Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/xsQ87sf7frzvPeEvAk9C6FSSlYs.roa
File: xsQ87sf7frzvPeEvAk9C6FSSlYs.roa (raw, json)
Hash identifier: w6xZ3IeFPtuEqBEnxTjc5FES5+NlZPwDgSOri++lO0M=
Subject key identifier: C6:C4:3C:EE:C7:FB:7E:BC:EF:3D:E1:2F:02:4F:42:E8:54:92:95:8B
Certificate issuer: /CN=479762e88d8f67fad4aa059a1b8b46fa4cc7a893
Certificate serial: 018CC64B477D33CC785D03599EE34FED1E80
Authority key identifier: 47:97:62:E8:8D:8F:67:FA:D4:AA:05:9A:1B:8B:46:FA:4C:C7:A8:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R5di6I2PZ_rUqgWaG4tG-kzHqJM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/xsQ87sf7frzvPeEvAk9C6FSSlYs.roa
Signing time: Mon 01 Jan 2024 18:31:11 +0000
ROA not before: Mon 01 Jan 2024 18:31:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211325
IP address blocks: 92.61.180.0/22 maxlen: 22
2a13:f480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/R5di6I2PZ_rUqgWaG4tG-kzHqJM.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/R5di6I2PZ_rUqgWaG4tG-kzHqJM.mft
rsync://rpki.ripe.net/repository/DEFAULT/R5di6I2PZ_rUqgWaG4tG-kzHqJM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:47:7d:33:cc:78:5d:03:59:9e:e3:4f:ed:1e:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=479762e88d8f67fad4aa059a1b8b46fa4cc7a893
Validity
Not Before: Jan 1 18:31:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c6c43ceec7fb7ebcef3de12f024f42e85492958b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:18:fa:0a:12:1a:09:06:60:b3:22:49:08:b6:
34:10:05:5a:c0:88:53:2e:b5:a6:b4:59:57:d0:d6:
4d:bf:36:e4:46:a6:5a:77:f3:0a:33:94:dc:8a:d7:
81:73:30:a0:d8:45:c8:1d:fa:66:5c:29:24:dd:54:
25:1d:a1:7a:9e:5d:d6:f9:fc:d2:04:d8:f2:91:79:
fb:1e:e5:6b:5a:44:c6:9a:5b:f6:60:72:67:63:ce:
0a:fe:9e:3b:b8:2a:75:83:46:f9:7a:a0:c2:77:4d:
ed:d2:2a:97:7a:d1:99:34:86:8b:8b:6d:4d:07:15:
12:c8:43:66:e6:b1:c1:9e:df:c3:6b:1f:f4:c1:08:
4d:f5:05:32:64:bd:5b:3f:27:50:55:7a:a6:25:1d:
a0:99:51:f7:0f:6f:d3:e9:bc:6e:7a:60:dc:da:8c:
35:00:4d:4b:f9:08:ab:57:ec:04:1e:5e:f3:fb:d9:
32:47:77:e4:9e:c5:b7:c2:77:15:28:bd:a6:81:a6:
3b:43:f8:ff:b9:f2:53:74:5a:28:ff:eb:5a:5c:e7:
38:80:1f:79:5c:40:74:a9:c9:30:3c:3a:d9:0d:bd:
4e:45:00:3d:d1:03:06:1d:58:a6:ae:d3:68:07:03:
1e:ca:fa:cd:21:01:19:48:60:3b:c8:73:f3:7e:e8:
92:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:C4:3C:EE:C7:FB:7E:BC:EF:3D:E1:2F:02:4F:42:E8:54:92:95:8B
X509v3 Authority Key Identifier:
keyid:47:97:62:E8:8D:8F:67:FA:D4:AA:05:9A:1B:8B:46:FA:4C:C7:A8:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R5di6I2PZ_rUqgWaG4tG-kzHqJM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/xsQ87sf7frzvPeEvAk9C6FSSlYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/2c5af2-0937-4f40-88e0-1104841d374e/1/R5di6I2PZ_rUqgWaG4tG-kzHqJM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.61.180.0/22
