Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/pUJ4zs0rfGxu5OusAIqcGPtIqZA.roa
File: pUJ4zs0rfGxu5OusAIqcGPtIqZA.roa (raw, json)
Hash identifier: Cwg1IW1tbB4qkED3bxxq9hb38aWVxZLLIQPxswq9GsI=
Subject key identifier: A5:42:78:CE:CD:2B:7C:6C:6E:E4:EB:AC:00:8A:9C:18:FB:48:A9:90
Certificate issuer: /CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Certificate serial: 018CC6B7B15D1BB5D1F434B8B9C9DD565840
Authority key identifier: 38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/pUJ4zs0rfGxu5OusAIqcGPtIqZA.roa
Signing time: Mon 01 Jan 2024 20:29:36 +0000
ROA not before: Mon 01 Jan 2024 20:29:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212014
IP address blocks: 89.35.226.0/24 maxlen: 24
2a0a:d6c0:226::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.mft
rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:b1:5d:1b:b5:d1:f4:34:b8:b9:c9:dd:56:58:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=387d6df7eb7542e0333aeedd14adff8f51f8cbd8
Validity
Not Before: Jan 1 20:29:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a54278cecd2b7c6c6ee4ebac008a9c18fb48a990
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:ef:f3:b5:78:f2:7e:64:dc:97:9f:e6:9a:0a:
5e:2f:97:3a:73:e2:d7:0b:fa:76:e3:32:c2:e6:e8:
36:c8:cd:4f:d3:7a:b6:7e:cf:16:5e:ed:16:bb:a3:
f9:c6:e3:24:7e:42:bd:d7:35:dc:1e:07:57:a8:54:
fc:c0:da:d3:cf:ff:ae:8d:a2:03:ef:d3:67:5b:78:
70:e4:29:60:2f:b2:00:00:5e:1d:3a:cd:a7:2e:36:
74:3e:5c:72:00:9e:32:13:55:22:d1:00:66:7a:6a:
2b:0f:bc:07:6d:85:26:b1:68:a3:0e:82:61:fd:96:
b7:27:37:0c:b1:0b:59:e3:2c:f7:7b:27:40:fc:e8:
e8:ae:ba:34:2a:55:9c:a4:c4:55:39:ea:2f:01:31:
1f:cc:7a:f7:de:bd:4b:90:2b:74:17:c5:f4:5e:60:
fc:29:b5:54:8b:5a:bd:39:8c:20:87:94:b0:50:09:
22:87:89:0b:8f:c1:49:09:b7:a4:e9:01:19:f5:7b:
39:62:55:36:ad:98:6d:2c:86:84:3a:3c:b8:9d:d6:
5b:29:ea:0b:2b:ef:bb:ab:a2:18:b5:c7:0c:29:42:
1a:d0:ec:c0:45:09:92:6d:6d:37:1e:df:03:d1:97:
4d:40:fc:b5:5e:9d:cf:2f:04:2d:67:c6:d1:9a:68:
dd:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:42:78:CE:CD:2B:7C:6C:6E:E4:EB:AC:00:8A:9C:18:FB:48:A9:90
X509v3 Authority Key Identifier:
keyid:38:7D:6D:F7:EB:75:42:E0:33:3A:EE:DD:14:AD:FF:8F:51:F8:CB:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OH1t9-t1QuAzOu7dFK3_j1H4y9g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/pUJ4zs0rfGxu5OusAIqcGPtIqZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/d4a89c-54b2-445b-bb7c-609a48b2b14d/1/OH1t9-t1QuAzOu7dFK3_j1H4y9g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.226.0/24
IPv6:
