Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/2426f1-8f2a-49ff-8643-193ad5c79b83/1/yHgW4CSz9hambGUGbxULQaDuw1w.roa
File: yHgW4CSz9hambGUGbxULQaDuw1w.roa (raw, json)
Hash identifier: lEUKzSOOygmfwGQQLNCL88RXqO7whEFjGNsJLWkJsUo=
Subject key identifier: C8:78:16:E0:24:B3:F6:16:A6:6C:65:06:6F:15:0B:41:A0:EE:C3:5C
Certificate issuer: /CN=96e82ab648b8b3f8857569c39af9544adfc17c01
Certificate serial: 01919C9C1DE5BFE20D86395A70BE9A1885BC
Authority key identifier: 96:E8:2A:B6:48:B8:B3:F8:85:75:69:C3:9A:F9:54:4A:DF:C1:7C:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lugqtki4s_iFdWnDmvlUSt_BfAE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/2426f1-8f2a-49ff-8643-193ad5c79b83/1/yHgW4CSz9hambGUGbxULQaDuw1w.roa
Signing time: Thu 29 Aug 2024 05:29:22 +0000
ROA not before: Thu 29 Aug 2024 05:29:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13065
IP address blocks: 89.28.224.0/21 maxlen: 21
185.9.56.0/22 maxlen: 22
212.109.144.0/20 maxlen: 20
2a00:6c40:8000::/33 maxlen: 33
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/2426f1-8f2a-49ff-8643-193ad5c79b83/1/lugqtki4s_iFdWnDmvlUSt_BfAE.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/2426f1-8f2a-49ff-8643-193ad5c79b83/1/lugqtki4s_iFdWnDmvlUSt_BfAE.mft
rsync://rpki.ripe.net/repository/DEFAULT/lugqtki4s_iFdWnDmvlUSt_BfAE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:9c:9c:1d:e5:bf:e2:0d:86:39:5a:70:be:9a:18:85:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96e82ab648b8b3f8857569c39af9544adfc17c01
Validity
Not Before: Aug 29 05:29:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c87816e024b3f616a66c65066f150b41a0eec35c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:36:e5:83:e5:79:e8:f7:35:69:b7:92:81:a0:
17:ac:6f:af:42:27:5b:ae:e8:74:73:d1:98:f1:cf:
62:87:ee:3c:8f:a9:f5:26:67:7e:a0:83:64:1d:1c:
24:f3:80:93:c9:0c:c2:a4:e4:91:fe:9c:0f:ef:4e:
a5:a6:73:83:0f:9a:fb:1e:8f:18:8b:72:89:79:d8:
65:af:5b:4b:4a:e2:40:5a:08:62:5c:40:ba:6a:00:
ef:c8:ae:6a:ea:50:ad:a4:0d:16:fc:74:64:b8:c6:
c4:49:26:0b:f8:d5:20:ce:13:7a:c5:4f:d9:84:08:
e2:28:d0:c9:80:e9:36:d9:4d:cb:a7:ce:41:cd:f3:
ea:8b:c8:c3:19:80:20:1a:f1:d6:12:bd:88:be:ca:
7e:ec:5c:7c:b1:73:06:a9:b9:c6:c4:21:d7:bf:93:
23:7a:78:4a:9a:b8:fa:81:42:2f:69:7a:3f:7c:21:
ad:b1:d1:b7:02:8b:38:8e:06:4c:f6:ec:73:0b:09:
1d:02:a5:b2:dd:ed:12:5c:c3:e5:18:c2:8b:b6:ed:
25:0b:e0:28:d4:74:38:51:c8:83:32:1b:3c:73:97:
ab:4a:27:96:f2:e9:5a:c5:14:76:29:a6:9d:19:d4:
1f:93:b8:93:4c:77:28:bc:66:e8:1d:8c:63:24:2e:
94:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:78:16:E0:24:B3:F6:16:A6:6C:65:06:6F:15:0B:41:A0:EE:C3:5C
X509v3 Authority Key Identifier:
keyid:96:E8:2A:B6:48:B8:B3:F8:85:75:69:C3:9A:F9:54:4A:DF:C1:7C:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lugqtki4s_iFdWnDmvlUSt_BfAE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/2426f1-8f2a-49ff-8643-193ad5c79b83/1/yHgW4CSz9hambGUGbxULQaDuw1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/2426f1-8f2a-49ff-8643-193ad5c79b83/1/lugqtki4s_iFdWnDmvlUSt_BfAE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.28.224.0/21
