Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/A5oJYdh_p0tUEwhgwHn54fk2PYA.roa
File: A5oJYdh_p0tUEwhgwHn54fk2PYA.roa (raw, json)
Hash identifier: wYOWvTvkxQka7uwhQWGDJEDe6Rw0c5nyn6AFfQvAAQE=
Subject key identifier: 03:9A:09:61:D8:7F:A7:4B:54:13:08:60:C0:79:F9:E1:F9:36:3D:80
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 01929F272A1ABABF822C60750D69F8F6235A
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/A5oJYdh_p0tUEwhgwHn54fk2PYA.roa
Signing time: Fri 18 Oct 2024 10:23:16 +0000
ROA not before: Fri 18 Oct 2024 10:23:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 214950
IP address blocks: 85.92.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:9f:27:2a:1a:ba:bf:82:2c:60:75:0d:69:f8:f6:23:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Oct 18 10:23:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=039a0961d87fa74b54130860c079f9e1f9363d80
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:4e:aa:65:98:26:88:55:2a:13:75:e2:5a:43:
91:f3:02:bf:89:72:3f:48:5e:24:97:aa:a8:ca:52:
ad:4f:19:33:ae:1a:b3:c9:3e:70:63:0a:b2:b2:c8:
e8:29:7d:71:17:96:84:65:8a:eb:02:a9:52:99:e9:
bc:e1:41:0d:59:ce:25:58:89:c6:c9:2d:d3:80:f7:
65:b5:3e:9f:64:9f:b1:5c:16:38:32:7b:99:fd:b4:
5f:c9:50:9a:32:dc:8e:74:fd:0a:5f:2f:0e:f5:37:
27:c9:8f:d6:9b:9e:fd:d4:0d:21:c6:6e:45:da:10:
ea:5b:01:20:03:27:f8:bf:46:b7:2f:a2:df:ac:b3:
1a:10:27:70:f2:a7:54:23:5e:ea:02:f0:89:dd:b2:
12:6e:42:e1:53:2e:06:9c:d8:78:ff:c5:28:a7:9d:
22:cb:30:fa:8f:7a:95:64:e7:a2:5e:ca:d0:2e:0d:
f1:b4:3c:58:1b:a5:6e:79:0f:55:a7:9f:d7:1e:f8:
7d:48:41:5b:99:fe:11:41:32:10:4b:61:3f:0b:46:
43:bd:50:5b:ba:50:29:61:de:a5:da:85:79:55:92:
a3:08:76:63:7a:89:30:39:fd:d4:51:b4:19:d3:ac:
bc:ed:54:5f:19:4f:77:fa:78:b5:8b:05:45:0b:a3:
99:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:9A:09:61:D8:7F:A7:4B:54:13:08:60:C0:79:F9:E1:F9:36:3D:80
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/A5oJYdh_p0tUEwhgwHn54fk2PYA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.92.114.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:cb:99:36:13:c4:aa:69:cf:b5:8f:18:ba:af:99:9a:36:1b:
f8:57:39:8f:8f:05:9b:82:66:70:e6:26:28:95:d8:d0:b8:23:
40:7b:96:85:02:82:ee:62:7a:e4:04:c7:db:f3:74:db:14:bd:
09:50:1b:22:6b:5e:20:97:09:6a:66:dc:1d:9c:83:22:21:1d:
e1:a0:75:3c:6f:aa:33:e2:d2:45:cf:04:47:12:17:b1:6e:12:
74:81:36:df:5e:2a:a3:b4:5e:a7:7b:bb:41:1a:ad:e6:5c:ee:
5f:f8:c1:9b:0d:ac:fb:ce:fe:8a:17:24:7f:ed:ca:2a:fd:1a:
02:8b:64:b3:1f:aa:6c:5b:47:56:97:ec:a0:39:cd:93:35:6e:
30:88:9d:58:c8:aa:59:9f:df:57:54:12:39:b2:70:8d:97:9f:
9c:76:98:12:44:f5:b4:e4:b7:19:12:6b:94:83:bd:a1:19:28:
8d:58:41:5c:65:3c:ba:af:15:ea:ca:22:91:da:91:69:0f:1f:
3a:04:13:05:8a:4e:92:c7:58:28:a0:b7:67:2e:ec:ad:eb:23:
2e:e4:05:23:76:bb:70:15:71:0d:88:6d:96:f0:f1:02:af:8c:
9e:b3:fa:aa:4d:79:ff:37:58:3b:90:6d:14:30:69:14:27:f0:
30:84:e6:8f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZKfJyoaur+CLGB1DWn49iNaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQxMDE4MTAyMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMzlhMDk2MWQ4N2ZhNzRiNTQxMzA4NjBjMDc5ZjllMWY5MzYzZDgwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwk6qZZgmiFUqE3XiWkOR8wK/iXI/
SF4kl6qoylKtTxkzrhqzyT5wYwqyssjoKX1xF5aEZYrrAqlSmem84UENWc4lWInG
yS3TgPdltT6fZJ+xXBY4MnuZ/bRfyVCaMtyOdP0KXy8O9TcnyY/Wm5791A0hxm5F
2hDqWwEgAyf4v0a3L6LfrLMaECdw8qdUI17qAvCJ3bISbkLhUy4GnNh4/8Uop50i
yzD6j3qVZOeiXsrQLg3xtDxYG6VueQ9Vp5/XHvh9SEFbmf4RQTIQS2E/C0ZDvVBb
ulApYd6l2oV5VZKjCHZjeokwOf3UUbQZ06y87VRfGU93+ni1iwVFC6OZDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAOaCWHYf6dLVBMIYMB5+eH5Nj2AMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvQTVvSllkaF9wMHRVRXdoZ3dIbjU0ZmsyUFlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAVVxyMA0G
CSqGSIb3DQEBCwUAA4IBAQB/y5k2E8Sqac+1jxi6r5maNhv4VzmPjwWbgmZw5iYo
ldjQuCNAe5aFAoLuYnrkBMfb83TbFL0JUBsia14glwlqZtwdnIMiIR3hoHU8b6oz
4tJFzwRHEhexbhJ0gTbfXiqjtF6ne7tBGq3mXO5f+MGbDaz7zv6KFyR/7coq/RoC
i2SzH6psW0dWl+ygOc2TNW4wiJ1YyKpZn99XVBI5snCNl5+cdpgSRPW05LcZEmuU
g72hGSiNWEFcZTy6rxXqyiKR2pFpDx86BBMFik6Sx1gooLdnLuyt6yMu5AUjdrtw
FXENiG2W8PECr4yes/qqTXn/N1g7kG0UMGkUJ/AwhOaP
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:23:17 2024 by rpki-client on console-ams.rpki-client.org