Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/649af0-132c-4533-9fbc-3b250ae18936/1/TMfbNnRbkfGsBw8lVt7p5Ze1yLM.roa
File: TMfbNnRbkfGsBw8lVt7p5Ze1yLM.roa (raw, json)
Hash identifier: u7/SPbPvJ634nr4hyl8QfuXnwTDdgZknj/xL0cBXXis=
Subject key identifier: 4C:C7:DB:36:74:5B:91:F1:AC:07:0F:25:56:DE:E9:E5:97:B5:C8:B3
Certificate issuer: /CN=dcca522196fd09bae739b6bd2322e5eb90da4fb9
Certificate serial: 018CC7957D0E2A41593A6B39504CA609ABCF
Authority key identifier: DC:CA:52:21:96:FD:09:BA:E7:39:B6:BD:23:22:E5:EB:90:DA:4F:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3MpSIZb9CbrnOba9IyLl65DaT7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/649af0-132c-4533-9fbc-3b250ae18936/1/TMfbNnRbkfGsBw8lVt7p5Ze1yLM.roa
Signing time: Tue 02 Jan 2024 00:31:52 +0000
ROA not before: Tue 02 Jan 2024 00:31:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41960
IP address blocks: 194.50.3.0/24 maxlen: 24
194.49.111.0/24 maxlen: 24
194.49.116.0/24 maxlen: 24
194.49.115.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/649af0-132c-4533-9fbc-3b250ae18936/1/3MpSIZb9CbrnOba9IyLl65DaT7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/649af0-132c-4533-9fbc-3b250ae18936/1/3MpSIZb9CbrnOba9IyLl65DaT7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/3MpSIZb9CbrnOba9IyLl65DaT7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 07:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:7d:0e:2a:41:59:3a:6b:39:50:4c:a6:09:ab:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dcca522196fd09bae739b6bd2322e5eb90da4fb9
Validity
Not Before: Jan 2 00:31:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cc7db36745b91f1ac070f2556dee9e597b5c8b3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ba:36:d9:69:3c:ca:c2:23:6f:a1:bb:9c:d6:
72:73:b6:2c:3f:99:10:88:a7:58:44:d2:ae:28:9c:
56:a9:e7:61:d1:23:25:a5:22:b7:e1:cd:b0:e9:3e:
aa:57:67:76:1d:17:e8:88:b7:60:ee:3d:c4:ee:35:
c2:3a:d6:6d:af:25:36:ed:19:7a:ea:26:12:79:fd:
9b:05:98:6d:aa:59:ac:a6:3f:97:60:d9:5f:a1:fa:
38:85:95:72:c6:22:10:48:12:d3:05:d6:31:70:1c:
c8:ae:69:41:fc:86:be:79:29:5a:13:a0:24:fb:24:
af:9f:75:7d:35:f8:49:b2:39:57:9c:17:33:78:6e:
22:00:00:c5:a7:6e:a1:4d:23:20:f5:ad:4a:ac:7b:
a4:b9:b8:92:5e:85:55:53:e1:c6:b0:e5:bc:53:ee:
d6:05:ab:34:ca:03:a4:92:79:fc:61:c6:d6:6c:f3:
8f:ec:d6:cd:25:f4:9a:9c:d7:55:5c:72:c2:d5:40:
70:31:1a:76:d5:a2:c7:e6:bf:a4:83:81:82:4c:a5:
a8:19:9e:e2:48:ad:77:b1:a4:66:39:fe:2b:87:8e:
44:f9:0e:60:1f:a1:66:d3:4a:ce:ab:02:56:d5:58:
40:83:98:d0:67:79:8e:90:2b:af:f5:c4:71:6a:f9:
9c:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:C7:DB:36:74:5B:91:F1:AC:07:0F:25:56:DE:E9:E5:97:B5:C8:B3
X509v3 Authority Key Identifier:
keyid:DC:CA:52:21:96:FD:09:BA:E7:39:B6:BD:23:22:E5:EB:90:DA:4F:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3MpSIZb9CbrnOba9IyLl65DaT7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/649af0-132c-4533-9fbc-3b250ae18936/1/TMfbNnRbkfGsBw8lVt7p5Ze1yLM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/649af0-132c-4533-9fbc-3b250ae18936/1/3MpSIZb9CbrnOba9IyLl65DaT7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.49.111.0/24