185.9.56.0/22
212.109.144.0/20
IPv6:
2a00:6c40:8000::/33
Signature Algorithm: sha256WithRSAEncryption
8f:4f:2a:79:3f:15:c3:c8:2f:0f:58:fe:43:54:c6:f0:17:d0:
17:e2:25:64:52:15:67:64:01:db:0c:a6:be:55:f9:d1:2d:ac:
1a:cf:bf:2d:72:bd:d2:a6:36:9f:95:6a:88:dc:84:39:68:40:
f5:f7:85:85:8f:9b:d5:d9:f6:6f:b7:c1:ec:53:1d:9d:18:9e:
5d:22:46:ba:4b:54:58:76:85:d9:02:91:97:67:f6:31:f2:23:
d9:af:07:a3:5d:61:e9:a5:c4:c9:bc:c6:40:bf:13:a3:ff:10:
21:93:a3:ec:bc:5b:70:72:1f:2a:17:9d:e8:3a:a9:91:29:ff:
35:97:38:85:2d:5e:a2:8c:c3:1e:0a:38:ba:c9:e9:d7:9f:74:
16:21:6b:37:55:68:f0:68:67:85:23:e0:1f:58:51:84:2b:4d:
3a:b8:a7:65:a3:59:0b:98:7c:b8:23:90:fc:c2:d3:24:f0:af:
85:27:39:9c:31:3d:9f:4e:63:03:5c:0e:2f:11:86:f9:b1:0b:
17:03:a9:40:78:c1:a5:29:25:73:a1:49:5e:8c:1f:fc:09:0b:
4c:1a:3d:8d:68:64:c4:b0:98:08:22:a7:61:54:c1:a4:51:08:
85:19:16:14:21:87:c8:47:9c:47:73:a4:1f:ce:79:70:5b:8a:
8c:87:4a:16
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZGcnB3lv+INhjlacL6aGIW8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZTgyYWI2NDhiOGIzZjg4NTc1NjljMzlhZjk1NDRhZGZj
MTdjMDEwHhcNMjQwODI5MDUyOTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjODc4MTZlMDI0YjNmNjE2YTY2YzY1MDY2ZjE1MGI0MWEwZWVjMzVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Dblg+V56Pc1abeSgaAXrG+vQidb
ruh0c9GY8c9ih+48j6n1Jmd+oINkHRwk84CTyQzCpOSR/pwP706lpnODD5r7Ho8Y
i3KJedhlr1tLSuJAWghiXEC6agDvyK5q6lCtpA0W/HRkuMbESSYL+NUgzhN6xU/Z
hAjiKNDJgOk22U3Lp85BzfPqi8jDGYAgGvHWEr2Ivsp+7Fx8sXMGqbnGxCHXv5Mj
enhKmrj6gUIvaXo/fCGtsdG3Aos4jgZM9uxzCwkdAqWy3e0SXMPlGMKLtu0lC+Ao
1HQ4UciDMhs8c5erSieW8ulaxRR2KaadGdQfk7iTTHcovGboHYxjJC6UAQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFMh4FuAks/YWpmxlBm8VC0Gg7sNcMB8GA1UdIwQY
MBaAFJboKrZIuLP4hXVpw5r5VErfwXwBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHVncXRraTRzX2lGZFduRG12bFVTdF9CZkFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy8yNDI2ZjEtOGYyYS00OWZmLTg2NDMt
MTkzYWQ1Yzc5YjgzLzEveUhnVzRDU3o5aGFtYkdVR2J4VUxRYUR1dzF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy8yNDI2ZjEtOGYyYS00OWZmLTg2NDMtMTkzYWQ1Yzc5Yjgz
LzEvbHVncXRraTRzX2lGZFduRG12bFVTdF9CZkFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAYBAIAATASAwQDWRzgAwQC
uQk4AwQE1G2QMA4EAgACMAgDBgcqAGxAgDANBgkqhkiG9w0BAQsFAAOCAQEAj08q
eT8Vw8gvD1j+Q1TG8BfQF+IlZFIVZ2QB2wymvlX50S2sGs+/LXK90qY2n5VqiNyE
OWhA9feFhY+b1dn2b7fB7FMdnRieXSJGuktUWHaF2QKRl2f2MfIj2a8Ho11h6aXE
ybzGQL8To/8QIZOj7LxbcHIfKhed6DqpkSn/NZc4hS1eoozDHgo4usnp1590FiFr
N1Vo8GhnhSPgH1hRhCtNOrinZaNZC5h8uCOQ/MLTJPCvhSc5nDE9n05jA1wOLxGG
+bELFwOpQHjBpSklc6FJXowf/AkLTBo9jWhkxLCYCCKnYVTBpFEIhRkWFCGHyEec
R3OkH855cFuKjIdKFg==
-----END CERTIFICATE-----
Generated at Sat Nov 23 22:01:04 2024 by rpki-client on console-fra.rpki-client.org