Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/7rxKVlakKMmMGc9-c4nZiDiSRyA.roa
File: 7rxKVlakKMmMGc9-c4nZiDiSRyA.roa (raw, json)
Hash identifier: O0zSynmPq6IaBww40TSmuZGkz4kwrEhezPB2xM8izyQ=
Subject key identifier: EE:BC:4A:56:56:A4:28:C9:8C:19:CF:7E:73:89:D9:88:38:92:47:20
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 018CC56E0D586A82AAF3D00B0E31DDDB5650
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/7rxKVlakKMmMGc9-c4nZiDiSRyA.roa
Signing time: Mon 01 Jan 2024 14:29:32 +0000
ROA not before: Mon 01 Jan 2024 14:29:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28546
IP address blocks: 85.92.124.0/22 maxlen: 22
85.92.124.0/24 maxlen: 24
85.92.125.0/24 maxlen: 24
85.92.126.0/24 maxlen: 24
85.92.126.0/23 maxlen: 23
85.92.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 00:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:0d:58:6a:82:aa:f3:d0:0b:0e:31:dd:db:56:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Jan 1 14:29:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=eebc4a5656a428c98c19cf7e7389d98838924720
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:08:cc:96:38:f1:c6:54:d3:43:dc:18:7c:91:
2f:15:d6:6e:aa:09:7e:47:00:58:77:2e:af:c2:a5:
c7:0f:3a:02:05:f5:bf:4f:53:15:d8:f8:96:83:fd:
8e:4d:62:7a:9b:9d:be:25:1b:17:ec:21:a5:e0:92:
d0:ff:cc:3e:c0:8c:a3:8d:e5:3d:37:a2:ea:69:95:
10:ef:75:0f:24:d2:d0:89:9b:62:f9:2c:38:56:4e:
71:f3:74:44:4a:01:dd:13:02:3c:ad:c9:8f:05:8b:
bb:34:3f:89:68:5c:4c:77:93:56:3a:80:6e:35:95:
64:5c:a2:66:62:a0:48:f4:7e:6d:b6:c3:e2:b4:a8:
07:9d:0b:4f:19:00:ea:77:b6:1f:58:b6:41:d9:ae:
30:92:99:29:f4:ec:47:01:3d:6a:63:95:44:ff:cc:
4f:ea:b0:c8:18:ae:70:7b:79:a4:dd:af:bd:0d:ba:
16:95:55:cf:2f:26:df:4c:24:fa:ec:29:19:ab:72:
61:03:5a:8c:7b:82:3f:6d:66:7f:79:3b:57:bd:d6:
88:de:41:52:32:c3:8e:0f:d7:a6:06:95:f9:42:40:
63:b4:4e:74:33:3f:eb:e5:2b:1b:2b:72:7f:65:91:
51:56:b0:14:cc:a5:71:60:a0:93:f6:35:09:2b:f3:
92:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:BC:4A:56:56:A4:28:C9:8C:19:CF:7E:73:89:D9:88:38:92:47:20
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/7rxKVlakKMmMGc9-c4nZiDiSRyA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.92.124.0/22
Signature Algorithm: sha256WithRSAEncryption
cc:71:bf:9e:64:1c:7d:b8:f8:0c:0c:1a:96:ad:36:c2:97:e2:
1f:4b:6d:06:5e:d6:70:2e:d9:0b:bb:2c:05:78:48:09:4c:5e:
f1:63:ae:11:a0:29:10:af:ea:ff:a9:a7:e6:f8:94:5e:97:a3:
e6:2f:9d:45:fd:3a:8e:1d:3a:b4:00:dc:8f:89:61:d3:5e:22:
6e:d9:5d:56:17:48:58:c8:48:90:98:a2:85:c3:8c:8b:bb:2a:
be:b4:b2:fb:ed:96:43:db:6f:80:98:b6:8d:fc:67:53:d9:ab:
f2:e7:f2:9e:77:84:db:9d:80:9e:7f:f5:e2:ab:46:2e:df:ce:
5f:7f:a4:2c:05:99:60:38:7f:ba:e2:89:55:d9:2f:9c:11:8c:
fe:f8:e1:0d:66:29:80:5f:99:73:05:c8:43:a8:70:36:a0:57:
ea:0b:2c:bf:fd:92:f1:01:b6:37:fd:14:50:06:e8:7a:52:ca:
8e:64:e6:aa:99:2d:2b:37:58:08:9b:be:c4:12:b6:39:dc:e9:
d1:3f:ed:aa:ae:3f:6c:67:23:d6:2e:e0:0c:83:91:7f:3d:96:
06:d1:8c:f8:cf:a5:17:2b:6f:da:b7:73:90:43:9c:25:47:b1:
9a:e4:2a:52:e7:a8:e3:50:25:c5:2c:84:e9:b8:54:33:dc:2d:
84:fb:3b:e3
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFbg1YaoKq89ALDjHd21ZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwMTAxMTQyOTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWJjNGE1NjU2YTQyOGM5OGMxOWNmN2U3Mzg5ZDk4ODM4OTI0NzIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoAjMljjxxlTTQ9wYfJEvFdZuqgl+
RwBYdy6vwqXHDzoCBfW/T1MV2PiWg/2OTWJ6m52+JRsX7CGl4JLQ/8w+wIyjjeU9
N6LqaZUQ73UPJNLQiZti+Sw4Vk5x83RESgHdEwI8rcmPBYu7ND+JaFxMd5NWOoBu
NZVkXKJmYqBI9H5ttsPitKgHnQtPGQDqd7YfWLZB2a4wkpkp9OxHAT1qY5VE/8xP
6rDIGK5we3mk3a+9DboWlVXPLybfTCT67CkZq3JhA1qMe4I/bWZ/eTtXvdaI3kFS
MsOOD9emBpX5QkBjtE50Mz/r5SsbK3J/ZZFRVrAUzKVxYKCT9jUJK/OSjwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFO68SlZWpCjJjBnPfnOJ2Yg4kkcgMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvN3J4S1ZsYWtLTW1NR2M5LWM0blppRGlTUnlBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVVx8MA0G
CSqGSIb3DQEBCwUAA4IBAQDMcb+eZBx9uPgMDBqWrTbCl+IfS20GXtZwLtkLuywF
eEgJTF7xY64RoCkQr+r/qafm+JRel6PmL51F/TqOHTq0ANyPiWHTXiJu2V1WF0hY
yEiQmKKFw4yLuyq+tLL77ZZD22+AmLaN/GdT2avy5/Ked4TbnYCef/Xiq0Yu385f
f6QsBZlgOH+64olV2S+cEYz++OENZimAX5lzBchDqHA2oFfqCyy//ZLxAbY3/RRQ
Buh6UsqOZOaqmS0rN1gIm77EErY53OnRP+2qrj9sZyPWLuAMg5F/PZYG0Yz4z6UX
K2/at3OQQ5wlR7Ga5CpS56jjUCXFLITpuFQz3C2E+zvj
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:50:09 2024 by rpki-client on console-ams.rpki-client.org