Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/a481fa-2d0d-4e8e-b2d3-28d8248b5b61/1/rI09pCN7kuf4KxeUHME7aRE01OM.roa
File: rI09pCN7kuf4KxeUHME7aRE01OM.roa (raw, json)
Hash identifier: Vl0E74/6Mut6jeG3f2WJ7Sj/uRUmY5rHUOdIhlTaysw=
Subject key identifier: AC:8D:3D:A4:23:7B:92:E7:F8:2B:17:94:1C:C1:3B:69:11:34:D4:E3
Certificate issuer: /CN=be9f159bab83661fd93ead430c3bdb1eaa7eaf08
Certificate serial: 018CC5DC10ECE589A3B18A0ACC9B52DF5DF9
Authority key identifier: BE:9F:15:9B:AB:83:66:1F:D9:3E:AD:43:0C:3B:DB:1E:AA:7E:AF:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vp8Vm6uDZh_ZPq1DDDvbHqp-rwg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/a481fa-2d0d-4e8e-b2d3-28d8248b5b61/1/rI09pCN7kuf4KxeUHME7aRE01OM.roa
Signing time: Mon 01 Jan 2024 16:29:42 +0000
ROA not before: Mon 01 Jan 2024 16:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39571
IP address blocks: 89.235.64.0/22 maxlen: 22
89.235.64.0/24 maxlen: 24
89.235.67.0/24 maxlen: 24
89.235.65.0/24 maxlen: 24
89.235.66.0/24 maxlen: 24
185.135.28.0/24 maxlen: 24
185.135.31.0/24 maxlen: 24
185.135.28.0/22 maxlen: 22
185.135.29.0/24 maxlen: 24
185.135.30.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/a481fa-2d0d-4e8e-b2d3-28d8248b5b61/1/vp8Vm6uDZh_ZPq1DDDvbHqp-rwg.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/a481fa-2d0d-4e8e-b2d3-28d8248b5b61/1/vp8Vm6uDZh_ZPq1DDDvbHqp-rwg.mft
rsync://rpki.ripe.net/repository/DEFAULT/vp8Vm6uDZh_ZPq1DDDvbHqp-rwg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:10:ec:e5:89:a3:b1:8a:0a:cc:9b:52:df:5d:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=be9f159bab83661fd93ead430c3bdb1eaa7eaf08
Validity
Not Before: Jan 1 16:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac8d3da4237b92e7f82b17941cc13b691134d4e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:3a:fc:bf:97:bc:5b:7c:b3:01:38:73:6c:82:
90:e6:30:52:52:3d:1e:8c:83:b0:b1:d5:46:7b:a1:
c9:08:b3:75:56:8e:14:85:81:85:da:ed:f0:75:fe:
59:9d:bf:c7:a9:ac:2a:3f:db:d1:6b:63:3e:da:29:
3e:ba:b2:03:55:63:89:72:34:59:21:85:7b:21:de:
a9:1b:aa:36:b3:42:dd:4b:a1:2a:73:92:43:c2:b6:
ea:59:0a:23:49:c3:79:33:0e:a4:c3:21:e0:35:77:
e3:4d:f3:a1:ec:a2:7a:bb:26:13:46:39:38:f3:50:
4e:55:c6:88:78:be:33:39:80:eb:f9:15:6c:a7:8c:
03:33:b2:73:c9:84:b7:45:2a:e4:83:f3:5d:3c:9a:
be:4f:3e:a9:32:f4:78:d9:9e:d1:9e:54:2a:a3:41:
99:84:73:9b:42:26:57:d6:26:2a:f2:8e:f5:dc:36:
86:df:57:bd:68:7d:cf:75:cd:f8:e0:24:73:3a:fe:
c8:d9:9c:a0:f3:89:f0:c9:0c:56:ec:43:9a:42:da:
22:26:19:13:ab:4f:8a:39:35:ea:59:78:35:ab:82:
cc:9a:eb:23:7d:d2:01:50:d1:f7:0f:c3:c1:48:f4:
3b:da:df:26:1d:6d:0a:f2:02:2f:fc:6d:c1:69:47:
91:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:8D:3D:A4:23:7B:92:E7:F8:2B:17:94:1C:C1:3B:69:11:34:D4:E3
X509v3 Authority Key Identifier:
