Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/NMcGts4mNEl5cSrllV_quryI2C8.roa
File: NMcGts4mNEl5cSrllV_quryI2C8.roa (raw, json)
Hash identifier: b63DMS8MsEv5t+pCJwFI6uUaYRasWPQhSbZIsWA1KkU=
Subject key identifier: 34:C7:06:B6:CE:26:34:49:79:71:2A:E5:95:5F:EA:BA:BC:88:D8:2F
Certificate issuer: /CN=0d8cbee51990f1e05a9d1dc0c2f2f3a8a3470c13
Certificate serial: 018CC26D4A21D0562BA1AAAD5386FE08A163
Authority key identifier: 0D:8C:BE:E5:19:90:F1:E0:5A:9D:1D:C0:C2:F2:F3:A8:A3:47:0C:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DYy-5RmQ8eBanR3AwvLzqKNHDBM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/NMcGts4mNEl5cSrllV_quryI2C8.roa
Signing time: Mon 01 Jan 2024 00:29:51 +0000
ROA not before: Mon 01 Jan 2024 00:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42699
IP address blocks: 92.43.48.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/DYy-5RmQ8eBanR3AwvLzqKNHDBM.crl
rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/DYy-5RmQ8eBanR3AwvLzqKNHDBM.mft
rsync://rpki.ripe.net/repository/DEFAULT/DYy-5RmQ8eBanR3AwvLzqKNHDBM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:4a:21:d0:56:2b:a1:aa:ad:53:86:fe:08:a1:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d8cbee51990f1e05a9d1dc0c2f2f3a8a3470c13
Validity
Not Before: Jan 1 00:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=34c706b6ce26344979712ae5955feababc88d82f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:2c:81:12:23:a6:99:27:ab:b4:13:fd:72:e7:
67:00:92:c7:5f:bb:d0:1d:ca:6a:cf:d7:ba:2c:03:
75:84:04:76:bd:4a:09:24:3b:1c:54:33:1e:a9:7e:
ac:64:34:86:2e:d1:65:75:ed:bb:16:58:20:83:b4:
3c:cd:c2:1b:88:b5:5f:d5:b3:2a:09:18:7e:4e:41:
6a:05:c3:19:ca:28:97:ee:67:36:cc:8e:a3:9f:f7:
5a:b4:3b:44:91:50:d1:a6:0c:ef:db:19:3a:7b:d2:
62:1e:63:73:9d:37:bb:50:0c:7f:05:50:32:0a:9a:
0c:24:04:51:46:7e:fb:49:d5:5a:ab:c1:0a:88:03:
d7:de:82:bd:9d:7a:58:cd:21:c2:25:3a:a1:9b:0d:
69:fc:4a:db:a4:1e:fc:73:90:6a:a5:cf:bf:76:56:
a5:06:de:25:41:5c:f9:a9:5e:60:1d:c9:20:f8:d2:
65:ec:19:76:b3:1a:9a:28:83:2d:bd:3f:75:0e:a3:
56:7c:89:da:d2:17:3b:25:bc:5c:67:16:46:12:df:
df:48:56:a7:76:10:af:5c:f5:65:0a:a7:1f:06:13:
5e:ed:9d:a0:13:6a:c2:4a:68:e3:6f:9d:d7:6e:b2:
e3:f3:ef:16:2d:62:8c:1e:9d:f2:fe:a3:30:3a:f0:
7d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:C7:06:B6:CE:26:34:49:79:71:2A:E5:95:5F:EA:BA:BC:88:D8:2F
X509v3 Authority Key Identifier:
keyid:0D:8C:BE:E5:19:90:F1:E0:5A:9D:1D:C0:C2:F2:F3:A8:A3:47:0C:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DYy-5RmQ8eBanR3AwvLzqKNHDBM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/NMcGts4mNEl5cSrllV_quryI2C8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/62/763d8e-2081-4cf8-b65b-1b1e78cbbb09/1/DYy-5RmQ8eBanR3AwvLzqKNHDBM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.43.48.0/21
