Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/g_UEOf1JT3ofUW4dmkMpzhqrb10.roa
File: g_UEOf1JT3ofUW4dmkMpzhqrb10.roa (raw, json)
Hash identifier: 7eYsAjEZ487J1vsibSNLYBzVHobW9VUWXRFTvPPEWAs=
Subject key identifier: 83:F5:04:39:FD:49:4F:7A:1F:51:6E:1D:9A:43:29:CE:1A:AB:6F:5D
Certificate issuer: /CN=97242dba26ed882b380dabebab3c5f3942006ecc
Certificate serial: 018CC8DE3F2878FA963E98BF136C3462EA40
Authority key identifier: 97:24:2D:BA:26:ED:88:2B:38:0D:AB:EB:AB:3C:5F:39:42:00:6E:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lyQtuibtiCs4DavrqzxfOUIAbsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/g_UEOf1JT3ofUW4dmkMpzhqrb10.roa
Signing time: Tue 02 Jan 2024 06:30:57 +0000
ROA not before: Tue 02 Jan 2024 06:30:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49283
IP address blocks: 178.21.192.0/21 maxlen: 21
89.18.224.0/19 maxlen: 19
109.68.248.0/21 maxlen: 21
2a00:17b8::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/lyQtuibtiCs4DavrqzxfOUIAbsw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/lyQtuibtiCs4DavrqzxfOUIAbsw.mft
rsync://rpki.ripe.net/repository/DEFAULT/lyQtuibtiCs4DavrqzxfOUIAbsw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:3f:28:78:fa:96:3e:98:bf:13:6c:34:62:ea:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=97242dba26ed882b380dabebab3c5f3942006ecc
Validity
Not Before: Jan 2 06:30:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83f50439fd494f7a1f516e1d9a4329ce1aab6f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:97:8e:9d:76:70:e7:08:2f:87:6e:70:4c:cb:
41:b8:71:1a:27:43:50:dc:91:9c:c5:f2:44:9b:2c:
16:f1:df:09:36:00:73:b1:0d:67:64:39:14:59:ba:
4d:ec:8b:f7:81:b8:db:9a:86:07:f0:e4:91:a8:8b:
86:ea:33:ec:4a:82:a8:d3:ba:0d:c0:80:a1:00:81:
57:5b:a0:8c:8a:b7:6c:3c:ad:16:2f:0e:d5:62:99:
40:d0:f1:da:18:0d:47:1c:1f:99:96:ed:70:14:58:
5f:3a:94:8c:04:ae:97:51:1f:12:73:ba:26:67:ce:
0e:cc:40:de:cd:d0:89:84:f8:13:1d:b5:d3:c3:11:
fc:4e:75:f5:2c:59:01:55:29:d8:47:da:06:06:05:
9f:ed:84:18:b8:2a:f7:17:d8:75:ff:5b:da:56:0c:
35:34:cc:d0:8f:03:73:48:53:a1:0b:6a:21:39:d1:
44:70:f7:a1:78:c8:a9:85:d8:9f:58:37:bb:af:92:
c6:4d:20:e7:13:f6:75:2b:85:f9:4b:72:77:82:85:
f7:5d:dc:9c:27:6c:fd:9a:bb:10:21:de:47:c4:63:
15:06:68:13:ef:a8:6a:d8:f7:b6:44:99:6b:5b:21:
9a:23:88:d8:4e:b7:58:76:66:8a:d3:f4:89:4e:60:
1f:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:F5:04:39:FD:49:4F:7A:1F:51:6E:1D:9A:43:29:CE:1A:AB:6F:5D
X509v3 Authority Key Identifier:
keyid:97:24:2D:BA:26:ED:88:2B:38:0D:AB:EB:AB:3C:5F:39:42:00:6E:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lyQtuibtiCs4DavrqzxfOUIAbsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/g_UEOf1JT3ofUW4dmkMpzhqrb10.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/4cb687-87fd-4af0-a36b-607272d737cb/1/lyQtuibtiCs4DavrqzxfOUIAbsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.18.224.0/19
