Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/1G_CMfYKPgSsp-E-cao-RB8OH-I.roa
File: 1G_CMfYKPgSsp-E-cao-RB8OH-I.roa (raw, json)
Hash identifier: WMrCs9mEC/oSwwGwEJrz8s+RylrUj/8RKrYTfTHhtxA=
Subject key identifier: D4:6F:C2:31:F6:0A:3E:04:AC:A7:E1:3E:71:AA:3E:44:1F:0E:1F:E2
Certificate issuer: /CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Certificate serial: 018CCA2A8FBB6DBBF2979AA773FEFEBACB2B
Authority key identifier: 05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/1G_CMfYKPgSsp-E-cao-RB8OH-I.roa
Signing time: Tue 02 Jan 2024 12:33:56 +0000
ROA not before: Tue 02 Jan 2024 12:33:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 89.167.134.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.mft
rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 01:04:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:8f:bb:6d:bb:f2:97:9a:a7:73:fe:fe:ba:cb:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05f3e160172ecc75c8cab1bae271be3ebf407a80
Validity
Not Before: Jan 2 12:33:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d46fc231f60a3e04aca7e13e71aa3e441f0e1fe2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:90:15:f0:a5:13:7e:b8:5c:53:59:ce:fd:40:
43:0a:e9:c0:78:dd:09:46:64:3b:22:86:d6:1a:70:
13:33:87:a9:db:0c:72:d3:17:78:c6:2e:17:4c:1c:
43:ef:98:1e:19:43:1b:16:66:bb:5c:a4:46:c7:b4:
c5:75:bf:9e:9f:ac:72:23:28:6a:3c:dd:7f:ee:e0:
c4:bb:c1:43:d5:0c:6b:3b:83:35:15:da:93:dd:da:
82:23:64:11:1f:a7:6e:91:7e:29:d5:13:f9:34:61:
cf:81:ab:8b:5d:aa:f3:74:77:f3:0c:23:fd:f3:f3:
2d:6d:93:26:e4:0b:e8:64:88:3a:4e:7a:e9:61:31:
fd:6f:17:81:d7:c1:25:d4:68:aa:c3:5c:a8:82:44:
38:1a:17:c7:21:fb:e5:30:c1:8d:ac:aa:4f:3b:7f:
2b:b1:6c:ba:35:6b:0a:a1:3a:e3:33:fa:a1:8b:d1:
fd:b3:f5:c2:11:05:84:55:e5:15:3a:24:80:b1:51:
9e:dd:c9:e7:86:66:9e:12:69:bb:16:5b:4d:b6:18:
83:67:5a:79:16:a9:87:54:b8:f6:2e:b5:0b:57:f5:
06:3c:87:d4:1e:f1:12:5b:8d:7c:7f:b7:92:2d:7b:
19:3f:37:77:1e:a8:70:0c:62:dc:35:64:fe:af:13:
2d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:6F:C2:31:F6:0A:3E:04:AC:A7:E1:3E:71:AA:3E:44:1F:0E:1F:E2
X509v3 Authority Key Identifier:
keyid:05:F3:E1:60:17:2E:CC:75:C8:CA:B1:BA:E2:71:BE:3E:BF:40:7A:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BfPhYBcuzHXIyrG64nG-Pr9AeoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/1G_CMfYKPgSsp-E-cao-RB8OH-I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/aa8b46-9645-4620-8479-5d560989cf7b/1/BfPhYBcuzHXIyrG64nG-Pr9AeoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.167.134.0/24
