Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/ThHE4_ZyExiy6Wtac6xvupcHe5w.roa
File: ThHE4_ZyExiy6Wtac6xvupcHe5w.roa (raw, json)
Hash identifier: lxLNNpklV8CbECVn+E2zZk5t+KK4cTpONGaOAiJhNY4=
Subject key identifier: 4E:11:C4:E3:F6:72:13:18:B2:E9:6B:5A:73:AC:6F:BA:97:07:7B:9C
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018CC2DB61518D7D05EF4EFD5D4B0FD1013B
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/ThHE4_ZyExiy6Wtac6xvupcHe5w.roa
Signing time: Mon 01 Jan 2024 02:30:06 +0000
ROA not before: Mon 01 Jan 2024 02:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34858
IP address blocks: 89.23.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 05:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:61:51:8d:7d:05:ef:4e:fd:5d:4b:0f:d1:01:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 02:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e11c4e3f6721318b2e96b5a73ac6fba97077b9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:e7:64:a8:c3:e5:be:ca:e1:7a:09:17:0d:42:
d9:4c:18:b8:d6:06:ce:10:b7:34:0d:ab:ec:da:c3:
e9:0c:ea:35:21:05:c3:1c:4c:82:45:c4:e5:07:6a:
0d:ca:9e:1e:99:43:34:9e:d8:c4:46:88:d0:ae:c3:
30:5a:41:aa:68:50:45:36:49:8f:2e:b6:25:1a:da:
1f:ee:d4:28:ee:04:8c:ef:93:95:9a:f4:2c:fe:1e:
8a:fe:cc:b1:ed:82:0d:97:3a:78:b5:6c:8e:08:b7:
40:ba:a2:3c:53:11:3c:44:5f:e2:00:7e:e9:42:6a:
00:b1:e0:71:67:4c:a7:23:a9:4d:06:d4:86:92:57:
98:06:5a:72:eb:e4:9e:9d:bd:24:22:87:2a:b9:2e:
44:5a:a4:6d:80:4b:55:e7:29:06:b6:e3:54:bf:39:
7c:62:d8:57:7e:48:e3:8c:72:7c:e8:a6:44:a0:82:
ba:20:40:7a:72:34:20:c4:59:4f:6c:4e:c9:29:81:
bf:b9:8a:02:cd:cd:5f:a6:de:50:9c:ff:43:b9:7d:
d0:71:2c:72:a4:2f:d1:b1:4c:86:f0:08:54:fc:e6:
84:3a:a3:b9:bb:8b:3e:27:98:1e:b9:7f:09:7f:1d:
a4:66:d8:f0:43:43:a5:0b:17:92:15:cb:23:64:3c:
cd:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:11:C4:E3:F6:72:13:18:B2:E9:6B:5A:73:AC:6F:BA:97:07:7B:9C
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/ThHE4_ZyExiy6Wtac6xvupcHe5w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.121.0/24
Signature Algorithm: sha256WithRSAEncryption
b3:df:3e:df:8b:64:3e:17:c5:7b:fb:e9:2a:29:90:ac:6a:61:
ef:e4:4c:7d:ef:7b:83:ce:0e:c8:f0:dd:9a:7f:de:82:45:33:
9a:e7:55:43:5b:a7:85:7c:8f:33:e0:ae:89:31:9e:24:1d:da:
43:12:fb:05:3e:da:2f:9a:a8:da:77:29:f4:d0:f3:ca:2c:6b:
7a:59:a9:43:33:17:54:25:4c:35:74:77:e4:d0:19:47:dd:a9:
f8:1a:93:ca:56:e3:3e:1a:cd:88:af:96:bf:36:15:7b:8b:64:
49:9c:4e:43:36:68:2f:0e:b8:70:a1:ab:95:1f:11:6b:c1:fb:
f6:f8:b4:43:34:bd:ba:9e:79:e5:87:78:8f:d6:16:19:56:d9:
50:54:97:4c:98:4b:ea:6e:85:1f:d1:f0:e3:b1:ab:49:57:dc:
7f:53:05:09:9c:6e:35:45:70:4e:62:a1:51:1c:a7:47:d3:9d:
cd:73:94:be:e3:57:6f:92:11:86:bc:ad:23:39:73:22:07:5d:
9e:9b:df:07:df:c8:50:2b:e9:26:b6:af:63:7f:81:ca:76:bd:
f2:5f:bc:af:f3:6e:d9:88:64:df:4a:ae:19:20:70:81:16:15:
00:7e:02:db:6f:76:93:8c:17:af:cc:40:c4:ea:7b:37:24:a0:
9f:74:57:68
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC22FRjX0F7079XUsP0QE7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMTAxMDIzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTExYzRlM2Y2NzIxMzE4YjJlOTZiNWE3M2FjNmZiYTk3MDc3YjljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqedkqMPlvsrhegkXDULZTBi41gbO
ELc0Davs2sPpDOo1IQXDHEyCRcTlB2oNyp4emUM0ntjERojQrsMwWkGqaFBFNkmP
LrYlGtof7tQo7gSM75OVmvQs/h6K/syx7YINlzp4tWyOCLdAuqI8UxE8RF/iAH7p
QmoAseBxZ0ynI6lNBtSGkleYBlpy6+Senb0kIocquS5EWqRtgEtV5ykGtuNUvzl8
YthXfkjjjHJ86KZEoIK6IEB6cjQgxFlPbE7JKYG/uYoCzc1fpt5QnP9DuX3QcSxy
pC/RsUyG8AhU/OaEOqO5u4s+J5geuX8Jfx2kZtjwQ0OlCxeSFcsjZDzNdQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE4RxOP2chMYsulrWnOsb7qXB3ucMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvVGhIRTRfWnlFeGl5Nld0YWM2eHZ1cGNIZTV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRd5MA0G
CSqGSIb3DQEBCwUAA4IBAQCz3z7fi2Q+F8V7++kqKZCsamHv5Ex973uDzg7I8N2a
f96CRTOa51VDW6eFfI8z4K6JMZ4kHdpDEvsFPtovmqjadyn00PPKLGt6WalDMxdU
JUw1dHfk0BlH3an4GpPKVuM+Gs2Ir5a/NhV7i2RJnE5DNmgvDrhwoauVHxFrwfv2
+LRDNL26nnnlh3iP1hYZVtlQVJdMmEvqboUf0fDjsatJV9x/UwUJnG41RXBOYqFR
HKdH053Nc5S+41dvkhGGvK0jOXMiB12em98H38hQK+kmtq9jf4HKdr3yX7yv827Z
iGTfSq4ZIHCBFhUAfgLbb3aTjBevzEDE6ns3JKCfdFdo
-----END CERTIFICATE-----
Generated at Fri Jun 7 14:31:53 2024 by rpki-client on console-fra.rpki-client.org