Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/qSyqT6U8amppKFyeuWplKDvDgQ4.roa
File: qSyqT6U8amppKFyeuWplKDvDgQ4.roa (raw, json)
Hash identifier: bQ6MzH911Ty487GI9eBuCFHFItUmaVVulHsJdXwl0Us=
Subject key identifier: A9:2C:AA:4F:A5:3C:6A:6A:69:28:5C:9E:B9:6A:65:28:3B:C3:81:0E
Certificate issuer: /CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Certificate serial: 018CC49355F247467A8257E1EA1018593C3E
Authority key identifier: B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/qSyqT6U8amppKFyeuWplKDvDgQ4.roa
Signing time: Mon 01 Jan 2024 10:30:39 +0000
ROA not before: Mon 01 Jan 2024 10:30:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 15730
IP address blocks: 89.46.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.mft
rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:55:f2:47:46:7a:82:57:e1:ea:10:18:59:3c:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b0c20ae1dacca31815b274702927c1a5a9dbc7b3
Validity
Not Before: Jan 1 10:30:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a92caa4fa53c6a6a69285c9eb96a65283bc3810e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:46:ad:6b:0a:bd:f6:bb:9c:3b:c4:16:92:74:
11:ca:95:a9:5b:fe:ca:ac:09:39:1d:53:7e:5a:11:
d0:32:c6:e7:d4:e6:05:74:48:ef:12:77:09:e7:48:
42:41:22:8d:52:37:cf:1e:6e:a8:a9:45:29:41:f9:
e0:b2:83:a3:a7:f2:25:57:13:76:82:95:c5:fb:02:
b1:51:32:3f:97:c4:89:77:20:7e:a2:9a:96:b9:0a:
7d:73:f7:35:92:e8:4d:c2:df:c1:5a:94:a9:40:5e:
58:ba:e5:77:97:15:d2:3c:d9:e9:01:32:bb:26:56:
76:ac:11:55:1c:74:8c:4a:15:cc:82:47:93:e6:99:
e3:f8:91:cb:55:f1:d8:ce:2b:43:45:c6:24:c1:d9:
bd:97:3f:1d:d8:02:b2:05:9d:5f:7c:52:aa:07:bc:
ed:7d:17:e3:28:fc:ed:71:13:e1:6d:19:a7:d1:a1:
dc:fb:07:c4:6a:10:40:a7:d6:eb:27:9c:3b:33:79:
7e:f4:f6:74:40:4d:4d:af:34:e1:7f:2e:d5:b3:ef:
be:ae:4a:d6:98:e4:e8:78:8e:b4:50:dd:ef:10:05:
75:c1:d1:e6:ad:9c:07:93:d2:70:16:a3:3d:af:95:
46:bb:a1:25:56:8f:a2:09:b8:27:bc:fc:d3:9b:13:
b1:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:2C:AA:4F:A5:3C:6A:6A:69:28:5C:9E:B9:6A:65:28:3B:C3:81:0E
X509v3 Authority Key Identifier:
keyid:B0:C2:0A:E1:DA:CC:A3:18:15:B2:74:70:29:27:C1:A5:A9:DB:C7:B3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sMIK4drMoxgVsnRwKSfBpanbx7M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/qSyqT6U8amppKFyeuWplKDvDgQ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c5/888869-7a65-415b-b68f-5484402ceb7a/1/sMIK4drMoxgVsnRwKSfBpanbx7M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.120.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:be:d4:34:e8:86:ae:34:00:ae:c5:13:9f:db:15:d8:85:0a:
