Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/9v9GYPU_n308bRHgwF18VpGbH_I.roa
File: 9v9GYPU_n308bRHgwF18VpGbH_I.roa (raw, json)
Hash identifier: 7d+5abQiDyLcSBDw7HyfBr0O+OU721RBOAZAyrCMi1A=
Subject key identifier: F6:FF:46:60:F5:3F:9F:7D:3C:6D:11:E0:C0:5D:7C:56:91:9B:1F:F2
Certificate issuer: /CN=c6e1c8c65c86e8d26ddbeb68658a39a7a8e27866
Certificate serial: 0190D508725828F926CB574600B348692AB9
Authority key identifier: C6:E1:C8:C6:5C:86:E8:D2:6D:DB:EB:68:65:8A:39:A7:A8:E2:78:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/9v9GYPU_n308bRHgwF18VpGbH_I.roa
Signing time: Sun 21 Jul 2024 11:23:38 +0000
ROA not before: Sun 21 Jul 2024 11:23:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211056
IP address blocks: 89.47.201.0/24 maxlen: 24
89.47.202.0/24 maxlen: 24
92.114.50.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.mft
rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d5:08:72:58:28:f9:26:cb:57:46:00:b3:48:69:2a:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6e1c8c65c86e8d26ddbeb68658a39a7a8e27866
Validity
Not Before: Jul 21 11:23:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f6ff4660f53f9f7d3c6d11e0c05d7c56919b1ff2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ae:9c:c8:8d:bd:7c:81:36:bb:a1:9c:14:d3:
1f:fd:53:b5:e0:df:90:3a:1c:78:42:e9:e6:78:28:
a1:7a:3e:a3:81:2c:0e:97:ef:78:0b:c9:b6:8a:73:
87:25:47:2b:c4:42:d4:94:e5:0d:57:67:05:e1:b4:
a1:2e:5a:52:de:96:19:9f:2f:7b:1b:32:64:be:76:
4c:49:25:81:6a:51:1f:89:60:27:61:44:99:42:fa:
87:6e:9b:13:34:7b:14:61:3a:4d:34:b2:2a:00:b3:
43:6c:7a:ab:be:dc:4c:40:38:6c:e1:01:df:73:7d:
1e:36:4a:63:b5:97:b0:c6:90:14:55:3c:26:22:79:
ad:63:cf:ee:40:7d:98:91:a3:4c:63:4a:ee:77:85:
9a:07:8b:2c:9f:99:e0:96:73:fa:fb:63:24:88:b5:
58:4d:38:70:7f:e7:60:71:4b:88:36:9f:aa:fb:1a:
24:8e:a0:82:b0:2c:d7:32:0a:43:56:af:52:41:c4:
a4:f9:70:80:a0:da:bb:2f:65:a6:a0:0b:9a:88:72:
90:90:87:24:40:a6:d6:13:d8:57:93:11:3d:b0:03:
b3:e7:f3:44:9a:98:12:bf:5e:20:ca:fb:88:9c:4b:
22:7d:ac:7f:7a:b5:68:b2:10:22:18:ae:b8:b8:1a:
f8:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:FF:46:60:F5:3F:9F:7D:3C:6D:11:E0:C0:5D:7C:56:91:9B:1F:F2
X509v3 Authority Key Identifier:
keyid:C6:E1:C8:C6:5C:86:E8:D2:6D:DB:EB:68:65:8A:39:A7:A8:E2:78:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/9v9GYPU_n308bRHgwF18VpGbH_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.47.201.0-89.47.202.255
92.114.50.0/24
Signature Algorithm: sha256WithRSAEncryption
89:0b:2a:02:39:12:f2:4e:2f:91:1f:87:dc:8a:92:f6:f2:e6:
