Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/X8ojefN1Ia01LicnfI2KyYPoezo.roa
File: X8ojefN1Ia01LicnfI2KyYPoezo.roa (raw, json)
Hash identifier: u+slpedS8WzqL5PGpjY/g9RNBpjdTtQ1pXqyCMtIDiA=
Subject key identifier: 5F:CA:23:79:F3:75:21:AD:35:2E:27:27:7C:8D:8A:C9:83:E8:7B:3A
Certificate issuer: /CN=7df132df13e4be53d8250c8c48420264eef6c14c
Certificate serial: 018CC802CCE681364AA622EFD127D4BFB8F7
Authority key identifier: 7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/X8ojefN1Ia01LicnfI2KyYPoezo.roa
Signing time: Tue 02 Jan 2024 02:31:15 +0000
ROA not before: Tue 02 Jan 2024 02:31:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57446
IP address blocks: 89.38.137.0/24 maxlen: 24
89.44.123.0/24 maxlen: 24
89.39.148.0/24 maxlen: 24
89.33.86.0/24 maxlen: 24
94.176.130.0/24 maxlen: 24
89.37.158.0/24 maxlen: 24
86.106.171.0/24 maxlen: 24
89.34.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:02:cc:e6:81:36:4a:a6:22:ef:d1:27:d4:bf:b8:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7df132df13e4be53d8250c8c48420264eef6c14c
Validity
Not Before: Jan 2 02:31:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=5fca2379f37521ad352e27277c8d8ac983e87b3a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:07:78:9b:9c:91:2d:86:68:92:0c:3d:5b:7b:
60:47:49:58:b9:b2:1f:c9:81:e8:97:4b:a8:eb:79:
96:83:1d:5f:b7:d7:e9:a3:46:94:03:70:1f:56:6d:
57:d1:7c:8a:75:fe:91:70:69:1a:4e:70:02:1a:7a:
9d:2b:ef:ab:d5:c4:39:3f:6f:28:f8:69:5c:03:33:
6e:fd:3e:c1:77:1a:fe:b7:eb:da:09:4a:0f:fe:34:
5b:6f:3a:de:d5:f8:c7:1c:8e:3b:9b:9f:28:48:e0:
40:b7:6f:fe:02:80:2d:7b:9d:b4:5a:83:70:d1:38:
bb:54:25:e8:19:b3:90:26:20:23:d2:e0:8a:a0:ab:
f9:96:a3:c3:65:98:43:02:2c:97:69:c7:07:c6:e1:
a4:00:e3:79:ea:01:1e:f1:5a:2e:2e:fc:ff:23:be:
56:b3:c3:2e:40:cf:93:9c:fe:d2:e7:6f:9e:76:ac:
8d:98:b7:37:80:56:3b:7d:9f:d2:ec:d8:c8:ad:a7:
5c:68:35:8e:0f:0b:50:44:f5:91:fe:49:81:89:44:
6e:1e:42:0d:7f:2c:94:a8:57:68:17:e1:72:fd:4b:
2c:18:f4:8c:10:1b:83:d3:f2:d1:65:ff:ef:6e:3e:
db:84:9d:79:93:66:25:78:61:f5:b8:c1:30:7d:b4:
4b:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:CA:23:79:F3:75:21:AD:35:2E:27:27:7C:8D:8A:C9:83:E8:7B:3A
X509v3 Authority Key Identifier:
keyid:7D:F1:32:DF:13:E4:BE:53:D8:25:0C:8C:48:42:02:64:EE:F6:C1:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ffEy3xPkvlPYJQyMSEICZO72wUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/X8ojefN1Ia01LicnfI2KyYPoezo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/c37497-6376-461e-93c6-9778674edc97/1/ffEy3xPkvlPYJQyMSEICZO72wUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.106.171.0/24
89.33.86.0/24
89.34.173.0/24
