Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/d12QY9rHhuSDE3GWiNW4CEaBptw.roa
File: d12QY9rHhuSDE3GWiNW4CEaBptw.roa (raw, json)
Hash identifier: aeDGoILf5960kb68xSf2WB8bgtuNw04EtpGWl8P7Dyk=
Subject key identifier: 77:5D:90:63:DA:C7:86:E4:83:13:71:96:88:D5:B8:08:46:81:A6:DC
Certificate issuer: /CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Certificate serial: 018CC50035A983FA116848325B186727199F
Authority key identifier: 25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/d12QY9rHhuSDE3GWiNW4CEaBptw.roa
Signing time: Mon 01 Jan 2024 12:29:34 +0000
ROA not before: Mon 01 Jan 2024 12:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42846
IP address blocks: 89.252.137.0/24 maxlen: 24
89.252.134.0/24 maxlen: 24
89.252.138.0/24 maxlen: 24
31.192.212.0/24 maxlen: 24
89.252.159.0/24 maxlen: 24
31.192.214.0/24 maxlen: 24
159.253.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:35:a9:83:fa:11:68:48:32:5b:18:67:27:19:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=25e4aed3ef72bee3141660d1149e16d079205f3c
Validity
Not Before: Jan 1 12:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=775d9063dac786e48313719688d5b8084681a6dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:80:65:40:b2:36:22:87:9d:f0:57:a6:4f:13:
76:9a:ae:c7:f6:45:2f:14:8c:59:95:e2:04:b7:a7:
62:34:aa:f4:02:d3:f8:e4:eb:36:ac:fe:ab:fd:75:
19:2a:cd:37:7d:3e:c4:67:8f:53:66:bd:58:7a:36:
99:b7:ef:bf:a9:38:c8:8b:9b:fc:4c:18:00:21:8a:
16:f9:30:ac:2b:da:9c:35:e5:e5:37:40:5d:80:c1:
de:b1:75:7b:d8:9c:61:ab:83:b2:78:61:ae:48:5c:
55:f8:4e:aa:d1:aa:27:a9:58:2a:07:0a:c4:4c:51:
92:7c:b3:ff:a5:e1:03:c7:f3:4e:cf:f4:f4:e1:e4:
43:1c:34:72:8b:a4:78:98:26:39:f3:a5:86:ca:9b:
6d:64:b1:9b:51:44:ef:e2:c2:88:1c:a5:fc:ea:26:
16:06:46:67:78:a7:f4:f8:17:39:15:66:d4:2d:ee:
59:b1:76:a2:58:e6:0c:39:d7:3c:88:67:28:8e:85:
1b:13:74:3a:e9:34:f9:b1:05:e8:f9:9f:02:8e:b0:
89:67:79:8c:2b:5d:7b:57:5c:23:70:29:31:58:dc:
5b:9e:ea:c7:cd:a7:c8:b2:e0:a6:73:e4:de:63:3d:
cb:cf:11:61:c9:ac:05:44:c1:9a:9b:86:aa:9a:93:
6f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
77:5D:90:63:DA:C7:86:E4:83:13:71:96:88:D5:B8:08:46:81:A6:DC
X509v3 Authority Key Identifier:
keyid:25:E4:AE:D3:EF:72:BE:E3:14:16:60:D1:14:9E:16:D0:79:20:5F:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/d12QY9rHhuSDE3GWiNW4CEaBptw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/6336d0-9494-46d3-9861-ed3e38f9577f/1/JeSu0-9yvuMUFmDRFJ4W0HkgXzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.212.0/24
31.192.214.0/24
89.252.134.0/24
89.252.137.0-89.252.138.255
