Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/qUMrjkhliwdLPVM5HlicbGyp6Jw.roa
File: qUMrjkhliwdLPVM5HlicbGyp6Jw.roa (raw, json)
Hash identifier: iwiQ1XsPUb85br17My9zlyueZWdPJGLF1gbTSo4twJs=
Subject key identifier: A9:43:2B:8E:48:65:8B:07:4B:3D:53:39:1E:58:9C:6C:6C:A9:E8:9C
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 018D5918475EFA025A13ADAFF792BD5C5F27
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/qUMrjkhliwdLPVM5HlicbGyp6Jw.roa
Signing time: Tue 30 Jan 2024 06:39:39 +0000
ROA not before: Tue 30 Jan 2024 06:39:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 185.92.46.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 29 Apr 2024 04:03:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:59:18:47:5e:fa:02:5a:13:ad:af:f7:92:bd:5c:5f:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Jan 30 06:39:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a9432b8e48658b074b3d53391e589c6c6ca9e89c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:e8:2d:49:68:e2:1f:85:be:ea:1c:90:3f:b9:
8c:05:28:53:e4:6e:16:09:ac:22:f4:16:8c:87:0c:
c1:11:82:a5:35:32:35:5d:c5:bb:0d:96:23:38:91:
77:31:ad:46:58:3d:69:8b:e6:fb:02:fa:13:4b:8e:
04:d6:f9:13:ce:23:25:38:36:b5:33:65:2c:d3:13:
1b:dc:e5:77:58:5d:f1:6c:01:86:1f:56:69:1c:fe:
95:b7:7a:c6:1d:69:2b:c0:ce:6c:70:1a:1f:6a:05:
40:ca:b1:4b:f7:64:f6:df:12:f8:06:3b:3a:4c:4b:
de:37:79:c8:98:b1:e2:6d:77:a2:8e:72:c6:ca:cb:
a3:6b:07:33:12:c9:c0:98:25:1a:de:06:39:c5:97:
77:6e:6b:23:52:1f:ea:9c:7e:62:1d:96:9c:a3:f4:
a3:ff:a4:6e:9c:a7:1d:4f:33:b9:a3:bc:e0:c3:e3:
10:7f:a1:97:e7:a7:8f:41:21:51:bc:96:3c:02:b2:
e0:87:47:05:db:d0:fa:59:81:fb:42:2a:34:db:40:
f9:2d:5e:ac:24:d7:b2:cc:7a:4a:06:5b:60:4d:b2:
17:89:b1:f7:3a:46:79:5f:26:3b:c0:79:af:4a:36:
52:37:e7:c2:cb:87:d0:b8:b0:e4:3b:da:14:b2:82:
b2:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:43:2B:8E:48:65:8B:07:4B:3D:53:39:1E:58:9C:6C:6C:A9:E8:9C
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/qUMrjkhliwdLPVM5HlicbGyp6Jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.92.46.0/24
Signature Algorithm: sha256WithRSAEncryption
ad:2d:54:f6:1f:9b:38:4f:14:54:ce:7a:93:3b:c4:84:ae:c9:
75:6b:31:0a:e7:08:c4:a2:4f:14:ca:91:32:71:52:60:c1:58:
f1:ed:cf:23:7c:3c:5b:f6:b6:af:f0:6a:c8:ed:af:bf:71:16:
53:2d:fd:2b:4a:d9:07:43:13:97:a7:00:36:2c:e7:8c:62:53:
3b:e6:fd:5e:b6:24:f4:81:0f:76:50:f6:cf:e8:52:54:08:a0:
39:92:c8:51:bd:74:78:c8:16:9c:91:f4:70:cd:21:33:0b:0e:
98:22:80:02:28:8f:b2:57:9c:cd:98:5e:e5:08:83:81:be:64:
f4:9c:83:c9:25:cc:c4:48:06:83:7d:0e:36:7c:0c:0b:58:6a:
f0:ed:de:06:78:5f:7a:3d:56:cc:4f:39:83:3d:e7:f5:15:4b:
e3:52:3b:a5:7b:7a:b2:2e:1e:e3:d6:d1:e5:ef:1c:63:1a:44:
f7:43:07:08:47:5b:01:6e:54:17:d5:6f:c3:6c:a3:5b:61:32:
9c:2b:03:7a:87:02:d9:2d:5e:86:67:c6:3c:e8:f6:08:49:7c:
f7:9c:5b:db:05:12:b4:6c:e7:30:a1:81:39:5e:67:ef:83:97:
21:8c:48:d3:9d:bd:37:a2:05:04:fc:f7:7b:99:f2:b4:f3:33:
4c:5e:2c:70
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1ZGEde+gJaE62v95K9XF8nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjQwMTMwMDYzOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOTQzMmI4ZTQ4NjU4YjA3NGIzZDUzMzkxZTU4OWM2YzZjYTllODljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkugtSWjiH4W+6hyQP7mMBShT5G4W
Cawi9BaMhwzBEYKlNTI1XcW7DZYjOJF3Ma1GWD1pi+b7AvoTS44E1vkTziMlODa1
M2Us0xMb3OV3WF3xbAGGH1ZpHP6Vt3rGHWkrwM5scBofagVAyrFL92T23xL4Bjs6
TEveN3nImLHibXeijnLGysujawczEsnAmCUa3gY5xZd3bmsjUh/qnH5iHZaco/Sj
/6RunKcdTzO5o7zgw+MQf6GX56ePQSFRvJY8ArLgh0cF29D6WYH7Qio020D5LV6s
JNeyzHpKBltgTbIXibH3OkZ5XyY7wHmvSjZSN+fCy4fQuLDkO9oUsoKyIwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKlDK45IZYsHSz1TOR5YnGxsqeicMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEvcVVNcmpraGxpd2RMUFZNNUhsaWNiR3lwNkp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuVwuMA0G
CSqGSIb3DQEBCwUAA4IBAQCtLVT2H5s4TxRUznqTO8SErsl1azEK5wjEok8UypEy
cVJgwVjx7c8jfDxb9rav8GrI7a+/cRZTLf0rStkHQxOXpwA2LOeMYlM75v1etiT0
gQ92UPbP6FJUCKA5kshRvXR4yBackfRwzSEzCw6YIoACKI+yV5zNmF7lCIOBvmT0
nIPJJczESAaDfQ42fAwLWGrw7d4GeF96PVbMTzmDPef1FUvjUjule3qyLh7j1tHl
7xxjGkT3QwcIR1sBblQX1W/DbKNbYTKcKwN6hwLZLV6GZ8Y86PYISXz3nFvbBRK0
bOcwoYE5Xmfvg5chjEjTnb03ogUE/Pd7mfK08zNMXixw
-----END CERTIFICATE-----
Generated at Sun Apr 28 11:06:18 2024 by rpki-client on console-ams.rpki-client.org