Signature Algorithm: sha256WithRSAEncryption
22:77:24:28:42:1d:ff:e5:81:04:91:0e:4d:44:2c:03:0b:5b:
98:44:d0:80:8a:ea:b4:3a:38:1a:8e:f7:48:05:98:ef:fc:83:
f8:39:fc:5a:3a:e0:71:46:fd:92:6c:75:5f:ab:23:dd:de:3b:
41:9c:03:99:62:a0:96:a3:b2:7f:cc:54:23:8a:8c:74:0a:1a:
e4:1a:68:3f:32:85:d9:1b:89:d3:69:d3:0d:db:0c:fa:42:04:
62:7e:94:ff:e4:49:59:91:f5:e6:68:a1:c4:3a:0f:c6:6a:23:
db:25:73:ef:0b:5b:7f:be:bf:6c:7b:18:45:e5:79:03:db:a7:
6e:df:c7:c5:b4:8a:06:89:b7:d3:3c:e4:39:72:c4:72:2c:04:
f0:a8:51:7c:88:60:0c:dd:aa:92:c7:f6:42:0a:a4:8b:1b:57:
20:ef:ba:14:18:e2:02:0e:00:06:5b:c8:bb:90:43:68:e6:50:
c5:e5:9b:20:4f:19:5b:1e:a3:20:a8:2b:3f:5d:bf:b5:22:09:
3c:d5:d4:bb:6d:9c:60:55:ad:a8:07:21:51:bc:fd:b5:0d:76:
c1:01:d5:06:5c:24:76:91:88:b5:a3:c5:38:6f:13:a1:fe:21:
38:44:dc:17:a9:48:5b:a6:64:83:94:cd:28:96:29:04:c4:91:
04:27:c2:ca
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbUoh0FYroaqtU4b+CKFjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkOGNiZWU1MTk5MGYxZTA1YTlkMWRjMGMyZjJmM2E4YTM0
NzBjMTMwHhcNMjQwMTAxMDAyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNGM3MDZiNmNlMjYzNDQ5Nzk3MTJhZTU5NTVmZWFiYWJjODhkODJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiiyBEiOmmSertBP9cudnAJLHX7vQ
Hcpqz9e6LAN1hAR2vUoJJDscVDMeqX6sZDSGLtFlde27Flggg7Q8zcIbiLVf1bMq
CRh+TkFqBcMZyiiX7mc2zI6jn/datDtEkVDRpgzv2xk6e9JiHmNznTe7UAx/BVAy
CpoMJARRRn77SdVaq8EKiAPX3oK9nXpYzSHCJTqhmw1p/ErbpB78c5Bqpc+/dlal
Bt4lQVz5qV5gHckg+NJl7Bl2sxqaKIMtvT91DqNWfIna0hc7JbxcZxZGEt/fSFan
dhCvXPVlCqcfBhNe7Z2gE2rCSmjjb53XbrLj8+8WLWKMHp3y/qMwOvB9UQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFDTHBrbOJjRJeXEq5ZVf6rq8iNgvMB8GA1UdIwQY
MBaAFA2MvuUZkPHgWp0dwMLy86ijRwwTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFl5LTVSbVE4ZUJhblIzQXd2THpxS05IREJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Mi83NjNkOGUtMjA4MS00Y2Y4LWI2NWIt
MWIxZTc4Y2JiYjA5LzEvTk1jR3RzNG1ORWw1Y1NybGxWX3F1cnlJMkM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Mi83NjNkOGUtMjA4MS00Y2Y4LWI2NWItMWIxZTc4Y2JiYjA5
LzEvRFl5LTVSbVE4ZUJhblIzQXd2THpxS05IREJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXCswMA0G
CSqGSIb3DQEBCwUAA4IBAQAidyQoQh3/5YEEkQ5NRCwDC1uYRNCAiuq0OjgajvdI
BZjv/IP4OfxaOuBxRv2SbHVfqyPd3jtBnAOZYqCWo7J/zFQjiox0ChrkGmg/MoXZ
G4nTadMN2wz6QgRifpT/5ElZkfXmaKHEOg/GaiPbJXPvC1t/vr9sexhF5XkD26du
38fFtIoGibfTPOQ5csRyLATwqFF8iGAM3aqSx/ZCCqSLG1cg77oUGOICDgAGW8i7
kENo5lDF5ZsgTxlbHqMgqCs/Xb+1Igk81dS7bZxgVa2oByFRvP21DXbBAdUGXCR2
kYi1o8U4bxOh/iE4RNwXqUhbpmSDlM0olikExJEEJ8LK
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:42:35 2024 by rpki-client on console-ams.rpki-client.org