Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/eIwRkROJWFdm7eGlSe0zbNujs68.roa
File: eIwRkROJWFdm7eGlSe0zbNujs68.roa (raw, json)
Hash identifier: 6ReHo4HR+TzilKFLOtgF4fG0e2xtop5UbJjvocOG1tI=
Subject key identifier: 78:8C:11:91:13:89:58:57:66:ED:E1:A5:49:ED:33:6C:DB:A3:B3:AF
Certificate issuer: /CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Certificate serial: 018CC7958C9BB6855A51353A8D62843E0A1E
Authority key identifier: CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/eIwRkROJWFdm7eGlSe0zbNujs68.roa
Signing time: Tue 02 Jan 2024 00:31:55 +0000
ROA not before: Tue 02 Jan 2024 00:31:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203004
IP address blocks: 92.255.99.0/24 maxlen: 24
89.223.100.0/24 maxlen: 24
2a04:ac00:9::/48 maxlen: 48
2a04:ac00:2::/48 maxlen: 48
2a04:ac00:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.mft
rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:8c:9b:b6:85:5a:51:35:3a:8d:62:84:3e:0a:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd8313e41e646a09cd01e2e6f4739d3bd236c4ff
Validity
Not Before: Jan 2 00:31:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=788c11911389585766ede1a549ed336cdba3b3af
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:26:28:14:5e:fa:29:22:ae:ad:52:54:e5:6b:
d4:9f:d5:d2:e6:24:83:07:70:c1:44:83:bf:a4:56:
09:c0:c7:2a:7b:3a:08:be:1f:a9:52:7d:3a:6a:8b:
5a:74:c8:d1:15:97:6a:2e:8c:10:37:38:69:0c:2e:
c7:be:d4:b6:70:bc:3c:22:05:f1:02:18:4a:79:6f:
27:b8:f9:27:1d:09:7b:a0:3a:59:03:3c:82:b9:b9:
42:b9:a3:e4:ec:cd:af:0f:5f:da:59:19:cb:08:ab:
89:58:14:aa:48:73:4f:7b:00:7b:74:2e:a4:45:b3:
33:f8:df:dd:41:69:e3:b2:b3:db:7a:23:0f:af:fc:
63:44:20:15:aa:b6:ee:3d:ec:26:81:f2:ea:e2:58:
4d:fc:f5:36:ff:9b:68:52:2b:b5:ab:5a:bb:89:10:
97:3f:7c:d2:d8:ed:d8:29:70:37:18:24:41:04:0b:
b1:b0:c5:37:46:1c:7a:e4:4d:74:be:5f:57:71:7f:
e8:5a:f2:65:43:a2:7e:f2:37:a0:80:7a:22:b8:0f:
ce:8f:a1:7a:6b:63:aa:7a:b7:f8:4d:b0:96:3a:3d:
86:a2:6f:b4:c6:b7:89:5c:48:80:aa:a2:1e:52:ff:
1c:05:69:2d:ba:03:b6:ca:ba:9a:6d:d2:7b:0d:a3:
7e:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:8C:11:91:13:89:58:57:66:ED:E1:A5:49:ED:33:6C:DB:A3:B3:AF
X509v3 Authority Key Identifier:
keyid:CD:83:13:E4:1E:64:6A:09:CD:01:E2:E6:F4:73:9D:3B:D2:36:C4:FF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zYMT5B5kagnNAeLm9HOdO9I2xP8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/eIwRkROJWFdm7eGlSe0zbNujs68.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/3465f3-03c2-4eaa-a674-8862b517317c/1/zYMT5B5kagnNAeLm9HOdO9I2xP8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.223.100.0/24
92.255.99.0/24
