Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/koxE91jDUcH11HZ4rUTPe6WGQTo.roa
File: koxE91jDUcH11HZ4rUTPe6WGQTo.roa (raw, json)
Hash identifier: k+HvecOxbIMr1GsaAz2iC57/oVdKrwOFd+2hsRiTGwk=
Subject key identifier: 92:8C:44:F7:58:C3:51:C1:F5:D4:76:78:AD:44:CF:7B:A5:86:41:3A
Certificate issuer: /CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Certificate serial: 018CCEC9DF7D3B51809B74D5558C6A15B8DA
Authority key identifier: 7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/koxE91jDUcH11HZ4rUTPe6WGQTo.roa
Signing time: Wed 03 Jan 2024 10:06:25 +0000
ROA not before: Wed 03 Jan 2024 10:06:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212642
IP address blocks: 89.221.111.0/24 maxlen: 24
2a00:1e1f:ff00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.mft
rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ce:c9:df:7d:3b:51:80:9b:74:d5:55:8c:6a:15:b8:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7dc4acedcb86cddfed7f6de8cadfca00469bbc8e
Validity
Not Before: Jan 3 10:06:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=928c44f758c351c1f5d47678ad44cf7ba586413a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:32:2b:81:32:6a:a9:94:53:f7:ea:44:c8:4c:
0d:62:ec:a5:39:fb:0b:36:62:f2:a2:13:64:49:6b:
bf:0c:d7:de:64:f5:1c:c0:61:cf:5c:b6:38:00:04:
9b:3a:b3:b7:74:18:19:69:ec:ee:ef:c8:f1:1d:7a:
aa:1d:84:65:d3:b4:13:4a:a2:32:e0:0c:3e:d1:dc:
0a:eb:6c:20:05:dc:1c:27:84:a0:28:e9:e8:ea:b6:
33:36:4b:da:3b:06:79:e2:2f:7e:42:19:34:81:29:
02:8e:55:41:bc:f9:e8:72:ac:0b:35:1e:30:0b:da:
6d:23:59:6f:0c:77:d9:91:13:ea:3c:c9:43:34:fa:
49:b6:4a:a4:35:c1:2d:98:b6:2c:5c:d2:87:de:df:
12:d4:05:56:9d:0e:23:58:d6:cc:9d:64:0b:9d:27:
19:40:82:74:fd:d7:4d:1a:8e:9e:f1:87:d4:0a:b9:
ef:43:9e:7a:c1:32:3a:9d:84:d0:fc:c7:9c:e9:71:
08:23:0e:bd:e2:e6:1c:08:c9:5f:f3:63:96:42:d6:
37:6b:47:21:fa:a0:b0:a4:25:91:d1:28:8c:c9:a2:
ba:5e:fb:bb:52:bd:27:9c:06:29:74:63:bc:a2:88:
2c:97:0f:83:db:62:f7:06:9c:56:74:c6:98:aa:f8:
08:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:8C:44:F7:58:C3:51:C1:F5:D4:76:78:AD:44:CF:7B:A5:86:41:3A
X509v3 Authority Key Identifier:
keyid:7D:C4:AC:ED:CB:86:CD:DF:ED:7F:6D:E8:CA:DF:CA:00:46:9B:BC:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fcSs7cuGzd_tf23oyt_KAEabvI4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/koxE91jDUcH11HZ4rUTPe6WGQTo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/3d2a14-6b79-4689-9579-39480285a948/1/fcSs7cuGzd_tf23oyt_KAEabvI4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.221.111.0/24
