Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/GInIc7D-HZQuUETW0JGxy1X5rZo.roa
File: GInIc7D-HZQuUETW0JGxy1X5rZo.roa (raw, json)
Hash identifier: b0EtlWX79o2FMVAcpmYtQV6sDDSZsmGhljXVbMpPOS0=
Subject key identifier: 18:89:C8:73:B0:FE:1D:94:2E:50:44:D6:D0:91:B1:CB:55:F9:AD:9A
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018CC2DB6192638FCB0D4B6BB76497FA416F
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/GInIc7D-HZQuUETW0JGxy1X5rZo.roa
Signing time: Mon 01 Jan 2024 02:30:06 +0000
ROA not before: Mon 01 Jan 2024 02:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39238
IP address blocks: 89.23.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:61:92:63:8f:cb:0d:4b:6b:b7:64:97:fa:41:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 02:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1889c873b0fe1d942e5044d6d091b1cb55f9ad9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:58:86:30:13:02:57:b0:c9:c6:a4:84:45:44:
1e:9c:42:c3:55:e1:0d:eb:a7:7e:19:47:40:b2:35:
a5:4a:5d:7e:6d:01:eb:6e:5a:2b:96:f6:b8:7b:61:
b7:a2:4d:02:0e:35:2c:0a:ea:3c:e1:54:38:f4:bf:
86:73:33:47:03:a5:13:09:1c:96:a9:9e:e5:14:e0:
85:d2:98:64:02:0f:1e:f9:aa:94:bb:2b:8e:6f:64:
92:41:19:1b:95:11:35:ba:ef:87:95:41:f6:94:6d:
6c:c7:b8:4b:34:da:cb:ca:ce:4e:80:07:22:13:84:
63:af:bb:e7:fa:75:62:bd:87:34:80:56:e4:22:34:
8c:22:98:bd:71:b8:b4:00:bd:01:7a:9a:18:4b:a7:
cc:5c:ec:e2:8e:90:88:d9:e3:ce:ed:f3:99:ff:ec:
6c:1b:32:3b:dd:02:48:bf:c2:c1:00:86:a8:e0:ee:
b8:e2:df:1c:aa:4d:cf:6c:99:68:c8:f3:96:7f:ff:
e3:2b:5e:a6:50:53:a7:0b:0a:a2:48:33:0d:50:a7:
32:27:4a:dd:cc:62:0c:c5:3f:50:e7:21:7a:f2:99:
64:04:b2:08:0b:37:71:88:f6:2e:75:ef:d5:ef:58:
be:b7:e7:10:83:81:dd:f0:52:9f:f4:52:f6:9f:ea:
c4:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:89:C8:73:B0:FE:1D:94:2E:50:44:D6:D0:91:B1:CB:55:F9:AD:9A
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/GInIc7D-HZQuUETW0JGxy1X5rZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.114.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:e8:bf:98:97:e8:40:f0:45:d5:45:42:cc:7c:7f:91:ae:28:
a3:cb:49:21:4e:26:76:f6:34:61:3f:ea:60:42:d4:1a:d5:9a:
0e:28:d4:5d:72:47:55:73:8d:3a:33:16:55:01:c8:d1:73:db:
9f:72:90:7a:54:5b:d1:a0:02:74:51:3e:ac:21:1b:51:2d:9c:
32:39:af:04:a2:30:27:2d:da:46:69:54:a1:e9:5b:cb:59:07:
e5:86:88:d7:68:a6:4b:9f:b2:8f:50:9a:91:20:a8:2e:c9:57:
c7:6e:ec:7b:a6:16:b9:0c:8d:49:18:b9:75:b8:7e:81:89:9f:
90:30:e2:54:01:eb:6b:fd:bf:61:00:10:91:4b:d8:2c:79:10:
9e:77:c0:20:a1:a1:ed:20:b7:18:d5:21:6f:5c:a6:60:15:6a:
0c:31:e6:00:a8:a8:4e:24:d4:d4:e5:4b:eb:4a:24:41:e3:d9:
57:65:f5:bf:89:27:46:c8:be:b4:de:be:4e:24:0d:74:c6:5d:
7e:f7:8d:ab:8f:62:77:8f:b5:8e:4b:db:e3:3b:6f:29:64:4e:
27:f5:c0:76:69:af:4d:45:56:cc:5c:cf:a7:09:d0:d8:97:c7:
87:48:ee:9a:1a:61:1a:97:41:db:5a:c3:c4:ef:8d:4c:12:44:
db:b8:ef:d2
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC22GSY4/LDUtrt2SX+kFvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMTAxMDIzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxODg5Yzg3M2IwZmUxZDk0MmU1MDQ0ZDZkMDkxYjFjYjU1ZjlhZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoViGMBMCV7DJxqSERUQenELDVeEN
66d+GUdAsjWlSl1+bQHrblorlva4e2G3ok0CDjUsCuo84VQ49L+GczNHA6UTCRyW
qZ7lFOCF0phkAg8e+aqUuyuOb2SSQRkblRE1uu+HlUH2lG1sx7hLNNrLys5OgAci
E4Rjr7vn+nVivYc0gFbkIjSMIpi9cbi0AL0BepoYS6fMXOzijpCI2ePO7fOZ/+xs
GzI73QJIv8LBAIao4O644t8cqk3PbJloyPOWf//jK16mUFOnCwqiSDMNUKcyJ0rd
zGIMxT9Q5yF68plkBLIICzdxiPYude/V71i+t+cQg4Hd8FKf9FL2n+rEnwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBiJyHOw/h2ULlBE1tCRsctV+a2aMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvR0luSWM3RC1IWlF1VUVUVzBKR3h5MVg1clpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdyMA0G
CSqGSIb3DQEBCwUAA4IBAQBK6L+Yl+hA8EXVRULMfH+Rriijy0khTiZ29jRhP+pg
QtQa1ZoOKNRdckdVc406MxZVAcjRc9ufcpB6VFvRoAJ0UT6sIRtRLZwyOa8EojAn
LdpGaVSh6VvLWQflhojXaKZLn7KPUJqRIKguyVfHbux7pha5DI1JGLl1uH6BiZ+Q
MOJUAetr/b9hABCRS9gseRCed8AgoaHtILcY1SFvXKZgFWoMMeYAqKhOJNTU5Uvr
SiRB49lXZfW/iSdGyL603r5OJA10xl1+942rj2J3j7WOS9vjO28pZE4n9cB2aa9N
RVbMXM+nCdDYl8eHSO6aGmEal0HbWsPE741MEkTbuO/S
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:28:57 2024 by rpki-client on console-fra.rpki-client.org