89.252.159.0/24
159.253.37.0/24
Signature Algorithm: sha256WithRSAEncryption
93:3c:1e:1b:5d:aa:2e:7a:4e:8d:3d:44:1e:da:5c:20:eb:d3:
ea:e6:bf:22:6c:90:e1:85:a3:06:78:12:d9:11:39:4c:43:5f:
76:b4:22:7a:28:bb:c0:48:60:85:bf:18:03:b6:05:7b:5b:81:
c2:68:41:82:cb:30:5e:0b:62:6d:a2:cd:ce:e3:15:d6:8f:6e:
f3:8d:51:9e:ca:69:cf:ac:01:d1:c8:61:ae:ef:d8:26:9e:ae:
d2:4a:da:2c:a8:6f:96:a2:c8:99:38:a6:5e:f9:b6:21:85:5d:
34:21:36:91:f8:8f:6b:75:38:74:49:ca:e6:7c:5c:dc:17:04:
45:51:45:cb:d7:75:99:4a:03:f4:2c:3e:1e:32:0e:f0:98:52:
ed:ab:6b:02:19:3e:4c:eb:90:81:a0:03:f7:f7:6c:3e:e5:0e:
6e:06:69:81:d6:bf:14:92:33:c4:80:3f:ff:f7:71:53:28:86:
86:8a:d0:6a:1f:50:3b:96:04:dc:e1:19:ad:5e:6e:89:5a:d9:
3a:24:e1:97:f5:13:18:87:8e:71:d0:6d:23:b8:35:eb:1b:9b:
ac:95:35:ec:b9:de:7c:a8:be:38:2b:76:10:a5:a6:9d:4b:32:
fc:fb:e1:ee:12:ba:98:f3:18:06:d0:14:33:52:2e:75:03:be:
6b:02:b9:ac
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAYzFADWpg/oRaEgyWxhnJxmfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1ZTRhZWQzZWY3MmJlZTMxNDE2NjBkMTE0OWUxNmQwNzky
MDVmM2MwHhcNMjQwMTAxMTIyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NzVkOTA2M2RhYzc4NmU0ODMxMzcxOTY4OGQ1YjgwODQ2ODFhNmRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn4BlQLI2Ioed8FemTxN2mq7H9kUv
FIxZleIEt6diNKr0AtP45Os2rP6r/XUZKs03fT7EZ49TZr1YejaZt++/qTjIi5v8
TBgAIYoW+TCsK9qcNeXlN0BdgMHesXV72Jxhq4OyeGGuSFxV+E6q0aonqVgqBwrE
TFGSfLP/peEDx/NOz/T04eRDHDRyi6R4mCY586WGypttZLGbUUTv4sKIHKX86iYW
BkZneKf0+Bc5FWbULe5ZsXaiWOYMOdc8iGcojoUbE3Q66TT5sQXo+Z8CjrCJZ3mM
K117V1wjcCkxWNxbnurHzafIsuCmc+TeYz3LzxFhyawFRMGam4aqmpNv4QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFHddkGPax4bkgxNxlojVuAhGgabcMB8GA1UdIwQY
MBaAFCXkrtPvcr7jFBZg0RSeFtB5IF88MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEt
ZWQzZTM4Zjk1NzdmLzEvZDEyUVk5ckhodVNERTNHV2lOVzRDRWFCcHR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82MzM2ZDAtOTQ5NC00NmQzLTk4NjEtZWQzZTM4Zjk1Nzdm
LzEvSmVTdTAtOXl2dU1VRm1EUkZKNFcwSGtnWHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQAH8DUAwQA
H8DWAwQAWfyGMAwDBABZ/IkDBABZ/IoDBABZ/J8DBACf/SUwDQYJKoZIhvcNAQEL
BQADggEBAJM8Hhtdqi56To09RB7aXCDr0+rmvyJskOGFowZ4EtkROUxDX3a0Inoo
u8BIYIW/GAO2BXtbgcJoQYLLMF4LYm2izc7jFdaPbvONUZ7Kac+sAdHIYa7v2Cae
rtJK2iyob5aiyJk4pl75tiGFXTQhNpH4j2t1OHRJyuZ8XNwXBEVRRcvXdZlKA/Qs
Ph4yDvCYUu2rawIZPkzrkIGgA/f3bD7lDm4GaYHWvxSSM8SAP//3cVMohoaK0Gof
UDuWBNzhGa1ebola2Tok4Zf1ExiHjnHQbSO4Nesbm6yVNey53nyovjgrdhClpp1L
Mvz74e4SupjzGAbQFDNSLnUDvmsCuaw=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:31:18 2024 by rpki-client on console-fra.rpki-client.org