IPv6:
2a04:ac00:2::/48
2a04:ac00:9::-2a04:ac00:a:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a5:41:30:44:4b:59:8b:6f:7a:8c:69:3b:9a:8c:49:a3:71:f4:
bc:ee:7a:4d:d4:6f:ab:bd:2a:24:9a:9a:a8:0a:77:81:2d:b2:
8e:eb:ec:0a:f1:64:60:a7:c0:4b:6b:f1:3b:ad:da:e8:c8:c4:
3a:6a:4b:42:44:12:2d:a9:e3:45:03:45:79:02:9f:b0:a5:11:
2a:a0:0a:99:29:4d:ca:4e:a4:1c:e5:99:68:e7:d1:47:7d:81:
0b:e8:45:94:e0:38:5b:a1:47:aa:65:d7:79:31:fb:44:12:a8:
e9:12:dc:23:5e:91:57:fb:c7:b4:2e:6e:96:0b:52:98:6c:97:
17:3c:06:15:75:47:b1:84:5b:08:43:f4:66:4e:c3:bd:15:e8:
63:03:f0:bf:e9:66:2e:82:10:dc:3c:d9:48:16:5b:3f:e6:57:
86:8e:f7:a9:f9:7f:4f:6a:fb:0a:03:94:57:7f:02:29:4c:37:
01:92:1a:23:0a:4b:29:fb:74:5e:f5:66:ed:bd:6b:87:3f:48:
0e:22:74:10:c2:a1:f8:30:d7:7f:5e:85:e1:77:21:2e:45:95:
13:85:33:8b:7f:6d:71:32:0f:2e:0e:a1:0c:7f:ad:9b:0f:f8:
11:61:46:fc:fc:21:a6:dc:58:20:9f:86:08:38:93:bd:74:e7:
73:c9:f7:e5
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAYzHlYybtoVaUTU6jWKEPgoeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkODMxM2U0MWU2NDZhMDljZDAxZTJlNmY0NzM5ZDNiZDIz
NmM0ZmYwHhcNMjQwMTAyMDAzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODhjMTE5MTEzODk1ODU3NjZlZGUxYTU0OWVkMzM2Y2RiYTNiM2FmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSYoFF76KSKurVJU5WvUn9XS5iSD
B3DBRIO/pFYJwMcqezoIvh+pUn06aotadMjRFZdqLowQNzhpDC7HvtS2cLw8IgXx
AhhKeW8nuPknHQl7oDpZAzyCublCuaPk7M2vD1/aWRnLCKuJWBSqSHNPewB7dC6k
RbMz+N/dQWnjsrPbeiMPr/xjRCAVqrbuPewmgfLq4lhN/PU2/5toUiu1q1q7iRCX
P3zS2O3YKXA3GCRBBAuxsMU3Rhx65E10vl9XcX/oWvJlQ6J+8jeggHoiuA/Oj6F6
a2Oqerf4TbCWOj2Gom+0xreJXEiAqqIeUv8cBWktugO2yrqabdJ7DaN+NQIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFHiMEZETiVhXZu3hpUntM2zbo7OvMB8GA1UdIwQY
MBaAFM2DE+QeZGoJzQHi5vRznTvSNsT/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQt
ODg2MmI1MTczMTdjLzEvZUl3UmtST0pXRmRtN2VHbFNlMHpiTnVqczY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS8zNDY1ZjMtMDNjMi00ZWFhLWE2NzQtODg2MmI1MTczMTdj
LzEvellNVDVCNWthZ25OQWVMbTlIT2RPOUkyeFA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTASBAIAATAMAwQAWd9kAwQA
XP9jMCMEAgACMB0DBwAqBKwAAAIwEgMHACoErAAACQMHACoErAAACjANBgkqhkiG
9w0BAQsFAAOCAQEApUEwREtZi296jGk7moxJo3H0vO56TdRvq70qJJqaqAp3gS2y
juvsCvFkYKfAS2vxO63a6MjEOmpLQkQSLanjRQNFeQKfsKURKqAKmSlNyk6kHOWZ
aOfRR32BC+hFlOA4W6FHqmXXeTH7RBKo6RLcI16RV/vHtC5ulgtSmGyXFzwGFXVH
sYRbCEP0Zk7DvRXoYwPwv+lmLoIQ3DzZSBZbP+ZXho73qfl/T2r7CgOUV38CKUw3
AZIaIwpLKft0XvVm7b1rhz9IDiJ0EMKh+DDXf16F4XchLkWVE4Uzi39tcTIPLg6h
DH+tmw/4EWFG/PwhptxYIJ+GCDiTvXTnc8n35Q==
-----END CERTIFICATE-----
Generated at Sat Nov 23 00:12:13 2024 by rpki-client on console-ams.rpki-client.org