Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DmxIQ_ou14qWGYKxfctbQ6QZBgY.roa
File: DmxIQ_ou14qWGYKxfctbQ6QZBgY.roa (raw, json)
Hash identifier: 4ncEnEzhmYlCQtHm2YirPNrjVvVw0hYp73g1VZSW+9g=
Subject key identifier: 0E:6C:48:43:FA:2E:D7:8A:96:19:82:B1:7D:CB:5B:43:A4:19:06:06
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0191FFD8944B545775D0A36F63BA716FBAF5
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DmxIQ_ou14qWGYKxfctbQ6QZBgY.roa
Signing time: Tue 17 Sep 2024 11:57:49 +0000
ROA not before: Tue 17 Sep 2024 11:57:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34295
IP address blocks: 2.58.92.0/24 maxlen: 32
91.92.68.0/23 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:ff:d8:94:4b:54:57:75:d0:a3:6f:63:ba:71:6f:ba:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 17 11:57:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0e6c4843fa2ed78a961982b17dcb5b43a4190606
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:11:04:c1:5c:05:28:04:8b:64:da:4d:f9:8e:
1c:e3:b0:ef:86:ce:20:31:4a:e2:c0:84:e3:9e:c6:
9c:f9:ab:60:6b:4d:95:b5:16:98:ac:44:fb:48:a0:
05:c8:27:e1:b3:34:cb:24:6b:4c:43:f9:bc:d5:8a:
92:46:f0:39:e7:a4:a3:b8:07:cf:bb:35:c8:3a:22:
0f:f1:26:57:b2:48:5c:7c:85:3d:cf:24:14:f3:84:
2b:0d:4c:b7:54:85:8f:39:49:23:90:af:8e:4b:fb:
3c:30:95:de:9f:1f:4d:c0:76:e3:88:bc:d1:7a:01:
6d:ca:0f:9a:d0:98:7a:55:e5:60:bb:ec:f4:c9:97:
48:8a:30:47:c2:56:27:5a:e0:83:63:4d:96:ad:1f:
dc:f9:25:7c:b0:b5:e6:b5:6f:81:ba:85:a0:aa:4f:
0d:05:a0:09:40:03:28:e6:92:fc:20:f3:d8:a2:a2:
6f:9c:2e:72:08:ee:6e:9f:b9:ce:b3:38:24:09:b7:
87:03:86:9c:de:16:8d:1c:30:01:3d:61:b4:11:28:
9c:b0:33:2b:54:46:73:80:f6:ab:16:4a:0f:80:7a:
5a:13:2a:6b:ee:3a:a0:aa:d0:16:7e:72:a9:4c:0d:
ff:89:cb:41:c9:68:d0:8c:47:93:8b:7e:6e:c3:66:
c2:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:6C:48:43:FA:2E:D7:8A:96:19:82:B1:7D:CB:5B:43:A4:19:06:06
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/DmxIQ_ou14qWGYKxfctbQ6QZBgY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.92.0/24
91.92.68.0/23
Signature Algorithm: sha256WithRSAEncryption
15:40:de:64:58:36:af:da:fa:c2:bd:76:3c:c5:d0:fb:90:2c:
eb:82:d6:b1:5b:6d:f6:53:93:9a:ea:4e:43:77:9e:9c:da:a6:
ab:1a:85:6f:5b:6a:5f:6b:21:88:da:20:8e:8e:01:8d:4a:97:
38:82:c1:47:37:70:a6:07:de:98:91:cf:69:a3:de:69:34:8e:
29:1a:e8:d8:61:b0:eb:0e:ea:d4:8d:e5:91:8c:90:f4:8c:c6:
45:1d:3c:c0:7b:21:22:af:19:a3:26:50:d0:52:50:86:c7:ba:
8f:98:bd:f4:88:14:9d:5b:8c:37:62:06:06:41:42:e4:27:d0:
19:7c:a9:7b:9a:3e:f0:f6:fa:7e:3b:e9:d1:9a:b4:a6:e6:47:
bf:10:ea:da:bd:0a:9f:ae:78:3d:d7:9e:cf:59:d6:5c:2c:a7:
25:86:39:fd:05:68:99:43:d1:02:2f:96:99:d3:3a:dc:02:5a:
c9:6b:49:7b:38:79:1b:e4:7a:c3:8e:b4:ac:48:df:52:9a:80:
2f:d7:f5:5d:5b:6e:47:21:89:79:17:80:a1:f5:f2:49:92:fd:
1a:57:bc:1a:83:1b:30:0d:e8:3b:94:ba:37:c3:9c:19:9d:69:
cc:ab:b1:77:7a:98:37:4d:82:03:a0:4c:4a:fc:c5:5e:d6:a4:
f1:1d:29:0d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZH/2JRLVFd10KNvY7pxb7r1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwOTE3MTE1NzQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTZjNDg0M2ZhMmVkNzhhOTYxOTgyYjE3ZGNiNWI0M2E0MTkwNjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhxEEwVwFKASLZNpN+Y4c47Dvhs4g
MUriwITjnsac+atga02VtRaYrET7SKAFyCfhszTLJGtMQ/m81YqSRvA556SjuAfP
uzXIOiIP8SZXskhcfIU9zyQU84QrDUy3VIWPOUkjkK+OS/s8MJXenx9NwHbjiLzR
egFtyg+a0Jh6VeVgu+z0yZdIijBHwlYnWuCDY02WrR/c+SV8sLXmtW+BuoWgqk8N
BaAJQAMo5pL8IPPYoqJvnC5yCO5un7nOszgkCbeHA4ac3haNHDABPWG0ESicsDMr
VEZzgParFkoPgHpaEypr7jqgqtAWfnKpTA3/ictByWjQjEeTi35uw2bCnQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA5sSEP6LteKlhmCsX3LW0OkGQYGMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvRG14SVFfb3UxNHFXR1lLeGZjdGJRNlFaQmdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjpcAwQB
W1xEMA0GCSqGSIb3DQEBCwUAA4IBAQAVQN5kWDav2vrCvXY8xdD7kCzrgtaxW232
U5Oa6k5Dd56c2qarGoVvW2pfayGI2iCOjgGNSpc4gsFHN3CmB96Ykc9po95pNI4p
GujYYbDrDurUjeWRjJD0jMZFHTzAeyEirxmjJlDQUlCGx7qPmL30iBSdW4w3YgYG
QULkJ9AZfKl7mj7w9vp+O+nRmrSm5ke/EOravQqfrng9157PWdZcLKclhjn9BWiZ
Q9ECL5aZ0zrcAlrJa0l7OHkb5HrDjrSsSN9SmoAv1/VdW25HIYl5F4Ch9fJJkv0a
V7wagxswDeg7lLo3w5wZnWnMq7F3epg3TYIDoExK/MVe1qTxHSkN
-----END CERTIFICATE-----
Generated at Mon Nov 25 19:21:13 2024 by rpki-client on console-ams.rpki-client.org