c8:f2:20:8a:aa:23:dc:45:ee:11:7b:c1:46:
48:1c:f3:68:98:bf:29:01:36:73:29:7b:8b:4f:bb:
01:ef:62:97:30:af:3c:40:09:a5:63:c9:08:77:eb:
be:f4:31:0d:e8:7a:3d:f6:d6:c8:98:b7:53:0e:57:
e4:e5:42:03:ee:ad:6b:9d:9c:0e:7c:7e:92:06:66:
d6:d3:23:0a:f7:36:68:80:15:f8:73:08:2b:af:2e:
68:38:52:52:a3:82:3a:18:a8:4f:6a:90:8d:06:df:
b6:b9:c3:54:1e:51:61:22:99:75:aa:66:12:b0:43:
4d:8e:6d:ad:2f:87:45:4d:be:e2:d1:d1:a2:5c:9e:
ac:5a:a0:25:65:aa:a8:5f:12:bd:76:a3:bc:03:d5:
57:94:3c:b9:15:af:02:58:5d:25:58:4a:64:0d:7d:
af:09:47:2a:3a:0c:cc:eb:37:45:e6:52:f2:1b:24:
ff:3d:8e:07:bb:9e:56:29:2a:14:e4:fc:30:45:b0:
85:7b:af:f6:d8:11:f6:9c:b1:f0:6b:14:44:1b:52:
65:f5:d9:80:d7:76:54:64:e7:5c:3d:d7:bd:cc:83:
fb:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:6A:2D:96:7B:73:63:FA:5A:A5:63:1A:84:FA:51:B6:AD:F1:88:FA
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/T2otlntzY_papWMahPpRtq3xiPo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.223.98.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:25:a2:1b:b8:d5:f2:67:14:e0:03:55:92:6f:c9:0c:f3:f3:
e5:49:5d:e6:c6:c5:84:98:b0:d3:d9:ca:72:22:d3:81:3f:dd:
fb:13:f3:ca:fe:ba:74:57:81:0e:69:c5:28:29:da:c6:42:4b:
c8:94:2e:8f:21:07:80:7b:d8:6f:b0:01:0f:f4:ce:85:e7:3e:
8a:9b:a5:f4:40:bd:81:81:2c:29:c2:6e:1d:b4:17:11:13:1d:
7d:0d:d9:50:39:78:f5:0c:1b:22:22:0b:39:3c:5a:b8:c5:12:
ff:f2:19:e5:50:e2:23:63:d1:8b:b5:7c:ae:e5:db:15:3e:69:
f2:b7:fa:a2:9e:11:34:07:63:4d:16:c1:e6:10:34:2d:63:0a:
e4:6c:59:8b:2b:5e:a8:60:4d:fd:64:75:7a:5b:12:af:24:61:
93:ba:5b:2b:ee:68:86:fd:12:85:95:f8:4a:a7:7d:2d:ef:81:
86:fb:70:91:a2:0d:22:de:6d:a8:1e:29:8f:2e:23:43:33:74:
6c:0d:5b:b5:e1:48:c8:ea:58:00:dd:da:24:73:4b:72:a6:eb:
ea:2b:00:7c:2b:40:22:3d:50:2f:49:a3:e3:5d:d8:22:78:71:
cc:a2:71:c3:f7:69:81:0a:26:6a:e0:43:c5:c7:76:ab:df:e5:
82:76:1d:2f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHlY3qwdaz5/IzMTQAY9j4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjQwMTAyMDAzMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjZhMmQ5NjdiNzM2M2ZhNWFhNTYzMWE4NGZhNTFiNmFkZjE4OGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl884I8giwcXXvfk2C94OT5uqnxyN
r1niSKRja/ksCcjyIIqqI9xF7hF7wUZIHPNomL8pATZzKXuLT7sB72KXMK88QAml
Y8kId+u+9DEN6Ho99tbImLdTDlfk5UID7q1rnZwOfH6SBmbW0yMK9zZogBX4cwgr
ry5oOFJSo4I6GKhPapCNBt+2ucNUHlFhIpl1qmYSsENNjm2tL4dFTb7i0dGiXJ6s
WqAlZaqoXxK9dqO8A9VXlDy5Fa8CWF0lWEpkDX2vCUcqOgzM6zdF5lLyGyT/PY4H
u55WKSoU5PwwRbCFe6/22BH2nLHwaxREG1Jl9dmA13ZUZOdcPde9zIP7/QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE9qLZZ7c2P6WqVjGoT6Ubat8Yj6MB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvVDJvdGxudHpZX3BhcFdNYWhQcFJ0cTN4aVBvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWd9iMA0G
CSqGSIb3DQEBCwUAA4IBAQAeJaIbuNXyZxTgA1WSb8kM8/PlSV3mxsWEmLDT2cpy
ItOBP937E/PK/rp0V4EOacUoKdrGQkvIlC6PIQeAe9hvsAEP9M6F5z6Km6X0QL2B
gSwpwm4dtBcREx19DdlQOXj1DBsiIgs5PFq4xRL/8hnlUOIjY9GLtXyu5dsVPmny
t/qinhE0B2NNFsHmEDQtYwrkbFmLK16oYE39ZHV6WxKvJGGTulsr7miG/RKFlfhK
p30t74GG+3CRog0i3m2oHimPLiNDM3RsDVu14UjI6lgA3dokc0typuvqKwB8K0Ai
PVAvSaPjXdgieHHMonHD92mBCiZq4EPFx3ar3+WCdh0v
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:21:26 2024 by rpki-client on console-ams.rpki-client.org