Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/iYZ__kjlwqgvduakgJVSJo2oR74.roa
File: iYZ__kjlwqgvduakgJVSJo2oR74.roa (raw, json)
Hash identifier: pWyJKvedVOkJvXO5uczSSddz0ww7SO9rpP1GHlvbRLQ=
Subject key identifier: 89:86:7F:FE:48:E5:C2:A8:2F:76:E6:A4:80:95:52:26:8D:A8:47:BE
Certificate issuer: /CN=b3d14ce18a8f1d05a6a35390af4aec8ce6cc56ec
Certificate serial: 018CC4255B8700675B0C04C20461D949A4DE
Authority key identifier: B3:D1:4C:E1:8A:8F:1D:05:A6:A3:53:90:AF:4A:EC:8C:E6:CC:56:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s9FM4YqPHQWmo1OQr0rsjObMVuw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/iYZ__kjlwqgvduakgJVSJo2oR74.roa
Signing time: Mon 01 Jan 2024 08:30:31 +0000
ROA not before: Mon 01 Jan 2024 08:30:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8708
IP address blocks: 89.37.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/s9FM4YqPHQWmo1OQr0rsjObMVuw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/s9FM4YqPHQWmo1OQr0rsjObMVuw.mft
rsync://rpki.ripe.net/repository/DEFAULT/s9FM4YqPHQWmo1OQr0rsjObMVuw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 27 May 2024 07:01:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:5b:87:00:67:5b:0c:04:c2:04:61:d9:49:a4:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3d14ce18a8f1d05a6a35390af4aec8ce6cc56ec
Validity
Not Before: Jan 1 08:30:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=89867ffe48e5c2a82f76e6a4809552268da847be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:2f:83:9a:d5:f0:ca:27:8c:6d:6b:43:72:ee:
23:01:26:45:81:b6:65:6a:b5:e9:94:cb:ec:43:50:
7a:fc:15:04:8a:4d:72:a6:42:0b:e9:9b:23:02:ce:
7d:73:92:bc:66:00:0d:6b:d1:a3:cb:02:b2:4f:34:
52:c7:31:7f:77:05:0f:37:87:cd:9e:68:46:8e:e4:
c7:b8:c0:8e:de:ef:79:d6:d7:d4:42:f8:f2:81:c7:
02:e4:c0:f1:17:0d:12:d7:da:11:05:93:c5:5b:89:
85:31:75:2e:a3:1a:ba:70:20:59:33:f7:04:a4:ca:
98:d1:96:a7:32:03:06:7c:03:b7:eb:7f:0f:76:11:
86:26:d2:7c:08:61:26:58:03:26:30:bc:dc:8a:5e:
b2:47:ae:c0:b1:ce:4f:68:30:13:7f:b2:37:f9:3f:
a6:02:22:74:d1:b5:bf:e4:ab:49:24:9c:c9:5c:74:
7d:6f:83:d2:0f:2e:ad:d8:cc:51:56:c4:dd:94:2c:
91:ce:d6:5b:92:4e:fd:41:dc:dc:f2:c4:c8:76:55:
8d:fe:9f:f7:67:c5:62:f0:e1:ca:4c:f7:be:0a:6f:
24:09:48:59:e6:d9:0f:bb:41:98:5b:63:28:0a:9f:
fe:3d:33:e6:ea:eb:ab:34:29:1b:1d:71:6b:97:ac:
43:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:86:7F:FE:48:E5:C2:A8:2F:76:E6:A4:80:95:52:26:8D:A8:47:BE
X509v3 Authority Key Identifier:
keyid:B3:D1:4C:E1:8A:8F:1D:05:A6:A3:53:90:AF:4A:EC:8C:E6:CC:56:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s9FM4YqPHQWmo1OQr0rsjObMVuw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/iYZ__kjlwqgvduakgJVSJo2oR74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/10303c-43d5-4033-808a-52c699d386cd/1/s9FM4YqPHQWmo1OQr0rsjObMVuw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.37.135.0/24