3b:c9:35:d5:c1:49:80:e6:3b:61:c8:d1:ff:d5:62:bb:4c:49:
60:71:54:7d:e9:e0:7b:6b:35:fc:18:36:93:f2:6c:2b:c0:bf:
5f:af:20:6e:36:97:c1:77:95:03:3c:77:2a:ae:7b:6b:8a:ff:
15:37:45:b8:8f:c8:69:bb:74:d0:2e:68:f4:d1:84:ec:58:1c:
6a:e8:64:33:ec:1f:e2:13:e2:9f:97:b8:81:e7:be:50:c5:dd:
95:dc:ad:82:0e:b6:c0:e2:65:69:c6:ab:8d:a9:43:c4:6f:f6:
c0:5b:1e:70:e5:e8:29:33:3f:95:9b:4d:14:d6:93:36:15:57:
34:08:55:10:da:4c:8f:e3:fc:9d:bb:21:bf:f0:67:dd:b0:18:
46:8e:11:9b:f1:f1:37:02:9a:7e:76:18:ae:09:e4:30:02:23:
77:36:df:39:f4:5f:e3:4a:d2:e6:ec:66:91:79:8b:f6:4e:28:
9b:76:d7:a6:a4:1d:da:74:53:df:7c:d9:2a:ec:af:a2:0b:c7:
52:04:70:21:cd:c4:5d:74:e4:4d:74:4f:c3:51:74:b0:5a:ec:
f7:bb:01:ef:9d:bb:ba:d6:fe:f7:01:4a:d5:72:76:91:6b:0a:
a7:1a:80:04
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEk1XyR0Z6glfh6hAYWTw+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwYzIwYWUxZGFjY2EzMTgxNWIyNzQ3MDI5MjdjMWE1YTlk
YmM3YjMwHhcNMjQwMTAxMTAzMDM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTJjYWE0ZmE1M2M2YTZhNjkyODVjOWViOTZhNjUyODNiYzM4MTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqEatawq99rucO8QWknQRypWpW/7K
rAk5HVN+WhHQMsbn1OYFdEjvEncJ50hCQSKNUjfPHm6oqUUpQfngsoOjp/IlVxN2
gpXF+wKxUTI/l8SJdyB+opqWuQp9c/c1kuhNwt/BWpSpQF5YuuV3lxXSPNnpATK7
JlZ2rBFVHHSMShXMgkeT5pnj+JHLVfHYzitDRcYkwdm9lz8d2AKyBZ1ffFKqB7zt
fRfjKPztcRPhbRmn0aHc+wfEahBAp9brJ5w7M3l+9PZ0QE1NrzThfy7Vs+++rkrW
mOToeI60UN3vEAV1wdHmrZwHk9JwFqM9r5VGu6ElVo+iCbgnvPzTmxOxWwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKksqk+lPGpqaShcnrlqZSg7w4EOMB8GA1UdIwQY
MBaAFLDCCuHazKMYFbJ0cCknwaWp28ezMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYt
NTQ4NDQwMmNlYjdhLzEvcVN5cVQ2VThhbXBwS0Z5ZXVXcGxLRHZEZ1E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNS84ODg4NjktN2E2NS00MTViLWI2OGYtNTQ4NDQwMmNlYjdh
LzEvc01JSzRkck1veGdWc25Sd0tTZkJwYW5ieDdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWS54MA0G
CSqGSIb3DQEBCwUAA4IBAQAsvtQ06IauNACuxROf2xXYhQo7yTXVwUmA5jthyNH/
1WK7TElgcVR96eB7azX8GDaT8mwrwL9fryBuNpfBd5UDPHcqrntriv8VN0W4j8hp
u3TQLmj00YTsWBxq6GQz7B/iE+Kfl7iB575Qxd2V3K2CDrbA4mVpxquNqUPEb/bA
Wx5w5egpMz+Vm00U1pM2FVc0CFUQ2kyP4/yduyG/8GfdsBhGjhGb8fE3App+dhiu
CeQwAiN3Nt859F/jStLm7GaReYv2TiibdtempB3adFPffNkq7K+iC8dSBHAhzcRd
dORNdE/DUXSwWuz3uwHvnbu61v73AUrVcnaRawqnGoAE
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:24:17 2024 by rpki-client on console-fra.rpki-client.org