109.68.248.0/21
178.21.192.0/21
IPv6:
2a00:17b8::/29
Signature Algorithm: sha256WithRSAEncryption
8f:2c:f3:c4:b0:34:b3:77:7a:c2:c2:76:a1:2d:5f:6e:90:47:
14:6a:17:2a:b8:8c:97:14:75:b9:49:81:e6:be:cd:e1:ca:10:
28:0e:67:15:36:b6:b6:75:a8:44:a7:ae:67:da:7d:22:b7:e3:
2f:3c:60:ef:55:69:c1:54:90:29:a8:82:89:59:68:17:3b:a8:
70:67:06:14:da:2a:5f:87:22:24:77:d8:a5:ae:eb:91:3c:dc:
8e:ed:fc:42:3b:f1:87:41:2a:2c:17:3e:ee:d8:14:ca:0d:b2:
49:58:4b:51:2b:92:e3:a3:39:99:7e:bc:42:52:39:07:ed:d5:
61:74:35:36:4b:4f:5d:4c:73:7f:43:9b:51:fe:18:82:2f:7b:
1e:a3:44:22:08:e0:a2:ff:c1:b8:1f:3f:a0:ed:f9:cc:89:56:
98:50:df:ce:b2:28:d6:9e:ea:1e:2c:76:cd:89:d3:30:a2:1c:
5a:3b:46:7a:5b:34:6d:87:1a:ca:ce:d9:42:b6:d4:1f:48:37:
8b:15:e3:53:fc:af:5f:ea:52:0c:bd:63:57:b3:9d:3b:10:8b:
a5:47:f2:64:15:8b:54:35:c3:b8:cc:5d:8c:42:59:62:0a:ee:
0c:bb:fe:3a:cb:a7:1a:dc:38:38:e4:5e:af:57:f7:c3:07:19:
e3:35:ed:dc
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzI3j8oePqWPpi/E2w0YupAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3MjQyZGJhMjZlZDg4MmIzODBkYWJlYmFiM2M1ZjM5NDIw
MDZlY2MwHhcNMjQwMTAyMDYzMDU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4M2Y1MDQzOWZkNDk0ZjdhMWY1MTZlMWQ5YTQzMjljZTFhYWI2ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjpeOnXZw5wgvh25wTMtBuHEaJ0NQ
3JGcxfJEmywW8d8JNgBzsQ1nZDkUWbpN7Iv3gbjbmoYH8OSRqIuG6jPsSoKo07oN
wIChAIFXW6CMirdsPK0WLw7VYplA0PHaGA1HHB+Zlu1wFFhfOpSMBK6XUR8Sc7om
Z84OzEDezdCJhPgTHbXTwxH8TnX1LFkBVSnYR9oGBgWf7YQYuCr3F9h1/1vaVgw1
NMzQjwNzSFOhC2ohOdFEcPeheMiphdifWDe7r5LGTSDnE/Z1K4X5S3J3goX3Xdyc
J2z9mrsQId5HxGMVBmgT76hq2Pe2RJlrWyGaI4jYTrdYdmaK0/SJTmAfsQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFIP1BDn9SU96H1FuHZpDKc4aq29dMB8GA1UdIwQY
MBaAFJckLbom7YgrOA2r66s8XzlCAG7MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHlRdHVpYnRpQ3M0RGF2cnF6eGZPVUlBYnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy80Y2I2ODctODdmZC00YWYwLWEzNmIt
NjA3MjcyZDczN2NiLzEvZ19VRU9mMUpUM29mVVc0ZG1rTXB6aHFyYjEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy80Y2I2ODctODdmZC00YWYwLWEzNmItNjA3MjcyZDczN2Ni
LzEvbHlRdHVpYnRpQ3M0RGF2cnF6eGZPVUlBYnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFWRLgAwQD
bUT4AwQDshXAMA0EAgACMAcDBQMqABe4MA0GCSqGSIb3DQEBCwUAA4IBAQCPLPPE
sDSzd3rCwnahLV9ukEcUahcquIyXFHW5SYHmvs3hyhAoDmcVNra2dahEp65n2n0i
t+MvPGDvVWnBVJApqIKJWWgXO6hwZwYU2ipfhyIkd9ilruuRPNyO7fxCO/GHQSos
Fz7u2BTKDbJJWEtRK5LjozmZfrxCUjkH7dVhdDU2S09dTHN/Q5tR/hiCL3seo0Qi
COCi/8G4Hz+g7fnMiVaYUN/OsijWnuoeLHbNidMwohxaO0Z6WzRthxrKztlCttQf
SDeLFeNT/K9f6lIMvWNXs507EIulR/JkFYtUNcO4zF2MQlliCu4Mu/46y6ca3Dg4
5F6vV/fDBxnjNe3c
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:54:19 2024 by rpki-client on console-fra.rpki-client.org