Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/53/5246e6-72c6-4f47-a3a3-e4df5a87d4ed/1/1jZJga7guBD0T5mJbGFV-GC941U.roa
File: 1jZJga7guBD0T5mJbGFV-GC941U.roa (raw, json)
Hash identifier: usiGdS29yLqgBi4Fw1ZDYPHBaGWf3unt5YZtRrxhoE8=
Subject key identifier: D6:36:49:81:AE:E0:B8:10:F4:4F:99:89:6C:61:55:F8:60:BD:E3:55
Certificate issuer: /CN=764136c3cdbfd5fb60cafd4a9b1d473a3b672635
Certificate serial: 018D17E6B3B15AC2BCA7C26CF442AEE613F4
Authority key identifier: 76:41:36:C3:CD:BF:D5:FB:60:CA:FD:4A:9B:1D:47:3A:3B:67:26:35
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dkE2w82_1ftgyv1Kmx1HOjtnJjU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/53/5246e6-72c6-4f47-a3a3-e4df5a87d4ed/1/1jZJga7guBD0T5mJbGFV-GC941U.roa
Signing time: Wed 17 Jan 2024 14:50:11 +0000
ROA not before: Wed 17 Jan 2024 14:50:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202112
IP address blocks: 92.249.27.0/24 maxlen: 24
193.57.35.0/24 maxlen: 24
2a13:ec2::/47 maxlen: 47
2a13:ec7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/53/5246e6-72c6-4f47-a3a3-e4df5a87d4ed/1/dkE2w82_1ftgyv1Kmx1HOjtnJjU.crl
rsync://rpki.ripe.net/repository/DEFAULT/53/5246e6-72c6-4f47-a3a3-e4df5a87d4ed/1/dkE2w82_1ftgyv1Kmx1HOjtnJjU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dkE2w82_1ftgyv1Kmx1HOjtnJjU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:17:e6:b3:b1:5a:c2:bc:a7:c2:6c:f4:42:ae:e6:13:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=764136c3cdbfd5fb60cafd4a9b1d473a3b672635
Validity
Not Before: Jan 17 14:50:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d6364981aee0b810f44f99896c6155f860bde355
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:c8:39:f0:f6:80:43:4a:54:b2:d1:0e:f7:ac:
82:8e:46:5d:47:51:60:de:4e:2e:42:06:7c:a9:1c:
58:f9:58:50:34:99:82:01:bc:d4:ff:42:fa:c5:f3:
22:7d:4a:f8:08:c6:48:35:d9:72:e7:f9:9c:60:73:
5c:9c:2e:5e:a6:36:24:e0:72:d6:59:31:3a:90:47:
8d:9f:4f:7a:41:57:8f:c8:3a:08:80:f7:09:cc:e5:
93:f2:26:e7:f7:f5:9a:a8:1d:6e:66:2b:e7:2d:0b:
22:0d:d4:8c:5b:71:d8:d9:db:9a:ba:72:22:40:80:
d8:1b:a1:98:23:67:b5:d4:29:aa:1b:6f:e7:83:25:
46:5b:42:c8:3c:e4:34:26:42:89:df:41:03:c1:7c:
d1:1c:24:d5:66:a2:8d:a5:b7:f4:39:b4:3f:ce:78:
04:3d:03:82:c1:9a:4a:2d:85:65:a9:68:ee:4c:4d:
a1:88:3e:75:df:94:00:69:ed:88:a6:eb:75:db:64:
04:02:ec:ff:dc:b1:ad:71:11:88:b2:04:83:5e:bc:
7b:42:f0:7b:6c:90:ba:a4:f5:61:a0:97:58:4b:d1:
75:f3:8e:55:3a:39:9a:57:78:12:7b:7d:19:84:6f:
51:5b:43:8b:dd:46:bf:1d:cd:bf:0f:38:89:e7:94:
38:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:36:49:81:AE:E0:B8:10:F4:4F:99:89:6C:61:55:F8:60:BD:E3:55
X509v3 Authority Key Identifier:
keyid:76:41:36:C3:CD:BF:D5:FB:60:CA:FD:4A:9B:1D:47:3A:3B:67:26:35
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dkE2w82_1ftgyv1Kmx1HOjtnJjU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5246e6-72c6-4f47-a3a3-e4df5a87d4ed/1/1jZJga7guBD0T5mJbGFV-GC941U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/53/5246e6-72c6-4f47-a3a3-e4df5a87d4ed/1/dkE2w82_1ftgyv1Kmx1HOjtnJjU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.27.0/24
