Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/twKC23FCJdpiEDvBQOfHoxL8tDU.roa
File: twKC23FCJdpiEDvBQOfHoxL8tDU.roa (raw, json)
Hash identifier: sttuc67Dl/0X3+hhYdWSH2y66iHEcLJ+wtO5wTEWLSg=
Subject key identifier: B7:02:82:DB:71:42:25:DA:62:10:3B:C1:40:E7:C7:A3:12:FC:B4:35
Certificate issuer: /CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Certificate serial: 018CC5DC85C1D7A2672F5429D069CF798CB1
Authority key identifier: F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/twKC23FCJdpiEDvBQOfHoxL8tDU.roa
Signing time: Mon 01 Jan 2024 16:30:12 +0000
ROA not before: Mon 01 Jan 2024 16:30:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 23422
IP address blocks: 185.127.95.0/24 maxlen: 24
176.111.220.0/24 maxlen: 24
193.8.195.0/24 maxlen: 24
147.189.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:85:c1:d7:a2:67:2f:54:29:d0:69:cf:79:8c:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f93ac6cd2240249bba60171f086e9101cc87ca24
Validity
Not Before: Jan 1 16:30:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b70282db714225da62103bc140e7c7a312fcb435
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f4:93:97:9c:c2:1e:65:2b:60:b2:90:07:eb:
ab:18:d7:9f:b6:61:49:07:87:7f:be:3a:b2:7b:d1:
5d:99:2c:30:b3:9a:02:83:26:ea:f4:81:c3:45:06:
3a:eb:6a:fd:fe:c5:1f:13:3f:d4:d5:94:38:e3:1d:
7b:47:13:09:1b:25:22:76:15:19:b1:c5:06:5f:66:
0d:7d:ed:aa:13:a8:92:6d:05:8e:00:22:1b:e4:d0:
c4:f6:47:cf:22:fa:bc:48:2a:ed:8a:5e:3a:78:65:
2b:8e:6f:4b:35:66:bf:ab:2d:22:e1:d1:5a:1e:40:
bb:e2:dd:13:5c:c9:e6:2a:2f:17:63:96:fe:4f:5e:
0f:0d:1c:fc:dc:0d:8b:31:cd:54:18:a7:32:89:fe:
74:8d:6a:10:4e:00:1d:9d:60:39:90:3f:ba:6c:57:
58:27:55:32:3d:05:3f:66:bd:17:e0:94:89:98:77:
f2:10:de:a6:ef:f1:d7:21:11:d1:04:fa:ec:fd:ba:
14:3f:c6:5f:ce:60:3f:c9:43:de:ae:ad:5f:b4:13:
d7:c3:6a:e7:63:eb:b0:7a:f2:32:d1:9d:8b:ec:6e:
27:f1:04:41:2f:8d:42:bd:1c:a4:8a:a1:03:3c:fd:
2e:08:b5:9c:6d:3e:f6:5d:9b:ac:38:da:66:50:82:
ee:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:02:82:DB:71:42:25:DA:62:10:3B:C1:40:E7:C7:A3:12:FC:B4:35
X509v3 Authority Key Identifier:
keyid:F9:3A:C6:CD:22:40:24:9B:BA:60:17:1F:08:6E:91:01:CC:87:CA:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/twKC23FCJdpiEDvBQOfHoxL8tDU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/98/b03213-5e80-4931-81ce-f752d81605fb/1/1-TrGzSJAJJu6YBcfCG6RAcyHyiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.189.143.0/24
176.111.220.0/24
185.127.95.0/24
193.8.195.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:81:7d:16:a5:95:1d:09:8a:d2:18:81:74:1e:66:29:55:75:
