Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/G_07xGG_d_NvtW7W9eG7k3fYCv0.roa
File: G_07xGG_d_NvtW7W9eG7k3fYCv0.roa (raw, json)
Hash identifier: 0eZUQY5U5Xrpw23pxnWOvfqfETTV4lw8E1Uegc5TkQE=
Subject key identifier: 1B:FD:3B:C4:61:BF:77:F3:6F:B5:6E:D6:F5:E1:BB:93:77:D8:0A:FD
Certificate issuer: /CN=40dde71b41bffb1b516e07b0c61391bdf4d3bf11
Certificate serial: 018CC500FFBA5FE61CFAAFD2F326BA8EC1E3
Authority key identifier: 40:DD:E7:1B:41:BF:FB:1B:51:6E:07:B0:C6:13:91:BD:F4:D3:BF:11
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QN3nG0G_-xtRbgewxhORvfTTvxE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/G_07xGG_d_NvtW7W9eG7k3fYCv0.roa
Signing time: Mon 01 Jan 2024 12:30:26 +0000
ROA not before: Mon 01 Jan 2024 12:30:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208685
IP address blocks: 92.60.72.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/QN3nG0G_-xtRbgewxhORvfTTvxE.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/QN3nG0G_-xtRbgewxhORvfTTvxE.mft
rsync://rpki.ripe.net/repository/DEFAULT/QN3nG0G_-xtRbgewxhORvfTTvxE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:ff:ba:5f:e6:1c:fa:af:d2:f3:26:ba:8e:c1:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=40dde71b41bffb1b516e07b0c61391bdf4d3bf11
Validity
Not Before: Jan 1 12:30:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=1bfd3bc461bf77f36fb56ed6f5e1bb9377d80afd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:3b:f2:93:7f:16:2b:0c:78:db:34:82:9e:35:
96:8d:13:19:e8:13:a3:c2:ce:e3:8a:83:ce:8d:78:
c1:70:69:ca:17:76:73:92:97:b4:e8:e4:38:40:da:
e5:75:65:04:82:73:57:fe:57:37:4c:e4:df:22:d3:
0d:b2:e8:26:a2:42:90:5d:37:8d:9a:5d:ab:f6:fd:
e2:dc:17:e8:84:7a:22:c0:e9:6b:5d:c4:8c:7c:4e:
f1:23:43:7a:36:fd:c4:66:c2:c6:f2:6d:2b:7e:44:
30:d3:6c:12:7d:d3:cf:7e:23:5b:bc:1f:de:1b:7c:
25:71:f2:b5:5f:b0:86:24:31:dc:47:f3:62:ec:41:
fe:4c:3b:04:65:32:c5:2a:9d:c4:ed:cb:41:25:60:
e6:d0:80:92:07:b0:e5:85:1e:84:d7:9e:a0:28:63:
c9:28:59:b2:e1:a4:1e:21:77:6a:59:09:63:25:1e:
ce:3c:6c:d7:97:4c:7f:45:1d:0b:42:58:fc:44:64:
16:ea:09:94:fc:ed:a1:7b:b6:e9:f9:6b:ae:06:83:
a2:db:37:94:25:c3:9e:18:3c:28:e2:8e:54:c1:fc:
bf:2e:af:c3:8d:5d:c4:cb:6b:42:0e:b3:22:8d:20:
af:be:99:a8:8e:38:d9:ea:eb:57:d2:63:b8:12:bc:
be:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:FD:3B:C4:61:BF:77:F3:6F:B5:6E:D6:F5:E1:BB:93:77:D8:0A:FD
X509v3 Authority Key Identifier:
keyid:40:DD:E7:1B:41:BF:FB:1B:51:6E:07:B0:C6:13:91:BD:F4:D3:BF:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QN3nG0G_-xtRbgewxhORvfTTvxE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/G_07xGG_d_NvtW7W9eG7k3fYCv0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/9562bf-92bc-46eb-9d16-2badce466853/1/QN3nG0G_-xtRbgewxhORvfTTvxE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.60.72.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:0c:ee:2c:5f:02:46:03:4f:ff:6d:5c:88:a1:12:0e:50:dc:
