Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/vWY2Mr7NkHcvEUMCrzd1pEcHhcw.roa
File: vWY2Mr7NkHcvEUMCrzd1pEcHhcw.roa (raw, json)
Hash identifier: jAXf66ueFkF0olo13+XPUDHqzao+OpFBqlH8ctTHIic=
Subject key identifier: BD:66:36:32:BE:CD:90:77:2F:11:43:02:AF:37:75:A4:47:07:85:CC
Certificate issuer: /CN=d7d0674bd6f0cc9175219a328c8b396829f6c0af
Certificate serial: 0192BE9129DD39C02B169B9CBBCD27294284
Authority key identifier: D7:D0:67:4B:D6:F0:CC:91:75:21:9A:32:8C:8B:39:68:29:F6:C0:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/19BnS9bwzJF1IZoyjIs5aCn2wK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/vWY2Mr7NkHcvEUMCrzd1pEcHhcw.roa
Signing time: Thu 24 Oct 2024 12:47:17 +0000
ROA not before: Thu 24 Oct 2024 12:47:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39370
IP address blocks: 89.147.0.0/23 maxlen: 23
89.147.0.0/24 maxlen: 24
89.147.1.0/24 maxlen: 24
89.147.2.0/24 maxlen: 24
89.147.3.0/24 maxlen: 24
89.147.4.0/24 maxlen: 24
89.147.5.0/24 maxlen: 24
89.147.6.0/23 maxlen: 23
89.147.6.0/24 maxlen: 24
89.147.7.0/24 maxlen: 24
89.147.32.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/19BnS9bwzJF1IZoyjIs5aCn2wK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/19BnS9bwzJF1IZoyjIs5aCn2wK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/19BnS9bwzJF1IZoyjIs5aCn2wK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:be:91:29:dd:39:c0:2b:16:9b:9c:bb:cd:27:29:42:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d7d0674bd6f0cc9175219a328c8b396829f6c0af
Validity
Not Before: Oct 24 12:47:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bd663632becd90772f114302af3775a4470785cc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:e7:8b:19:10:ce:fe:b3:a9:5e:6d:0e:36:a1:
66:66:bd:49:75:dd:5c:d2:4c:d3:d6:f9:d0:63:5c:
57:e6:40:1a:e3:b7:6c:cc:c7:e5:bb:8d:4e:2d:4e:
ab:2b:aa:49:05:39:b9:51:b2:30:2e:45:75:b5:6c:
f9:94:10:48:35:23:54:ac:05:18:6d:cc:cb:73:29:
9d:6f:3f:57:41:24:16:05:c9:a6:64:77:6a:05:42:
87:3f:07:4c:e4:1f:06:44:92:11:19:fa:f7:19:ba:
17:3a:19:d1:bf:65:51:3c:8e:6b:4c:48:e1:4f:ef:
92:33:90:32:e7:e2:7b:3c:7b:75:1e:21:a1:b4:41:
1e:ab:32:a2:96:81:7b:30:a6:7d:d0:37:3e:52:52:
c4:83:2f:9b:67:f9:d2:97:4a:51:1c:57:b0:e3:9c:
73:01:a0:5e:44:34:0c:b8:3a:fb:ec:e0:b6:63:18:
68:89:54:c7:5c:a2:7c:2c:3f:dd:d8:ea:52:b3:e7:
16:ba:d0:92:ad:24:6b:8d:b1:77:99:e4:e3:10:ac:
09:d7:c3:30:58:69:1e:a0:61:3d:fc:d9:40:9b:50:
aa:3e:1d:a9:2d:cc:81:d3:73:df:93:08:37:82:07:
79:ab:c9:b5:92:46:0f:6f:5e:c4:ef:e1:73:53:6a:
7f:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:66:36:32:BE:CD:90:77:2F:11:43:02:AF:37:75:A4:47:07:85:CC
X509v3 Authority Key Identifier:
