Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/t3OYa95kY7YUgDM_KR3k6b2oYiI.roa
File: t3OYa95kY7YUgDM_KR3k6b2oYiI.roa (raw, json)
Hash identifier: wKM1/5/Cxf3QyNhTgh3c5GYbNmoTa8X2IAJ/Dc5sM7s=
Subject key identifier: B7:73:98:6B:DE:64:63:B6:14:80:33:3F:29:1D:E4:E9:BD:A8:62:22
Certificate issuer: /CN=4e69b402b67d75936f45dc8bc54b86814e0636ba
Certificate serial: 018F806C8240EDAE55906B8E0914175DA11E
Authority key identifier: 4E:69:B4:02:B6:7D:75:93:6F:45:DC:8B:C5:4B:86:81:4E:06:36:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tmm0ArZ9dZNvRdyLxUuGgU4GNro.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/t3OYa95kY7YUgDM_KR3k6b2oYiI.roa
Signing time: Thu 16 May 2024 08:02:25 +0000
ROA not before: Thu 16 May 2024 08:02:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8434
IP address blocks: 80.89.160.0/20 maxlen: 20
80.94.208.0/20 maxlen: 20
88.83.128.0/19 maxlen: 19
2a00:6e80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/Tmm0ArZ9dZNvRdyLxUuGgU4GNro.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/Tmm0ArZ9dZNvRdyLxUuGgU4GNro.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tmm0ArZ9dZNvRdyLxUuGgU4GNro.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:6c:82:40:ed:ae:55:90:6b:8e:09:14:17:5d:a1:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e69b402b67d75936f45dc8bc54b86814e0636ba
Validity
Not Before: May 16 08:02:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b773986bde6463b61480333f291de4e9bda86222
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:9a:c8:62:3e:a9:72:91:2f:10:46:8f:fe:e2:
6d:f7:bb:7e:e0:39:ce:6b:95:ed:db:e1:a1:a1:eb:
28:ed:9f:29:6f:64:b6:59:78:29:bc:59:65:e6:05:
d1:77:8e:2a:67:09:6e:b2:7b:f8:28:f9:ff:59:de:
46:a0:8e:76:a9:7f:0e:97:21:1e:71:04:61:ba:4e:
79:69:a7:aa:16:a1:36:07:af:c0:95:c8:53:cf:d6:
43:30:0f:09:2a:f7:e5:05:c8:f1:dd:ca:4f:cf:62:
84:63:1f:9b:c4:c2:08:43:e3:bf:5f:00:ae:ff:94:
ea:bf:8a:6f:99:22:61:32:55:2b:13:fe:4e:4a:b1:
34:04:05:5a:ef:b7:c1:a9:f7:4d:ba:20:14:9e:5c:
38:63:b3:33:e3:61:f0:0a:10:f2:34:eb:5c:26:4e:
13:f2:5b:8e:28:f2:ba:9f:49:e9:0b:36:01:b8:78:
a7:89:a3:f1:f8:3b:37:f5:31:e3:9a:98:5e:e7:58:
83:7c:6d:da:80:64:61:54:a1:10:7d:2f:f9:1d:a6:
a8:8e:43:c1:ab:9a:82:ee:bc:ea:37:c2:1e:d2:6b:
f6:ac:6f:73:b9:73:5f:68:e6:96:53:d3:e5:fd:02:
af:e5:f2:ab:2a:59:55:34:22:24:d9:0c:95:28:8e:
80:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:73:98:6B:DE:64:63:B6:14:80:33:3F:29:1D:E4:E9:BD:A8:62:22
X509v3 Authority Key Identifier:
keyid:4E:69:B4:02:B6:7D:75:93:6F:45:DC:8B:C5:4B:86:81:4E:06:36:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tmm0ArZ9dZNvRdyLxUuGgU4GNro.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/t3OYa95kY7YUgDM_KR3k6b2oYiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/689ab5-30d2-46a3-8c54-16b4196fa294/1/Tmm0ArZ9dZNvRdyLxUuGgU4GNro.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.89.160.0/20