89.37.158.0/24
89.38.137.0/24
89.39.148.0/24
89.44.123.0/24
94.176.130.0/24
Signature Algorithm: sha256WithRSAEncryption
55:f4:92:9e:7e:58:39:c4:ad:12:f5:93:17:05:d1:92:f7:a6:
07:c3:5f:50:cb:40:07:c1:5d:d0:db:c6:03:82:d2:02:e9:1b:
69:b6:2f:54:73:9c:01:4f:b6:48:f5:71:1c:45:87:6a:6b:03:
0c:94:e1:a6:d8:1b:06:78:0b:f3:3d:57:39:1f:66:fe:e9:8c:
fb:99:23:1b:9b:4e:6d:11:c4:b0:0d:97:eb:98:28:c4:5d:3f:
30:59:fa:17:2c:b2:c3:21:3d:99:52:b1:fd:cd:f2:dd:31:c9:
13:36:89:a7:05:bb:c3:c6:2b:2f:e1:51:f1:0e:21:44:bd:42:
3d:70:96:2e:52:c4:ee:b6:14:cc:8c:da:7e:f2:b1:b2:86:b9:
b5:59:0f:7b:3a:c9:3c:ba:db:4d:12:63:16:56:80:6d:34:13:
41:8c:52:2a:f2:12:ea:34:3b:92:5e:1e:36:2a:88:7d:c3:43:
26:cf:90:ea:2a:1e:bf:12:de:d8:3c:3c:9b:55:67:d7:d4:fe:
b8:57:d2:e6:44:fa:04:ac:78:7c:71:69:1e:c8:23:5a:05:f9:
a6:ca:53:a3:08:90:31:84:a3:49:5e:95:f7:b5:2d:ef:d7:aa:
82:84:a4:57:c0:3f:f6:f9:86:54:e1:9a:3e:a4:bb:e6:cc:c4:
c8:c8:13:14
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAYzIAszmgTZKpiLv0SfUv7j3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkZjEzMmRmMTNlNGJlNTNkODI1MGM4YzQ4NDIwMjY0ZWVm
NmMxNGMwHhcNMjQwMTAyMDIzMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZmNhMjM3OWYzNzUyMWFkMzUyZTI3Mjc3YzhkOGFjOTgzZTg3YjNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAugd4m5yRLYZokgw9W3tgR0lYubIf
yYHol0uo63mWgx1ft9fpo0aUA3AfVm1X0XyKdf6RcGkaTnACGnqdK++r1cQ5P28o
+GlcAzNu/T7Bdxr+t+vaCUoP/jRbbzre1fjHHI47m58oSOBAt2/+AoAte520WoNw
0Ti7VCXoGbOQJiAj0uCKoKv5lqPDZZhDAiyXaccHxuGkAON56gEe8VouLvz/I75W
s8MuQM+TnP7S52+edqyNmLc3gFY7fZ/S7NjIradcaDWODwtQRPWR/kmBiURuHkIN
fyyUqFdoF+Fy/UssGPSMEBuD0/LRZf/vbj7bhJ15k2YleGH1uMEwfbRLjQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFF/KI3nzdSGtNS4nJ3yNismD6Hs6MB8GA1UdIwQY
MBaAFH3xMt8T5L5T2CUMjEhCAmTu9sFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYt
OTc3ODY3NGVkYzk3LzEvWDhvamVmTjFJYTAxTGljbmZJMkt5WVBvZXpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS9jMzc0OTctNjM3Ni00NjFlLTkzYzYtOTc3ODY3NGVkYzk3
LzEvZmZFeTN4UGt2bFBZSlF5TVNFSUNaTzcyd1V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAVmqrAwQA
WSFWAwQAWSKtAwQAWSWeAwQAWSaJAwQAWSeUAwQAWSx7AwQAXrCCMA0GCSqGSIb3
DQEBCwUAA4IBAQBV9JKeflg5xK0S9ZMXBdGS96YHw19Qy0AHwV3Q28YDgtIC6Rtp
ti9Uc5wBT7ZI9XEcRYdqawMMlOGm2BsGeAvzPVc5H2b+6Yz7mSMbm05tEcSwDZfr
mCjEXT8wWfoXLLLDIT2ZUrH9zfLdMckTNomnBbvDxisv4VHxDiFEvUI9cJYuUsTu
thTMjNp+8rGyhrm1WQ97Osk8uttNEmMWVoBtNBNBjFIq8hLqNDuSXh42Koh9w0Mm
z5DqKh6/Et7YPDybVWfX1P64V9LmRPoErHh8cWkeyCNaBfmmylOjCJAxhKNJXpX3
tS3v16qChKRXwD/2+YZU4Zo+pLvmzMTIyBMU
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:37:19 2024 by rpki-client on console-fra.rpki-client.org