Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uSxA4MnRu5CH-6bPjQ4-hPtLqgw.roa
File: uSxA4MnRu5CH-6bPjQ4-hPtLqgw.roa (raw, json)
Hash identifier: Ci0vH3QGmshZuhSCWmxoSMxqM1Nv3sd2VVE9mBSoTUY=
Subject key identifier: B9:2C:40:E0:C9:D1:BB:90:87:FB:A6:CF:8D:0E:3E:84:FB:4B:AA:0C
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 018CCA2A9004588752E34C19EEED8802C874
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uSxA4MnRu5CH-6bPjQ4-hPtLqgw.roa
Signing time: Tue 02 Jan 2024 12:33:56 +0000
ROA not before: Tue 02 Jan 2024 12:33:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211415
IP address blocks: 192.124.173.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 15 Oct 2024 22:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:90:04:58:87:52:e3:4c:19:ee:ed:88:02:c8:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Jan 2 12:33:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b92c40e0c9d1bb9087fba6cf8d0e3e84fb4baa0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ef:a7:06:ef:54:2d:05:64:c7:ec:e9:80:56:
43:00:17:0a:b4:57:d0:45:44:41:3e:c1:e9:8f:ea:
c7:b7:16:40:1b:9d:89:85:ec:36:48:cb:81:67:33:
a9:be:e5:5a:0d:90:64:a1:2f:fd:f4:7e:85:81:10:
62:3c:78:e3:2d:42:a4:5e:5e:91:e5:a8:31:80:01:
e6:3c:a4:07:bf:72:d6:45:db:e6:cd:11:0b:02:93:
d6:bf:88:04:56:7b:5a:bf:9f:a4:ab:86:d5:ed:c3:
39:e2:9e:1e:94:a1:f8:ae:68:05:69:48:92:a1:8f:
35:bd:83:d6:9b:68:33:d3:61:05:28:0c:7a:9b:b3:
94:4d:7d:cb:e6:7a:5d:b2:b7:d0:08:88:36:8e:51:
37:63:1d:88:77:84:9d:24:ff:be:61:4c:00:fe:ca:
99:64:09:0b:9d:df:f3:ab:53:0d:c1:9a:e5:4a:ec:
d9:a4:42:d0:45:0a:dc:45:b5:44:83:4a:99:a2:6d:
89:7b:40:f7:72:d6:af:b4:1f:af:59:b5:18:ae:16:
f9:44:4a:d2:6c:fd:17:47:38:4c:91:ce:dc:4a:7d:
18:98:e5:20:cd:6f:76:36:5e:97:32:59:25:a2:93:
71:42:93:44:cc:71:44:31:fb:26:5d:7f:ed:63:b7:
9e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:2C:40:E0:C9:D1:BB:90:87:FB:A6:CF:8D:0E:3E:84:FB:4B:AA:0C
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/uSxA4MnRu5CH-6bPjQ4-hPtLqgw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.124.173.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:3a:f9:2b:d8:ff:e6:b5:bd:64:50:27:d1:5f:ba:4f:09:db:
d4:d5:65:7f:31:2e:24:ae:2c:89:8e:0d:58:8b:89:c4:96:23:
49:5f:00:52:22:54:63:88:ab:b0:9b:47:65:22:1a:d9:e2:31:
ef:80:4a:bf:06:ce:96:4a:83:c9:dc:92:69:13:c4:48:60:8b:
7a:fc:5a:a1:85:3a:e1:6f:5e:99:8f:a9:90:97:fd:74:4f:12:
77:00:67:67:20:34:49:1d:a8:2d:23:6e:e8:05:06:1a:94:a5:
fb:70:77:ad:3a:5a:a6:0a:02:b9:b5:50:c5:94:de:b1:13:0a:
a6:ea:79:fb:4b:6f:dc:2d:80:b9:4c:55:95:aa:f5:dd:32:99:
d8:f2:87:ae:7e:ac:96:1f:25:93:e7:42:cf:ce:e6:dd:d0:c2:
32:6e:01:48:88:c7:d7:33:2c:e3:ea:84:4b:b2:29:f3:38:74:
b0:46:71:07:f5:ab:3c:b4:d3:a8:58:37:f3:4b:00:1e:c3:85:
26:92:6f:58:b8:c7:12:7e:1e:1d:a8:4e:80:13:9a:2f:00:21:
19:74:21:0e:3d:a1:a9:dc:cf:ec:d1:c0:12:cc:e3:8a:cc:33:
ad:3d:4f:9d:51:40:8a:07:05:5b:47:f4:da:bf:35:d0:86:b7:
09:a1:ed:f3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzKKpAEWIdS40wZ7u2IAsh0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjQwMTAyMTIzMzU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTJjNDBlMGM5ZDFiYjkwODdmYmE2Y2Y4ZDBlM2U4NGZiNGJhYTBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuO+nBu9ULQVkx+zpgFZDABcKtFfQ
RURBPsHpj+rHtxZAG52Jhew2SMuBZzOpvuVaDZBkoS/99H6FgRBiPHjjLUKkXl6R
5agxgAHmPKQHv3LWRdvmzRELApPWv4gEVntav5+kq4bV7cM54p4elKH4rmgFaUiS
oY81vYPWm2gz02EFKAx6m7OUTX3L5npdsrfQCIg2jlE3Yx2Id4SdJP++YUwA/sqZ
ZAkLnd/zq1MNwZrlSuzZpELQRQrcRbVEg0qZom2Je0D3ctavtB+vWbUYrhb5RErS
bP0XRzhMkc7cSn0YmOUgzW92Nl6XMlklopNxQpNEzHFEMfsmXX/tY7ee4QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLksQODJ0buQh/umz40OPoT7S6oMMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvdVN4QTRNblJ1NUNILTZiUGpRNC1oUHRMcWd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwHytMA0G
CSqGSIb3DQEBCwUAA4IBAQBtOvkr2P/mtb1kUCfRX7pPCdvU1WV/MS4kriyJjg1Y
i4nEliNJXwBSIlRjiKuwm0dlIhrZ4jHvgEq/Bs6WSoPJ3JJpE8RIYIt6/FqhhTrh
b16Zj6mQl/10TxJ3AGdnIDRJHagtI27oBQYalKX7cHetOlqmCgK5tVDFlN6xEwqm
6nn7S2/cLYC5TFWVqvXdMpnY8oeufqyWHyWT50LPzubd0MIybgFIiMfXMyzj6oRL
sinzOHSwRnEH9as8tNOoWDfzSwAew4Umkm9YuMcSfh4dqE6AE5ovACEZdCEOPaGp
3M/s0cASzOOKzDOtPU+dUUCKBwVbR/TavzXQhrcJoe3z
-----END CERTIFICATE-----
Generated at Tue Oct 15 03:48:47 2024 by rpki-client on console-ams.rpki-client.org