Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/toqeTCSSbmNMuvO5dQMo_7uvUB0.roa
File: toqeTCSSbmNMuvO5dQMo_7uvUB0.roa (raw, json)
Hash identifier: X0/SSRvnmpuX5Jj+CYSZDK57zz5JbnlRnsfG9vAoblk=
Subject key identifier: B6:8A:9E:4C:24:92:6E:63:4C:BA:F3:B9:75:03:28:FF:BB:AF:50:1D
Certificate issuer: /CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Certificate serial: 018EEAFC492E4DDD45E4D7874D959ABE29FF
Authority key identifier: F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/toqeTCSSbmNMuvO5dQMo_7uvUB0.roa
Signing time: Wed 17 Apr 2024 07:36:26 +0000
ROA not before: Wed 17 Apr 2024 07:36:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21155
IP address blocks: 80.84.224.0/19 maxlen: 19
81.4.64.0/19 maxlen: 19
81.4.96.0/22 maxlen: 22
81.4.112.0/22 maxlen: 22
81.4.116.0/22 maxlen: 22
83.96.128.0/17 maxlen: 17
85.158.248.0/22 maxlen: 22
85.158.252.0/23 maxlen: 23
91.142.240.0/20 maxlen: 20
91.142.244.0/23 maxlen: 23
91.142.252.0/23 maxlen: 23
91.142.254.0/23 maxlen: 23
91.205.32.0/22 maxlen: 22
91.216.162.0/24 maxlen: 24
185.95.68.0/22 maxlen: 22
193.93.172.0/22 maxlen: 22
193.242.119.0/24 maxlen: 24
2001:828::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 07:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ea:fc:49:2e:4d:dd:45:e4:d7:87:4d:95:9a:be:29:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f51369ccbf86b1e84e1aeb46e6d336d39f752ae7
Validity
Not Before: Apr 17 07:36:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b68a9e4c24926e634cbaf3b9750328ffbbaf501d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d0:7f:2b:ae:f0:19:73:58:77:02:d2:3c:40:
07:7d:a4:dd:6a:97:b3:c7:98:16:a3:b2:29:d0:ba:
96:19:ab:07:87:1f:bf:e5:db:ed:0f:94:4a:11:0f:
ee:18:69:50:b1:1a:8a:b6:9c:86:9f:93:c0:67:9b:
c3:f0:ca:39:f3:25:26:65:6b:64:d2:b0:d8:90:bd:
33:03:93:87:15:e0:b3:14:13:ac:44:6e:db:42:d6:
21:b0:9b:b0:0a:ec:36:f7:61:ec:07:e9:90:87:19:
67:d4:4c:33:93:83:f8:b1:af:bc:71:06:7a:20:05:
da:58:9e:73:65:39:63:cc:c0:92:ae:ee:ea:18:1e:
f5:d5:d0:0c:3c:b0:65:e5:60:f2:75:5d:86:05:15:
d9:e9:48:01:56:35:d6:31:83:9b:62:31:57:de:5d:
83:40:2c:3c:7b:12:8c:ab:32:4c:fe:fa:68:38:16:
b9:c0:5a:7c:d7:dd:59:41:8a:95:3f:e0:dc:dc:58:
11:6c:90:f6:82:cb:b9:70:8e:d3:c1:0a:21:f0:bb:
84:17:55:7c:d6:40:db:72:ec:11:46:0d:b2:20:99:
79:6a:b4:1b:05:9d:81:08:80:09:d9:14:94:da:7f:
71:d4:5a:10:99:94:04:ed:30:98:88:87:6c:63:12:
96:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:8A:9E:4C:24:92:6E:63:4C:BA:F3:B9:75:03:28:FF:BB:AF:50:1D
X509v3 Authority Key Identifier:
keyid:F5:13:69:CC:BF:86:B1:E8:4E:1A:EB:46:E6:D3:36:D3:9F:75:2A:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9RNpzL-GsehOGutG5tM20591Kuc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/toqeTCSSbmNMuvO5dQMo_7uvUB0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/2d5bdf-5265-49b8-8afe-2b920bde3990/1/9RNpzL-GsehOGutG5tM20591Kuc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.84.224.0/19
