Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/TPLaenKjOwj6jWBPts4OMuER1KY.roa
File: TPLaenKjOwj6jWBPts4OMuER1KY.roa (raw, json)
Hash identifier: IIOaU87LFhGPP7qWX7pvpqYcmmgAqxe7Iw4aRH3oLCI=
Subject key identifier: 4C:F2:DA:7A:72:A3:3B:08:FA:8D:60:4F:B6:CE:0E:32:E1:11:D4:A6
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018CC86FA65B2A819ABBF4BEF4F2A04B7256
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/TPLaenKjOwj6jWBPts4OMuER1KY.roa
Signing time: Tue 02 Jan 2024 04:30:09 +0000
ROA not before: Tue 02 Jan 2024 04:30:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 37406
IP address blocks: 45.148.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 03:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:a6:5b:2a:81:9a:bb:f4:be:f4:f2:a0:4b:72:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Jan 2 04:30:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cf2da7a72a33b08fa8d604fb6ce0e32e111d4a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:7f:3e:10:f4:d9:59:ee:4e:30:08:a7:9e:a2:
19:bf:fd:62:d7:54:89:ea:9c:bc:ae:8f:96:2b:40:
33:36:9c:79:1c:f4:13:35:84:39:ad:56:2f:b5:ae:
d8:68:d2:a8:66:1b:aa:c8:1e:59:f0:7a:70:7b:b3:
f2:bc:83:f8:fd:15:ad:06:08:5c:fb:2e:28:5a:0f:
a6:94:fb:52:38:0a:82:5d:8c:a9:e3:70:47:09:09:
85:72:c8:e4:2e:37:2d:86:78:4c:05:27:b8:32:0b:
19:df:87:82:82:e9:8e:23:88:d1:48:62:bf:2d:5c:
c3:86:cd:65:14:9c:4c:e7:b4:05:c5:9e:a6:24:14:
0c:18:25:1d:56:78:25:ee:cd:36:ca:e3:74:df:57:
52:45:77:d7:b1:d3:64:8c:ac:8d:33:7f:7b:f1:fe:
25:0a:12:de:90:3c:8b:3c:f5:0f:67:87:dd:b0:06:
d4:2a:55:26:84:84:f7:18:29:fe:98:48:3c:c1:12:
02:ac:45:16:ad:5d:c5:1c:4a:aa:dc:da:cf:84:8a:
ea:42:5d:9e:6d:20:00:57:da:03:4d:ae:92:e0:62:
ff:70:14:7f:d8:97:92:06:21:59:b5:f2:eb:cc:97:
02:13:9b:78:54:1a:99:db:c8:92:9b:8f:69:ba:3a:
3a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:F2:DA:7A:72:A3:3B:08:FA:8D:60:4F:B6:CE:0E:32:E1:11:D4:A6
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/TPLaenKjOwj6jWBPts4OMuER1KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.27.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:a3:05:5b:59:2b:fd:95:aa:62:0f:7d:4b:3f:31:4a:ac:e5:
74:40:57:37:44:4c:c0:f5:e3:cc:5a:ec:c7:42:2f:b8:d5:40:
e7:c0:94:63:98:6d:12:d1:06:61:a3:2a:9f:56:9c:ea:71:be:
60:a5:54:87:02:ed:c5:88:00:18:ef:34:24:78:85:bf:e0:e0:
9c:d7:dc:34:e0:d2:c9:e6:fb:49:c7:4a:33:0d:65:aa:79:2e:
4f:94:c7:ed:06:39:31:32:2e:b3:95:87:ec:27:d8:77:2a:22:
b3:82:e3:f3:9a:05:ee:fc:2e:f3:42:ea:d2:b5:95:95:c1:05:
dd:51:1b:2f:12:11:2c:8b:c9:12:10:56:b6:bf:81:f6:6c:37:
08:79:cb:4e:70:39:08:10:3a:17:f3:80:3f:3e:53:bb:a7:34:
31:11:a4:16:52:be:78:14:0e:30:3f:3b:9d:af:7e:a7:b1:99:
6a:74:2c:1f:60:47:68:c6:9d:e3:a6:97:e7:36:3e:7a:28:7e:
2d:8e:0f:3f:7f:64:99:f1:8b:71:d9:61:50:e3:a0:fd:3b:bd:
91:a7:6f:ed:da:4a:2e:92:e5:22:25:87:d8:ac:ae:7e:d1:06:
ed:fb:44:17:9f:e5:75:9a:81:8c:b4:e7:16:f5:13:f2:15:1d:
81:36:dd:2b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIb6ZbKoGau/S+9PKgS3JWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwMTAyMDQzMDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2YyZGE3YTcyYTMzYjA4ZmE4ZDYwNGZiNmNlMGUzMmUxMTFkNGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm38+EPTZWe5OMAinnqIZv/1i11SJ
6py8ro+WK0AzNpx5HPQTNYQ5rVYvta7YaNKoZhuqyB5Z8Hpwe7PyvIP4/RWtBghc
+y4oWg+mlPtSOAqCXYyp43BHCQmFcsjkLjcthnhMBSe4MgsZ34eCgumOI4jRSGK/
LVzDhs1lFJxM57QFxZ6mJBQMGCUdVngl7s02yuN031dSRXfXsdNkjKyNM3978f4l
ChLekDyLPPUPZ4fdsAbUKlUmhIT3GCn+mEg8wRICrEUWrV3FHEqq3NrPhIrqQl2e
bSAAV9oDTa6S4GL/cBR/2JeSBiFZtfLrzJcCE5t4VBqZ28iSm49pujo6+wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFEzy2npyozsI+o1gT7bODjLhEdSmMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvVFBMYWVuS2pPd2o2aldCUHRzNE9NdUVSMUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQALZQbMA0G
CSqGSIb3DQEBCwUAA4IBAQArowVbWSv9lapiD31LPzFKrOV0QFc3REzA9ePMWuzH
Qi+41UDnwJRjmG0S0QZhoyqfVpzqcb5gpVSHAu3FiAAY7zQkeIW/4OCc19w04NLJ
5vtJx0ozDWWqeS5PlMftBjkxMi6zlYfsJ9h3KiKzguPzmgXu/C7zQurStZWVwQXd
URsvEhEsi8kSEFa2v4H2bDcIectOcDkIEDoX84A/PlO7pzQxEaQWUr54FA4wPzud
r36nsZlqdCwfYEdoxp3jppfnNj56KH4tjg8/f2SZ8Ytx2WFQ46D9O72Rp2/t2kou
kuUiJYfYrK5+0Qbt+0QXn+V1moGMtOcW9RPyFR2BNt0r
-----END CERTIFICATE-----
Generated at Fri May 17 09:43:55 2024 by rpki-client on console-ams.rpki-client.org