Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/9G67_dgVuihRw94rxCuQAiGw7Es.roa
File: 9G67_dgVuihRw94rxCuQAiGw7Es.roa (raw, json)
Hash identifier: KV2WZFQAnQhZJlQNtvBU5sV7JnAht5ay4ZLSn7SmgsY=
Subject key identifier: F4:6E:BB:FD:D8:15:BA:28:51:C3:DE:2B:C4:2B:90:02:21:B0:EC:4B
Certificate issuer: /CN=74896c544b461d8b062eff9e3d2c29cd3cc960ec
Certificate serial: 018CC3B6B6EAD545B8C72E394B5ECD185163
Authority key identifier: 74:89:6C:54:4B:46:1D:8B:06:2E:FF:9E:3D:2C:29:CD:3C:C9:60:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dIlsVEtGHYsGLv-ePSwpzTzJYOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/9G67_dgVuihRw94rxCuQAiGw7Es.roa
Signing time: Mon 01 Jan 2024 06:29:40 +0000
ROA not before: Mon 01 Jan 2024 06:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34740
IP address blocks: 89.38.48.0/24 maxlen: 24
89.38.49.0/24 maxlen: 24
89.38.50.0/24 maxlen: 24
89.38.51.0/24 maxlen: 24
188.215.144.0/20 maxlen: 20
2a03:32e0::/32 maxlen: 48
2a03:32e0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/dIlsVEtGHYsGLv-ePSwpzTzJYOw.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/dIlsVEtGHYsGLv-ePSwpzTzJYOw.mft
rsync://rpki.ripe.net/repository/DEFAULT/dIlsVEtGHYsGLv-ePSwpzTzJYOw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:b6:ea:d5:45:b8:c7:2e:39:4b:5e:cd:18:51:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74896c544b461d8b062eff9e3d2c29cd3cc960ec
Validity
Not Before: Jan 1 06:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f46ebbfdd815ba2851c3de2bc42b900221b0ec4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:5f:7d:3c:85:8b:70:36:3c:4e:65:9d:2e:9a:
a9:22:1a:a5:a3:01:07:24:ba:c2:67:f0:df:12:0f:
5f:74:44:31:04:1f:11:8f:db:55:f2:7f:54:54:84:
40:16:d4:a4:72:c6:4b:16:c2:9c:74:17:8c:fb:48:
02:e3:7f:52:82:c2:17:80:8b:ca:32:dd:f3:ed:44:
cf:7b:f3:5c:7c:82:4c:7a:e7:1d:34:48:67:d5:6c:
21:1d:ec:b5:8e:d8:61:56:e2:d0:f7:8f:ae:58:eb:
6a:f2:9b:7d:05:63:28:85:51:a7:de:a3:8d:bb:92:
67:72:7a:c9:15:df:70:4f:f3:d5:52:d7:82:ab:f7:
4a:1b:35:e3:8d:cd:fa:6a:be:73:fc:82:12:de:b1:
f8:35:70:b5:70:78:05:4c:26:c8:f5:15:31:7d:a7:
88:4b:61:7c:4f:36:4e:16:e8:5e:89:db:e0:65:57:
05:ad:5c:fd:91:43:1d:4d:ef:25:1c:8d:c6:d9:6f:
67:18:6a:0a:83:46:09:38:e5:80:84:80:c1:09:b2:
20:1c:2f:b8:ce:67:c3:f8:68:3a:c3:30:7f:02:e4:
ce:3a:86:3a:bf:1c:d1:1b:dc:58:13:69:38:de:55:
02:02:a5:95:8c:9f:9d:65:f8:0c:91:85:5c:0c:4e:
44:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:6E:BB:FD:D8:15:BA:28:51:C3:DE:2B:C4:2B:90:02:21:B0:EC:4B
X509v3 Authority Key Identifier:
keyid:74:89:6C:54:4B:46:1D:8B:06:2E:FF:9E:3D:2C:29:CD:3C:C9:60:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dIlsVEtGHYsGLv-ePSwpzTzJYOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/9G67_dgVuihRw94rxCuQAiGw7Es.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bc22a9-f871-400c-8fcf-cf1740823400/1/dIlsVEtGHYsGLv-ePSwpzTzJYOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.48.0/22
