Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/sTMolTGhCnKpA58G8_Zio3-nJOw.roa
File: sTMolTGhCnKpA58G8_Zio3-nJOw.roa (raw, json)
Hash identifier: 00pwr/+ldWuGsLy6g3PLTSdFb/F83+3iRbSXH3+Tzas=
Subject key identifier: B1:33:28:95:31:A1:0A:72:A9:03:9F:06:F3:F6:62:A3:7F:A7:24:EC
Certificate issuer: /CN=2e1620890f700f012b0ba60172314e3c85919513
Certificate serial: 018CC425390594EE5D176BD081A2B016891D
Authority key identifier: 2E:16:20:89:0F:70:0F:01:2B:0B:A6:01:72:31:4E:3C:85:91:95:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LhYgiQ9wDwErC6YBcjFOPIWRlRM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/sTMolTGhCnKpA58G8_Zio3-nJOw.roa
Signing time: Mon 01 Jan 2024 08:30:22 +0000
ROA not before: Mon 01 Jan 2024 08:30:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24634
IP address blocks: 212.28.224.0/19 maxlen: 24
80.81.144.0/20 maxlen: 24
195.112.192.0/19 maxlen: 24
92.62.160.0/20 maxlen: 24
195.112.205.0/24 maxlen: 24
141.105.80.0/20 maxlen: 24
185.3.20.0/22 maxlen: 24
2a00:16e8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/LhYgiQ9wDwErC6YBcjFOPIWRlRM.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/LhYgiQ9wDwErC6YBcjFOPIWRlRM.mft
rsync://rpki.ripe.net/repository/DEFAULT/LhYgiQ9wDwErC6YBcjFOPIWRlRM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 10:02:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:39:05:94:ee:5d:17:6b:d0:81:a2:b0:16:89:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e1620890f700f012b0ba60172314e3c85919513
Validity
Not Before: Jan 1 08:30:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b133289531a10a72a9039f06f3f662a37fa724ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9e:98:5e:02:3e:32:33:14:a8:df:3f:a4:e2:
86:7f:b6:67:0f:76:ed:19:a2:c4:a7:1e:20:ab:53:
c8:9c:db:40:7c:cb:a8:75:e7:0f:cc:73:a7:92:5e:
31:0d:f7:db:b6:02:36:bd:9e:07:60:e6:fd:5b:66:
b6:43:10:ce:cd:3d:e7:08:7c:38:6c:3c:3d:0f:a0:
56:4c:3d:7c:42:d6:b7:bb:d6:cb:06:b0:a0:8b:f2:
7d:f3:b9:de:74:81:62:84:fe:26:ce:62:5f:2f:02:
96:2a:00:8e:6e:ac:b1:b6:09:18:a8:ae:b5:11:44:
80:11:2a:6a:2e:2c:bb:03:92:f4:80:b8:84:69:2b:
dd:59:1a:c2:2f:ba:78:30:dc:a2:2a:2c:7f:26:45:
c7:a6:15:de:7e:83:8e:f7:fb:53:f5:e8:e2:bd:e5:
ba:cf:0d:5e:05:9b:63:08:d1:0c:d6:70:28:e1:ec:
bb:57:99:b0:74:9f:f1:72:eb:b5:af:11:50:66:a4:
a0:4d:e3:cb:28:b6:c8:97:1c:82:fa:c2:80:7f:7b:
21:2e:5a:c1:58:cb:2e:a9:e8:61:f2:93:ec:72:26:
67:12:fc:b9:2a:4f:17:3d:77:a8:f3:90:d5:0e:63:
62:73:9c:f4:5a:cd:f2:ee:0a:e2:8e:91:4c:da:a3:
48:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:33:28:95:31:A1:0A:72:A9:03:9F:06:F3:F6:62:A3:7F:A7:24:EC
X509v3 Authority Key Identifier:
keyid:2E:16:20:89:0F:70:0F:01:2B:0B:A6:01:72:31:4E:3C:85:91:95:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LhYgiQ9wDwErC6YBcjFOPIWRlRM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/sTMolTGhCnKpA58G8_Zio3-nJOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/821152-9f13-4c09-9dcd-45bbb23a15d8/1/LhYgiQ9wDwErC6YBcjFOPIWRlRM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.144.0/20
