Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ko9A1WZYQRy2NdVNub51X_a4AYc.roa
File: ko9A1WZYQRy2NdVNub51X_a4AYc.roa (raw, json)
Hash identifier: YvS+OC5lt5l8Lokvyz43EykIpbu7/M1pR3/faRreL7w=
Subject key identifier: 92:8F:40:D5:66:58:41:1C:B6:35:D5:4D:B9:BE:75:5F:F6:B8:01:87
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 018EE135DD37CEB25058C8F500D442AEA8BA
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ko9A1WZYQRy2NdVNub51X_a4AYc.roa
Signing time: Mon 15 Apr 2024 10:03:07 +0000
ROA not before: Mon 15 Apr 2024 10:03:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25531
IP address blocks: 89.17.32.0/24 maxlen: 24
89.17.34.0/24 maxlen: 24
89.17.36.0/22 maxlen: 22
89.17.40.0/22 maxlen: 22
89.17.44.0/24 maxlen: 24
89.17.47.0/24 maxlen: 24
89.17.50.0/24 maxlen: 24
217.15.48.0/22 maxlen: 22
217.15.52.0/24 maxlen: 24
217.15.54.0/23 maxlen: 23
217.15.58.0/23 maxlen: 23
217.15.60.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e1:35:dd:37:ce:b2:50:58:c8:f5:00:d4:42:ae:a8:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Apr 15 10:03:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=928f40d56658411cb635d54db9be755ff6b80187
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f3:5b:c4:db:f9:ff:b0:d2:83:2b:da:19:70:
1e:56:26:73:a4:c7:f9:80:5f:7c:27:f1:56:90:ad:
2d:74:b5:66:7a:24:c4:09:9e:59:a8:78:1c:fd:bf:
85:27:24:8f:d3:da:f7:b1:52:70:49:24:9e:20:de:
4b:9c:92:f7:13:1c:e9:03:3f:2a:b7:b9:0d:19:7b:
fd:00:12:b8:64:fb:a0:cd:98:fa:d3:fa:92:48:1a:
83:e3:c3:af:61:82:f9:22:4e:08:6b:c5:62:3a:ec:
88:7b:72:2b:4a:09:3a:ed:38:db:40:d2:84:61:59:
75:0e:9f:be:5c:56:bf:9a:4a:f1:8b:b2:a3:3c:92:
3b:1d:ef:04:d3:26:8e:82:d0:99:b4:bd:79:cf:f4:
c1:0f:f5:a8:a0:4d:d3:32:43:8c:45:49:52:4d:ee:
05:c6:a5:7c:c7:df:a5:f0:49:23:ab:c6:9f:f1:86:
19:ab:97:49:9b:97:bc:83:1e:0b:3d:76:1d:a2:62:
c4:c7:ab:a2:d2:b9:1b:ee:fa:1d:8e:8e:9f:6e:91:
16:ca:b6:e0:89:61:b4:62:53:54:72:50:d8:8a:90:
2e:72:32:16:17:df:7e:d6:08:ff:fc:f0:27:fb:f0:
94:af:2f:ff:2f:18:65:a6:87:af:8d:9e:16:dd:d0:
e3:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:8F:40:D5:66:58:41:1C:B6:35:D5:4D:B9:BE:75:5F:F6:B8:01:87
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ko9A1WZYQRy2NdVNub51X_a4AYc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.17.32.0/24
89.17.34.0/24
89.17.36.0-89.17.44.255
89.17.47.0/24
89.17.50.0/24