Signature Algorithm: sha256WithRSAEncryption
11:e0:64:ed:43:74:a9:db:20:11:14:12:8d:3b:ff:b0:08:f1:
d6:9f:4c:86:6e:57:45:55:c8:0a:82:bd:44:dc:5d:b8:1e:75:
c5:68:69:6c:f1:30:ca:c1:e7:cc:b4:92:54:a4:a8:12:66:d7:
69:71:67:da:a2:53:57:ec:e5:27:fa:52:61:99:04:4b:e3:a9:
9c:9f:c8:42:28:c1:28:30:aa:20:24:21:39:24:fa:a6:46:61:
28:9d:cd:4e:65:4f:bc:f9:1b:49:a7:a7:9c:69:10:d3:99:82:
b9:ba:34:2e:85:26:fe:88:6a:29:38:e1:e2:ee:57:10:9b:5e:
9e:86:be:55:f1:b4:7e:b1:89:10:87:86:74:1e:3b:81:38:d4:
4a:fa:74:bd:a7:c4:e5:ed:fc:27:5c:3a:66:17:08:6f:f6:24:
0b:28:cc:c8:46:a0:0c:1c:8b:62:d7:0f:06:82:81:4d:92:e4:
9d:3d:0a:3e:f7:71:c0:ad:84:ef:2e:fc:6f:14:e8:17:ca:7f:
3f:e8:b6:f2:10:f3:80:ca:54:05:bb:28:02:f0:1b:ac:55:b8:
d5:dc:81:ad:db:33:3b:2c:d0:d1:fd:6a:46:b5:f7:c2:58:40:
9c:f2:d1:48:30:00:f1:cb:f6:5d:db:46:f0:c1:88:9f:7e:90:
89:54:6e:40
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKo+7bbvyl5qnc/7+ussrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1ZjNlMTYwMTcyZWNjNzVjOGNhYjFiYWUyNzFiZTNlYmY0
MDdhODAwHhcNMjQwMTAyMTIzMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNDZmYzIzMWY2MGEzZTA0YWNhN2UxM2U3MWFhM2U0NDFmMGUxZmUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpAV8KUTfrhcU1nO/UBDCunAeN0J
RmQ7IobWGnATM4ep2wxy0xd4xi4XTBxD75geGUMbFma7XKRGx7TFdb+en6xyIyhq
PN1/7uDEu8FD1QxrO4M1FdqT3dqCI2QRH6dukX4p1RP5NGHPgauLXarzdHfzDCP9
8/MtbZMm5AvoZIg6TnrpYTH9bxeB18El1Giqw1yogkQ4GhfHIfvlMMGNrKpPO38r
sWy6NWsKoTrjM/qhi9H9s/XCEQWEVeUVOiSAsVGe3cnnhmaeEmm7FltNthiDZ1p5
FqmHVLj2LrULV/UGPIfUHvESW418f7eSLXsZPzd3HqhwDGLcNWT+rxMtNwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNRvwjH2Cj4ErKfhPnGqPkQfDh/iMB8GA1UdIwQY
MBaAFAXz4WAXLsx1yMqxuuJxvj6/QHqAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0Nzkt
NWQ1NjA5ODljZjdiLzEvMUdfQ01mWUtQZ1NzcC1FLWNhby1SQjhPSC1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS9hYThiNDYtOTY0NS00NjIwLTg0NzktNWQ1NjA5ODljZjdi
LzEvQmZQaFlCY3V6SFhJeXJHNjRuRy1QcjlBZW9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWaeGMA0G
CSqGSIb3DQEBCwUAA4IBAQAR4GTtQ3Sp2yARFBKNO/+wCPHWn0yGbldFVcgKgr1E
3F24HnXFaGls8TDKwefMtJJUpKgSZtdpcWfaolNX7OUn+lJhmQRL46mcn8hCKMEo
MKogJCE5JPqmRmEonc1OZU+8+RtJp6ecaRDTmYK5ujQuhSb+iGopOOHi7lcQm16e
hr5V8bR+sYkQh4Z0HjuBONRK+nS9p8Tl7fwnXDpmFwhv9iQLKMzIRqAMHIti1w8G
goFNkuSdPQo+93HArYTvLvxvFOgXyn8/6LbyEPOAylQFuygC8BusVbjV3IGt2zM7
LNDR/WpGtffCWECc8tFIMADxy/Zd20bwwYiffpCJVG5A
-----END CERTIFICATE-----
Generated at Mon May 6 11:27:01 2024 by rpki-client on console-ams.rpki-client.org