Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/aEb1Igb_dYHeTCdnGtVR2VaPPd4.roa
File: aEb1Igb_dYHeTCdnGtVR2VaPPd4.roa (raw, json)
Hash identifier: n8GdtPt6Ujh/CZm6mEGLaXGHg12p4r8VTbNk1CorfTg=
Subject key identifier: 68:46:F5:22:06:FF:75:81:DE:4C:27:67:1A:D5:51:D9:56:8F:3D:DE
Certificate issuer: /CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Certificate serial: 01924D621EE15C6D5731BF7501C901C82BF9
Authority key identifier: 53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/aEb1Igb_dYHeTCdnGtVR2VaPPd4.roa
Signing time: Wed 02 Oct 2024 13:18:48 +0000
ROA not before: Wed 02 Oct 2024 13:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200712
IP address blocks: 80.254.231.0/24 maxlen: 24
185.92.168.0/24 maxlen: 24
185.92.169.0/24 maxlen: 24
185.92.170.0/24 maxlen: 24
2a13:5240::/32 maxlen: 32
2a13:5245::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.mft
rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4d:62:1e:e1:5c:6d:57:31:bf:75:01:c9:01:c8:2b:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=53b46ab79b9fc58f5dc4cf29d72dc5267ec3edde
Validity
Not Before: Oct 2 13:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=6846f52206ff7581de4c27671ad551d9568f3dde
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a6:60:14:5f:3f:3d:8d:93:4e:f7:8d:32:3d:
5a:13:28:a7:4b:ef:6f:8a:02:d5:9e:42:60:64:82:
fa:95:12:19:ac:73:46:a5:85:7e:b6:d9:0e:e9:b2:
3b:f2:6c:8d:8c:a0:c4:ef:63:a5:98:14:54:7d:8e:
c0:28:e7:f2:ee:83:42:db:7d:35:70:44:af:c3:9d:
2f:49:fc:04:09:a7:80:a2:b9:2e:a8:0c:fd:ec:d5:
ea:8d:fb:1f:95:7a:95:7d:df:38:69:03:29:73:31:
e5:3a:43:05:b2:0a:dc:b8:85:fc:6d:cd:e6:9c:51:
c0:dc:fe:1a:f5:69:4f:35:56:90:e7:36:77:c6:2a:
2e:2d:8b:df:33:bc:bd:e7:b6:e4:21:d2:64:c3:3b:
11:fd:b8:8d:5a:3c:f2:cf:fd:fc:99:e7:45:8f:d2:
f2:84:90:ce:ae:e4:0e:73:3f:14:8a:41:19:59:54:
3e:ce:56:cc:30:20:24:85:cf:c6:7d:9e:59:ac:29:
93:16:ad:c0:e6:ef:c1:56:c2:80:9b:f4:21:f9:90:
c3:81:ee:12:64:d8:3e:85:ce:24:8e:37:0f:0e:6a:
bd:bf:73:7e:da:2a:7d:35:c0:a9:23:ca:71:7a:8f:
9e:f8:c1:88:3c:b9:b3:ee:22:d0:1b:84:1b:88:6c:
9c:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:46:F5:22:06:FF:75:81:DE:4C:27:67:1A:D5:51:D9:56:8F:3D:DE
X509v3 Authority Key Identifier:
keyid:53:B4:6A:B7:9B:9F:C5:8F:5D:C4:CF:29:D7:2D:C5:26:7E:C3:ED:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/aEb1Igb_dYHeTCdnGtVR2VaPPd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/ac9af6-7fc3-4d13-a594-060a4738091d/1/U7Rqt5ufxY9dxM8p1y3FJn7D7d4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.231.0/24
185.92.168.0-185.92.170.255
IPv6:
2a13:5240::/32
2a13:5245::/32
Signature Algorithm: sha256WithRSAEncryption
82:43:42:27:16:b7:2b:72:79:19:6e:e4:87:c0:0f:2e:88:3b:
53:52:f0:2d:bc:50:de:4c:44:61:3f:3c:17:c4:c1:9c:3e:4f:
5c:63:43:5a:2e:d4:ee:f3:ef:80:99:08:cc:ab:08:a8:b0:28:
53:23:8c:7f:f7:ac:2b:14:ca:e8:2f:d6:3f:f3:6d:b5:f3:4d:
76:82:b0:5c:46:f6:98:61:00:d9:0f:aa:e4:ed:cb:91:1f:1c:
95:03:ae:f2:91:23:18:ec:31:1e:ba:bf:09:5c:c9:ac:0f:dd:
9c:43:86:74:6b:2c:f7:16:77:ee:21:fc:89:4e:7c:b6:64:25:
b8:83:53:ca:37:27:7a:91:e1:b2:b3:eb:aa:ff:d9:18:3d:89:
2d:b5:8b:91:6d:ce:bc:eb:a1:62:68:07:41:08:85:9a:57:04:
bb:0d:26:8a:c3:b3:ee:a4:b6:14:3a:1e:2e:42:ef:54:e3:4b:
8a:d4:65:03:58:48:ca:53:63:63:01:92:71:77:97:65:59:09:
8e:79:d3:53:17:3c:ec:7d:01:fc:af:bb:06:ef:11:71:bc:07:
9f:c8:35:bb:55:77:54:1d:21:f7:c2:14:95:b5:8a:df:80:60:
1b:4d:ea:0f:e7:dc:27:63:51:2a:90:3d:08:ca:59:5b:0d:ca:
8f:31:38:bd
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZJNYh7hXG1XMb91AckByCv5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUzYjQ2YWI3OWI5ZmM1OGY1ZGM0Y2YyOWQ3MmRjNTI2N2Vj
M2VkZGUwHhcNMjQxMDAyMTMxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODQ2ZjUyMjA2ZmY3NTgxZGU0YzI3NjcxYWQ1NTFkOTU2OGYzZGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtqZgFF8/PY2TTveNMj1aEyinS+9v
igLVnkJgZIL6lRIZrHNGpYV+ttkO6bI78myNjKDE72OlmBRUfY7AKOfy7oNC2301
cESvw50vSfwECaeAorkuqAz97NXqjfsflXqVfd84aQMpczHlOkMFsgrcuIX8bc3m
nFHA3P4a9WlPNVaQ5zZ3xiouLYvfM7y957bkIdJkwzsR/biNWjzyz/38medFj9Ly
hJDOruQOcz8UikEZWVQ+zlbMMCAkhc/GfZ5ZrCmTFq3A5u/BVsKAm/Qh+ZDDge4S
ZNg+hc4kjjcPDmq9v3N+2ip9NcCpI8pxeo+e+MGIPLmz7iLQG4QbiGycXQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFGhG9SIG/3WB3kwnZxrVUdlWjz3eMB8GA1UdIwQY
MBaAFFO0arebn8WPXcTPKdctxSZ+w+3eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQt
MDYwYTQ3MzgwOTFkLzEvYUViMUlnYl9kWUhlVENkbkd0VlIyVmFQUGQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy9hYzlhZjYtN2ZjMy00ZDEzLWE1OTQtMDYwYTQ3MzgwOTFk
LzEvVTdScXQ1dWZ4WTlkeE04cDF5M0ZKbjdEN2Q0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAaBAIAATAUAwQAUP7nMAwD
BAO5XKgDBAC5XKowFAQCAAIwDgMFACoTUkADBQAqE1JFMA0GCSqGSIb3DQEBCwUA
A4IBAQCCQ0InFrcrcnkZbuSHwA8uiDtTUvAtvFDeTERhPzwXxMGcPk9cY0NaLtTu
8++AmQjMqwiosChTI4x/96wrFMroL9Y/82218012grBcRvaYYQDZD6rk7cuRHxyV
A67ykSMY7DEeur8JXMmsD92cQ4Z0ayz3FnfuIfyJTny2ZCW4g1PKNyd6keGys+uq
/9kYPYkttYuRbc6866FiaAdBCIWaVwS7DSaKw7PupLYUOh4uQu9U40uK1GUDWEjK
U2NjAZJxd5dlWQmOedNTFzzsfQH8r7sG7xFxvAefyDW7VXdUHSH3whSVtYrfgGAb
TeoP59wnY1EqkD0IyllbDcqPMTi9
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:34:10 2024 by rpki-client on console-ams.rpki-client.org