82:83:0f:1e:eb:68:42:8c:ea:f8:57:57:de:44:02:56:42:ef:
48:ce:95:71:62:38:6b:30:70:43:52:df:29:ef:15:d2:a8:c3:
0a:a6:15:e0:46:e2:be:00:92:7e:85:1d:5a:c4:1b:4d:09:71:
6b:b1:36:f2:93:cc:53:48:88:ba:5a:bb:e5:ad:14:79:ed:bf:
3b:0c:a7:af:43:eb:45:4b:8e:c6:40:8b:71:74:6d:6a:f5:43:
43:82:ae:4c:fc:c6:51:15:e1:c5:88:d7:70:ce:80:7a:3d:bb:
d3:f4:88:ac:2b:31:50:37:79:c7:97:c6:c0:00:5b:5b:42:4d:
7e:20:36:55:dd:5c:e1:7a:7a:f3:89:68:70:cb:88:61:08:25:
a3:16:93:16:5e:1b:e2:80:73:b5:6d:14:28:9e:5b:7b:cf:1f:
8f:32:ea:7e:54:a4:02:05:d2:d4:b9:68:32:09:6b:5b:45:6d:
a0:5d:1b:89:ed:ed:87:3b:64:c1:40:29:b2:f0:2d:30:59:07:
08:28:a5:19:c5:8d:1b:37:7d:66:83:a2:9f:e6:a2:60:6d:e7:
42:68:bf:91:43:1c:97:ef:8f:0f:54:8e:2d:b0:c8:0e:44:bc:
f6:39:e3:bc
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzF3IXB16JnL1Qp0GnPeYyxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5M2FjNmNkMjI0MDI0OWJiYTYwMTcxZjA4NmU5MTAxY2M4
N2NhMjQwHhcNMjQwMTAxMTYzMDEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzAyODJkYjcxNDIyNWRhNjIxMDNiYzE0MGU3YzdhMzEyZmNiNDM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAofSTl5zCHmUrYLKQB+urGNeftmFJ
B4d/vjqye9FdmSwws5oCgybq9IHDRQY662r9/sUfEz/U1ZQ44x17RxMJGyUidhUZ
scUGX2YNfe2qE6iSbQWOACIb5NDE9kfPIvq8SCrtil46eGUrjm9LNWa/qy0i4dFa
HkC74t0TXMnmKi8XY5b+T14PDRz83A2LMc1UGKcyif50jWoQTgAdnWA5kD+6bFdY
J1UyPQU/Zr0X4JSJmHfyEN6m7/HXIRHRBPrs/boUP8ZfzmA/yUPerq1ftBPXw2rn
Y+uwevIy0Z2L7G4n8QRBL41CvRykiqEDPP0uCLWcbT72XZusONpmUILu2wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLcCgttxQiXaYhA7wUDnx6MS/LQ1MB8GA1UdIwQY
MBaAFPk6xs0iQCSbumAXHwhukQHMh8okMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Uckd6U0pBSkp1NllCY2ZDRzZSQWN5SHlpUS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNl
LWY3NTJkODE2MDVmYi8xL3R3S0MyM0ZDSmRwaUVEdkJRT2ZIb3hMOHREVS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTgvYjAzMjEzLTVlODAtNDkzMS04MWNlLWY3NTJkODE2MDVm
Yi8xLzEtVHJHelNKQUpKdTZZQmNmQ0c2UkFjeUh5aVEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwMQYIKwYBBQUHAQcBAf8EIjAgMB4EAgABMBgDBACTvY8D
BACwb9wDBAC5f18DBADBCMMwDQYJKoZIhvcNAQELBQADggEBAA2BfRallR0JitIY
gXQeZilVdYKDDx7raEKM6vhXV95EAlZC70jOlXFiOGswcENS3ynvFdKowwqmFeBG
4r4Akn6FHVrEG00JcWuxNvKTzFNIiLpau+WtFHntvzsMp69D60VLjsZAi3F0bWr1
Q0OCrkz8xlEV4cWI13DOgHo9u9P0iKwrMVA3eceXxsAAW1tCTX4gNlXdXOF6evOJ
aHDLiGEIJaMWkxZeG+KAc7VtFCieW3vPH48y6n5UpAIF0tS5aDIJa1tFbaBdG4nt
7Yc7ZMFAKbLwLTBZBwgopRnFjRs3fWaDop/momBt50Jov5FDHJfvjw9Uji2wyA5E
vPY547w=
-----END CERTIFICATE-----
Generated at Thu May 23 08:12:14 2024 by rpki-client on console-ams.rpki-client.org