Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/7lm1q8ZmIlH4xf1LAxAhpEZhiqs.roa
File: 7lm1q8ZmIlH4xf1LAxAhpEZhiqs.roa (raw, json)
Hash identifier: C3ezCOcFOcZx1r/mwMIXhtmQO9x+8jzoQUzKwn7GD94=
Subject key identifier: EE:59:B5:AB:C6:66:22:51:F8:C5:FD:4B:03:10:21:A4:46:61:8A:AB
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 019248C16D421A9954E45F0B30CE4D8CBBB5
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/7lm1q8ZmIlH4xf1LAxAhpEZhiqs.roa
Signing time: Tue 01 Oct 2024 15:44:48 +0000
ROA not before: Tue 01 Oct 2024 15:44:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61971
IP address blocks: 89.23.120.0/24 maxlen: 24
2a09:6280:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:48:c1:6d:42:1a:99:54:e4:5f:0b:30:ce:4d:8c:bb:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Oct 1 15:44:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ee59b5abc6662251f8c5fd4b031021a446618aab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:82:5a:51:c9:e1:52:ff:d0:63:40:69:fa:24:
fd:8f:6f:5f:03:3e:cf:5c:0a:95:64:a2:e6:a1:c5:
65:17:5f:a9:92:0e:6a:ea:59:0d:2b:f9:33:e1:c1:
05:7a:81:e7:73:95:02:19:d3:9e:b5:9b:ec:74:25:
b0:14:0c:3b:2a:99:9b:c5:c8:6d:04:83:60:76:4c:
c3:ea:a9:dc:d0:f8:e1:fe:98:1a:4b:bb:b0:35:11:
d4:a2:41:18:2d:85:e4:41:f9:14:cf:1d:06:58:2d:
75:7d:07:ab:8e:55:4c:38:29:3a:69:94:ec:02:6f:
35:7b:c6:06:25:b7:dc:c7:be:e4:21:11:26:00:43:
9c:4a:e9:7b:6a:50:79:4b:d5:cc:9b:03:03:7a:c9:
ad:df:49:ae:f6:b7:2b:1a:16:d4:39:4a:c5:5a:d6:
71:fa:ca:8d:5b:ca:fe:e3:14:fd:9f:d4:ec:38:0b:
5e:1d:90:1f:f9:6a:9a:92:c5:e9:73:b2:79:14:9a:
ca:02:54:94:fc:c7:42:a1:c6:73:b2:be:88:8a:41:
e3:2e:c9:af:e3:14:fc:2b:83:a6:40:be:74:f2:f0:
56:59:45:66:8f:d0:e6:82:e1:76:ed:0e:0f:e6:0d:
d6:0b:c6:86:b1:d1:84:19:b0:1f:60:e6:45:1f:c7:
b1:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:59:B5:AB:C6:66:22:51:F8:C5:FD:4B:03:10:21:A4:46:61:8A:AB
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/7lm1q8ZmIlH4xf1LAxAhpEZhiqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.120.0/24
IPv6:
2a09:6280:a::/48
Signature Algorithm: sha256WithRSAEncryption
81:eb:5e:ac:62:eb:28:a7:cf:2d:7b:ad:f6:ec:92:05:68:3b:
d0:61:ae:56:db:df:25:a8:60:72:c7:29:a2:11:ff:c9:27:30:
24:0f:20:ce:fd:7f:d7:b0:c8:04:43:b2:8a:7f:d8:b9:06:7d:
11:82:7d:34:b8:3f:0e:a4:f0:75:0b:4e:67:e5:6c:a5:f1:eb:
b2:82:aa:79:37:2a:16:05:97:65:e6:fb:3f:48:08:f5:11:d2:
90:bc:54:18:03:88:02:00:c8:35:bc:bb:87:27:af:92:39:8e:
1a:40:e4:b3:9a:f3:78:b9:bd:53:17:58:cc:de:b8:d6:f3:96:
54:7a:87:83:17:ec:06:46:69:87:29:f3:0c:9f:ce:61:c9:7f:
fd:51:8c:bc:8a:1c:9a:64:20:f9:dc:61:86:bf:ca:07:ea:b0:
69:67:16:a7:57:3f:e9:b5:64:c9:be:a4:72:27:ff:b0:6b:9b:
ee:66:7e:65:62:02:e5:3a:74:02:92:9d:3f:e2:41:9a:fa:14:
e5:0a:07:19:9a:7d:b5:a5:32:d7:1a:3f:ef:d9:35:b6:78:42:
b5:1a:ee:09:c2:3e:2e:8d:a7:9b:70:90:9b:e8:a9:00:a8:ad:
e2:ae:cd:c9:8d:ca:cc:83:30:41:3e:ec:08:8b:dd:b5:4d:79:
4a:47:8b:4f
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAZJIwW1CGplU5F8LMM5NjLu1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQxMDAxMTU0NDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTU5YjVhYmM2NjYyMjUxZjhjNWZkNGIwMzEwMjFhNDQ2NjE4YWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYJaUcnhUv/QY0Bp+iT9j29fAz7P
XAqVZKLmocVlF1+pkg5q6lkNK/kz4cEFeoHnc5UCGdOetZvsdCWwFAw7Kpmbxcht
BINgdkzD6qnc0Pjh/pgaS7uwNRHUokEYLYXkQfkUzx0GWC11fQerjlVMOCk6aZTs
Am81e8YGJbfcx77kIREmAEOcSul7alB5S9XMmwMDesmt30mu9rcrGhbUOUrFWtZx
+sqNW8r+4xT9n9TsOAteHZAf+WqaksXpc7J5FJrKAlSU/MdCocZzsr6IikHjLsmv
4xT8K4OmQL508vBWWUVmj9DmguF27Q4P5g3WC8aGsdGEGbAfYOZFH8exwwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFO5ZtavGZiJR+MX9SwMQIaRGYYqrMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvN2xtMXE4Wm1JbEg0eGYxTEF4QWhwRVpoaXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAWRd4MA8E
AgACMAkDBwAqCWKAAAowDQYJKoZIhvcNAQELBQADggEBAIHrXqxi6yinzy17rfbs
kgVoO9Bhrlbb3yWoYHLHKaIR/8knMCQPIM79f9ewyARDsop/2LkGfRGCfTS4Pw6k
8HULTmflbKXx67KCqnk3KhYFl2Xm+z9ICPUR0pC8VBgDiAIAyDW8u4cnr5I5jhpA
5LOa83i5vVMXWMzeuNbzllR6h4MX7AZGaYcp8wyfzmHJf/1RjLyKHJpkIPncYYa/
ygfqsGlnFqdXP+m1ZMm+pHIn/7Brm+5mfmViAuU6dAKSnT/iQZr6FOUKBxmafbWl
MtcaP+/ZNbZ4QrUa7gnCPi6Np5twkJvoqQCoreKuzcmNysyDMEE+7AiL3bVNeUpH
i08=
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:28:00 2024 by rpki-client on console-ams.rpki-client.org