Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/tybuo8pGtqSFnxBjbsXPdYbqe2M.roa
File: tybuo8pGtqSFnxBjbsXPdYbqe2M.roa (raw, json)
Hash identifier: K5sxQF6JFx5WyG5WN9ql+VzVswmxYGmEb0vHXQY6WGI=
Subject key identifier: B7:26:EE:A3:CA:46:B6:A4:85:9F:10:63:6E:C5:CF:75:86:EA:7B:63
Certificate issuer: /CN=24504c74c7127090a4cff85001f443149e128e60
Certificate serial: 018CC42541906C5A692A2F7B29C367BB4072
Authority key identifier: 24:50:4C:74:C7:12:70:90:A4:CF:F8:50:01:F4:43:14:9E:12:8E:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JFBMdMcScJCkz_hQAfRDFJ4SjmA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/tybuo8pGtqSFnxBjbsXPdYbqe2M.roa
Signing time: Mon 01 Jan 2024 08:30:25 +0000
ROA not before: Mon 01 Jan 2024 08:30:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203929
IP address blocks: 146.19.147.0/24 maxlen: 24
91.199.220.0/24 maxlen: 24
185.124.33.0/24 maxlen: 24
185.124.34.0/24 maxlen: 24
185.124.35.0/24 maxlen: 24
89.37.56.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/JFBMdMcScJCkz_hQAfRDFJ4SjmA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/JFBMdMcScJCkz_hQAfRDFJ4SjmA.mft
rsync://rpki.ripe.net/repository/DEFAULT/JFBMdMcScJCkz_hQAfRDFJ4SjmA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:41:90:6c:5a:69:2a:2f:7b:29:c3:67:bb:40:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24504c74c7127090a4cff85001f443149e128e60
Validity
Not Before: Jan 1 08:30:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b726eea3ca46b6a4859f10636ec5cf7586ea7b63
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:be:00:2a:fc:bb:00:5c:de:7d:49:d6:26:31:
56:69:4a:e1:20:5c:08:82:b9:53:ed:5a:eb:04:8d:
45:a0:89:a9:35:4b:96:01:13:f0:a8:6c:4b:ba:dc:
b8:4a:f6:8e:d9:f3:6a:4d:8c:01:b6:03:42:0b:13:
9e:88:3b:48:60:7e:15:c1:cb:0b:39:fb:12:f5:c4:
c7:c7:2d:d7:f1:23:0c:e9:a8:07:8b:64:7f:db:0e:
41:7e:b5:83:f4:eb:bf:8b:42:7d:e1:f8:ab:a2:97:
18:81:83:48:bf:52:3a:b0:7d:3c:cb:ad:60:08:7f:
3c:47:59:a5:15:86:b0:9e:3d:df:e0:51:e6:e7:60:
0f:55:39:02:d7:e6:6e:d8:5b:f1:83:10:7b:28:29:
b7:6f:98:45:15:50:dd:ac:2d:78:94:48:72:e1:10:
06:76:14:be:0e:17:3d:d3:06:40:ec:cd:0e:a3:91:
d0:94:d8:2f:4c:6f:55:b7:17:a2:bc:0d:43:3c:98:
9d:10:88:51:23:a5:e3:0d:9d:58:35:3a:da:c5:52:
a4:6f:5f:8b:00:d1:b9:e7:3b:0e:ef:00:d0:ba:be:
d4:13:fd:b6:ff:2b:0c:6c:31:26:9c:62:e9:f3:0d:
e3:05:55:a3:d5:7e:8d:0c:ec:cd:11:8d:44:ba:06:
6b:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:26:EE:A3:CA:46:B6:A4:85:9F:10:63:6E:C5:CF:75:86:EA:7B:63
X509v3 Authority Key Identifier:
keyid:24:50:4C:74:C7:12:70:90:A4:CF:F8:50:01:F4:43:14:9E:12:8E:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JFBMdMcScJCkz_hQAfRDFJ4SjmA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/tybuo8pGtqSFnxBjbsXPdYbqe2M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/396e8b-71d3-46bf-a244-d0622c4cd48d/1/JFBMdMcScJCkz_hQAfRDFJ4SjmA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.56.0/24
