Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/1Sf10YTiXRCeRfDUk_3io_PKeXo.roa
File: 1Sf10YTiXRCeRfDUk_3io_PKeXo.roa (raw, json)
Hash identifier: Rc688EaXtWvVnenVaIRq0l+Oe+9XByOLCRMSKOdyoqQ=
Subject key identifier: D5:27:F5:D1:84:E2:5D:10:9E:45:F0:D4:93:FD:E2:A3:F3:CA:79:7A
Certificate issuer: /CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Certificate serial: 019347593B0779D29A5A43D1FBF787BE2BD1
Authority key identifier: 52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/1Sf10YTiXRCeRfDUk_3io_PKeXo.roa
Signing time: Wed 20 Nov 2024 02:14:10 +0000
ROA not before: Wed 20 Nov 2024 02:14:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199404
IP address blocks: 69.57.172.0/24 maxlen: 24
190.92.174.0/24 maxlen: 24
190.92.175.0/24 maxlen: 24
195.250.20.0/24 maxlen: 24
195.250.21.0/24 maxlen: 24
195.250.22.0/24 maxlen: 24
198.38.81.0/24 maxlen: 24
198.38.83.0/24 maxlen: 24
198.38.84.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.mft
rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:47:59:3b:07:79:d2:9a:5a:43:d1:fb:f7:87:be:2b:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=52cd9a6512dbf25a5f19b827d7a2c7e22a2ee8dd
Validity
Not Before: Nov 20 02:14:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d527f5d184e25d109e45f0d493fde2a3f3ca797a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a2:c8:cf:74:2f:d1:c5:2b:c7:01:c4:62:d3:
46:97:14:0d:97:a4:a0:c0:46:86:e3:21:35:77:92:
94:b4:6c:39:5e:00:6f:f9:9a:29:48:a1:61:4e:dd:
9b:18:07:dd:ea:80:20:d1:b9:e3:02:c0:ca:8d:97:
c5:20:b5:13:fa:c7:c3:1e:6f:37:d2:f1:b5:49:a9:
75:90:d0:94:f7:15:d4:81:40:37:36:4e:09:b2:94:
3d:aa:31:c7:87:e0:85:65:ba:f5:dc:73:ea:d5:c2:
0e:a4:d4:1e:a7:c9:45:ec:95:54:82:b6:96:89:e8:
af:b8:c6:52:4f:a8:f3:91:4f:7e:08:9e:4b:97:c3:
98:50:04:b9:bb:28:02:15:98:00:2c:2c:c7:77:c5:
c8:dc:dd:23:3f:c6:c7:f9:7c:9d:9b:8c:6f:0e:56:
cf:bb:5d:7d:84:c3:74:cd:b2:6d:7e:0f:1a:8d:5e:
8b:72:e1:36:8d:bf:2f:3b:ba:bf:87:34:2e:a3:d2:
e2:ab:74:0f:e9:8a:94:42:58:b0:62:a8:65:9e:6f:
d5:72:9d:74:f8:17:9b:ab:fe:57:58:96:5a:5d:a3:
45:a6:5d:03:37:25:be:c9:e3:ca:fd:1a:86:80:93:
28:ed:d8:47:a8:fc:27:26:37:3a:ea:fb:48:9c:df:
bb:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:27:F5:D1:84:E2:5D:10:9E:45:F0:D4:93:FD:E2:A3:F3:CA:79:7A
X509v3 Authority Key Identifier:
keyid:52:CD:9A:65:12:DB:F2:5A:5F:19:B8:27:D7:A2:C7:E2:2A:2E:E8:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Us2aZRLb8lpfGbgn16LH4iou6N0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/1Sf10YTiXRCeRfDUk_3io_PKeXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/2223ca-ce38-49bb-b125-cca37606bf18/1/Us2aZRLb8lpfGbgn16LH4iou6N0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
