Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/e90f51-89aa-49eb-9ea6-fbe8bc5a29fa/1/jF--zQgHdIkVOLE4zfjP0pth92o.roa
File: jF--zQgHdIkVOLE4zfjP0pth92o.roa (raw, json)
Hash identifier: zGquy5ykAdu2cu8VYoYyjXdxbUFC2JptCxZ4kwElY8Y=
Subject key identifier: 8C:5F:BE:CD:08:07:74:89:15:38:B1:38:CD:F8:CF:D2:9B:61:F7:6A
Certificate issuer: /CN=89aed2cff8ce31b334f83a0b305feef01d71da75
Certificate serial: 018CC871469B64DBD72D4520269B076DB7AD
Authority key identifier: 89:AE:D2:CF:F8:CE:31:B3:34:F8:3A:0B:30:5F:EE:F0:1D:71:DA:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/e90f51-89aa-49eb-9ea6-fbe8bc5a29fa/1/jF--zQgHdIkVOLE4zfjP0pth92o.roa
Signing time: Tue 02 Jan 2024 04:31:55 +0000
ROA not before: Tue 02 Jan 2024 04:31:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31655
IP address blocks: 92.207.0.0/16 maxlen: 24
79.74.0.0/16 maxlen: 24
151.2.128.0/17 maxlen: 24
2a04:4440::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/e90f51-89aa-49eb-9ea6-fbe8bc5a29fa/1/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/e90f51-89aa-49eb-9ea6-fbe8bc5a29fa/1/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 16:02:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:71:46:9b:64:db:d7:2d:45:20:26:9b:07:6d:b7:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89aed2cff8ce31b334f83a0b305feef01d71da75
Validity
Not Before: Jan 2 04:31:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8c5fbecd080774891538b138cdf8cfd29b61f76a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:84:a0:cd:33:15:d7:78:58:91:1c:ee:13:e0:
17:40:a4:95:a1:7f:31:26:ee:8d:10:62:24:b5:1c:
9b:33:e6:69:e2:15:b6:c8:33:08:f1:5b:cd:f4:a2:
9b:54:c3:cc:7b:52:ff:f6:04:47:55:04:44:8c:7b:
83:8d:af:f9:e8:0f:3e:0d:fd:17:eb:50:a5:29:cc:
40:fe:64:64:a8:1d:85:27:55:69:4a:4c:e7:f3:e7:
1e:1e:43:39:31:c5:d8:94:fb:4f:58:29:2f:db:a8:
51:7f:59:65:ad:2f:c7:41:3e:ca:d2:84:65:f6:dd:
20:13:16:7a:d8:e3:69:93:00:a9:61:49:d4:53:1f:
33:bc:19:fb:ac:a7:de:1b:49:de:7b:58:ed:d0:07:
ab:3d:65:bd:60:c3:77:83:5f:72:84:78:bc:27:1a:
1f:30:64:f9:ab:c2:a8:16:16:2a:f9:61:40:9c:88:
fd:b8:23:89:36:f2:41:08:84:38:7b:10:3f:eb:66:
60:8e:30:43:cd:ed:9f:fd:8b:d8:7e:16:94:0c:63:
d2:c8:4f:5e:75:f4:43:d1:58:5b:36:88:80:ce:5c:
fb:ba:e1:5a:e9:ba:83:ca:e0:c2:75:bf:ee:f2:0e:
1f:af:f4:fd:5c:85:b3:25:db:dc:0d:95:88:34:32:
b9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:5F:BE:CD:08:07:74:89:15:38:B1:38:CD:F8:CF:D2:9B:61:F7:6A
X509v3 Authority Key Identifier:
keyid:89:AE:D2:CF:F8:CE:31:B3:34:F8:3A:0B:30:5F:EE:F0:1D:71:DA:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e90f51-89aa-49eb-9ea6-fbe8bc5a29fa/1/jF--zQgHdIkVOLE4zfjP0pth92o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/e90f51-89aa-49eb-9ea6-fbe8bc5a29fa/1/ia7Sz_jOMbM0-DoLMF_u8B1x2nU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.74.0.0/16