194.49.115.0-194.49.116.255
194.50.3.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:5d:2d:af:a2:5c:0c:f4:d9:b7:ff:0b:1e:b4:6c:02:6e:a8:
2b:56:b6:0c:d4:59:fa:86:9f:6f:e0:86:7b:23:ed:b6:9d:38:
c6:ca:3b:c2:8d:2b:4f:83:8b:eb:ec:67:2a:e4:3c:8f:ce:6e:
6c:7d:1b:35:24:1e:0d:1e:9c:84:da:84:43:19:00:d5:b7:20:
05:91:70:23:c0:d4:ef:38:40:8f:97:e9:62:22:9c:d8:4c:fd:
c9:83:9e:64:34:c2:4a:c7:0a:c8:85:12:34:dc:47:32:77:e6:
e1:0c:f5:65:1c:26:19:d5:42:fd:ba:6c:02:c7:f4:f2:10:42:
6f:8f:f2:0a:ca:c1:3d:d1:8b:c7:b2:4f:00:3c:29:77:26:01:
2b:1b:09:15:2b:74:68:f9:1e:06:b8:82:ef:fb:5f:3e:b5:69:
b7:23:57:59:81:b5:94:c2:e7:b8:4c:ef:12:ff:e8:64:d2:d8:
c0:21:d3:5c:23:d8:41:46:bd:31:07:72:83:cf:40:54:5d:0b:
90:34:1a:cf:e2:86:08:0b:8b:ef:bb:30:45:cb:9f:2c:5a:1d:
c2:3f:57:e6:a4:5c:8a:a3:e3:88:51:a0:8a:15:24:48:96:69:
e6:cb:01:04:8c:f4:e5:1a:f1:d4:9b:d1:f2:e8:bd:38:b9:91:
9f:f8:25:60
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzHlX0OKkFZOms5UEymCavPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjY2E1MjIxOTZmZDA5YmFlNzM5YjZiZDIzMjJlNWViOTBk
YTRmYjkwHhcNMjQwMTAyMDAzMTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2M3ZGIzNjc0NWI5MWYxYWMwNzBmMjU1NmRlZTllNTk3YjVjOGIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhro22Wk8ysIjb6G7nNZyc7YsP5kQ
iKdYRNKuKJxWqedh0SMlpSK34c2w6T6qV2d2HRfoiLdg7j3E7jXCOtZtryU27Rl6
6iYSef2bBZhtqlmspj+XYNlfofo4hZVyxiIQSBLTBdYxcBzIrmlB/Ia+eSlaE6Ak
+ySvn3V9NfhJsjlXnBczeG4iAADFp26hTSMg9a1KrHukubiSXoVVU+HGsOW8U+7W
Bas0ygOkknn8YcbWbPOP7NbNJfSanNdVXHLC1UBwMRp21aLH5r+kg4GCTKWoGZ7i
SK13saRmOf4rh45E+Q5gH6Fm00rOqwJW1VhAg5jQZ3mOkCuv9cRxavmcGwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEzH2zZ0W5HxrAcPJVbe6eWXtcizMB8GA1UdIwQY
MBaAFNzKUiGW/Qm65zm2vSMi5euQ2k+5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM01wU0laYjlDYnJuT2JhOUl5TGw2NURhVDdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi82NDlhZjAtMTMyYy00NTMzLTlmYmMt
M2IyNTBhZTE4OTM2LzEvVE1mYk5uUmJrZkdzQnc4bFZ0N3A1WmUxeUxNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi82NDlhZjAtMTMyYy00NTMzLTlmYmMtM2IyNTBhZTE4OTM2
LzEvM01wU0laYjlDYnJuT2JhOUl5TGw2NURhVDdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAwjFvMAwD
BADCMXMDBADCMXQDBADCMgMwDQYJKoZIhvcNAQELBQADggEBALZdLa+iXAz02bf/
Cx60bAJuqCtWtgzUWfqGn2/ghnsj7badOMbKO8KNK0+Di+vsZyrkPI/Obmx9GzUk
Hg0enITahEMZANW3IAWRcCPA1O84QI+X6WIinNhM/cmDnmQ0wkrHCsiFEjTcRzJ3
5uEM9WUcJhnVQv26bALH9PIQQm+P8grKwT3Ri8eyTwA8KXcmASsbCRUrdGj5Hga4
gu/7Xz61abcjV1mBtZTC57hM7xL/6GTS2MAh01wj2EFGvTEHcoPPQFRdC5A0Gs/i
hggLi++7MEXLnyxaHcI/V+akXIqj44hRoIoVJEiWaebLAQSM9OUa8dSb0fLovTi5
kZ/4JWA=
-----END CERTIFICATE-----
Generated at Mon Jun 24 11:53:24 2024 by rpki-client on console-fra.rpki-client.org