193.57.35.0/24
IPv6:
2a13:ec2::/47
2a13:ec7::/48
Signature Algorithm: sha256WithRSAEncryption
3b:0a:57:1c:77:c8:b3:12:80:b2:5d:f4:e9:99:b0:95:82:55:
7e:a0:e7:ba:a4:d2:bf:c6:15:71:48:e3:0e:90:75:46:51:9c:
23:47:d2:39:10:59:21:9c:0d:cd:71:d2:f8:91:26:c3:a6:0b:
77:49:1f:b2:ac:06:c6:63:03:88:00:40:d1:a2:87:a2:63:6d:
59:47:ed:e1:10:fc:dd:d8:d9:83:f1:8f:e6:70:81:14:66:4e:
25:16:dd:12:db:d6:5e:61:cb:9d:02:75:d0:63:7a:bf:53:92:
fb:d3:1c:3b:e2:7c:b1:dc:db:fa:55:5b:3c:8f:7d:03:4d:31:
ba:ad:50:4d:de:b1:a9:c0:a2:ef:35:c2:62:fb:77:48:6b:17:
e9:d4:01:6e:6e:85:97:b8:11:19:d2:57:1e:a1:54:3e:51:b9:
42:ad:f7:f9:8c:ab:73:1c:63:24:73:0f:30:98:74:11:c3:a0:
cc:4a:06:b0:92:93:89:0c:d2:84:33:03:1d:ef:1a:ca:7c:c4:
6e:a9:ae:22:f8:31:ba:de:7b:4b:7f:5c:fe:6e:92:07:06:62:
54:1c:58:96:15:3f:e9:08:b3:bf:2f:d0:80:41:af:ff:78:51:
9a:48:68:4e:2d:b2:40:8f:99:02:20:7d:1c:c5:c7:96:b3:af:
88:22:81:03
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY0X5rOxWsK8p8Js9EKu5hP0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NDEzNmMzY2RiZmQ1ZmI2MGNhZmQ0YTliMWQ0NzNhM2I2
NzI2MzUwHhcNMjQwMTE3MTQ1MDExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjM2NDk4MWFlZTBiODEwZjQ0Zjk5ODk2YzYxNTVmODYwYmRlMzU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjcg58PaAQ0pUstEO96yCjkZdR1Fg
3k4uQgZ8qRxY+VhQNJmCAbzU/0L6xfMifUr4CMZINdly5/mcYHNcnC5epjYk4HLW
WTE6kEeNn096QVePyDoIgPcJzOWT8ibn9/WaqB1uZivnLQsiDdSMW3HY2duaunIi
QIDYG6GYI2e11CmqG2/ngyVGW0LIPOQ0JkKJ30EDwXzRHCTVZqKNpbf0ObQ/zngE
PQOCwZpKLYVlqWjuTE2hiD5135QAae2Iput122QEAuz/3LGtcRGIsgSDXrx7QvB7
bJC6pPVhoJdYS9F1845VOjmaV3gSe30ZhG9RW0OL3Ua/Hc2/DziJ55Q4nQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNY2SYGu4LgQ9E+ZiWxhVfhgveNVMB8GA1UdIwQY
MBaAFHZBNsPNv9X7YMr9SpsdRzo7ZyY1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGtFMnc4Ml8xZnRneXYxS214MUhPanRuSmpVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81My81MjQ2ZTYtNzJjNi00ZjQ3LWEzYTMt
ZTRkZjVhODdkNGVkLzEvMWpaSmdhN2d1QkQwVDVtSmJHRlYtR0M5NDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81My81MjQ2ZTYtNzJjNi00ZjQ3LWEzYTMtZTRkZjVhODdkNGVk
LzEvZGtFMnc4Ml8xZnRneXYxS214MUhPanRuSmpVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQAXPkbAwQA
wTkjMBgEAgACMBIDBwEqEw7CAAADBwAqEw7HAAAwDQYJKoZIhvcNAQELBQADggEB
ADsKVxx3yLMSgLJd9OmZsJWCVX6g57qk0r/GFXFI4w6QdUZRnCNH0jkQWSGcDc1x
0viRJsOmC3dJH7KsBsZjA4gAQNGih6JjbVlH7eEQ/N3Y2YPxj+ZwgRRmTiUW3RLb
1l5hy50CddBjer9TkvvTHDvifLHc2/pVWzyPfQNNMbqtUE3esanAou81wmL7d0hr
F+nUAW5uhZe4ERnSVx6hVD5RuUKt9/mMq3McYyRzDzCYdBHDoMxKBrCSk4kM0oQz
Ax3vGsp8xG6priL4Mbree0t/XP5ukgcGYlQcWJYVP+kIs78v0IBBr/94UZpIaE4t
skCPmQIgfRzFx5azr4gigQM=
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:18:46 2024 by rpki-client on console-ams.rpki-client.org