92.62.160.0/20
141.105.80.0/20
185.3.20.0/22
195.112.192.0/19
212.28.224.0/19
IPv6:
2a00:16e8::/32
Signature Algorithm: sha256WithRSAEncryption
45:bd:a1:0a:96:23:cd:b1:1c:40:1f:b0:67:a5:e4:c1:9a:a6:
ea:4d:e5:e7:99:6c:e0:b9:cb:8d:74:61:f6:9e:bf:a4:d5:30:
ab:97:78:51:fc:a0:57:43:ec:ad:a0:74:96:ec:6a:af:4e:04:
6e:a2:37:73:6e:ff:d0:75:c8:e2:3d:3b:66:38:55:d5:04:ba:
23:f5:b7:01:aa:2b:c4:43:a2:cb:f8:85:ed:38:37:de:1d:86:
57:65:1a:8b:53:07:17:31:9a:b2:6b:19:3b:bd:23:c5:45:fb:
1f:87:f2:05:d7:3a:c7:3a:94:1f:e0:48:cc:af:4d:07:66:2e:
05:c3:bf:79:b7:86:01:79:ec:8b:62:f6:0d:06:67:a9:cd:8b:
9c:1d:2c:98:14:d1:7a:50:c5:dc:8a:b7:5a:70:f8:0c:38:3f:
c5:f6:c7:7a:64:1d:09:3c:fd:da:7b:28:a2:f2:4d:2c:95:ee:
83:9e:6a:9a:02:1f:1d:54:37:e6:1e:c2:d1:31:79:75:65:32:
a4:28:33:8e:29:b7:80:61:92:31:5c:5c:13:5b:1a:f1:0d:5e:
26:8d:b9:b7:55:97:f0:03:86:2b:d0:a4:8d:b9:10:fe:ec:b4:
3a:14:fa:55:dd:aa:8c:36:d0:eb:24:e1:a2:f7:6e:cd:17:75:
48:03:87:6d
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzEJTkFlO5dF2vQgaKwFokdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMTYyMDg5MGY3MDBmMDEyYjBiYTYwMTcyMzE0ZTNjODU5
MTk1MTMwHhcNMjQwMTAxMDgzMDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTMzMjg5NTMxYTEwYTcyYTkwMzlmMDZmM2Y2NjJhMzdmYTcyNGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj56YXgI+MjMUqN8/pOKGf7ZnD3bt
GaLEpx4gq1PInNtAfMuodecPzHOnkl4xDffbtgI2vZ4HYOb9W2a2QxDOzT3nCHw4
bDw9D6BWTD18Qta3u9bLBrCgi/J987nedIFihP4mzmJfLwKWKgCObqyxtgkYqK61
EUSAESpqLiy7A5L0gLiEaSvdWRrCL7p4MNyiKix/JkXHphXefoOO9/tT9ejiveW6
zw1eBZtjCNEM1nAo4ey7V5mwdJ/xcuu1rxFQZqSgTePLKLbIlxyC+sKAf3shLlrB
WMsuqehh8pPsciZnEvy5Kk8XPXeo85DVDmNic5z0Ws3y7grijpFM2qNIYQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLEzKJUxoQpyqQOfBvP2YqN/pyTsMB8GA1UdIwQY
MBaAFC4WIIkPcA8BKwumAXIxTjyFkZUTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGhZZ2lROXdEd0VyQzZZQmNqRk9QSVdSbFJNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy84MjExNTItOWYxMy00YzA5LTlkY2Qt
NDViYmIyM2ExNWQ4LzEvc1RNb2xUR2hDbktwQTU4RzhfWmlvMy1uSk93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy84MjExNTItOWYxMy00YzA5LTlkY2QtNDViYmIyM2ExNWQ4
LzEvTGhZZ2lROXdEd0VyQzZZQmNqRk9QSVdSbFJNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEUFGQAwQE
XD6gAwQEjWlQAwQCuQMUAwQFw3DAAwQF1BzgMA0EAgACMAcDBQAqABboMA0GCSqG
SIb3DQEBCwUAA4IBAQBFvaEKliPNsRxAH7BnpeTBmqbqTeXnmWzgucuNdGH2nr+k
1TCrl3hR/KBXQ+ytoHSW7GqvTgRuojdzbv/QdcjiPTtmOFXVBLoj9bcBqivEQ6LL
+IXtODfeHYZXZRqLUwcXMZqyaxk7vSPFRfsfh/IF1zrHOpQf4EjMr00HZi4Fw795
t4YBeeyLYvYNBmepzYucHSyYFNF6UMXcirdacPgMOD/F9sd6ZB0JPP3aeyii8k0s
le6DnmqaAh8dVDfmHsLRMXl1ZTKkKDOOKbeAYZIxXFwTWxrxDV4mjbm3VZfwA4Yr
0KSNuRD+7LQ6FPpV3aqMNtDrJOGi927NF3VIA4dt
-----END CERTIFICATE-----
Generated at Sun Jun 23 17:24:26 2024 by rpki-client on console-ams.rpki-client.org