69.57.172.0/24
190.92.174.0/23
195.250.20.0-195.250.22.255
198.38.81.0/24
198.38.83.0-198.38.84.255
Signature Algorithm: sha256WithRSAEncryption
4d:c4:ce:69:92:0e:0d:12:85:c0:d3:72:7c:68:13:63:d2:33:
65:f1:d3:db:2e:7c:89:c8:7f:8b:6e:5d:38:96:93:c5:40:c0:
a3:8b:9d:65:41:a8:2b:46:9e:72:bd:e3:f5:7e:6f:b3:ce:ad:
c1:2a:02:a0:1f:85:bf:ce:84:51:81:04:03:f6:8d:33:c2:3f:
bf:18:e2:ec:1e:3c:9b:12:f4:4f:1f:ea:52:44:54:62:09:2f:
8f:4c:01:46:cd:ec:1d:e8:89:3b:3e:93:5b:36:dc:ea:12:fd:
d6:34:39:ee:5b:8e:56:45:e0:f0:4e:13:5d:58:61:73:22:27:
65:0f:75:e0:c9:de:c5:e2:1a:b5:5c:da:55:23:d2:6e:5b:47:
94:0b:3a:40:f7:0f:34:41:e9:fe:bd:f7:19:ca:dd:e0:ed:94:
65:40:3b:35:b9:f0:c1:c4:3c:8f:a4:6a:37:13:2b:0f:06:21:
b9:14:2e:64:77:04:c2:16:b1:a6:51:91:d6:5b:70:64:0a:e0:
73:bb:f4:94:9b:5e:b0:2e:96:63:a9:a9:3d:bc:f4:55:d6:93:
a7:e8:59:0d:9a:75:01:ad:4e:18:0b:0e:16:dd:f8:c0:ed:78:
a8:95:58:77:77:d2:b6:aa:7f:0d:45:4e:10:92:3a:51:b5:97:
9a:d1:4f:f9
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZNHWTsHedKaWkPR+/eHvivRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUyY2Q5YTY1MTJkYmYyNWE1ZjE5YjgyN2Q3YTJjN2UyMmEy
ZWU4ZGQwHhcNMjQxMTIwMDIxNDEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTI3ZjVkMTg0ZTI1ZDEwOWU0NWYwZDQ5M2ZkZTJhM2YzY2E3OTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqLIz3Qv0cUrxwHEYtNGlxQNl6Sg
wEaG4yE1d5KUtGw5XgBv+ZopSKFhTt2bGAfd6oAg0bnjAsDKjZfFILUT+sfDHm83
0vG1Sal1kNCU9xXUgUA3Nk4JspQ9qjHHh+CFZbr13HPq1cIOpNQep8lF7JVUgraW
ieivuMZST6jzkU9+CJ5Ll8OYUAS5uygCFZgALCzHd8XI3N0jP8bH+Xydm4xvDlbP
u119hMN0zbJtfg8ajV6LcuE2jb8vO7q/hzQuo9Liq3QP6YqUQliwYqhlnm/Vcp10
+Bebq/5XWJZaXaNFpl0DNyW+yePK/RqGgJMo7dhHqPwnJjc66vtInN+7OwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFNUn9dGE4l0QnkXw1JP94qPzynl6MB8GA1UdIwQY
MBaAFFLNmmUS2/JaXxm4J9eix+IqLujdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUt
Y2NhMzc2MDZiZjE4LzEvMVNmMTBZVGlYUkNlUmZEVWtfM2lvX1BLZVhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi8yMjIzY2EtY2UzOC00OWJiLWIxMjUtY2NhMzc2MDZiZjE4
LzEvVXMyYVpSTGI4bHBmR2JnbjE2TEg0aW91Nk4wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQARTmsAwQB
vlyuMAwDBALD+hQDBADD+hYDBADGJlEwDAMEAMYmUwMEAMYmVDANBgkqhkiG9w0B
AQsFAAOCAQEATcTOaZIODRKFwNNyfGgTY9IzZfHT2y58ich/i25dOJaTxUDAo4ud
ZUGoK0aecr3j9X5vs86twSoCoB+Fv86EUYEEA/aNM8I/vxji7B48mxL0Tx/qUkRU
Ygkvj0wBRs3sHeiJOz6TWzbc6hL91jQ57luOVkXg8E4TXVhhcyInZQ914MnexeIa
tVzaVSPSbltHlAs6QPcPNEHp/r33Gcrd4O2UZUA7NbnwwcQ8j6RqNxMrDwYhuRQu
ZHcEwhaxplGR1ltwZArgc7v0lJtesC6WY6mpPbz0VdaTp+hZDZp1Aa1OGAsOFt34
wO14qJVYd3fStqp/DUVOEJI6UbWXmtFP+Q==
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:45:17 2024 by rpki-client on console-ams.rpki-client.org