81.4.64.0-81.4.99.255
81.4.112.0/21
83.96.128.0/17
85.158.248.0-85.158.253.255
91.142.240.0/20
91.205.32.0/22
91.216.162.0/24
185.95.68.0/22
193.93.172.0/22
193.242.119.0/24
IPv6:
2001:828::/32
Signature Algorithm: sha256WithRSAEncryption
7a:79:a9:34:ea:70:3f:8d:e3:87:9e:b0:59:80:cf:b4:7b:05:
25:b9:ba:41:78:56:61:3e:67:0d:ce:d3:d3:86:3a:c4:3a:d5:
d1:09:b8:28:1f:9e:cd:b3:67:6e:10:ce:1d:f6:50:9b:55:13:
a7:51:17:01:54:0b:60:fd:36:88:fe:4c:d6:69:f2:80:e1:ce:
21:0b:81:05:e2:9d:03:65:58:34:38:05:d6:47:7c:3f:de:66:
61:9b:7e:60:9d:a8:b9:50:b1:2a:eb:b3:52:2e:8a:e2:5a:85:
b8:b0:21:12:dc:d3:d1:8c:4e:f7:b4:3e:94:a5:c6:63:ae:09:
7a:08:e5:78:63:9c:aa:ef:8f:f9:46:78:34:3d:0e:94:f3:bb:
d6:01:85:ad:b8:a1:94:cd:83:6a:2a:f1:25:a9:01:ce:ac:6d:
29:b4:28:82:ac:4b:21:04:87:d5:26:eb:da:d5:e0:8e:d7:27:
a5:52:8a:00:15:0e:c7:d0:8f:c5:bb:b1:e0:36:e1:d3:3d:a2:
c0:20:58:4b:10:91:cb:a4:26:37:18:d9:74:16:6a:f5:7f:21:
98:6f:ca:bf:80:f2:f3:f4:50:52:93:c5:fe:9a:40:3d:32:19:
5b:5e:90:45:06:3a:a2:41:49:4d:04:d1:09:ba:dc:a2:00:4f:
f1:46:e1:0b
-----BEGIN CERTIFICATE-----
MIIFWDCCBECgAwIBAgISAY7q/EkuTd1F5NeHTZWavin/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1MTM2OWNjYmY4NmIxZTg0ZTFhZWI0NmU2ZDMzNmQzOWY3
NTJhZTcwHhcNMjQwNDE3MDczNjI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjhhOWU0YzI0OTI2ZTYzNGNiYWYzYjk3NTAzMjhmZmJiYWY1MDFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtB/K67wGXNYdwLSPEAHfaTdapez
x5gWo7Ip0LqWGasHhx+/5dvtD5RKEQ/uGGlQsRqKtpyGn5PAZ5vD8Mo58yUmZWtk
0rDYkL0zA5OHFeCzFBOsRG7bQtYhsJuwCuw292HsB+mQhxln1Ewzk4P4sa+8cQZ6
IAXaWJ5zZTljzMCSru7qGB711dAMPLBl5WDydV2GBRXZ6UgBVjXWMYObYjFX3l2D
QCw8exKMqzJM/vpoOBa5wFp8191ZQYqVP+Dc3FgRbJD2gsu5cI7TwQoh8LuEF1V8
1kDbcuwRRg2yIJl5arQbBZ2BCIAJ2RSU2n9x1FoQmZQE7TCYiIdsYxKWfQIDAQAB
o4ICZDCCAmAwHQYDVR0OBBYEFLaKnkwkkm5jTLrzuXUDKP+7r1AdMB8GA1UdIwQY
MBaAFPUTacy/hrHoThrrRubTNtOfdSrnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUt
MmI5MjBiZGUzOTkwLzEvdG9xZVRDU1NibU5NdXZPNWRRTW9fN3V2VUIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8yZDViZGYtNTI2NS00OWI4LThhZmUtMmI5MjBiZGUzOTkw
LzEvOVJOcHpMLUdzZWhPR3V0RzV0TTIwNTkxS3VjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHoGCCsGAQUFBwEHAQH/BGswaTBYBAIAATBSAwQFUFTgMAwD
BAZRBEADBAJRBGADBANRBHADBAdTYIAwDAMEA1We+AMEAVWe/AMEBFuO8AMEAlvN
IAMEAFvYogMEArlfRAMEAsFdrAMEAMHydzANBAIAAjAHAwUAIAEIKDANBgkqhkiG
9w0BAQsFAAOCAQEAenmpNOpwP43jh56wWYDPtHsFJbm6QXhWYT5nDc7T04Y6xDrV
0Qm4KB+ezbNnbhDOHfZQm1UTp1EXAVQLYP02iP5M1mnygOHOIQuBBeKdA2VYNDgF
1kd8P95mYZt+YJ2ouVCxKuuzUi6K4lqFuLAhEtzT0YxO97Q+lKXGY64JegjleGOc
qu+P+UZ4ND0OlPO71gGFrbihlM2DairxJakBzqxtKbQogqxLIQSH1Sbr2tXgjtcn
pVKKABUOx9CPxbux4Dbh0z2iwCBYSxCRy6QmNxjZdBZq9X8hmG/Kv4Dy8/RQUpPF
/ppAPTIZW16QRQY6okFJTQTRCbrcogBP8UbhCw==
-----END CERTIFICATE-----
Generated at Sat Sep 28 17:31:43 2024 by rpki-client on console-ams.rpki-client.org