Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/AFQ2pjXqCntdsWq-u0sUsicU1-0.roa
File: AFQ2pjXqCntdsWq-u0sUsicU1-0.roa (raw, json)
Hash identifier: AdeOHY5PD5Js7u5W8nzqdIxl7okFKaalPwzXzNVRUzQ=
Subject key identifier: 00:54:36:A6:35:EA:0A:7B:5D:B1:6A:BE:BB:4B:14:B2:27:14:D7:ED
Certificate issuer: /CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Certificate serial: 018CC86F19A786BC48A29846DA17ED01C00E
Authority key identifier: 34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/AFQ2pjXqCntdsWq-u0sUsicU1-0.roa
Signing time: Tue 02 Jan 2024 04:29:33 +0000
ROA not before: Tue 02 Jan 2024 04:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200896
IP address blocks: 185.92.85.0/24 maxlen: 24
185.92.84.0/24 maxlen: 24
185.92.87.0/24 maxlen: 24
185.92.86.0/24 maxlen: 24
2a05:f140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/NNDsesTDkeTsup0KN0kZGxjr-TQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/NNDsesTDkeTsup0KN0kZGxjr-TQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:19:a7:86:bc:48:a2:98:46:da:17:ed:01:c0:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=34d0ec7ac4c391e4ecba9d0a3749191b18ebf934
Validity
Not Before: Jan 2 04:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=005436a635ea0a7b5db16abebb4b14b22714d7ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6b:bf:61:fb:c8:cd:2f:ec:53:67:d3:1c:46:
53:ce:af:29:4b:ef:78:03:fa:ab:07:18:e3:ed:19:
d0:e3:9d:d8:48:57:2d:cb:ea:f9:82:2f:d5:07:66:
bf:4b:2a:a2:f1:39:01:c3:20:b7:83:13:99:93:91:
e6:57:1e:15:4c:fe:78:f7:82:42:72:ef:1e:86:3e:
d6:66:3b:9d:73:5a:dd:e5:07:9b:5c:a2:46:59:9b:
b7:db:11:27:b8:ea:9f:8e:03:4e:ad:07:82:2a:fb:
73:e1:d6:ea:38:de:2e:3e:11:76:d4:96:b0:42:fa:
6c:b0:aa:49:34:53:4c:96:70:02:f4:57:50:69:71:
6d:ef:d5:f4:b6:73:11:3e:43:1e:95:37:45:c3:64:
0b:f1:14:a4:66:eb:e4:c2:87:db:83:53:46:34:6d:
70:53:a5:5d:fc:95:19:20:91:cd:a6:3f:eb:a8:1b:
72:f4:3c:69:22:e3:8d:6e:38:d0:1a:95:bf:70:5d:
95:3b:80:95:60:2d:d0:49:0f:26:a7:35:e6:08:44:
dd:83:38:a6:ad:82:17:fd:30:59:02:6f:08:e6:01:
e4:53:bb:7e:83:b8:a7:0b:68:e0:21:a9:c4:2b:8c:
88:91:dd:69:11:a4:84:55:09:1c:01:85:b7:a1:f6:
9f:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:54:36:A6:35:EA:0A:7B:5D:B1:6A:BE:BB:4B:14:B2:27:14:D7:ED
X509v3 Authority Key Identifier:
keyid:34:D0:EC:7A:C4:C3:91:E4:EC:BA:9D:0A:37:49:19:1B:18:EB:F9:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NNDsesTDkeTsup0KN0kZGxjr-TQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/AFQ2pjXqCntdsWq-u0sUsicU1-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/f7f53d-068c-444e-ad1e-b7c2696bae50/1/NNDsesTDkeTsup0KN0kZGxjr-TQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.92.84.0/22
