Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/2Vwv6hkUp17iERI-QX-Cy2TVtao.roa
File: 2Vwv6hkUp17iERI-QX-Cy2TVtao.roa (raw, json)
Hash identifier: anyY6g8+EaQqn4z2olsmNc6APWiPcZqNc7qrnOjZnts=
Subject key identifier: D9:5C:2F:EA:19:14:A7:5E:E2:11:12:3E:41:7F:82:CB:64:D5:B5:AA
Certificate issuer: /CN=d7d0674bd6f0cc9175219a328c8b396829f6c0af
Certificate serial: 018D7CE540D27DDAEA1ED2E32260BED0647D
Authority key identifier: D7:D0:67:4B:D6:F0:CC:91:75:21:9A:32:8C:8B:39:68:29:F6:C0:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/19BnS9bwzJF1IZoyjIs5aCn2wK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/2Vwv6hkUp17iERI-QX-Cy2TVtao.roa
Signing time: Tue 06 Feb 2024 05:30:15 +0000
ROA not before: Tue 06 Feb 2024 05:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39370
IP address blocks: 89.147.0.0/23 maxlen: 23
89.147.0.0/24 maxlen: 24
89.147.1.0/24 maxlen: 24
89.147.2.0/24 maxlen: 24
89.147.3.0/24 maxlen: 24
89.147.4.0/24 maxlen: 24
89.147.5.0/24 maxlen: 24
89.147.6.0/23 maxlen: 23
89.147.6.0/24 maxlen: 24
89.147.7.0/24 maxlen: 24
89.147.32.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/19BnS9bwzJF1IZoyjIs5aCn2wK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/19BnS9bwzJF1IZoyjIs5aCn2wK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/19BnS9bwzJF1IZoyjIs5aCn2wK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7c:e5:40:d2:7d:da:ea:1e:d2:e3:22:60:be:d0:64:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7d0674bd6f0cc9175219a328c8b396829f6c0af
Validity
Not Before: Feb 6 05:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d95c2fea1914a75ee211123e417f82cb64d5b5aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:db:1a:11:68:b5:cb:0b:66:ba:64:7d:ef:fc:
ee:a2:f7:2e:41:ba:8a:f7:81:47:34:49:dd:6f:83:
71:97:62:ce:0c:ed:ca:6a:99:b1:48:3b:8c:47:70:
60:cf:bb:54:1b:57:5c:8d:81:8c:97:b5:6a:14:96:
f9:fd:84:7e:7d:31:8b:f6:05:8c:a6:7d:c1:80:cb:
5e:8d:cd:4f:fa:f1:e0:b3:f7:a9:2b:de:46:70:e7:
eb:98:6d:be:bc:73:a0:4f:e8:d4:cd:b6:ba:d1:5c:
75:60:19:28:c8:65:77:75:8d:85:bf:59:cb:8a:b9:
63:49:b0:1f:60:04:8b:c1:92:82:0e:8f:61:55:5c:
c6:3c:1a:09:25:bb:3b:76:1d:3d:36:68:a3:5e:e3:
8e:8c:47:b1:a1:87:3e:e3:8d:4e:49:61:5e:eb:cb:
31:f0:e3:a7:1d:7b:15:ff:d5:99:f9:85:c5:53:ae:
06:69:0d:67:21:24:e4:3a:d7:47:1a:04:f4:eb:48:
e5:d3:bc:9f:0c:2e:62:75:e4:07:78:12:70:40:4d:
1a:9b:8f:0c:89:39:80:b2:db:37:f0:68:9c:a7:65:
b4:5c:8c:16:9d:aa:63:a3:9c:ec:47:53:63:a7:63:
70:41:25:b3:ce:fc:a0:69:aa:2f:f7:42:cc:2c:5e:
02:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:5C:2F:EA:19:14:A7:5E:E2:11:12:3E:41:7F:82:CB:64:D5:B5:AA
X509v3 Authority Key Identifier:
