Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/MJys5jBJuCI4irsQ6wpnPeU1W-4.roa
File: MJys5jBJuCI4irsQ6wpnPeU1W-4.roa (raw, json)
Hash identifier: uKoZZ4/RjrNfDIgoPkO12BK8cyrZZshyp/WVdQL5T2Q=
Subject key identifier: 30:9C:AC:E6:30:49:B8:22:38:8A:BB:10:EB:0A:67:3D:E5:35:5B:EE
Certificate issuer: /CN=464952bc165441ec6e2e2010c933dc830f361731
Certificate serial: 018EBE9D7018F289CAC7CA486A2C13F0C147
Authority key identifier: 46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/MJys5jBJuCI4irsQ6wpnPeU1W-4.roa
Signing time: Mon 08 Apr 2024 16:49:32 +0000
ROA not before: Mon 08 Apr 2024 16:49:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 58074
IP address blocks: 89.37.139.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.mft
rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:be:9d:70:18:f2:89:ca:c7:ca:48:6a:2c:13:f0:c1:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=464952bc165441ec6e2e2010c933dc830f361731
Validity
Not Before: Apr 8 16:49:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=309cace63049b822388abb10eb0a673de5355bee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6d:ae:b7:27:b8:fe:f9:35:eb:6d:57:ae:3f:
87:b1:21:ac:c1:4a:ce:7d:1d:3b:f0:23:80:98:2d:
f2:c5:a6:c0:39:b1:78:84:ce:2c:94:2e:01:73:fd:
8e:3d:17:56:a9:3e:41:f0:80:91:a5:b6:21:8b:25:
69:ab:33:2e:34:4b:06:35:fd:1e:96:7a:b0:4b:44:
53:9e:28:96:93:d2:86:eb:2f:5e:f4:ba:fa:7b:96:
75:9b:92:ca:82:c6:a6:2f:13:72:e8:b4:18:88:bf:
69:ac:53:f0:28:a1:de:bc:95:71:12:ca:94:8b:70:
65:5b:b3:89:40:b0:84:2e:e0:5d:23:4d:d1:a8:2a:
f6:01:b7:26:f8:6e:ad:d4:32:58:81:34:3b:79:cb:
b7:be:aa:d0:ab:ef:c1:21:76:4b:00:b1:7f:61:42:
92:8a:eb:ae:8f:d9:85:bf:fe:04:d3:43:03:0e:79:
8b:4f:22:66:9f:bd:c8:8a:11:a3:8d:4d:67:e9:66:
08:3b:6d:f1:22:01:e2:0c:fe:a8:7b:38:9d:39:85:
fd:ef:05:47:c2:e4:70:96:9a:44:4f:e7:17:55:02:
41:17:d8:05:20:df:6c:ca:25:32:89:09:13:ef:75:
e8:8c:df:d0:9f:dd:11:02:85:d4:64:b6:1d:22:b5:
24:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:9C:AC:E6:30:49:B8:22:38:8A:BB:10:EB:0A:67:3D:E5:35:5B:EE
X509v3 Authority Key Identifier:
keyid:46:49:52:BC:16:54:41:EC:6E:2E:20:10:C9:33:DC:83:0F:36:17:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RklSvBZUQexuLiAQyTPcgw82FzE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/MJys5jBJuCI4irsQ6wpnPeU1W-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/01058a-4a82-4818-972d-842858122bbc/1/RklSvBZUQexuLiAQyTPcgw82FzE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.139.0/24
