Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/tUcPxPzV5VH7Z9h-4CUpYRfWCSA.roa
File: tUcPxPzV5VH7Z9h-4CUpYRfWCSA.roa (raw, json)
Hash identifier: jJNukW5Oy1Tnclv1Ne4l7LAHm8ewXBmL+SV6hct8wew=
Subject key identifier: B5:47:0F:C4:FC:D5:E5:51:FB:67:D8:7E:E0:25:29:61:17:D6:09:20
Certificate issuer: /CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Certificate serial: 018CC9BCA13295B1FB231A0C287540E47AB7
Authority key identifier: 9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/tUcPxPzV5VH7Z9h-4CUpYRfWCSA.roa
Signing time: Tue 02 Jan 2024 10:33:51 +0000
ROA not before: Tue 02 Jan 2024 10:33:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 92.249.38.0/24 maxlen: 24
92.249.37.0/24 maxlen: 24
92.249.36.0/24 maxlen: 24
92.249.39.0/24 maxlen: 24
2a09:a700::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.mft
rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:a1:32:95:b1:fb:23:1a:0c:28:75:40:e4:7a:b7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a24b27d9f3df6e14ebc79e146e8be32754bf800
Validity
Not Before: Jan 2 10:33:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5470fc4fcd5e551fb67d87ee025296117d60920
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3a:74:a5:d8:f7:93:01:d8:4e:bb:f7:7b:27:
c4:55:cb:2f:42:e6:b4:69:1f:c9:e5:d6:20:9c:d8:
82:e9:6e:fd:63:7d:23:a2:d0:1d:0c:9c:b8:d4:bd:
ee:10:71:d0:72:64:97:c9:7a:92:7a:67:2c:7f:68:
c1:f3:5f:a6:96:75:5d:4e:68:a8:3a:c6:85:cc:50:
3d:57:11:03:36:19:7c:19:86:08:1f:b8:75:fb:2f:
c3:41:51:c7:0f:0a:c4:f0:92:f1:03:f1:23:00:17:
dd:4c:24:fc:64:05:87:89:5c:f4:3a:60:b0:da:c6:
0d:d9:0d:32:12:54:5e:ea:b7:42:78:32:e9:0b:01:
af:da:0e:23:c1:a1:f0:bc:41:05:d8:8b:66:56:d4:
12:73:d9:73:64:28:fc:85:d5:9d:08:a3:cc:c3:43:
3b:38:a4:71:7a:5a:32:8c:b0:1b:b4:f4:19:70:43:
23:b6:4c:54:3b:67:61:82:9e:06:f5:91:c9:a6:22:
97:85:f5:ae:8c:4b:7c:73:8c:a7:52:7c:4c:3e:6e:
84:12:f1:3b:b2:73:84:b7:5e:cd:6f:42:fe:73:e7:
af:cc:7f:ec:f6:23:a3:27:a9:5c:03:f3:1d:0a:f6:
54:87:d6:af:e8:1f:7c:a8:98:b8:1a:eb:8a:19:cd:
65:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:47:0F:C4:FC:D5:E5:51:FB:67:D8:7E:E0:25:29:61:17:D6:09:20
X509v3 Authority Key Identifier:
keyid:9A:24:B2:7D:9F:3D:F6:E1:4E:BC:79:E1:46:E8:BE:32:75:4B:F8:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/miSyfZ899uFOvHnhRui-MnVL-AA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/tUcPxPzV5VH7Z9h-4CUpYRfWCSA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/0251f2-a1bb-44fb-b908-48d5ff4ba255/1/miSyfZ899uFOvHnhRui-MnVL-AA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.36.0/22