keyid:BE:9F:15:9B:AB:83:66:1F:D9:3E:AD:43:0C:3B:DB:1E:AA:7E:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vp8Vm6uDZh_ZPq1DDDvbHqp-rwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a481fa-2d0d-4e8e-b2d3-28d8248b5b61/1/rI09pCN7kuf4KxeUHME7aRE01OM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/a481fa-2d0d-4e8e-b2d3-28d8248b5b61/1/vp8Vm6uDZh_ZPq1DDDvbHqp-rwg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.235.64.0/22
185.135.28.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:ab:fb:6e:78:bf:44:0e:d0:c9:08:c6:d4:a3:4f:f7:ac:71:
ac:e6:67:59:ce:91:b7:5a:40:ce:b5:a7:3b:0a:13:51:c1:25:
b1:d3:f0:03:0b:bb:53:19:f1:09:e3:20:ea:9f:af:33:af:96:
a6:e8:d5:4b:5c:27:59:f3:08:14:db:f6:4e:b3:5f:99:af:1b:
c6:77:ad:5f:27:7f:2e:a6:c1:66:75:8f:6b:ab:f1:bc:e4:e7:
10:90:8b:fd:48:3a:ae:3b:6f:7c:b5:b3:3d:29:0b:0f:1a:ec:
c6:86:10:6c:4d:29:7f:8d:6b:1e:11:ac:1c:89:9a:64:36:2a:
8d:49:9b:6e:56:29:1e:af:4d:13:c1:2e:cb:57:88:02:82:3d:
97:53:c5:0c:7a:0d:3f:85:07:39:ab:5c:b7:4c:6f:af:dc:6f:
bb:60:fa:a1:82:38:70:26:be:d8:04:3b:55:79:ef:08:c0:39:
7b:22:a5:ca:2f:d9:79:98:f3:27:aa:e3:3e:c0:bf:b3:1b:d1:
12:68:ad:4e:80:f3:a5:16:d9:e9:32:d0:46:d4:a8:b3:46:a2:
6d:c9:52:f0:20:cf:50:a4:2f:f0:07:82:61:06:0c:9c:2c:00:
0e:88:8f:71:f9:d0:1e:46:a2:4a:47:81:0b:2b:ad:3a:d7:8f:
55:08:22:e5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzF3BDs5YmjsYoKzJtS3135MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJlOWYxNTliYWI4MzY2MWZkOTNlYWQ0MzBjM2JkYjFlYWE3
ZWFmMDgwHhcNMjQwMTAxMTYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzhkM2RhNDIzN2I5MmU3ZjgyYjE3OTQxY2MxM2I2OTExMzRkNGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqjr8v5e8W3yzAThzbIKQ5jBSUj0e
jIOwsdVGe6HJCLN1Vo4UhYGF2u3wdf5Znb/HqawqP9vRa2M+2ik+urIDVWOJcjRZ
IYV7Id6pG6o2s0LdS6Eqc5JDwrbqWQojScN5Mw6kwyHgNXfjTfOh7KJ6uyYTRjk4
81BOVcaIeL4zOYDr+RVsp4wDM7JzyYS3RSrkg/NdPJq+Tz6pMvR42Z7RnlQqo0GZ
hHObQiZX1iYq8o713DaG31e9aH3Pdc344CRzOv7I2Zyg84nwyQxW7EOaQtoiJhkT
q0+KOTXqWXg1q4LMmusjfdIBUNH3D8PBSPQ72t8mHW0K8gIv/G3BaUeRPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKyNPaQje5Ln+CsXlBzBO2kRNNTjMB8GA1UdIwQY
MBaAFL6fFZurg2Yf2T6tQww72x6qfq8IMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdnA4Vm02dURaaF9aUHExREREdmJIcXAtcndnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9hNDgxZmEtMmQwZC00ZThlLWIyZDMt
MjhkODI0OGI1YjYxLzEvckkwOXBDTjdrdWY0S3hlVUhNRTdhUkUwMU9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9hNDgxZmEtMmQwZC00ZThlLWIyZDMtMjhkODI0OGI1YjYx
LzEvdnA4Vm02dURaaF9aUHExREREdmJIcXAtcndnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWetAAwQC
uYccMA0GCSqGSIb3DQEBCwUAA4IBAQB6q/tueL9EDtDJCMbUo0/3rHGs5mdZzpG3
WkDOtac7ChNRwSWx0/ADC7tTGfEJ4yDqn68zr5am6NVLXCdZ8wgU2/ZOs1+ZrxvG
d61fJ38upsFmdY9rq/G85OcQkIv9SDquO298tbM9KQsPGuzGhhBsTSl/jWseEawc
iZpkNiqNSZtuViker00TwS7LV4gCgj2XU8UMeg0/hQc5q1y3TG+v3G+7YPqhgjhw
Jr7YBDtVee8IwDl7IqXKL9l5mPMnquM+wL+zG9ESaK1OgPOlFtnpMtBG1KizRqJt
yVLwIM9QpC/wB4JhBgycLAAOiI9x+dAeRqJKR4ELK606149VCCLl
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:27:39 2024 by rpki-client on console-fra.rpki-client.org