Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/16865b-0e70-4160-a48d-7f01972186a3/1/Tr6Vg2EJ_5aQfJ4wlR4WnLRprpg.roa
File: Tr6Vg2EJ_5aQfJ4wlR4WnLRprpg.roa (raw, json)
Hash identifier: eJ2p95lV+HX/G3K34f5+FS1ReGBTTAtNSa5DxQoZOqE=
Subject key identifier: 4E:BE:95:83:61:09:FF:96:90:7C:9E:30:95:1E:16:9C:B4:69:AE:98
Certificate issuer: /CN=19bbc28498eb169590b069a005414c41a179b240
Certificate serial: 018CC26D852B0267C1F3FA6A228E3ABEB87C
Authority key identifier: 19:BB:C2:84:98:EB:16:95:90:B0:69:A0:05:41:4C:41:A1:79:B2:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GbvChJjrFpWQsGmgBUFMQaF5skA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/16865b-0e70-4160-a48d-7f01972186a3/1/Tr6Vg2EJ_5aQfJ4wlR4WnLRprpg.roa
Signing time: Mon 01 Jan 2024 00:30:06 +0000
ROA not before: Mon 01 Jan 2024 00:30:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 44292
IP address blocks: 92.42.169.0/24 maxlen: 24
92.42.172.0/24 maxlen: 24
92.42.170.0/24 maxlen: 24
92.42.171.0/24 maxlen: 24
92.42.168.0/24 maxlen: 24
92.42.173.0/24 maxlen: 24
92.42.174.0/24 maxlen: 24
92.42.175.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/16865b-0e70-4160-a48d-7f01972186a3/1/GbvChJjrFpWQsGmgBUFMQaF5skA.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/16865b-0e70-4160-a48d-7f01972186a3/1/GbvChJjrFpWQsGmgBUFMQaF5skA.mft
rsync://rpki.ripe.net/repository/DEFAULT/GbvChJjrFpWQsGmgBUFMQaF5skA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:85:2b:02:67:c1:f3:fa:6a:22:8e:3a:be:b8:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19bbc28498eb169590b069a005414c41a179b240
Validity
Not Before: Jan 1 00:30:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ebe95836109ff96907c9e30951e169cb469ae98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:fe:5a:da:e8:a5:c2:cb:4b:34:a3:b9:0c:32:
36:77:87:a1:ba:ae:8a:52:cb:d1:7a:ca:d8:f4:56:
88:d4:47:6a:2b:c0:af:61:8e:d1:fc:ac:9e:98:6a:
39:54:b6:25:8f:47:32:b3:1d:4d:42:19:b6:f2:19:
be:e6:39:20:7e:74:0a:77:c7:b8:dc:f1:a7:67:8d:
21:96:cf:4c:c9:59:19:37:d5:42:c8:e3:06:a6:97:
db:d6:94:fc:5d:38:68:05:72:0a:d5:ff:52:bf:d9:
e8:fe:1a:6e:52:74:1d:c3:7a:d0:63:65:0a:47:95:
42:14:5e:25:e0:e6:3b:e4:3e:be:b9:aa:da:6b:c3:
48:19:71:a4:52:70:52:8c:75:e7:a4:29:b1:fd:f9:
ce:8f:a7:f8:ba:86:92:09:32:80:f8:cf:38:57:89:
da:34:c8:ad:e7:be:fe:b6:7d:dd:b8:72:45:e9:4f:
e6:12:13:7f:e1:19:e3:64:26:32:bb:29:38:bb:cb:
e9:f1:1e:05:29:d8:58:51:f3:81:a2:a8:e9:13:83:
49:2b:b9:ae:24:38:c4:1b:e0:e4:3d:8a:2b:ea:31:
e6:fa:15:ab:d6:58:a1:54:3e:e7:f7:d9:a8:6e:9c:
13:f1:d7:14:43:e8:ab:67:b4:90:f4:6e:cf:57:25:
4e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:BE:95:83:61:09:FF:96:90:7C:9E:30:95:1E:16:9C:B4:69:AE:98
X509v3 Authority Key Identifier:
keyid:19:BB:C2:84:98:EB:16:95:90:B0:69:A0:05:41:4C:41:A1:79:B2:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GbvChJjrFpWQsGmgBUFMQaF5skA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/16865b-0e70-4160-a48d-7f01972186a3/1/Tr6Vg2EJ_5aQfJ4wlR4WnLRprpg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/16865b-0e70-4160-a48d-7f01972186a3/1/GbvChJjrFpWQsGmgBUFMQaF5skA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.42.168.0/21
Signature Algorithm: sha256WithRSAEncryption
56:cc:69:af:b4:d0:eb:8c:bd:e2:e9:ed:cf:fa:30:51:31:e7:
10:88:74:bc:1f:72:14:50:e0:b0:3f:7d:50:c3:4f:53:cf:e9:
cb:10:79:3a:e1:cd:8f:b2:28:e2:99:a6:0d:a8:bc:74:00:c8:
b8:a3:e9:9e:10:b9:92:45:0a:2e:f0:6d:1c:01:e5:5f:2a:df:
34:01:9d:1d:76:ed:68:c4:c9:c3:37:76:bc:39:65:0d:20:90:
14:6b:54:65:f5:99:29:c3:58:d7:02:62:cf:9a:a4:ac:7c:ec:
03:62:1a:dc:34:a1:e8:4b:41:ed:31:f6:d8:ad:78:79:1e:81:
98:e2:a3:d3:8b:2a:04:f4:c0:59:46:e6:53:38:4a:59:8b:df:
3f:bc:06:09:d2:38:bd:df:15:c8:db:05:bf:ff:23:15:00:59:
e0:8e:0d:c7:ac:f7:78:46:3e:5c:82:f7:cc:b5:14:63:4b:fd:
d3:f1:8d:47:8f:50:6a:06:45:f2:bd:64:b5:18:45:0f:ed:68:
1e:e2:e6:05:8f:a8:c1:6c:c6:f3:7d:bc:b6:e6:d5:64:ca:27:
89:8c:8d:04:09:0c:91:e1:b8:c6:6f:ca:cb:56:d2:6e:09:52:
55:c3:27:41:d1:3c:67:6d:5f:db:b1:4f:11:e5:62:12:3c:b0:
c1:f7:79:9d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzCbYUrAmfB8/pqIo46vrh8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YmJjMjg0OThlYjE2OTU5MGIwNjlhMDA1NDE0YzQxYTE3
OWIyNDAwHhcNMjQwMTAxMDAzMDA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWJlOTU4MzYxMDlmZjk2OTA3YzllMzA5NTFlMTY5Y2I0NjlhZTk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlP5a2uilwstLNKO5DDI2d4ehuq6K
UsvResrY9FaI1EdqK8CvYY7R/KyemGo5VLYlj0cysx1NQhm28hm+5jkgfnQKd8e4
3PGnZ40hls9MyVkZN9VCyOMGppfb1pT8XThoBXIK1f9Sv9no/hpuUnQdw3rQY2UK
R5VCFF4l4OY75D6+uaraa8NIGXGkUnBSjHXnpCmx/fnOj6f4uoaSCTKA+M84V4na
NMit577+tn3duHJF6U/mEhN/4RnjZCYyuyk4u8vp8R4FKdhYUfOBoqjpE4NJK7mu
JDjEG+DkPYor6jHm+hWr1lihVD7n99mobpwT8dcUQ+irZ7SQ9G7PVyVOuwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE6+lYNhCf+WkHyeMJUeFpy0aa6YMB8GA1UdIwQY
MBaAFBm7woSY6xaVkLBpoAVBTEGhebJAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2J2Q2hKanJGcFdRc0dtZ0JVRk1RYUY1c2tBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8xNjg2NWItMGU3MC00MTYwLWE0OGQt
N2YwMTk3MjE4NmEzLzEvVHI2VmcyRUpfNWFRZko0d2xSNFduTFJwcnBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8xNjg2NWItMGU3MC00MTYwLWE0OGQtN2YwMTk3MjE4NmEz
LzEvR2J2Q2hKanJGcFdRc0dtZ0JVRk1RYUY1c2tBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQDXCqoMA0G
CSqGSIb3DQEBCwUAA4IBAQBWzGmvtNDrjL3i6e3P+jBRMecQiHS8H3IUUOCwP31Q
w09Tz+nLEHk64c2PsijimaYNqLx0AMi4o+meELmSRQou8G0cAeVfKt80AZ0ddu1o
xMnDN3a8OWUNIJAUa1Rl9Zkpw1jXAmLPmqSsfOwDYhrcNKHoS0HtMfbYrXh5HoGY
4qPTiyoE9MBZRuZTOEpZi98/vAYJ0ji93xXI2wW//yMVAFngjg3HrPd4Rj5cgvfM
tRRjS/3T8Y1Hj1BqBkXyvWS1GEUP7Wge4uYFj6jBbMbzfby25tVkyieJjI0ECQyR
4bjGb8rLVtJuCVJVwydB0TxnbV/bsU8R5WISPLDB93md
-----END CERTIFICATE-----
Generated at Sat Dec 28 02:58:03 2024 by rpki-client on console-ams.rpki-client.org