keyid:D7:D0:67:4B:D6:F0:CC:91:75:21:9A:32:8C:8B:39:68:29:F6:C0:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/19BnS9bwzJF1IZoyjIs5aCn2wK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/2Vwv6hkUp17iERI-QX-Cy2TVtao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/19BnS9bwzJF1IZoyjIs5aCn2wK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.147.0.0/21
89.147.32.0/23
Signature Algorithm: sha256WithRSAEncryption
6d:25:a9:53:b3:8e:dd:29:7d:b8:85:24:a1:b7:ea:ff:db:c0:
d4:0b:79:22:32:02:05:4f:22:58:9e:46:82:f1:8a:29:5a:e9:
d1:c5:a6:cf:1b:1e:f0:27:bf:82:b7:06:0d:23:a1:e0:43:59:
75:d3:4e:79:86:e6:8d:70:55:0c:cc:81:74:81:c9:16:ab:e0:
7e:2c:48:7f:c2:a8:dd:d3:11:7c:5a:56:c3:ad:8b:89:6c:73:
a9:1c:99:b6:7c:55:e4:64:21:fb:7c:0a:dc:15:94:55:81:eb:
75:05:f4:11:5b:0c:16:be:90:2d:7d:b0:fd:34:2d:af:23:bf:
e0:7c:9f:4f:55:06:98:79:f9:57:5f:a4:d8:fa:43:dc:c7:02:
13:07:e4:f5:be:92:07:f9:84:1d:d4:2a:36:9a:d8:6f:ea:a7:
5c:97:f0:9b:29:4a:35:0c:72:54:11:36:80:f4:c7:d6:ea:b7:
83:d6:4a:aa:09:b1:74:f5:61:69:24:28:b4:d9:49:88:2c:19:
34:9f:84:a5:01:08:6d:78:cc:d2:9e:98:21:16:5c:c6:9d:8a:
0a:dd:f0:83:92:86:90:7d:6e:73:23:2f:1c:18:aa:58:3f:95:
2e:5a:da:c3:7e:6a:97:7f:17:46:c6:89:aa:1c:af:58:a4:ae:
12:72:a1:94
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY185UDSfdrqHtLjImC+0GR9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZDA2NzRiZDZmMGNjOTE3NTIxOWEzMjhjOGIzOTY4Mjlm
NmMwYWYwHhcNMjQwMjA2MDUzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTVjMmZlYTE5MTRhNzVlZTIxMTEyM2U0MTdmODJjYjY0ZDViNWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl9saEWi1ywtmumR97/zuovcuQbqK
94FHNEndb4Nxl2LODO3KapmxSDuMR3Bgz7tUG1dcjYGMl7VqFJb5/YR+fTGL9gWM
pn3BgMtejc1P+vHgs/epK95GcOfrmG2+vHOgT+jUzba60Vx1YBkoyGV3dY2Fv1nL
irljSbAfYASLwZKCDo9hVVzGPBoJJbs7dh09NmijXuOOjEexoYc+441OSWFe68sx
8OOnHXsV/9WZ+YXFU64GaQ1nISTkOtdHGgT060jl07yfDC5ideQHeBJwQE0am48M
iTmAsts38Gicp2W0XIwWnapjo5zsR1Njp2NwQSWzzvygaaov90LMLF4C1wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNlcL+oZFKde4hESPkF/gstk1bWqMB8GA1UdIwQY
MBaAFNfQZ0vW8MyRdSGaMoyLOWgp9sCvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTlCblM5Ynd6SkYxSVpveWpJczVhQ24yd0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iMzBlNWQtOGIzYi00Mjg3LTliM2It
ODIzMmZhM2U2MjlkLzEvMlZ3djZoa1VwMTdpRVJJLVFYLUN5MlRWdGFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iMzBlNWQtOGIzYi00Mjg3LTliM2ItODIzMmZhM2U2Mjlk
LzEvMTlCblM5Ynd6SkYxSVpveWpJczVhQ24yd0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDWZMAAwQB
WZMgMA0GCSqGSIb3DQEBCwUAA4IBAQBtJalTs47dKX24hSSht+r/28DUC3kiMgIF
TyJYnkaC8YopWunRxabPGx7wJ7+CtwYNI6HgQ1l10055huaNcFUMzIF0gckWq+B+
LEh/wqjd0xF8WlbDrYuJbHOpHJm2fFXkZCH7fArcFZRVget1BfQRWwwWvpAtfbD9
NC2vI7/gfJ9PVQaYeflXX6TY+kPcxwITB+T1vpIH+YQd1Co2mthv6qdcl/CbKUo1
DHJUETaA9MfW6reD1kqqCbF09WFpJCi02UmILBk0n4SlAQhteMzSnpghFlzGnYoK
3fCDkoaQfW5zIy8cGKpYP5UuWtrDfmqXfxdGxomqHK9YpK4ScqGU
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:54:08 2024 by rpki-client on console-fra.rpki-client.org