Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/pcxM9ngALshNICd8yYlBeG930vM.roa
File: pcxM9ngALshNICd8yYlBeG930vM.roa (raw, json)
Hash identifier: kZJWMJBNT5Am972w+GACObZdvdg7Kbw5bRphm+R5UVY=
Subject key identifier: A5:CC:4C:F6:78:00:2E:C8:4D:20:27:7C:C9:89:41:78:6F:77:D2:F3
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 018CC94E69F24DD76A0107D361863DD2A8FB
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/pcxM9ngALshNICd8yYlBeG930vM.roa
Signing time: Tue 02 Jan 2024 08:33:28 +0000
ROA not before: Tue 02 Jan 2024 08:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51765
IP address blocks: 185.152.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:69:f2:4d:d7:6a:01:07:d3:61:86:3d:d2:a8:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 2 08:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a5cc4cf678002ec84d20277cc98941786f77d2f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:4f:4e:b9:d0:d1:94:85:b0:a8:30:e6:bd:45:
fa:78:90:9e:6b:26:c2:eb:84:8a:c0:b6:e9:2d:e4:
61:4d:9d:0a:de:82:e5:9b:5c:78:2b:7a:11:3e:00:
d9:b0:82:84:a7:57:26:ad:76:1c:4d:6a:c3:cb:52:
f8:eb:fa:da:cb:cf:86:a2:e5:63:de:ac:af:c7:c4:
ed:9a:a2:fd:d8:43:e6:b5:de:07:c5:68:1c:37:ac:
0c:2b:6c:85:a1:21:62:1c:d1:7e:74:12:9d:d5:02:
90:a5:a6:b3:6a:53:3e:61:05:c2:c6:df:c9:f0:4f:
fe:e5:c8:39:e4:03:ba:45:1f:1f:20:35:f5:68:a3:
51:88:52:a3:2b:c6:9a:b4:05:06:c2:26:6c:92:f1:
5d:21:6f:3a:18:d2:a6:01:fc:cc:0e:a8:f5:9f:de:
a3:34:ec:45:e2:c7:23:b9:bd:cd:30:08:14:b3:77:
c3:6a:a6:0b:ca:85:5d:ed:36:0e:4d:2f:15:59:ae:
ff:bd:0a:fd:92:49:89:5c:df:4c:92:2e:22:22:42:
e3:61:92:7d:55:7d:42:6f:71:37:d3:a9:53:2f:7f:
67:7a:bb:ed:3b:e1:4d:a3:90:18:01:1a:f8:e0:20:
da:78:7f:00:9a:a7:5f:39:eb:28:94:3c:b8:2f:ed:
07:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:CC:4C:F6:78:00:2E:C8:4D:20:27:7C:C9:89:41:78:6F:77:D2:F3
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/pcxM9ngALshNICd8yYlBeG930vM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.152.92.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:5b:d7:a0:09:e6:fc:d5:d0:0d:77:42:6e:46:10:72:1c:d7:
4e:3b:95:47:e9:da:75:ba:8f:f1:71:2d:ce:c9:17:ce:35:e0:
c7:55:bf:1f:e3:cd:3b:3a:08:bf:48:f5:54:b6:32:0a:62:e4:
43:35:35:2a:3c:3e:6e:06:ff:f5:1e:b7:20:25:ab:83:78:4d:
64:ae:10:f7:0a:7d:08:93:3d:ec:d6:0e:a9:c4:11:30:19:18:
b0:79:d9:e0:f7:a8:43:b5:c3:5b:ba:86:a6:7f:73:1c:d7:2c:
c4:04:19:fc:0f:18:32:b1:bb:4e:bf:e3:ff:ad:36:4a:a9:e4:
ce:b4:00:fa:34:e2:d1:de:41:19:5c:2b:6c:1a:43:92:a4:a5:
6d:61:56:c2:c4:a6:7c:7f:7c:9a:7c:3a:60:83:92:27:7d:5e:
cb:14:c2:3d:68:31:b4:81:97:83:cf:a6:ed:08:5e:9c:13:ac:
b3:d3:4c:db:b5:18:46:8a:09:2b:b6:31:0a:49:49:3f:6f:97:
e3:bc:ec:e3:54:43:20:0b:b6:da:f6:d5:ea:ac:70:25:2b:90:
87:24:db:99:ec:c4:ef:4b:1c:0f:3a:3e:b4:1c:9a:45:d6:62:
d6:35:6c:0b:02:b8:3d:4a:ce:18:26:3a:6f:56:e4:0a:17:e0:
2a:5f:a9:38
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTmnyTddqAQfTYYY90qj7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjQwMTAyMDgzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNWNjNGNmNjc4MDAyZWM4NGQyMDI3N2NjOTg5NDE3ODZmNzdkMmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiE9OudDRlIWwqDDmvUX6eJCeaybC
64SKwLbpLeRhTZ0K3oLlm1x4K3oRPgDZsIKEp1cmrXYcTWrDy1L46/ray8+GouVj
3qyvx8TtmqL92EPmtd4HxWgcN6wMK2yFoSFiHNF+dBKd1QKQpaazalM+YQXCxt/J
8E/+5cg55AO6RR8fIDX1aKNRiFKjK8aatAUGwiZskvFdIW86GNKmAfzMDqj1n96j
NOxF4scjub3NMAgUs3fDaqYLyoVd7TYOTS8VWa7/vQr9kkmJXN9Mki4iIkLjYZJ9
VX1Cb3E306lTL39nervtO+FNo5AYARr44CDaeH8AmqdfOesolDy4L+0HewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKXMTPZ4AC7ITSAnfMmJQXhvd9LzMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvcGN4TTluZ0FMc2hOSUNkOHlZbEJlRzkzMHZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuZhcMA0G
CSqGSIb3DQEBCwUAA4IBAQAfW9egCeb81dANd0JuRhByHNdOO5VH6dp1uo/xcS3O
yRfONeDHVb8f4807Ogi/SPVUtjIKYuRDNTUqPD5uBv/1HrcgJauDeE1krhD3Cn0I
kz3s1g6pxBEwGRiwedng96hDtcNbuoamf3Mc1yzEBBn8DxgysbtOv+P/rTZKqeTO
tAD6NOLR3kEZXCtsGkOSpKVtYVbCxKZ8f3yafDpgg5InfV7LFMI9aDG0gZeDz6bt
CF6cE6yz00zbtRhGigkrtjEKSUk/b5fjvOzjVEMgC7ba9tXqrHAlK5CHJNuZ7MTv
SxwPOj60HJpF1mLWNWwLArg9Ss4YJjpvVuQKF+AqX6k4
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:50:04 2024 by rpki-client on console-fra.rpki-client.org