Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/775017-a45b-4637-a3a0-af1a0e00f823/1/1XyctxnF-PBJWE3L4v6-36nJMQ0.roa
File: 1XyctxnF-PBJWE3L4v6-36nJMQ0.roa (raw, json)
Hash identifier: XEw2pED0yhJi1F1Ny/OhkvUbDhxTp+rrxS0gm9vJHNQ=
Subject key identifier: D5:7C:9C:B7:19:C5:F8:F0:49:58:4D:CB:E2:FE:BE:DF:A9:C9:31:0D
Certificate issuer: /CN=b31d1c2891d880469a20d8b7f18e4cd865430046
Certificate serial: 0192BCD34BA40F468165EFAC593031514FC0
Authority key identifier: B3:1D:1C:28:91:D8:80:46:9A:20:D8:B7:F1:8E:4C:D8:65:43:00:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sx0cKJHYgEaaINi38Y5M2GVDAEY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/775017-a45b-4637-a3a0-af1a0e00f823/1/1XyctxnF-PBJWE3L4v6-36nJMQ0.roa
Signing time: Thu 24 Oct 2024 04:40:16 +0000
ROA not before: Thu 24 Oct 2024 04:40:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 399768
IP address blocks: 92.51.224.0/22 maxlen: 22
92.51.224.0/24 maxlen: 24
92.51.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/775017-a45b-4637-a3a0-af1a0e00f823/1/sx0cKJHYgEaaINi38Y5M2GVDAEY.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/775017-a45b-4637-a3a0-af1a0e00f823/1/sx0cKJHYgEaaINi38Y5M2GVDAEY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sx0cKJHYgEaaINi38Y5M2GVDAEY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:bc:d3:4b:a4:0f:46:81:65:ef:ac:59:30:31:51:4f:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b31d1c2891d880469a20d8b7f18e4cd865430046
Validity
Not Before: Oct 24 04:40:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d57c9cb719c5f8f049584dcbe2febedfa9c9310d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:d1:f5:2f:0b:34:da:a8:1b:57:c9:93:88:df:
31:64:4a:91:5b:f2:dd:71:f5:e6:2a:1f:e9:f4:5b:
36:0f:c1:45:7b:e4:08:8e:62:03:c5:74:8d:61:af:
7c:64:ba:0b:be:86:70:33:f0:4b:22:fe:ca:57:87:
72:90:67:5a:f9:25:0d:28:45:fb:91:8a:bb:1d:a0:
b0:fb:c4:c5:14:36:64:af:0a:31:5b:f5:73:82:02:
15:f7:e3:50:bd:45:59:10:15:0a:a1:94:9f:8c:cb:
51:d4:34:3c:5b:bd:1f:56:4d:d9:0d:2e:dd:60:e1:
86:7f:15:75:89:bd:80:19:54:1a:67:af:41:e9:09:
80:7a:e6:67:75:f4:18:bb:36:fe:63:f9:6d:0d:90:
fd:96:b9:59:8b:73:84:ba:97:06:2a:29:65:5a:74:
d2:49:bf:7d:35:17:c5:34:56:de:6c:60:61:34:75:
7d:31:a3:60:3d:a0:69:cf:1e:53:56:83:0b:94:7c:
1a:99:db:28:5e:43:42:d3:c2:93:5a:02:e4:70:ed:
1a:94:29:0d:39:41:88:4d:d2:fd:56:ef:05:56:96:
6f:5e:06:ff:ac:37:91:9c:21:0e:96:94:8d:b2:d9:
f6:be:b5:a8:7f:01:0e:24:fa:4d:d5:79:65:40:c5:
50:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:7C:9C:B7:19:C5:F8:F0:49:58:4D:CB:E2:FE:BE:DF:A9:C9:31:0D
X509v3 Authority Key Identifier:
keyid:B3:1D:1C:28:91:D8:80:46:9A:20:D8:B7:F1:8E:4C:D8:65:43:00:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sx0cKJHYgEaaINi38Y5M2GVDAEY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/775017-a45b-4637-a3a0-af1a0e00f823/1/1XyctxnF-PBJWE3L4v6-36nJMQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/775017-a45b-4637-a3a0-af1a0e00f823/1/sx0cKJHYgEaaINi38Y5M2GVDAEY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.51.224.0/22
