Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/_yvMuwLQOOs9T04o2lBzsdR5RLI.roa
File: _yvMuwLQOOs9T04o2lBzsdR5RLI.roa (raw, json)
Hash identifier: zXfO2VOt+xSDyGtPtSAC9lHn5l4jfLJwezEfjkcnS+Y=
Subject key identifier: FF:2B:CC:BB:02:D0:38:EB:3D:4F:4E:28:DA:50:73:B1:D4:79:44:B2
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 018CC3B6C067DC7C59ED7CC1014718D50D21
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/_yvMuwLQOOs9T04o2lBzsdR5RLI.roa
Signing time: Mon 01 Jan 2024 06:29:43 +0000
ROA not before: Mon 01 Jan 2024 06:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207107
IP address blocks: 92.52.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 02:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:c0:67:dc:7c:59:ed:7c:c1:01:47:18:d5:0d:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Jan 1 06:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff2bccbb02d038eb3d4f4e28da5073b1d47944b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:b9:22:35:4b:09:59:f1:f7:6e:d4:2b:78:d3:
59:68:b4:67:9b:7f:e1:e0:03:21:d6:a7:79:b4:eb:
bc:b3:97:a3:26:76:4d:c2:8a:73:8e:c1:36:cb:f7:
ac:86:4f:ea:09:92:a8:e0:23:45:3b:44:c0:3e:f1:
9d:31:ea:a4:a5:e5:4a:7c:21:9a:c7:79:3a:da:bf:
83:4c:41:f4:5e:dd:5d:eb:39:a5:b9:85:1c:07:5f:
08:84:5e:a8:5e:df:dd:b6:f4:5c:3d:fa:91:82:00:
6f:e1:5d:ae:eb:46:19:42:0b:ba:58:a4:55:09:a7:
15:61:f3:24:e5:1b:7a:ea:5d:32:42:f1:91:8e:2e:
be:f8:25:b7:ea:64:7d:4a:ac:6f:e1:99:8a:80:ed:
cd:f5:a3:db:18:60:2b:10:10:ec:c8:7c:f0:3d:94:
6c:51:2f:fc:13:26:e7:bd:5c:32:32:ad:14:74:f7:
28:ef:61:79:2e:9e:1f:47:83:a0:fc:26:91:6a:db:
28:66:ff:84:a9:35:09:92:a9:76:49:d7:42:98:2f:
f0:d7:f4:df:e3:e6:a4:70:89:f6:35:92:aa:e3:d0:
e2:a2:2b:42:0c:50:05:37:02:f9:e5:96:14:8f:4d:
1d:28:1c:5a:87:4e:0b:94:c7:0f:cb:f4:af:cc:8c:
14:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:2B:CC:BB:02:D0:38:EB:3D:4F:4E:28:DA:50:73:B1:D4:79:44:B2
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/_yvMuwLQOOs9T04o2lBzsdR5RLI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.52.222.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:64:f7:92:46:f4:b0:64:da:51:eb:86:d0:ac:16:19:79:15:
b5:af:75:fa:b2:d0:28:88:02:1f:a7:dd:71:a7:f9:3a:79:cb:
70:f0:1d:76:8c:be:b0:b7:eb:f1:8d:17:53:10:04:11:c8:22:
25:ac:2d:e1:fc:3f:cd:20:3e:7f:1f:62:db:b7:bd:1f:cb:3d:
62:44:20:5c:96:29:72:a4:f9:9c:a0:da:2c:5a:00:c6:50:06:
a2:7c:c2:05:8b:7b:60:48:6e:b3:67:98:14:61:dc:0a:76:aa:
03:bb:8d:91:6a:cf:ae:1e:85:ca:9e:6a:70:43:ec:25:96:ee:
93:6e:b8:6e:9b:c5:6e:89:b9:8d:df:16:63:86:d7:3f:8a:0b:
ea:94:fa:b2:1b:b1:b3:b0:62:88:81:13:ad:7c:ec:cb:33:f6:
cf:d9:fe:92:c1:f2:ec:2e:6d:7a:9e:0c:8d:5e:a0:c5:a8:6b:
0f:ad:2e:b3:32:97:2e:2b:dc:a2:64:0e:87:e9:9d:76:28:f4:
20:6d:4b:18:7c:df:04:63:ee:f7:4d:8a:6c:88:76:ab:c5:28:
8c:38:c5:cc:62:fa:11:60:92:64:5e:71:36:1f:40:33:14:26:
37:3e:9d:22:2d:2d:ef:16:2f:6e:5c:3a:29:f6:4c:0b:2f:a3:
e3:69:80:b0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDtsBn3HxZ7XzBAUcY1Q0hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjQwMTAxMDYyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjJiY2NiYjAyZDAzOGViM2Q0ZjRlMjhkYTUwNzNiMWQ0Nzk0NGIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlbkiNUsJWfH3btQreNNZaLRnm3/h
4AMh1qd5tOu8s5ejJnZNwopzjsE2y/eshk/qCZKo4CNFO0TAPvGdMeqkpeVKfCGa
x3k62r+DTEH0Xt1d6zmluYUcB18IhF6oXt/dtvRcPfqRggBv4V2u60YZQgu6WKRV
CacVYfMk5Rt66l0yQvGRji6++CW36mR9Sqxv4ZmKgO3N9aPbGGArEBDsyHzwPZRs
US/8EybnvVwyMq0UdPco72F5Lp4fR4Og/CaRatsoZv+EqTUJkql2SddCmC/w1/Tf
4+akcIn2NZKq49DioitCDFAFNwL55ZYUj00dKBxah04LlMcPy/SvzIwUYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFP8rzLsC0DjrPU9OKNpQc7HUeUSyMB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvX3l2TXV3TFFPT3M5VDA0bzJsQnpzZFI1UkxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXDTeMA0G
CSqGSIb3DQEBCwUAA4IBAQAqZPeSRvSwZNpR64bQrBYZeRW1r3X6stAoiAIfp91x
p/k6ectw8B12jL6wt+vxjRdTEAQRyCIlrC3h/D/NID5/H2Lbt70fyz1iRCBclily
pPmcoNosWgDGUAaifMIFi3tgSG6zZ5gUYdwKdqoDu42Ras+uHoXKnmpwQ+wllu6T
brhum8VuibmN3xZjhtc/igvqlPqyG7GzsGKIgROtfOzLM/bP2f6SwfLsLm16ngyN
XqDFqGsPrS6zMpcuK9yiZA6H6Z12KPQgbUsYfN8EY+73TYpsiHarxSiMOMXMYvoR
YJJkXnE2H0AzFCY3Pp0iLS3vFi9uXDop9kwLL6PjaYCw
-----END CERTIFICATE-----
Generated at Mon Nov 25 09:34:43 2024 by rpki-client on console-ams.rpki-client.org