Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/l6ZQcqji0fcLFX5PFkCAqrzAAnA.roa
File: l6ZQcqji0fcLFX5PFkCAqrzAAnA.roa (raw, json)
Hash identifier: xn7sQA2aisLm7WlOstjo7z7A6/kiitfaLebBMBsTb00=
Subject key identifier: 97:A6:50:72:A8:E2:D1:F7:0B:15:7E:4F:16:40:80:AA:BC:C0:02:70
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018CC2DB656BD865203B9B0FE05B2798A464
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/l6ZQcqji0fcLFX5PFkCAqrzAAnA.roa
Signing time: Mon 01 Jan 2024 02:30:07 +0000
ROA not before: Mon 01 Jan 2024 02:30:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60548
IP address blocks: 89.23.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:65:6b:d8:65:20:3b:9b:0f:e0:5b:27:98:a4:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Jan 1 02:30:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97a65072a8e2d1f70b157e4f164080aabcc00270
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:4f:a8:a1:e4:c6:fc:3f:c7:db:7f:5f:08:0c:
91:32:03:77:7f:8f:02:ae:66:d8:e8:1b:f9:b3:68:
5b:82:ed:53:9f:c3:a1:e3:fc:2f:d8:5a:8a:78:74:
b0:fc:0a:05:73:16:62:5a:36:53:80:9e:67:81:df:
e5:a9:94:7c:c8:9d:e4:7b:b9:f9:1e:67:39:d3:9d:
d9:58:ae:a9:8b:07:97:9c:07:b6:5b:59:70:35:b7:
d6:e7:7e:23:b3:c7:3f:eb:1c:f6:3d:70:9a:75:b4:
01:b6:0f:ab:5c:ae:70:b3:af:07:d3:04:23:9a:62:
01:7f:dc:83:f9:2c:e8:0e:4e:1a:c0:e4:46:a8:2f:
46:b5:f4:6d:35:dc:24:24:0e:a4:60:e0:27:d1:30:
39:25:3b:d8:c4:3d:ad:57:1b:9f:7b:30:5c:13:79:
09:c4:56:b7:4d:96:f6:2a:d5:5e:67:14:3f:b7:18:
1c:0a:dd:f2:6b:d3:71:68:fd:ec:40:98:3a:27:e8:
cd:96:fb:d7:47:68:92:15:71:d3:4f:df:db:84:21:
59:8e:7d:4a:63:63:18:ab:0d:1e:be:03:b3:69:ae:
e1:87:34:29:1f:ff:c3:8a:98:9f:b2:83:77:a8:fe:
27:9f:a6:9f:fc:16:4a:65:83:ec:9d:3b:57:55:ce:
b0:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:A6:50:72:A8:E2:D1:F7:0B:15:7E:4F:16:40:80:AA:BC:C0:02:70
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/l6ZQcqji0fcLFX5PFkCAqrzAAnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.23.109.0/24
Signature Algorithm: sha256WithRSAEncryption
30:7c:52:9e:b2:2e:db:34:1d:cc:8d:0c:a6:3a:ff:2d:c3:06:
b5:b6:29:c6:ca:a6:62:01:b2:aa:28:b6:ae:31:6a:23:71:ba:
99:39:c9:db:3e:34:c3:4a:ac:67:f1:41:0c:fa:b9:dc:a6:1a:
df:9b:13:d8:19:ab:60:72:96:72:d1:7c:53:ec:9c:22:0b:c2:
aa:ab:eb:99:88:6a:2a:f4:39:df:ce:35:58:0a:2d:c8:d2:42:
cd:df:7f:db:36:ad:a6:49:ae:3a:39:f9:38:16:6e:f6:22:4d:
fa:f1:c1:14:42:5d:82:b3:b8:54:d8:9d:22:c3:df:eb:ee:8f:
ba:3a:a6:f1:fa:53:88:37:86:1e:b0:45:d7:24:a7:e4:75:9e:
f8:1b:17:1b:d1:6f:ab:0d:13:db:f3:1b:3a:cd:74:cb:10:e5:
b9:12:d5:94:87:71:e6:20:0c:72:8a:b9:c8:4b:5e:b6:24:34:
59:54:64:7a:15:78:d2:e3:f9:c5:aa:62:57:15:d7:32:63:e6:
93:f2:81:a2:29:3f:96:26:21:a3:e4:5e:6e:62:5c:ba:af:6f:
8e:ea:70:96:0a:c4:de:df:ba:df:45:01:97:a3:e0:1a:24:a8:
32:15:2c:9f:c8:53:db:c3:ba:85:e6:0e:5f:97:8f:de:cd:bb:
aa:3e:df:49
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC22Vr2GUgO5sP4FsnmKRkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwMTAxMDIzMDA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2E2NTA3MmE4ZTJkMWY3MGIxNTdlNGYxNjQwODBhYWJjYzAwMjcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvk+ooeTG/D/H239fCAyRMgN3f48C
rmbY6Bv5s2hbgu1Tn8Oh4/wv2FqKeHSw/AoFcxZiWjZTgJ5ngd/lqZR8yJ3ke7n5
Hmc5053ZWK6piweXnAe2W1lwNbfW534js8c/6xz2PXCadbQBtg+rXK5ws68H0wQj
mmIBf9yD+SzoDk4awORGqC9GtfRtNdwkJA6kYOAn0TA5JTvYxD2tVxufezBcE3kJ
xFa3TZb2KtVeZxQ/txgcCt3ya9NxaP3sQJg6J+jNlvvXR2iSFXHTT9/bhCFZjn1K
Y2MYqw0evgOzaa7hhzQpH//DipifsoN3qP4nn6af/BZKZYPsnTtXVc6wJwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJemUHKo4tH3CxV+TxZAgKq8wAJwMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvbDZaUWNxamkwZmNMRlg1UEZrQ0FxcnpBQW5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAWRdtMA0G
CSqGSIb3DQEBCwUAA4IBAQAwfFKesi7bNB3MjQymOv8twwa1tinGyqZiAbKqKLau
MWojcbqZOcnbPjTDSqxn8UEM+rncphrfmxPYGatgcpZy0XxT7JwiC8Kqq+uZiGoq
9DnfzjVYCi3I0kLN33/bNq2mSa46Ofk4Fm72Ik368cEUQl2Cs7hU2J0iw9/r7o+6
Oqbx+lOIN4YesEXXJKfkdZ74Gxcb0W+rDRPb8xs6zXTLEOW5EtWUh3HmIAxyirnI
S162JDRZVGR6FXjS4/nFqmJXFdcyY+aT8oGiKT+WJiGj5F5uYly6r2+O6nCWCsTe
37rfRQGXo+AaJKgyFSyfyFPbw7qF5g5fl4/ezbuqPt9J
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:31:27 2024 by rpki-client on console-ams.rpki-client.org