IPv6:
2a13:f480::/29
Signature Algorithm: sha256WithRSAEncryption
52:52:81:9c:1b:dd:79:0a:79:a3:8a:dd:e6:a1:3a:c9:89:25:
6a:1d:01:d0:7a:6e:a6:b1:72:d7:12:3a:fd:8d:0a:f9:fb:3d:
b3:44:1b:8e:9a:d4:42:31:56:35:41:3d:af:f5:21:c5:74:d3:
32:92:05:be:2a:9c:bf:0d:a3:13:47:2f:1c:bb:1d:0e:cf:3f:
d9:ad:c3:18:f6:7c:82:a7:e3:fc:e3:ba:08:f7:f8:29:77:2c:
45:ab:f5:aa:1e:b6:fb:17:38:af:94:2e:c2:8a:79:29:64:4e:
82:7e:0f:96:62:cd:ee:68:48:c0:ca:ea:37:a9:2b:52:e9:84:
69:30:11:50:df:56:55:e6:cd:54:0a:f4:4d:b1:3c:f0:93:9d:
15:61:e5:0c:8f:b3:f3:87:75:89:b2:98:17:e6:76:a8:88:5d:
74:33:e9:6e:f1:c3:37:6f:fb:e5:3d:b7:cb:3b:cb:28:a7:d0:
44:63:54:9f:a1:17:a2:c3:21:80:65:a8:a7:89:ab:e0:58:3d:
d0:ef:7a:c7:7f:09:02:ca:24:c5:5b:9a:15:f3:ad:fc:f2:6c:
16:8a:fe:c5:61:f3:d5:55:bf:57:52:6b:f3:a2:68:d5:11:de:
f2:20:d7:58:3f:dd:72:cf:65:57:e6:fe:60:2c:fd:b5:cf:6d:
45:9e:58:a5
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGS0d9M8x4XQNZnuNP7R6AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3OTc2MmU4OGQ4ZjY3ZmFkNGFhMDU5YTFiOGI0NmZhNGNj
N2E4OTMwHhcNMjQwMTAxMTgzMTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmM0M2NlZWM3ZmI3ZWJjZWYzZGUxMmYwMjRmNDJlODU0OTI5NThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBj6ChIaCQZgsyJJCLY0EAVawIhT
LrWmtFlX0NZNvzbkRqZad/MKM5TciteBczCg2EXIHfpmXCkk3VQlHaF6nl3W+fzS
BNjykXn7HuVrWkTGmlv2YHJnY84K/p47uCp1g0b5eqDCd03t0iqXetGZNIaLi21N
BxUSyENm5rHBnt/Dax/0wQhN9QUyZL1bPydQVXqmJR2gmVH3D2/T6bxuemDc2ow1
AE1L+QirV+wEHl7z+9kyR3fknsW3wncVKL2mgaY7Q/j/ufJTdFoo/+taXOc4gB95
XEB0qckwPDrZDb1ORQA90QMGHVimrtNoBwMeyvrNIQEZSGA7yHPzfuiSewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMbEPO7H+3687z3hLwJPQuhUkpWLMB8GA1UdIwQY
MBaAFEeXYuiNj2f61KoFmhuLRvpMx6iTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjVkaTZJMlBaX3JVcWdXYUc0dEcta3pIcUpNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS8yYzVhZjItMDkzNy00ZjQwLTg4ZTAt
MTEwNDg0MWQzNzRlLzEveHNRODdzZjdmcnp2UGVFdkFrOUM2RlNTbFlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS8yYzVhZjItMDkzNy00ZjQwLTg4ZTAtMTEwNDg0MWQzNzRl
LzEvUjVkaTZJMlBaX3JVcWdXYUc0dEcta3pIcUpNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCXD20MA0E
AgACMAcDBQMqE/SAMA0GCSqGSIb3DQEBCwUAA4IBAQBSUoGcG915Cnmjit3moTrJ
iSVqHQHQem6msXLXEjr9jQr5+z2zRBuOmtRCMVY1QT2v9SHFdNMykgW+Kpy/DaMT
Ry8cux0Ozz/ZrcMY9nyCp+P847oI9/gpdyxFq/WqHrb7FzivlC7CinkpZE6Cfg+W
Ys3uaEjAyuo3qStS6YRpMBFQ31ZV5s1UCvRNsTzwk50VYeUMj7Pzh3WJspgX5nao
iF10M+lu8cM3b/vlPbfLO8sop9BEY1SfoReiwyGAZainiavgWD3Q73rHfwkCyiTF
W5oV86388mwWiv7FYfPVVb9XUmvzomjVEd7yINdYP91yz2VX5v5gLP21z21Fnlil
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:33:40 2024 by rpki-client on console-ams.rpki-client.org