Signature Algorithm: sha256WithRSAEncryption
29:16:b1:1a:86:c9:f5:41:84:44:31:e4:aa:ff:9f:be:42:51:
60:81:86:91:c1:21:2e:eb:87:fa:fa:2f:62:11:d8:b2:10:fb:
b8:46:41:9d:1a:d1:1f:d9:26:83:ab:31:6c:2b:58:cd:38:af:
62:59:fd:72:68:d3:5f:61:c7:96:ce:8e:f2:00:68:e4:58:e7:
eb:14:a0:7e:3f:48:f4:57:57:85:97:bc:7a:33:0b:cf:3e:58:
d2:30:0a:22:66:8c:85:79:6f:f9:7a:13:59:a8:61:3f:ce:7d:
a2:b4:d9:6f:5d:4d:fa:e8:e9:17:e4:d1:a0:62:2a:49:2a:ae:
6e:e7:14:ef:f6:95:a5:d5:97:3c:75:b9:9e:f2:80:3c:ca:f2:
7c:76:f7:c7:e8:70:a3:ba:62:78:68:20:f7:0d:6d:4b:87:31:
22:da:ba:72:9a:f5:c7:70:e7:50:e1:a0:fe:a3:d5:41:58:c3:
cb:a3:97:07:ba:2b:8e:0a:82:e1:83:44:1c:25:e2:1f:de:aa:
2f:25:82:49:ce:53:ba:71:68:17:bd:87:bf:8f:c0:33:3e:19:
4f:63:39:fc:60:4a:11:0c:d4:eb:ae:83:ed:88:28:a9:99:1b:
04:68:18:a1:a9:60:57:3e:88:8c:36:82:0c:ca:b3:cf:57:6e:
87:5f:34:82
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZK800ukD0aBZe+sWTAxUU/AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzMWQxYzI4OTFkODgwNDY5YTIwZDhiN2YxOGU0Y2Q4NjU0
MzAwNDYwHhcNMjQxMDI0MDQ0MDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTdjOWNiNzE5YzVmOGYwNDk1ODRkY2JlMmZlYmVkZmE5YzkzMTBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAidH1Lws02qgbV8mTiN8xZEqRW/Ld
cfXmKh/p9Fs2D8FFe+QIjmIDxXSNYa98ZLoLvoZwM/BLIv7KV4dykGda+SUNKEX7
kYq7HaCw+8TFFDZkrwoxW/VzggIV9+NQvUVZEBUKoZSfjMtR1DQ8W70fVk3ZDS7d
YOGGfxV1ib2AGVQaZ69B6QmAeuZndfQYuzb+Y/ltDZD9lrlZi3OEupcGKillWnTS
Sb99NRfFNFbebGBhNHV9MaNgPaBpzx5TVoMLlHwamdsoXkNC08KTWgLkcO0alCkN
OUGITdL9Vu8FVpZvXgb/rDeRnCEOlpSNstn2vrWofwEOJPpN1XllQMVQfwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNV8nLcZxfjwSVhNy+L+vt+pyTENMB8GA1UdIwQY
MBaAFLMdHCiR2IBGmiDYt/GOTNhlQwBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc3gwY0tKSFlnRWFhSU5pMzhZNU0yR1ZEQUVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83NzUwMTctYTQ1Yi00NjM3LWEzYTAt
YWYxYTBlMDBmODIzLzEvMVh5Y3R4bkYtUEJKV0UzTDR2Ni0zNm5KTVEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83NzUwMTctYTQ1Yi00NjM3LWEzYTAtYWYxYTBlMDBmODIz
LzEvc3gwY0tKSFlnRWFhSU5pMzhZNU0yR1ZEQUVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCXDPgMA0G
CSqGSIb3DQEBCwUAA4IBAQApFrEahsn1QYREMeSq/5++QlFggYaRwSEu64f6+i9i
EdiyEPu4RkGdGtEf2SaDqzFsK1jNOK9iWf1yaNNfYceWzo7yAGjkWOfrFKB+P0j0
V1eFl7x6MwvPPljSMAoiZoyFeW/5ehNZqGE/zn2itNlvXU366OkX5NGgYipJKq5u
5xTv9pWl1Zc8dbme8oA8yvJ8dvfH6HCjumJ4aCD3DW1LhzEi2rpymvXHcOdQ4aD+
o9VBWMPLo5cHuiuOCoLhg0QcJeIf3qovJYJJzlO6cWgXvYe/j8AzPhlPYzn8YEoR
DNTrroPtiCipmRsEaBihqWBXPoiMNoIMyrPPV26HXzSC
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:38:02 2024 by rpki-client on console-fra.rpki-client.org