217.15.48.0-217.15.52.255
217.15.54.0/23
217.15.58.0-217.15.61.255
Signature Algorithm: sha256WithRSAEncryption
3f:7c:62:a1:d4:5d:c1:86:3e:ce:d3:d0:08:81:53:3b:29:e0:
de:0e:af:2b:ce:2c:ac:9c:bb:41:37:26:22:9d:db:40:1e:07:
07:ab:5b:6a:fe:c5:dd:37:37:d2:a5:1d:3d:4d:49:99:e5:2b:
1b:56:6a:4b:e7:54:e4:2b:ad:d1:cf:27:35:ed:d3:ac:ea:0e:
71:79:3c:72:a7:d7:a7:59:4c:65:bc:66:45:30:11:31:b2:51:
25:52:d6:c0:c2:5d:21:da:8b:72:92:a1:aa:55:23:06:80:46:
95:a7:18:b8:4e:90:8f:4e:aa:fd:ca:20:c8:e4:f2:fb:20:8e:
df:43:1f:d7:1e:ec:73:f5:e1:3f:4c:eb:3e:4c:5a:70:83:23:
44:6a:30:38:9c:45:bc:52:8e:35:59:07:b2:f6:c0:88:6c:40:
3e:48:b5:8e:fb:5f:59:87:4d:89:8d:45:a8:42:3b:dc:c7:68:
13:01:69:1d:90:f8:ea:9e:28:51:15:eb:07:00:fc:f5:7c:49:
da:d9:35:9c:66:a5:e5:24:6d:a4:f1:54:5c:c2:b2:08:4b:44:
09:3a:fa:6b:02:ab:76:6b:bd:e7:0e:55:42:37:44:06:0f:9e:
fe:c1:21:bf:60:2f:8f:8f:2e:ab:03:f7:bd:d9:8b:78:a9:c1:
cb:0a:c1:56
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAY7hNd03zrJQWMj1ANRCrqi6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwNDE1MTAwMzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MjhmNDBkNTY2NTg0MTFjYjYzNWQ1NGRiOWJlNzU1ZmY2YjgwMTg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPNbxNv5/7DSgyvaGXAeViZzpMf5
gF98J/FWkK0tdLVmeiTECZ5ZqHgc/b+FJySP09r3sVJwSSSeIN5LnJL3ExzpAz8q
t7kNGXv9ABK4ZPugzZj60/qSSBqD48OvYYL5Ik4Ia8ViOuyIe3IrSgk67TjbQNKE
YVl1Dp++XFa/mkrxi7KjPJI7He8E0yaOgtCZtL15z/TBD/WooE3TMkOMRUlSTe4F
xqV8x9+l8Ekjq8af8YYZq5dJm5e8gx4LPXYdomLEx6ui0rkb7vodjo6fbpEWyrbg
iWG0YlNUclDYipAucjIWF99+1gj//PAn+/CUry//LxhlpoevjZ4W3dDj2QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJKPQNVmWEEctjXVTbm+dV/2uAGHMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEva285QTFXWllRUnkyTmRWTnViNTFYX2E0QVljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAWREgAwQA
WREiMAwDBAJZESQDBABZESwDBABZES8DBABZETIwDAMEBNkPMAMEANkPNAMEAdkP
NjAMAwQB2Q86AwQB2Q88MA0GCSqGSIb3DQEBCwUAA4IBAQA/fGKh1F3Bhj7O09AI
gVM7KeDeDq8rziysnLtBNyYindtAHgcHq1tq/sXdNzfSpR09TUmZ5SsbVmpL51Tk
K63Rzyc17dOs6g5xeTxyp9enWUxlvGZFMBExslElUtbAwl0h2otykqGqVSMGgEaV
pxi4TpCPTqr9yiDI5PL7II7fQx/XHuxz9eE/TOs+TFpwgyNEajA4nEW8Uo41WQey
9sCIbEA+SLWO+19Zh02JjUWoQjvcx2gTAWkdkPjqnihRFesHAPz1fEna2TWcZqXl
JG2k8VRcwrIIS0QJOvprAqt2a73nDlVCN0QGD57+wSG/YC+Pjy6rA/e92Yt4qcHL
CsFW
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:43:26 2024 by rpki-client on console-fra.rpki-client.org