2a0a:d6c0:226::/48
Signature Algorithm: sha256WithRSAEncryption
12:23:90:93:66:64:0a:ad:d3:1f:bc:47:f6:e4:39:b3:b7:f0:
0c:5e:97:c4:4d:1e:9e:70:cc:66:d4:35:e8:9f:ea:fb:d4:87:
2c:c8:6c:ff:9c:e3:91:5d:bb:5f:78:82:58:ba:a4:e2:fd:ab:
23:f8:27:21:b0:1f:f7:ae:1e:42:21:6d:dc:67:ad:f0:13:85:
8d:82:88:db:06:4f:0e:4c:70:ef:ca:39:83:aa:44:32:64:a0:
b3:6f:5e:f9:67:b8:78:a3:73:47:bf:34:03:b9:86:51:a1:9a:
6f:18:39:51:18:fd:06:3f:49:ea:d6:90:36:ea:51:59:c0:6b:
ad:d0:32:2c:1c:32:db:0e:fb:23:28:b2:f5:07:5d:33:d5:48:
ee:16:48:c1:5b:94:f3:0f:ad:08:22:fa:12:17:27:53:93:10:
55:fa:86:3f:7a:c4:a5:e2:ac:f3:8b:ce:e3:60:2b:c9:cd:a7:
86:73:ba:09:15:2f:b9:cd:48:98:68:aa:5a:8f:50:1a:39:90:
32:d4:b4:a7:57:ae:2e:9e:89:ee:6d:70:c8:ee:ea:da:0f:94:
2d:50:a5:02:b8:24:a8:19:7c:df:e4:f0:51:e6:21:a8:37:f9:
0a:1b:b8:02:3e:b7:51:9d:94:8c:77:79:60:4f:6a:48:ac:98:
f4:8c:d6:2a
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzGt7FdG7XR9DS4ucndVlhAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4N2Q2ZGY3ZWI3NTQyZTAzMzNhZWVkZDE0YWRmZjhmNTFm
OGNiZDgwHhcNMjQwMTAxMjAyOTM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTQyNzhjZWNkMmI3YzZjNmVlNGViYWMwMDhhOWMxOGZiNDhhOTkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAru/ztXjyfmTcl5/mmgpeL5c6c+LX
C/p24zLC5ug2yM1P03q2fs8WXu0Wu6P5xuMkfkK91zXcHgdXqFT8wNrTz/+ujaID
79NnW3hw5ClgL7IAAF4dOs2nLjZ0PlxyAJ4yE1Ui0QBmemorD7wHbYUmsWijDoJh
/Za3JzcMsQtZ4yz3eydA/Ojorro0KlWcpMRVOeovATEfzHr33r1LkCt0F8X0XmD8
KbVUi1q9OYwgh5SwUAkih4kLj8FJCbek6QEZ9Xs5YlU2rZhtLIaEOjy4ndZbKeoL
K++7q6IYtccMKUIa0OzARQmSbW03Ht8D0ZdNQPy1Xp3PLwQtZ8bRmmjdjQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFKVCeM7NK3xsbuTrrACKnBj7SKmQMB8GA1UdIwQY
MBaAFDh9bffrdULgMzru3RSt/49R+MvYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2Mt
NjA5YTQ4YjJiMTRkLzEvcFVKNHpzMHJmR3h1NU91c0FJcWNHUHRJcVpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9kNGE4OWMtNTRiMi00NDViLWJiN2MtNjA5YTQ4YjJiMTRk
LzEvT0gxdDktdDFRdUF6T3U3ZEZLM19qMUg0eTlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWSPiMA8E
AgACMAkDBwAqCtbAAiYwDQYJKoZIhvcNAQELBQADggEBABIjkJNmZAqt0x+8R/bk
ObO38Axel8RNHp5wzGbUNeif6vvUhyzIbP+c45Fdu194gli6pOL9qyP4JyGwH/eu
HkIhbdxnrfAThY2CiNsGTw5McO/KOYOqRDJkoLNvXvlnuHijc0e/NAO5hlGhmm8Y
OVEY/QY/SerWkDbqUVnAa63QMiwcMtsO+yMosvUHXTPVSO4WSMFblPMPrQgi+hIX
J1OTEFX6hj96xKXirPOLzuNgK8nNp4ZzugkVL7nNSJhoqlqPUBo5kDLUtKdXri6e
ie5tcMju6toPlC1QpQK4JKgZfN/k8FHmIag3+QobuAI+t1GdlIx3eWBPakismPSM
1io=
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:04:45 2024 by rpki-client on console-fra.rpki-client.org