Signature Algorithm: sha256WithRSAEncryption
54:87:b4:b3:5b:e9:aa:7b:61:0f:d7:b4:f9:41:9c:b7:2c:7f:
e7:6f:1f:e6:e3:07:18:5c:0b:32:4a:a0:28:66:a4:cf:b4:e4:
aa:9b:f3:db:73:39:b6:e8:57:98:f6:c0:a9:31:7b:a4:bf:43:
9a:55:58:7c:af:17:e9:e7:1d:79:50:07:60:60:d0:d2:c6:a6:
12:99:a3:3f:af:02:96:dc:db:c8:17:4b:53:c5:f9:88:92:26:
bc:b8:03:1f:80:51:6d:c6:50:3b:79:a0:e1:da:d9:14:d4:78:
11:b0:0c:a9:78:48:23:71:cd:5c:23:58:04:75:33:e8:04:e4:
7b:84:ea:be:ff:f6:ac:09:1e:8c:2a:9f:79:02:e0:a2:c5:b3:
95:c4:ac:cf:b5:bc:df:ec:80:d4:c3:b3:37:28:54:cc:0c:2d:
17:7a:ca:36:04:46:eb:77:bd:b1:ea:e0:fd:82:e6:6f:d9:60:
f4:8d:1f:c0:0c:9c:46:d0:bd:3e:53:10:73:e9:3c:a7:74:83:
23:20:2c:f7:24:8c:5f:00:4c:5a:cf:72:b2:60:78:67:cc:77:
6e:09:07:3d:59:54:fb:16:c8:32:9d:72:a0:1e:e3:c7:bc:b0:
0c:ff:3f:b7:33:9f:30:85:90:42:5f:42:38:f3:56:f5:08:81:
e8:1a:d8:e1
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY6+nXAY8onKx8pIaiwT8MFHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ2NDk1MmJjMTY1NDQxZWM2ZTJlMjAxMGM5MzNkYzgzMGYz
NjE3MzEwHhcNMjQwNDA4MTY0OTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMDljYWNlNjMwNDliODIyMzg4YWJiMTBlYjBhNjczZGU1MzU1YmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApG2utye4/vk1621Xrj+HsSGswUrO
fR078COAmC3yxabAObF4hM4slC4Bc/2OPRdWqT5B8ICRpbYhiyVpqzMuNEsGNf0e
lnqwS0RTniiWk9KG6y9e9Lr6e5Z1m5LKgsamLxNy6LQYiL9prFPwKKHevJVxEsqU
i3BlW7OJQLCELuBdI03RqCr2Abcm+G6t1DJYgTQ7ecu3vqrQq+/BIXZLALF/YUKS
iuuuj9mFv/4E00MDDnmLTyJmn73IihGjjU1n6WYIO23xIgHiDP6oezidOYX97wVH
wuRwlppET+cXVQJBF9gFIN9syiUyiQkT73XojN/Qn90RAoXUZLYdIrUkvwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDCcrOYwSbgiOIq7EOsKZz3lNVvuMB8GA1UdIwQY
MBaAFEZJUrwWVEHsbi4gEMkz3IMPNhcxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQt
ODQyODU4MTIyYmJjLzEvTUp5czVqQkp1Q0k0aXJzUTZ3cG5QZVUxVy00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8wMTA1OGEtNGE4Mi00ODE4LTk3MmQtODQyODU4MTIyYmJj
LzEvUmtsU3ZCWlVRZXh1TGlBUXlUUGNndzgyRnpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSWLMA0G
CSqGSIb3DQEBCwUAA4IBAQBUh7SzW+mqe2EP17T5QZy3LH/nbx/m4wcYXAsySqAo
ZqTPtOSqm/Pbczm26FeY9sCpMXukv0OaVVh8rxfp5x15UAdgYNDSxqYSmaM/rwKW
3NvIF0tTxfmIkia8uAMfgFFtxlA7eaDh2tkU1HgRsAypeEgjcc1cI1gEdTPoBOR7
hOq+//asCR6MKp95AuCixbOVxKzPtbzf7IDUw7M3KFTMDC0Xeso2BEbrd72x6uD9
guZv2WD0jR/ADJxG0L0+UxBz6TyndIMjICz3JIxfAExaz3KyYHhnzHduCQc9WVT7
FsgynXKgHuPHvLAM/z+3M58whZBCX0I481b1CIHoGtjh
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:18:42 2024 by rpki-client on console-fra.rpki-client.org