IPv6:
2a00:1e1f:ff00::/40
Signature Algorithm: sha256WithRSAEncryption
56:08:e8:02:d7:0f:eb:0b:83:23:da:bd:e9:b8:44:c2:ea:98:
2b:78:7a:b2:0e:7e:8a:59:33:c2:3c:b6:3a:48:45:07:c9:10:
eb:f5:ab:67:66:69:6d:35:13:d1:d0:8f:3a:34:fa:9f:7f:d6:
de:90:04:1e:25:53:74:8b:15:04:ff:5e:5c:58:e8:21:d6:59:
d1:60:59:4e:30:4f:48:5e:23:45:2c:06:b8:e5:47:2b:51:2f:
ed:b7:4d:94:5f:8f:1f:87:8f:41:4c:86:7c:21:92:fe:0c:8c:
9f:14:e9:24:c5:1a:ed:bd:a8:34:6a:ca:2d:22:5d:85:4f:f8:
85:48:1a:e9:5d:ba:30:c0:af:63:46:ba:83:bf:69:51:02:a5:
ae:0a:98:d4:90:92:05:bf:99:0c:c7:85:c2:6a:9c:b7:0a:d2:
f2:72:e9:31:8b:bb:5c:cb:27:2c:9a:a6:19:74:86:4b:8b:e1:
f0:e6:b2:fb:cf:58:12:ad:e2:4a:aa:d1:1f:4c:17:cd:4d:46:
f8:8e:6c:b9:b4:25:82:56:ab:e0:77:f8:0a:51:87:7a:c2:54:
01:3c:5d:86:31:68:6d:bb:d9:98:f8:9b:a4:ff:2a:81:61:c5:
d5:3f:af:71:7b:d5:73:37:62:91:d8:30:75:76:79:32:87:b0:
bc:ab:bb:b5
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzOyd99O1GAm3TVVYxqFbjaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYzRhY2VkY2I4NmNkZGZlZDdmNmRlOGNhZGZjYTAwNDY5
YmJjOGUwHhcNMjQwMTAzMTAwNjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjhjNDRmNzU4YzM1MWMxZjVkNDc2NzhhZDQ0Y2Y3YmE1ODY0MTNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszIrgTJqqZRT9+pEyEwNYuylOfsL
NmLyohNkSWu/DNfeZPUcwGHPXLY4AASbOrO3dBgZaezu78jxHXqqHYRl07QTSqIy
4Aw+0dwK62wgBdwcJ4SgKOno6rYzNkvaOwZ54i9+Qhk0gSkCjlVBvPnocqwLNR4w
C9ptI1lvDHfZkRPqPMlDNPpJtkqkNcEtmLYsXNKH3t8S1AVWnQ4jWNbMnWQLnScZ
QIJ0/ddNGo6e8YfUCrnvQ556wTI6nYTQ/Mec6XEIIw694uYcCMlf82OWQtY3a0ch
+qCwpCWR0SiMyaK6Xvu7Ur0nnAYpdGO8oogslw+D22L3BpxWdMaYqvgIHQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJKMRPdYw1HB9dR2eK1Ez3ulhkE6MB8GA1UdIwQY
MBaAFH3ErO3Lhs3f7X9t6MrfygBGm7yOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1Nzkt
Mzk0ODAyODVhOTQ4LzEva294RTkxakRVY0gxMUhaNHJVVFBlNldHUVRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8zZDJhMTQtNmI3OS00Njg5LTk1NzktMzk0ODAyODVhOTQ4
LzEvZmNTczdjdUd6ZF90ZjIzb3l0X0tBRWFidkk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQAWd1vMA4E
AgACMAgDBgAqAB4f/zANBgkqhkiG9w0BAQsFAAOCAQEAVgjoAtcP6wuDI9q96bhE
wuqYK3h6sg5+ilkzwjy2OkhFB8kQ6/WrZ2ZpbTUT0dCPOjT6n3/W3pAEHiVTdIsV
BP9eXFjoIdZZ0WBZTjBPSF4jRSwGuOVHK1Ev7bdNlF+PH4ePQUyGfCGS/gyMnxTp
JMUa7b2oNGrKLSJdhU/4hUga6V26MMCvY0a6g79pUQKlrgqY1JCSBb+ZDMeFwmqc
twrS8nLpMYu7XMsnLJqmGXSGS4vh8Oay+89YEq3iSqrRH0wXzU1G+I5subQlglar
4Hf4ClGHesJUATxdhjFobbvZmPibpP8qgWHF1T+vcXvVczdikdgwdXZ5MoewvKu7
tQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:53 2024 by rpki-client on console-ams.rpki-client.org