keyid:D7:D0:67:4B:D6:F0:CC:91:75:21:9A:32:8C:8B:39:68:29:F6:C0:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/19BnS9bwzJF1IZoyjIs5aCn2wK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/vWY2Mr7NkHcvEUMCrzd1pEcHhcw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/b30e5d-8b3b-4287-9b3b-8232fa3e629d/1/19BnS9bwzJF1IZoyjIs5aCn2wK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.147.0.0/21
89.147.32.0/23
Signature Algorithm: sha256WithRSAEncryption
3f:8b:2e:44:6f:42:5b:b8:18:d3:e2:9b:87:92:fa:d9:df:a3:
e9:5d:8a:cb:ed:8a:94:35:23:d9:7e:47:e2:7d:28:72:a0:68:
3c:e2:86:32:2e:ed:cf:b9:66:dc:c4:b7:4f:85:44:58:6a:b6:
56:ac:15:24:c0:cf:90:7a:59:d3:f9:2a:85:e3:1c:ad:33:f7:
6d:2d:c3:1c:35:5e:f2:9e:19:b6:3e:c5:c6:dc:9c:19:e4:82:
91:92:b2:61:6f:5f:2e:8e:12:9c:30:cd:53:f5:ee:86:fd:ea:
a5:62:c8:db:8b:ae:db:6f:b7:e0:8f:07:b9:72:df:18:29:d9:
3e:56:e0:31:90:d9:d6:6e:82:b7:7d:46:8d:dc:55:52:8e:5c:
f5:44:1f:a1:a9:66:ed:b3:02:5d:6b:cf:00:bf:46:e2:06:bb:
05:2a:12:f6:12:74:ed:0e:11:95:06:15:6d:27:e5:2f:04:82:
e2:2f:41:21:29:f0:cc:d9:87:da:bc:31:bc:9a:4f:f0:d5:1a:
59:2f:74:1c:8a:31:75:ea:52:12:07:35:f8:15:5f:ab:b2:fc:
e4:5a:59:8b:6f:63:13:9f:dd:63:37:a5:7f:ef:46:70:36:43:
ef:57:4d:1b:f1:21:fd:5e:83:04:62:81:c1:ef:8a:6b:c8:b7:
c6:dc:c3:55
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZK+kSndOcArFpucu80nKUKEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3ZDA2NzRiZDZmMGNjOTE3NTIxOWEzMjhjOGIzOTY4Mjlm
NmMwYWYwHhcNMjQxMDI0MTI0NzE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDY2MzYzMmJlY2Q5MDc3MmYxMTQzMDJhZjM3NzVhNDQ3MDc4NWNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyeeLGRDO/rOpXm0ONqFmZr1Jdd1c
0kzT1vnQY1xX5kAa47dszMflu41OLU6rK6pJBTm5UbIwLkV1tWz5lBBINSNUrAUY
bczLcymdbz9XQSQWBcmmZHdqBUKHPwdM5B8GRJIRGfr3GboXOhnRv2VRPI5rTEjh
T++SM5Ay5+J7PHt1HiGhtEEeqzKiloF7MKZ90Dc+UlLEgy+bZ/nSl0pRHFew45xz
AaBeRDQMuDr77OC2YxhoiVTHXKJ8LD/d2OpSs+cWutCSrSRrjbF3meTjEKwJ18Mw
WGkeoGE9/NlAm1CqPh2pLcyB03Pfkwg3ggd5q8m1kkYPb17E7+FzU2p/GwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL1mNjK+zZB3LxFDAq83daRHB4XMMB8GA1UdIwQY
MBaAFNfQZ0vW8MyRdSGaMoyLOWgp9sCvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTlCblM5Ynd6SkYxSVpveWpJczVhQ24yd0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9iMzBlNWQtOGIzYi00Mjg3LTliM2It
ODIzMmZhM2U2MjlkLzEvdldZMk1yN05rSGN2RVVNQ3J6ZDFwRWNIaGN3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9iMzBlNWQtOGIzYi00Mjg3LTliM2ItODIzMmZhM2U2Mjlk
LzEvMTlCblM5Ynd6SkYxSVpveWpJczVhQ24yd0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDWZMAAwQB
WZMgMA0GCSqGSIb3DQEBCwUAA4IBAQA/iy5Eb0JbuBjT4puHkvrZ36PpXYrL7YqU
NSPZfkfifShyoGg84oYyLu3PuWbcxLdPhURYarZWrBUkwM+QelnT+SqF4xytM/dt
LcMcNV7ynhm2PsXG3JwZ5IKRkrJhb18ujhKcMM1T9e6G/eqlYsjbi67bb7fgjwe5
ct8YKdk+VuAxkNnWboK3fUaN3FVSjlz1RB+hqWbtswJda88Av0biBrsFKhL2EnTt
DhGVBhVtJ+UvBILiL0EhKfDM2YfavDG8mk/w1RpZL3QcijF16lISBzX4FV+rsvzk
WlmLb2MTn91jN6V/70ZwNkPvV00b8SH9XoMEYoHB74pryLfG3MNV
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:04:36 2024 by rpki-client on console-fra.rpki-client.org