Signature Algorithm: sha256WithRSAEncryption
93:e7:d2:6c:ba:ba:96:52:66:de:a0:8f:09:71:b5:02:5c:3e:
a0:d9:9c:96:11:c6:84:5b:28:85:31:f6:3a:17:2d:b1:7a:58:
fc:0e:a6:95:96:c5:6c:e7:c1:da:eb:cd:2e:5c:44:63:23:ea:
59:a2:1a:85:d5:04:27:b4:51:65:d5:99:6c:dc:1b:00:2e:39:
99:c6:cf:8d:97:33:8a:90:69:0a:89:83:73:a4:94:1d:6d:c4:
30:8a:5a:03:1e:18:45:00:f8:19:a0:ce:de:04:46:c8:a0:d7:
53:71:49:77:d7:fb:65:09:d2:03:25:d1:14:5e:57:f6:03:e6:
43:b0:17:80:91:64:e2:04:a7:1c:ad:40:46:65:9c:64:57:c8:
33:07:55:f3:97:e4:77:3a:31:fa:41:3b:a2:6a:4b:95:19:07:
1b:cf:da:06:a8:6d:a9:cf:95:27:69:9b:9a:71:be:c5:8e:d3:
b6:d4:15:d8:95:0d:3a:20:02:0b:e3:27:06:a2:e4:a6:49:4c:
c5:e4:a2:7d:03:71:71:5f:bf:03:28:f0:96:da:91:18:90:6f:
cf:e6:ee:02:33:2b:ba:95:7f:2a:f5:d7:61:33:6b:46:ef:f9:
2b:d7:48:07:e8:fc:fc:c2:b0:13:1b:a7:6d:79:d2:33:e4:6f:
85:91:59:db
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJVuHAGdbDATCBGHZSaTeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZDE0Y2UxOGE4ZjFkMDVhNmEzNTM5MGFmNGFlYzhjZTZj
YzU2ZWMwHhcNMjQwMTAxMDgzMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTg2N2ZmZTQ4ZTVjMmE4MmY3NmU2YTQ4MDk1NTIyNjhkYTg0N2JlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyC+DmtXwyieMbWtDcu4jASZFgbZl
arXplMvsQ1B6/BUEik1ypkIL6ZsjAs59c5K8ZgANa9GjywKyTzRSxzF/dwUPN4fN
nmhGjuTHuMCO3u951tfUQvjygccC5MDxFw0S19oRBZPFW4mFMXUuoxq6cCBZM/cE
pMqY0ZanMgMGfAO3638PdhGGJtJ8CGEmWAMmMLzcil6yR67Asc5PaDATf7I3+T+m
AiJ00bW/5KtJJJzJXHR9b4PSDy6t2MxRVsTdlCyRztZbkk79Qdzc8sTIdlWN/p/3
Z8Vi8OHKTPe+Cm8kCUhZ5tkPu0GYW2MoCp/+PTPm6uurNCkbHXFrl6xD0QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFImGf/5I5cKoL3bmpICVUiaNqEe+MB8GA1UdIwQY
MBaAFLPRTOGKjx0FpqNTkK9K7IzmzFbsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczlGTTRZcVBIUVdtbzFPUXIwcnNqT2JNVnV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS8xMDMwM2MtNDNkNS00MDMzLTgwOGEt
NTJjNjk5ZDM4NmNkLzEvaVlaX19ramx3cWd2ZHVha2dKVlNKbzJvUjc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS8xMDMwM2MtNDNkNS00MDMzLTgwOGEtNTJjNjk5ZDM4NmNk
LzEvczlGTTRZcVBIUVdtbzFPUXIwcnNqT2JNVnV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWSWHMA0G
CSqGSIb3DQEBCwUAA4IBAQCT59JsurqWUmbeoI8JcbUCXD6g2ZyWEcaEWyiFMfY6
Fy2xelj8DqaVlsVs58Ha680uXERjI+pZohqF1QQntFFl1Zls3BsALjmZxs+NlzOK
kGkKiYNzpJQdbcQwiloDHhhFAPgZoM7eBEbIoNdTcUl31/tlCdIDJdEUXlf2A+ZD
sBeAkWTiBKccrUBGZZxkV8gzB1Xzl+R3OjH6QTuiakuVGQcbz9oGqG2pz5UnaZua
cb7FjtO21BXYlQ06IAIL4ycGouSmSUzF5KJ9A3FxX78DKPCW2pEYkG/P5u4CMyu6
lX8q9ddhM2tG7/kr10gH6Pz8wrATG6dtedIz5G+FkVnb
-----END CERTIFICATE-----
Generated at Sun May 26 11:07:27 2024 by rpki-client on console-fra.rpki-client.org