188.215.144.0/20
IPv6:
2a03:32e0::/32
Signature Algorithm: sha256WithRSAEncryption
45:c1:2d:24:54:cd:5f:1a:36:6a:dc:ef:d3:ea:4e:d6:21:a6:
eb:18:38:26:3f:38:ab:e6:fc:f0:37:cb:c2:2c:63:07:f4:c6:
eb:92:29:38:92:75:c3:51:a6:81:b2:ce:85:c3:92:6e:dd:57:
0a:fc:ca:4a:4f:e3:f7:8c:b0:a8:4c:22:59:cc:13:12:4f:b2:
07:83:ef:9d:53:63:c0:62:9c:04:49:dd:c2:f4:dc:44:e6:9a:
44:62:50:38:0d:20:f0:f5:86:95:6a:55:e8:31:3c:b7:68:26:
19:1b:3f:f6:c9:0c:1e:9e:27:c1:0d:a6:2c:98:0b:51:41:9d:
ab:3b:84:75:e6:58:ec:b4:b8:ee:57:bb:20:13:32:3b:03:e8:
4b:c1:8d:f6:09:df:05:4f:bb:dd:dd:eb:9b:1c:37:9e:e6:32:
60:bd:21:66:26:59:14:0d:d7:c2:11:cf:4c:94:7c:23:d1:04:
bb:37:6b:5b:a1:d8:4e:2b:7f:9e:2f:67:03:7e:15:53:8a:b0:
cb:17:66:7d:ee:90:0c:bf:41:c6:c8:31:b4:74:84:50:42:19:
6c:8c:d0:b6:8f:4c:40:ec:fd:e4:62:ed:58:7b:80:1d:10:11:
7f:6a:52:bb:41:f3:29:a2:69:43:db:44:10:4d:bd:36:85:e6:
41:3a:11:99
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDtrbq1UW4xy45S17NGFFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0ODk2YzU0NGI0NjFkOGIwNjJlZmY5ZTNkMmMyOWNkM2Nj
OTYwZWMwHhcNMjQwMTAxMDYyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNDZlYmJmZGQ4MTViYTI4NTFjM2RlMmJjNDJiOTAwMjIxYjBlYzRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArl99PIWLcDY8TmWdLpqpIhqlowEH
JLrCZ/DfEg9fdEQxBB8Rj9tV8n9UVIRAFtSkcsZLFsKcdBeM+0gC439SgsIXgIvK
Mt3z7UTPe/NcfIJMeucdNEhn1WwhHey1jthhVuLQ94+uWOtq8pt9BWMohVGn3qON
u5JncnrJFd9wT/PVUteCq/dKGzXjjc36ar5z/IIS3rH4NXC1cHgFTCbI9RUxfaeI
S2F8TzZOFuheidvgZVcFrVz9kUMdTe8lHI3G2W9nGGoKg0YJOOWAhIDBCbIgHC+4
zmfD+Gg6wzB/AuTOOoY6vxzRG9xYE2k43lUCAqWVjJ+dZfgMkYVcDE5EJQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFPRuu/3YFbooUcPeK8QrkAIhsOxLMB8GA1UdIwQY
MBaAFHSJbFRLRh2LBi7/nj0sKc08yWDsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZElsc1ZFdEdIWXNHTHYtZVBTd3B6VHpKWU93LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYzIyYTktZjg3MS00MDBjLThmY2Yt
Y2YxNzQwODIzNDAwLzEvOUc2N19kZ1Z1aWhSdzk0cnhDdVFBaUd3N0VzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYzIyYTktZjg3MS00MDBjLThmY2YtY2YxNzQwODIzNDAw
LzEvZElsc1ZFdEdIWXNHTHYtZVBTd3B6VHpKWU93LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCWSYwAwQE
vNeQMA0EAgACMAcDBQAqAzLgMA0GCSqGSIb3DQEBCwUAA4IBAQBFwS0kVM1fGjZq
3O/T6k7WIabrGDgmPzir5vzwN8vCLGMH9Mbrkik4knXDUaaBss6Fw5Ju3VcK/MpK
T+P3jLCoTCJZzBMST7IHg++dU2PAYpwESd3C9NxE5ppEYlA4DSDw9YaValXoMTy3
aCYZGz/2yQwenifBDaYsmAtRQZ2rO4R15ljstLjuV7sgEzI7A+hLwY32Cd8FT7vd
3eubHDee5jJgvSFmJlkUDdfCEc9MlHwj0QS7N2tbodhOK3+eL2cDfhVTirDLF2Z9
7pAMv0HGyDG0dIRQQhlsjNC2j0xA7P3kYu1Ye4AdEBF/alK7QfMpomlD20QQTb02
heZBOhGZ
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:02:26 2024 by rpki-client on console-fra.rpki-client.org