IPv6:
2a05:f140::/29
Signature Algorithm: sha256WithRSAEncryption
6d:dc:fa:56:a7:7d:3c:21:3e:8f:f0:ff:42:38:2f:37:ef:ca:
b9:71:e4:19:8f:74:45:2d:bc:92:de:a6:4d:de:80:ac:f0:dd:
1e:5b:67:76:27:1a:74:6a:22:30:be:00:bc:ae:13:ff:81:fb:
e0:0f:f2:69:35:eb:6f:e6:ce:ef:72:18:89:4d:55:e1:db:d7:
92:94:c0:8b:0a:e0:13:fa:14:85:5a:f6:65:5a:6e:12:84:46:
63:37:a6:81:46:1b:04:3c:35:6d:22:a0:ea:11:93:bc:12:c0:
d2:18:ba:9d:3c:5d:10:d9:5f:20:fc:ef:60:01:f9:4a:b5:3d:
27:e0:26:e2:95:7b:c7:04:6c:3b:b5:26:fa:bd:b0:13:fc:ed:
47:51:2c:26:d8:23:68:9a:ab:d7:a2:48:ba:18:16:ec:08:21:
6d:dc:95:93:e7:12:63:82:d0:7e:67:4f:ee:06:3a:e5:2a:d4:
99:3c:45:e9:cc:1c:f9:a3:02:9f:a3:64:8e:43:62:c3:88:8e:
b1:ae:a2:94:8d:c2:4d:75:b6:b8:89:6e:b9:81:e5:fd:be:b4:
22:00:38:c9:5c:06:84:83:22:96:22:2d:b1:b0:dd:ae:77:d7:
26:d4:73:fc:d7:1e:b7:2f:a6:cc:ae:60:c1:7a:05:b0:60:ca:
31:b2:ae:6d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzIbxmnhrxIophG2hftAcAOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0ZDBlYzdhYzRjMzkxZTRlY2JhOWQwYTM3NDkxOTFiMThl
YmY5MzQwHhcNMjQwMTAyMDQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMDU0MzZhNjM1ZWEwYTdiNWRiMTZhYmViYjRiMTRiMjI3MTRkN2VkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGu/YfvIzS/sU2fTHEZTzq8pS+94
A/qrBxjj7RnQ453YSFcty+r5gi/VB2a/Syqi8TkBwyC3gxOZk5HmVx4VTP5494JC
cu8ehj7WZjudc1rd5QebXKJGWZu32xEnuOqfjgNOrQeCKvtz4dbqON4uPhF21Jaw
QvpssKpJNFNMlnAC9FdQaXFt79X0tnMRPkMelTdFw2QL8RSkZuvkwofbg1NGNG1w
U6Vd/JUZIJHNpj/rqBty9DxpIuONbjjQGpW/cF2VO4CVYC3QSQ8mpzXmCETdgzim
rYIX/TBZAm8I5gHkU7t+g7inC2jgIanEK4yIkd1pEaSEVQkcAYW3ofafPQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFABUNqY16gp7XbFqvrtLFLInFNftMB8GA1UdIwQY
MBaAFDTQ7HrEw5Hk7LqdCjdJGRsY6/k0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUt
YjdjMjY5NmJhZTUwLzEvQUZRMnBqWHFDbnRkc1dxLXUwc1VzaWNVMS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9mN2Y1M2QtMDY4Yy00NDRlLWFkMWUtYjdjMjY5NmJhZTUw
LzEvTk5Ec2VzVERrZVRzdXAwS04wa1pHeGpyLVRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuVxUMA0E
AgACMAcDBQMqBfFAMA0GCSqGSIb3DQEBCwUAA4IBAQBt3PpWp308IT6P8P9COC83
78q5ceQZj3RFLbyS3qZN3oCs8N0eW2d2Jxp0aiIwvgC8rhP/gfvgD/JpNetv5s7v
chiJTVXh29eSlMCLCuAT+hSFWvZlWm4ShEZjN6aBRhsEPDVtIqDqEZO8EsDSGLqd
PF0Q2V8g/O9gAflKtT0n4CbilXvHBGw7tSb6vbAT/O1HUSwm2CNomqvXoki6GBbs
CCFt3JWT5xJjgtB+Z0/uBjrlKtSZPEXpzBz5owKfo2SOQ2LDiI6xrqKUjcJNdba4
iW65geX9vrQiADjJXAaEgyKWIi2xsN2ud9cm1HP81x63L6bMrmDBegWwYMoxsq5t
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:12:48 2024 by rpki-client on console-ams.rpki-client.org