91.199.220.0/24
146.19.147.0/24
185.124.33.0-185.124.35.255
Signature Algorithm: sha256WithRSAEncryption
11:ad:8f:eb:26:50:fe:19:b8:82:ec:d7:c1:5d:4a:bb:34:d0:
42:93:57:e3:06:d3:a8:7c:dd:a4:9b:9b:d7:eb:6a:52:e9:25:
59:7c:bf:7e:f3:87:39:25:72:4b:4a:12:fa:eb:ab:3c:24:d0:
4f:d2:e0:a7:a4:13:78:13:04:e2:bd:d2:08:5c:fe:0d:b8:5d:
4f:00:32:9b:c0:9e:73:8f:10:ad:48:4f:2a:be:49:83:11:36:
01:13:b2:87:1c:73:ef:37:23:bd:e0:47:4b:05:6b:04:18:66:
f8:3e:81:12:f3:e2:73:aa:59:75:53:fe:3e:31:35:de:12:71:
f2:bc:80:8b:ac:5e:38:ce:d8:fd:3f:3a:85:fc:a1:23:1e:ae:
c1:0c:44:73:ae:f7:7a:6b:11:39:7a:6f:5a:1d:7f:2d:55:19:
63:5f:3b:c1:24:4d:31:bd:89:5c:1a:0b:79:4f:16:1c:8c:7b:
c4:29:a6:be:cd:8f:f3:46:ad:90:5a:0b:f2:63:f7:a9:c7:d1:
72:ce:b2:47:07:1f:a1:eb:5e:2e:26:e1:c7:e4:18:d8:af:ad:
3f:90:bf:6a:3b:fe:d9:cb:81:8a:fb:f6:f2:29:60:53:25:20:
b6:82:57:7a:cb:f4:06:51:68:4a:f7:4a:57:82:b3:dd:d6:0b:
c2:26:06:8a
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAYzEJUGQbFppKi97KcNnu0ByMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0NTA0Yzc0YzcxMjcwOTBhNGNmZjg1MDAxZjQ0MzE0OWUx
MjhlNjAwHhcNMjQwMTAxMDgzMDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzI2ZWVhM2NhNDZiNmE0ODU5ZjEwNjM2ZWM1Y2Y3NTg2ZWE3YjYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxb4AKvy7AFzefUnWJjFWaUrhIFwI
grlT7VrrBI1FoImpNUuWARPwqGxLuty4SvaO2fNqTYwBtgNCCxOeiDtIYH4VwcsL
OfsS9cTHxy3X8SMM6agHi2R/2w5BfrWD9Ou/i0J94firopcYgYNIv1I6sH08y61g
CH88R1mlFYawnj3f4FHm52APVTkC1+Zu2FvxgxB7KCm3b5hFFVDdrC14lEhy4RAG
dhS+Dhc90wZA7M0Oo5HQlNgvTG9VtxeivA1DPJidEIhRI6XjDZ1YNTraxVKkb1+L
ANG55zsO7wDQur7UE/22/ysMbDEmnGLp8w3jBVWj1X6NDOzNEY1EugZr3wIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFLcm7qPKRrakhZ8QY27Fz3WG6ntjMB8GA1UdIwQY
MBaAFCRQTHTHEnCQpM/4UAH0QxSeEo5gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSkZCTWRNY1NjSkNrel9oUUFmUkRGSjRTam1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8zOTZlOGItNzFkMy00NmJmLWEyNDQt
ZDA2MjJjNGNkNDhkLzEvdHlidW84cEd0cVNGbnhCamJzWFBkWWJxZTJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8zOTZlOGItNzFkMy00NmJmLWEyNDQtZDA2MjJjNGNkNDhk
LzEvSkZCTWRNY1NjSkNrel9oUUFmUkRGSjRTam1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQAWSU4AwQA
W8fcAwQAkhOTMAwDBAC5fCEDBAK5fCAwDQYJKoZIhvcNAQELBQADggEBABGtj+sm
UP4ZuILs18FdSrs00EKTV+MG06h83aSbm9fralLpJVl8v37zhzklcktKEvrrqzwk
0E/S4KekE3gTBOK90ghc/g24XU8AMpvAnnOPEK1ITyq+SYMRNgETsoccc+83I73g
R0sFawQYZvg+gRLz4nOqWXVT/j4xNd4ScfK8gIusXjjO2P0/OoX8oSMersEMRHOu
93prETl6b1odfy1VGWNfO8EkTTG9iVwaC3lPFhyMe8Qppr7Nj/NGrZBaC/Jj96nH
0XLOskcHH6HrXi4m4cfkGNivrT+Qv2o7/tnLgYr79vIpYFMlILaCV3rL9AZRaEr3
SleCs93WC8ImBoo=
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:39:19 2024 by rpki-client on console-fra.rpki-client.org