92.207.0.0/16
151.2.128.0/17
IPv6:
2a04:4440::/29
Signature Algorithm: sha256WithRSAEncryption
81:32:51:85:dd:b5:79:c9:21:0b:df:c8:b2:c3:85:8d:11:ae:
a6:20:83:12:54:79:fe:c8:30:e1:02:20:02:fa:b8:e3:cc:68:
f0:f1:0f:12:3d:0f:20:0a:27:cc:17:4d:7a:ed:84:eb:ef:6f:
bb:48:3d:bb:ab:a6:40:dc:f5:6a:ec:bb:8e:76:1e:73:ee:d1:
11:7f:9a:8a:15:66:92:7c:53:96:82:48:1d:a3:54:39:0d:fa:
99:27:b8:8a:f0:9b:ac:b6:c1:b6:57:ea:e1:4b:dd:d4:d6:96:
ef:3b:df:6e:55:0b:7f:a1:5f:5a:a5:af:51:0d:84:0a:df:cf:
77:f6:34:ab:87:54:07:1f:9b:64:36:8b:e2:12:83:33:90:52:
68:74:c3:da:3b:4c:20:84:69:de:d7:b4:51:91:77:92:7f:96:
f3:5d:76:c5:96:07:8e:ae:1f:21:3d:73:1e:e3:58:e7:76:7c:
5f:1a:5b:fc:d7:c3:38:4e:62:ec:ae:e7:a5:12:00:f4:d1:ec:
92:c2:8a:e4:2c:48:2e:41:ee:5a:ee:3e:99:57:a3:9d:bc:76:
f4:db:2e:99:f5:02:a7:27:71:8c:78:04:a7:3c:7c:a6:0c:6a:
0b:92:34:93:2f:4b:20:d7:67:a6:6a:35:50:2d:01:1c:30:c5:
dd:07:08:70
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAYzIcUabZNvXLUUgJpsHbbetMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5YWVkMmNmZjhjZTMxYjMzNGY4M2EwYjMwNWZlZWYwMWQ3
MWRhNzUwHhcNMjQwMTAyMDQzMTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzVmYmVjZDA4MDc3NDg5MTUzOGIxMzhjZGY4Y2ZkMjliNjFmNzZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp4SgzTMV13hYkRzuE+AXQKSVoX8x
Ju6NEGIktRybM+Zp4hW2yDMI8VvN9KKbVMPMe1L/9gRHVQREjHuDja/56A8+Df0X
61ClKcxA/mRkqB2FJ1VpSkzn8+ceHkM5McXYlPtPWCkv26hRf1llrS/HQT7K0oRl
9t0gExZ62ONpkwCpYUnUUx8zvBn7rKfeG0nee1jt0AerPWW9YMN3g19yhHi8Jxof
MGT5q8KoFhYq+WFAnIj9uCOJNvJBCIQ4exA/62ZgjjBDze2f/YvYfhaUDGPSyE9e
dfRD0VhbNoiAzlz7uuFa6bqDyuDCdb/u8g4fr/T9XIWzJdvcDZWINDK5iwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFIxfvs0IB3SJFTixOM34z9KbYfdqMB8GA1UdIwQY
MBaAFImu0s/4zjGzNPg6CzBf7vAdcdp1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaWE3U3pfak9NYk0wLURvTE1GX3U4QjF4Mm5VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lOTBmNTEtODlhYS00OWViLTllYTYt
ZmJlOGJjNWEyOWZhLzEvakYtLXpRZ0hkSWtWT0xFNHpmalAwcHRoOTJvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9lOTBmNTEtODlhYS00OWViLTllYTYtZmJlOGJjNWEyOWZh
LzEvaWE3U3pfak9NYk0wLURvTE1GX3U4QjF4Mm5VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAWBAIAATAQAwMAT0oDAwBc
zwMEB5cCgDANBAIAAjAHAwUDKgREQDANBgkqhkiG9w0BAQsFAAOCAQEAgTJRhd21
eckhC9/IssOFjRGupiCDElR5/sgw4QIgAvq448xo8PEPEj0PIAonzBdNeu2E6+9v
u0g9u6umQNz1auy7jnYec+7REX+aihVmknxTloJIHaNUOQ36mSe4ivCbrLbBtlfq
4Uvd1NaW7zvfblULf6FfWqWvUQ2ECt/Pd/Y0q4dUBx+bZDaL4hKDM5BSaHTD2jtM
IIRp3te0UZF3kn+W8112xZYHjq4fIT1zHuNY53Z8Xxpb/NfDOE5i7K7npRIA9NHs
ksKK5CxILkHuWu4+mVejnbx29NsumfUCpydxjHgEpzx8pgxqC5I0ky9LINdnpmo1
UC0BHDDF3QcIcA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:23:36 2024 by rpki-client on console-ams.rpki-client.org