Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/Tp-hExqHOKEaI-g7OtGYxPDJJ0g.roa
File: Tp-hExqHOKEaI-g7OtGYxPDJJ0g.roa (raw, json)
Hash identifier: iGDEGR6eKxpO37oZYnha+PNrFC1o3BESYSRCgvHGBBI=
Subject key identifier: 4E:9F:A1:13:1A:87:38:A1:1A:23:E8:3B:3A:D1:98:C4:F0:C9:27:48
Certificate issuer: /CN=432efe16ec6c00fd45b5d918d9b172acd0a58d96
Certificate serial: 018DFA6919A04D51C6D63B84A138757EE635
Authority key identifier: 43:2E:FE:16:EC:6C:00:FD:45:B5:D9:18:D9:B1:72:AC:D0:A5:8D:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qy7-FuxsAP1FtdkY2bFyrNCljZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/Tp-hExqHOKEaI-g7OtGYxPDJJ0g.roa
Signing time: Fri 01 Mar 2024 14:26:48 +0000
ROA not before: Fri 01 Mar 2024 14:26:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39498
IP address blocks: 146.19.127.0/24 maxlen: 24
185.122.244.0/23 maxlen: 23
185.122.244.0/24 maxlen: 24
185.122.245.0/24 maxlen: 24
185.122.246.0/23 maxlen: 23
185.122.247.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/Qy7-FuxsAP1FtdkY2bFyrNCljZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/Qy7-FuxsAP1FtdkY2bFyrNCljZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qy7-FuxsAP1FtdkY2bFyrNCljZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 14:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:fa:69:19:a0:4d:51:c6:d6:3b:84:a1:38:75:7e:e6:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=432efe16ec6c00fd45b5d918d9b172acd0a58d96
Validity
Not Before: Mar 1 14:26:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e9fa1131a8738a11a23e83b3ad198c4f0c92748
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:c9:65:1f:63:1d:ec:4c:ef:63:b9:26:24:f1:
f1:50:a6:49:d9:a8:ac:2c:2c:19:d0:29:66:d8:09:
ed:2e:89:37:c9:cb:ba:42:ef:e4:38:71:76:40:38:
86:8e:a1:36:80:bd:40:5e:12:71:f1:c4:e7:87:91:
9d:79:eb:86:62:a8:a5:46:bf:a4:d8:38:10:41:c2:
d6:d5:c5:83:9a:ac:69:4b:64:52:d3:29:3d:9a:14:
51:58:bb:b3:93:66:e3:6e:07:29:79:a7:6d:a2:ae:
b7:0d:e8:b2:31:70:1f:fe:42:fe:94:c5:0f:b9:7e:
6c:7c:73:cf:48:78:1d:e0:59:0f:75:26:3b:52:3b:
ed:82:a5:d4:60:f7:9f:e0:50:6c:a6:2e:62:99:55:
e5:5b:e2:59:23:c5:fe:64:03:51:28:5b:a9:c7:84:
af:4f:29:03:bd:c4:11:4f:00:dc:d6:60:18:f8:20:
22:b4:e3:85:28:cc:39:56:ae:99:f6:cf:ba:56:7a:
45:f7:cf:c3:54:53:b3:54:c7:64:d5:24:f6:69:ed:
96:24:bc:ae:d9:bd:0d:7d:fb:9f:72:bd:e6:f3:63:
69:fe:80:7c:31:46:e1:b8:30:5f:65:5e:35:e4:b1:
37:06:1f:fc:86:b1:f1:4f:fa:96:d5:51:ca:0a:ee:
70:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:9F:A1:13:1A:87:38:A1:1A:23:E8:3B:3A:D1:98:C4:F0:C9:27:48
X509v3 Authority Key Identifier:
keyid:43:2E:FE:16:EC:6C:00:FD:45:B5:D9:18:D9:B1:72:AC:D0:A5:8D:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qy7-FuxsAP1FtdkY2bFyrNCljZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/Tp-hExqHOKEaI-g7OtGYxPDJJ0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8c/25b47e-4079-4f21-911b-f389a5269fb2/1/Qy7-FuxsAP1FtdkY2bFyrNCljZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.19.127.0/24