f6:40:f1:cc:fc:1e:d7:9c:7b:a2:c4:a4:af:16:52:9f:ce:42:
4a:24:8d:dc:01:d3:7f:0d:73:44:e4:3d:d8:35:b2:87:25:6f:
f7:66:5f:40:86:c4:94:34:a5:62:92:cb:e4:90:14:7a:e3:3f:
38:ec:3d:cd:6f:8a:d5:db:49:2b:18:8b:3d:13:fd:10:ce:8f:
b4:c7:e0:18:9f:5d:62:43:71:59:c3:d7:48:45:83:8a:07:7b:
45:dd:5f:31:fb:1c:09:52:24:b7:5b:f4:24:15:5c:ab:85:e0:
7a:f3:e6:85:23:0b:c1:c1:01:58:d3:ec:7c:07:96:d6:09:61:
87:60:3b:fd:60:2c:e9:bf:fa:32:7c:5f:4e:d1:cb:d1:11:7e:
8b:88:ed:ac:ae:30:f6:72:0e:fd:df:1e:32:7c:dd:cf:16:15:
f4:75:f7:5c:ba:c1:df:8d:e0:74:48:d0:05:13:57:c8:19:98:
14:cf:b1:fc:98:83:15:e6:c0:b2:30:b2:01:70:13:3f:9c:67:
e8:8b:71:7b:d4:5b:2b:08:e7:33:66:5c:6c:b2:38:b8:9a:9e:
f0:4a:49:34:5c:83:9f:a1:ba:14:ee:69:d4:94:dd:b8:5d:6b:
10:6d:e0:b7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzFAP+6X+Yc+q/S8ya6jsHjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQwZGRlNzFiNDFiZmZiMWI1MTZlMDdiMGM2MTM5MWJkZjRk
M2JmMTEwHhcNMjQwMTAxMTIzMDI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYmZkM2JjNDYxYmY3N2YzNmZiNTZlZDZmNWUxYmI5Mzc3ZDgwYWZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsTvyk38WKwx42zSCnjWWjRMZ6BOj
ws7jioPOjXjBcGnKF3Zzkpe06OQ4QNrldWUEgnNX/lc3TOTfItMNsugmokKQXTeN
ml2r9v3i3BfohHoiwOlrXcSMfE7xI0N6Nv3EZsLG8m0rfkQw02wSfdPPfiNbvB/e
G3wlcfK1X7CGJDHcR/Ni7EH+TDsEZTLFKp3E7ctBJWDm0ICSB7DlhR6E156gKGPJ
KFmy4aQeIXdqWQljJR7OPGzXl0x/RR0LQlj8RGQW6gmU/O2he7bp+WuuBoOi2zeU
JcOeGDwo4o5Uwfy/Lq/DjV3Ey2tCDrMijSCvvpmojjjZ6utX0mO4Ery+NQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBv9O8Rhv3fzb7Vu1vXhu5N32Ar9MB8GA1UdIwQY
MBaAFEDd5xtBv/sbUW4HsMYTkb30078RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUU4zbkcwR18teHRSYmdld3hoT1J2ZlRUdnhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy85NTYyYmYtOTJiYy00NmViLTlkMTYt
MmJhZGNlNDY2ODUzLzEvR18wN3hHR19kX052dFc3VzllRzdrM2ZZQ3YwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy85NTYyYmYtOTJiYy00NmViLTlkMTYtMmJhZGNlNDY2ODUz
LzEvUU4zbkcwR18teHRSYmdld3hoT1J2ZlRUdnhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBXDxIMA0G
CSqGSIb3DQEBCwUAA4IBAQBrDO4sXwJGA0//bVyIoRIOUNz2QPHM/B7XnHuixKSv
FlKfzkJKJI3cAdN/DXNE5D3YNbKHJW/3Zl9AhsSUNKViksvkkBR64z847D3Nb4rV
20krGIs9E/0Qzo+0x+AYn11iQ3FZw9dIRYOKB3tF3V8x+xwJUiS3W/QkFVyrheB6
8+aFIwvBwQFY0+x8B5bWCWGHYDv9YCzpv/oyfF9O0cvREX6LiO2srjD2cg793x4y
fN3PFhX0dfdcusHfjeB0SNAFE1fIGZgUz7H8mIMV5sCyMLIBcBM/nGfoi3F71Fsr
COczZlxssji4mp7wSkk0XIOfoboU7mnUlN24XWsQbeC3
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:18:43 2024 by rpki-client on console-ams.rpki-client.org