IPv6:
2a09:a700::/29
Signature Algorithm: sha256WithRSAEncryption
8d:b7:e2:65:c6:b1:d9:a7:28:82:42:65:6b:53:2f:66:8f:9d:
ce:80:7e:82:e1:15:a6:13:bf:33:65:72:91:81:36:e7:41:78:
22:ad:ba:af:02:3b:39:9e:56:ca:f5:63:1c:a6:7c:33:93:37:
e6:36:d6:2e:da:ce:bb:61:29:2e:29:8f:cb:16:dc:e9:43:54:
08:6f:ab:6e:a9:21:51:3b:5a:06:6d:72:f5:62:76:c3:75:8d:
3c:3c:1d:c7:c4:eb:da:77:20:b0:d5:45:9c:ec:25:4c:bf:55:
0d:b8:a3:55:cd:f6:fb:05:69:16:a2:28:e3:27:a6:71:18:7c:
3e:01:d0:8c:7e:9f:4a:99:0c:b6:2d:e3:cd:6a:a3:cc:08:e4:
07:a4:8e:f3:c5:88:a5:75:f1:6d:11:b5:16:42:76:56:13:3b:
b2:2d:e1:9d:4d:ba:66:07:8b:f1:63:71:a6:f3:bb:e5:43:6b:
9e:36:33:dd:01:02:f7:8b:73:0f:f0:4f:78:d9:1b:f2:ec:56:
e5:c2:77:de:e1:70:1f:65:be:b2:23:fc:a8:f7:44:4a:f3:00:
25:fd:f6:c7:74:de:5f:47:e1:87:84:cb:4e:5c:d0:e8:95:8d:
91:08:06:d6:ad:b8:f2:ef:b6:4b:5e:8f:a1:d0:d3:96:95:9e:
83:dd:ef:65
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJvKEylbH7IxoMKHVA5Hq3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhMjRiMjdkOWYzZGY2ZTE0ZWJjNzllMTQ2ZThiZTMyNzU0
YmY4MDAwHhcNMjQwMTAyMTAzMzUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTQ3MGZjNGZjZDVlNTUxZmI2N2Q4N2VlMDI1Mjk2MTE3ZDYwOTIwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzp0pdj3kwHYTrv3eyfEVcsvQua0
aR/J5dYgnNiC6W79Y30jotAdDJy41L3uEHHQcmSXyXqSemcsf2jB81+mlnVdTmio
OsaFzFA9VxEDNhl8GYYIH7h1+y/DQVHHDwrE8JLxA/EjABfdTCT8ZAWHiVz0OmCw
2sYN2Q0yElRe6rdCeDLpCwGv2g4jwaHwvEEF2ItmVtQSc9lzZCj8hdWdCKPMw0M7
OKRxeloyjLAbtPQZcEMjtkxUO2dhgp4G9ZHJpiKXhfWujEt8c4ynUnxMPm6EEvE7
snOEt17Nb0L+c+evzH/s9iOjJ6lcA/MdCvZUh9av6B98qJi4GuuKGc1l+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLVHD8T81eVR+2fYfuAlKWEX1gkgMB8GA1UdIwQY
MBaAFJoksn2fPfbhTrx54UbovjJ1S/gAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgt
NDhkNWZmNGJhMjU1LzEvdFVjUHhQelY1Vkg3WjloLTRDVXBZUmZXQ1NBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8wMjUxZjItYTFiYi00NGZiLWI5MDgtNDhkNWZmNGJhMjU1
LzEvbWlTeWZaODk5dUZPdkhuaFJ1aS1NblZMLUFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCXPkkMA0E
AgACMAcDBQMqCacAMA0GCSqGSIb3DQEBCwUAA4IBAQCNt+JlxrHZpyiCQmVrUy9m
j53OgH6C4RWmE78zZXKRgTbnQXgirbqvAjs5nlbK9WMcpnwzkzfmNtYu2s67YSku
KY/LFtzpQ1QIb6tuqSFRO1oGbXL1YnbDdY08PB3HxOvadyCw1UWc7CVMv1UNuKNV
zfb7BWkWoijjJ6ZxGHw+AdCMfp9KmQy2LePNaqPMCOQHpI7zxYildfFtEbUWQnZW
EzuyLeGdTbpmB4vxY3Gm87vlQ2ueNjPdAQL3i3MP8E942Rvy7Fblwnfe4XAfZb6y
I/yo90RK8wAl/fbHdN5fR+GHhMtOXNDolY2RCAbWrbjy77ZLXo+h0NOWlZ6D3e9l
-----END CERTIFICATE-----
Generated at Wed May 8 16:21:36 2024 by rpki-client on console-ams.rpki-client.org