dc:6c:70:52:97:29:a3:5d:ad:8a:5d:56:f4:50:c0:0e:88:26:
4f:b1:f7:72:4c:04:3d:ee:52:13:ee:22:60:8d:3c:eb:be:70:
19:7e:32:5e:fb:3a:65:01:20:35:b7:c5:85:b5:1c:c5:ed:3f:
66:0a:de:7f:b9:5b:1d:7a:99:c3:fb:1b:5a:c0:7a:e3:0e:9a:
bf:37:90:c3:49:6d:a4:28:fd:f8:ba:7c:61:52:f5:c7:df:95:
d5:65:48:4f:ed:5a:f9:55:d1:2a:15:83:e2:01:b5:64:ff:b1:
82:30:5b:92:20:41:d9:df:4e:dc:ce:cb:ad:d7:9b:56:12:7e:
77:43:f8:dc:1f:7c:18:02:d6:8c:68:b8:e4:e4:5d:c4:bf:45:
9a:24:e5:04:0d:47:4f:f5:e6:16:10:ee:b2:0d:13:4b:5f:89:
6c:0e:e8:11:30:65:ab:96:e1:b6:87:62:fc:9e:8e:3e:be:18:
c6:39:e8:53:d6:c7:fc:eb:1f:43:b1:65:f7:3b:19:9d:bb:0e:
8b:ef:9b:73:fb:f5:6a:78:fc:a4:a9:80:d8:7a:32:a0:d0:91:
64:f6:98:e3:6e:b9:bc:df:aa:ac:16:b8:a9:89:9d:50:e0:b6:
87:25:aa:f6
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZDVCHJYKPkmy1dGALNIaSq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZTFjOGM2NWM4NmU4ZDI2ZGRiZWI2ODY1OGEzOWE3YThl
Mjc4NjYwHhcNMjQwNzIxMTEyMzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNmZmNDY2MGY1M2Y5ZjdkM2M2ZDExZTBjMDVkN2M1NjkxOWIxZmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0a6cyI29fIE2u6GcFNMf/VO14N+Q
Ohx4QunmeCihej6jgSwOl+94C8m2inOHJUcrxELUlOUNV2cF4bShLlpS3pYZny97
GzJkvnZMSSWBalEfiWAnYUSZQvqHbpsTNHsUYTpNNLIqALNDbHqrvtxMQDhs4QHf
c30eNkpjtZewxpAUVTwmInmtY8/uQH2YkaNMY0rud4WaB4ssn5nglnP6+2MkiLVY
TThwf+dgcUuINp+q+xokjqCCsCzXMgpDVq9SQcSk+XCAoNq7L2WmoAuaiHKQkIck
QKbWE9hXkxE9sAOz5/NEmpgSv14gyvuInEsifax/erVoshAiGK64uBr48wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFPb/RmD1P599PG0R4MBdfFaRmx/yMB8GA1UdIwQY
MBaAFMbhyMZchujSbdvraGWKOaeo4nhmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHVISXhseUc2Tkp0Mi10b1pZbzVwNmppZUdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hNDUzZmUtYTY2NC00N2EyLThiOGEt
Y2U1ZTAxZTcxYzkxLzEvOXY5R1lQVV9uMzA4YlJIZ3dGMThWcEdiSF9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9hNDUzZmUtYTY2NC00N2EyLThiOGEtY2U1ZTAxZTcxYzkx
LzEveHVISXhseUc2Tkp0Mi10b1pZbzVwNmppZUdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBABZL8kD
BABZL8oDBABccjIwDQYJKoZIhvcNAQELBQADggEBAIkLKgI5EvJOL5Efh9yKkvby
5txscFKXKaNdrYpdVvRQwA6IJk+x93JMBD3uUhPuImCNPOu+cBl+Ml77OmUBIDW3
xYW1HMXtP2YK3n+5Wx16mcP7G1rAeuMOmr83kMNJbaQo/fi6fGFS9cffldVlSE/t
WvlV0SoVg+IBtWT/sYIwW5IgQdnfTtzOy63Xm1YSfndD+NwffBgC1oxouOTkXcS/
RZok5QQNR0/15hYQ7rINE0tfiWwO6BEwZauW4baHYvyejj6+GMY56FPWx/zrH0Ox
Zfc7GZ27Dovvm3P79Wp4/KSpgNh6MqDQkWT2mONuubzfqqwWuKmJnVDgtoclqvY=
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:00:29 2024 by rpki-client on console-fra.rpki-client.org