185.122.244.0/22
Signature Algorithm: sha256WithRSAEncryption
49:c9:70:6d:32:68:24:be:7a:57:3b:72:a1:01:14:4d:70:8d:
03:8b:03:2b:7b:16:8c:25:67:bf:5e:dc:b9:ad:1d:8c:ab:0a:
a9:4b:4d:7d:35:9b:14:46:82:b6:ae:a4:ad:44:76:9b:75:10:
8a:e3:53:ad:fc:05:93:39:e9:31:aa:7f:7d:16:34:f5:ed:0e:
41:6a:69:18:05:cb:98:30:e9:5b:a1:71:fa:6a:23:55:0e:13:
f0:ac:97:6f:9d:ee:ea:e9:5f:f6:35:77:0b:bf:4e:4a:df:a5:
49:aa:28:9a:23:fc:74:50:da:e6:da:c9:2b:bb:69:25:85:7c:
d4:e6:1d:46:b1:45:ee:13:c4:6f:52:c6:4e:46:c9:90:55:05:
50:69:22:f0:eb:18:ab:0d:63:19:db:38:1a:4b:30:1f:99:63:
ff:e2:c7:d4:1b:db:97:fc:f9:9e:e5:16:0e:80:29:ac:e9:2f:
33:b7:62:4a:17:2b:ba:89:e6:0a:72:27:0c:03:8b:61:25:f4:
47:30:94:c3:26:32:27:6c:1d:91:0c:4a:41:77:da:ea:7b:1a:
40:52:a5:53:07:4b:8a:11:60:10:48:6b:44:48:1e:25:69:2c:
ae:1d:09:f8:ea:2a:12:f3:ab:c4:3a:a1:dd:4f:23:c5:92:93:
36:f8:97:a9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY36aRmgTVHG1juEoTh1fuY1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzMmVmZTE2ZWM2YzAwZmQ0NWI1ZDkxOGQ5YjE3MmFjZDBh
NThkOTYwHhcNMjQwMzAxMTQyNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTlmYTExMzFhODczOGExMWEyM2U4M2IzYWQxOThjNGYwYzkyNzQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAncllH2Md7EzvY7kmJPHxUKZJ2ais
LCwZ0Clm2AntLok3ycu6Qu/kOHF2QDiGjqE2gL1AXhJx8cTnh5GdeeuGYqilRr+k
2DgQQcLW1cWDmqxpS2RS0yk9mhRRWLuzk2bjbgcpeadtoq63DeiyMXAf/kL+lMUP
uX5sfHPPSHgd4FkPdSY7UjvtgqXUYPef4FBspi5imVXlW+JZI8X+ZANRKFupx4Sv
TykDvcQRTwDc1mAY+CAitOOFKMw5Vq6Z9s+6VnpF98/DVFOzVMdk1ST2ae2WJLyu
2b0Nffufcr3m82Np/oB8MUbhuDBfZV415LE3Bh/8hrHxT/qW1VHKCu5wbQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE6foRMahzihGiPoOzrRmMTwySdIMB8GA1UdIwQY
MBaAFEMu/hbsbAD9RbXZGNmxcqzQpY2WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXk3LUZ1eHNBUDFGdGRrWTJiRnlyTkNsalpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yy8yNWI0N2UtNDA3OS00ZjIxLTkxMWIt
ZjM4OWE1MjY5ZmIyLzEvVHAtaEV4cUhPS0VhSS1nN090R1l4UERKSjBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yy8yNWI0N2UtNDA3OS00ZjIxLTkxMWItZjM4OWE1MjY5ZmIy
LzEvUXk3LUZ1eHNBUDFGdGRrWTJiRnlyTkNsalpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAkhN/AwQC
uXr0MA0GCSqGSIb3DQEBCwUAA4IBAQBJyXBtMmgkvnpXO3KhARRNcI0DiwMrexaM
JWe/Xty5rR2MqwqpS019NZsURoK2rqStRHabdRCK41Ot/AWTOekxqn99FjT17Q5B
amkYBcuYMOlboXH6aiNVDhPwrJdvne7q6V/2NXcLv05K36VJqiiaI/x0UNrm2skr
u2klhXzU5h1GsUXuE8RvUsZORsmQVQVQaSLw6xirDWMZ2zgaSzAfmWP/4sfUG9uX
/Pme5RYOgCms6S8zt2JKFyu6ieYKcicMA4thJfRHMJTDJjInbB2RDEpBd9rqexpA
UqVTB0uKEWAQSGtESB4laSyuHQn46ioS86vEOqHdTyPFkpM2+Jep
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:30:31 2024 by rpki-client on console-fra.rpki-client.org