80.94.208.0/20
88.83.128.0/19
IPv6:
2a00:6e80::/32
Signature Algorithm: sha256WithRSAEncryption
57:8e:88:e1:29:2f:d1:f5:2d:c6:36:ad:88:35:ad:6a:8b:df:
f2:1f:de:05:d6:7d:b0:45:f0:9f:39:18:30:35:02:22:d7:2a:
6f:a1:dd:c7:23:6d:df:c9:a3:9e:e5:d3:35:4f:20:93:36:ee:
97:96:91:49:e0:a2:41:2e:da:1c:c7:80:cc:be:fc:c9:d8:0c:
b8:28:82:8b:b2:b8:a5:bb:1d:8f:bf:71:c9:3c:a3:de:41:c4:
17:17:ed:c5:f8:fc:1b:b6:56:84:c7:b7:70:b3:58:5d:98:69:
b1:a5:65:2c:bb:80:a6:b5:93:d8:0e:05:4f:38:a4:c4:3d:42:
40:61:95:c8:02:8b:77:15:86:cc:1d:b0:b7:81:c2:da:c2:38:
38:a8:a3:ee:3f:b6:b4:4a:b9:93:a4:c5:8c:62:3d:f8:7d:8f:
99:36:61:57:11:dd:a7:df:fe:e0:37:81:f5:b5:1e:4b:6d:f2:
8a:15:fa:0a:dc:42:6f:36:a0:35:f8:e1:f7:d1:34:af:2b:58:
df:ec:cc:bc:3f:66:d7:b5:28:27:d7:77:b3:bb:bc:63:57:dc:
56:46:58:7d:17:6d:b6:da:12:53:d2:fc:5e:59:e7:b2:72:03:
2f:8f:5a:5a:84:46:cc:11:06:04:db:a4:d5:c9:45:e7:0d:82:
ad:dc:d0:5a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAY+AbIJA7a5VkGuOCRQXXaEeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNjliNDAyYjY3ZDc1OTM2ZjQ1ZGM4YmM1NGI4NjgxNGUw
NjM2YmEwHhcNMjQwNTE2MDgwMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzczOTg2YmRlNjQ2M2I2MTQ4MDMzM2YyOTFkZTRlOWJkYTg2MjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5JrIYj6pcpEvEEaP/uJt97t+4DnO
a5Xt2+Ghoeso7Z8pb2S2WXgpvFll5gXRd44qZwlusnv4KPn/Wd5GoI52qX8OlyEe
cQRhuk55aaeqFqE2B6/AlchTz9ZDMA8JKvflBcjx3cpPz2KEYx+bxMIIQ+O/XwCu
/5Tqv4pvmSJhMlUrE/5OSrE0BAVa77fBqfdNuiAUnlw4Y7Mz42HwChDyNOtcJk4T
8luOKPK6n0npCzYBuHiniaPx+Ds39THjmphe51iDfG3agGRhVKEQfS/5HaaojkPB
q5qC7rzqN8Ie0mv2rG9zuXNfaOaWU9Pl/QKv5fKrKllVNCIk2QyVKI6AUQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLdzmGveZGO2FIAzPykd5Om9qGIiMB8GA1UdIwQY
MBaAFE5ptAK2fXWTb0Xci8VLhoFOBja6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVG1tMEFyWjlkWk52UmR5THhVdUdnVTRHTnJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82ODlhYjUtMzBkMi00NmEzLThjNTQt
MTZiNDE5NmZhMjk0LzEvdDNPWWE5NWtZN1lVZ0RNX0tSM2s2YjJvWWlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82ODlhYjUtMzBkMi00NmEzLThjNTQtMTZiNDE5NmZhMjk0
LzEvVG1tMEFyWjlkWk52UmR5THhVdUdnVTRHTnJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQEUFmgAwQE
UF7QAwQFWFOAMA0EAgACMAcDBQAqAG6AMA0GCSqGSIb3DQEBCwUAA4IBAQBXjojh
KS/R9S3GNq2INa1qi9/yH94F1n2wRfCfORgwNQIi1ypvod3HI23fyaOe5dM1TyCT
Nu6XlpFJ4KJBLtocx4DMvvzJ2Ay4KIKLsrilux2Pv3HJPKPeQcQXF+3F+PwbtlaE
x7dws1hdmGmxpWUsu4CmtZPYDgVPOKTEPUJAYZXIAot3FYbMHbC3gcLawjg4qKPu
P7a0SrmTpMWMYj34fY+ZNmFXEd2n3/7gN4H1tR5LbfKKFfoK3EJvNqA1+OH30TSv
K1jf7My8P2bXtSgn13ezu7xjV9xWRlh9F2222hJT0vxeWeeycgMvj1pahEbMEQYE
26TVyUXnDYKt3NBa
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:17:21 2024 by rpki-client on console-ams.rpki-client.org