Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tQo1fkMEX7j10FDGFeG8dtp1Py8.roa
File: tQo1fkMEX7j10FDGFeG8dtp1Py8.roa (raw, json)
Hash identifier: Nj6Q9jCV8Qc2nB5xDvLkb3QdSRXFWsYviXYtwW9lrJ4=
Subject key identifier: B5:0A:35:7E:43:04:5F:B8:F5:D0:50:C6:15:E1:BC:76:DA:75:3F:2F
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 018EEE2B1B2BAD02880CA529F3BA6B97C22B
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tQo1fkMEX7j10FDGFeG8dtp1Py8.roa
Signing time: Wed 17 Apr 2024 22:26:26 +0000
ROA not before: Wed 17 Apr 2024 22:26:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205463
IP address blocks: 2.56.108.0/24 maxlen: 24
2.56.109.0/24 maxlen: 24
45.81.113.0/24 maxlen: 24
45.81.115.0/24 maxlen: 24
45.132.181.0/24 maxlen: 24
194.15.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ee:2b:1b:2b:ad:02:88:0c:a5:29:f3:ba:6b:97:c2:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Apr 17 22:26:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b50a357e43045fb8f5d050c615e1bc76da753f2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:66:a3:87:58:97:18:fe:f8:70:10:99:58:75:
31:83:c7:5a:25:0e:86:6f:ae:a6:42:a4:83:92:9a:
f9:9b:46:13:b2:5c:c4:50:71:1e:c9:6d:24:5e:6b:
03:5a:db:59:3c:d3:15:98:e4:59:6c:96:43:fb:f8:
58:57:a8:d3:81:de:63:d6:00:2f:08:f7:8b:5b:fb:
75:6f:33:37:c6:67:9a:65:e5:c6:38:64:46:dc:91:
79:af:36:5e:78:8a:8f:ff:98:68:ed:6f:32:6f:91:
c8:80:57:a5:e6:8a:13:aa:7a:50:1c:1b:02:1d:98:
4b:b6:b9:ae:27:77:fc:b1:fb:47:d7:2e:54:26:cf:
71:86:9c:32:27:ec:b1:b1:72:0b:ea:ef:0e:da:f4:
92:32:d7:7a:80:7f:80:d1:1f:0b:54:b1:3b:ca:db:
71:90:28:6f:18:fc:52:58:ad:59:e4:a5:d3:8d:b3:
eb:06:cd:16:2c:4f:1a:a9:e3:c6:db:e0:37:69:bd:
7d:46:cb:ea:8f:71:06:6d:7e:58:69:bb:3c:84:9e:
bd:db:f1:ce:52:b5:35:bc:22:86:d4:19:5c:39:58:
8c:45:1d:f3:81:f1:6c:38:e0:a2:57:9a:3c:97:be:
bb:af:44:75:ad:4a:b0:05:7c:8f:1f:89:c7:97:dc:
74:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:0A:35:7E:43:04:5F:B8:F5:D0:50:C6:15:E1:BC:76:DA:75:3F:2F
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/tQo1fkMEX7j10FDGFeG8dtp1Py8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.108.0/23
45.81.113.0/24
45.81.115.0/24
45.132.181.0/24
194.15.52.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:fd:5a:be:b7:1a:3f:ea:2e:88:00:13:7d:e5:bf:33:93:77:
c3:6a:aa:ee:f2:8b:d4:7d:ed:6b:9b:22:fd:30:80:87:fa:f8:
47:e1:73:cf:a7:e5:28:94:9a:8e:54:b7:79:e2:4b:fc:a6:18:
1e:f3:ed:30:64:19:78:ab:d1:c3:8b:b7:76:c1:4a:bd:e6:f1:
c1:13:f6:20:15:ac:dd:c9:86:f4:f3:17:84:0e:d2:1f:88:74:
4c:5e:02:d2:29:79:f5:13:23:44:81:d0:a9:69:bf:75:4e:b0:
46:4d:93:71:6b:c0:fd:36:22:ce:10:7b:da:c9:b3:25:b1:e7:
86:17:9d:f4:be:d9:2c:0c:3d:f9:0f:7f:bd:29:35:41:72:bd:
d6:ab:80:38:16:04:a1:bd:a8:0a:e6:8a:dc:6d:5a:1f:f8:06:
d8:0d:92:bc:d0:64:b4:75:b2:c1:3e:a3:d7:7d:d7:ec:6d:91:
67:2d:e9:24:a4:c9:90:ac:f3:a9:ff:2a:96:c9:00:23:11:2f:
8f:2a:29:ab:ac:ea:ab:68:f5:ad:c2:7e:5d:e2:6a:8b:93:97:
9f:15:bd:5a:71:cf:e0:bc:d1:93:eb:ff:74:5a:9d:b8:eb:99:
ef:9b:08:3f:6e:c3:02:06:7d:98:e4:89:28:a2:b3:31:da:9b:
1a:5b:6e:c6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7uKxsrrQKIDKUp87prl8IrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjQwNDE3MjIyNjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTBhMzU3ZTQzMDQ1ZmI4ZjVkMDUwYzYxNWUxYmM3NmRhNzUzZjJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwWajh1iXGP74cBCZWHUxg8daJQ6G
b66mQqSDkpr5m0YTslzEUHEeyW0kXmsDWttZPNMVmORZbJZD+/hYV6jTgd5j1gAv
CPeLW/t1bzM3xmeaZeXGOGRG3JF5rzZeeIqP/5ho7W8yb5HIgFel5ooTqnpQHBsC
HZhLtrmuJ3f8sftH1y5UJs9xhpwyJ+yxsXIL6u8O2vSSMtd6gH+A0R8LVLE7yttx
kChvGPxSWK1Z5KXTjbPrBs0WLE8aqePG2+A3ab19Rsvqj3EGbX5Yabs8hJ692/HO
UrU1vCKG1BlcOViMRR3zgfFsOOCiV5o8l767r0R1rUqwBXyPH4nHl9x0swIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLUKNX5DBF+49dBQxhXhvHbadT8vMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvdFFvMWZrTUVYN2oxMEZER0ZlRzhkdHAxUHk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBAjhsAwQA
LVFxAwQALVFzAwQALYS1AwQAwg80MA0GCSqGSIb3DQEBCwUAA4IBAQAc/Vq+txo/
6i6IABN95b8zk3fDaqru8ovUfe1rmyL9MICH+vhH4XPPp+UolJqOVLd54kv8phge
8+0wZBl4q9HDi7d2wUq95vHBE/YgFazdyYb08xeEDtIfiHRMXgLSKXn1EyNEgdCp
ab91TrBGTZNxa8D9NiLOEHvaybMlseeGF530vtksDD35D3+9KTVBcr3Wq4A4FgSh
vagK5orcbVof+AbYDZK80GS0dbLBPqPXfdfsbZFnLekkpMmQrPOp/yqWyQAjES+P
KimrrOqraPWtwn5d4mqLk5efFb1acc/gvNGT6/90Wp2465nvmwg/bsMCBn2Y5Iko
orMx2psaW27G
-----END CERTIFICATE-----
Generated at Tue Jun 25 04:48:37 2024 by rpki-client on console-ams.rpki-client.org