Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/TTpjIJZVQURQ8A8mJ3y9vnwGDow.roa
File: TTpjIJZVQURQ8A8mJ3y9vnwGDow.roa (raw, json)
Hash identifier: 6EADDvYIFpgkEyZHWqgs5Ww5HF3Qm/1+Yftb44JtAeM=
Subject key identifier: 4D:3A:63:20:96:55:41:44:50:F0:0F:26:27:7C:BD:BE:7C:06:0E:8C
Certificate issuer: /CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba
Certificate serial: 019131D6C6278B89A6F0EE8BB5C35775AB51
Authority key identifier: 5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/TTpjIJZVQURQ8A8mJ3y9vnwGDow.roa
Signing time: Thu 08 Aug 2024 11:54:04 +0000
ROA not before: Thu 08 Aug 2024 11:54:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 45.92.104.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:d6:c6:27:8b:89:a6:f0:ee:8b:b5:c3:57:75:ab:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf31afc36cb6955007fe97ed4a5e3185d2271ba
Validity
Not Before: Aug 8 11:54:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d3a63209655414450f00f26277cbdbe7c060e8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:8a:c8:dd:85:44:f1:79:75:c7:59:36:a5:52:
e8:c4:cf:59:13:9e:5b:5d:25:b6:f0:99:90:18:87:
d6:cb:97:eb:e8:2d:0b:92:3d:1a:23:b4:6d:2d:b1:
7d:47:57:4d:03:cd:2f:78:dd:b2:8d:2a:48:5d:b0:
69:61:aa:4b:94:c9:f5:a3:80:f7:9f:74:dd:53:ff:
75:ae:49:32:20:eb:25:6a:4e:ed:42:52:bb:e5:b4:
00:af:bd:44:47:c8:74:5e:e9:60:09:b8:ea:0a:4c:
93:13:b5:1c:bc:76:3a:b3:ed:68:b3:1a:33:15:df:
67:4f:86:a4:80:7c:e0:e5:15:5c:dc:58:40:bf:2b:
46:cd:4e:95:41:c2:23:0c:aa:96:8e:47:cd:16:ae:
ae:22:2e:89:e5:3f:b7:42:05:2d:69:a1:53:63:d7:
72:4b:e9:22:1a:07:dc:ed:77:ca:6f:8d:1e:22:61:
db:9f:d8:9a:ef:5f:00:19:b8:bb:a2:85:03:21:c2:
32:e7:4f:9f:ee:91:f6:5f:2a:be:92:66:a9:c9:f3:
97:aa:0e:b1:65:2c:57:e0:e9:05:3a:51:c8:02:a2:
c3:c3:1e:c4:8a:a0:b0:5a:aa:53:e6:31:e1:b5:4b:
52:a5:0c:2d:02:b1:2a:c8:49:af:b4:22:30:68:3f:
d8:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:3A:63:20:96:55:41:44:50:F0:0F:26:27:7C:BD:BE:7C:06:0E:8C
X509v3 Authority Key Identifier:
keyid:5C:F3:1A:FC:36:CB:69:55:00:7F:E9:7E:D4:A5:E3:18:5D:22:71:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPMa_DbLaVUAf-l-1KXjGF0icbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/TTpjIJZVQURQ8A8mJ3y9vnwGDow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/458ec3-0451-4e41-9a34-736d12888ca8/1/XPMa_DbLaVUAf-l-1KXjGF0icbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.92.104.0/22
Signature Algorithm: sha256WithRSAEncryption
5e:f9:73:e1:1e:d2:1d:b5:38:f4:e1:64:12:c1:36:1c:64:75:
34:17:3a:5e:b5:ab:1c:ee:51:21:cd:08:11:8a:fe:e0:ff:aa:
f4:08:4f:62:07:1b:5c:4e:da:71:ba:1d:5c:39:b3:0f:e4:25:
9f:9a:e3:6d:07:a0:6a:b4:cd:cd:8a:8e:db:66:56:bf:51:73:
6c:64:7d:43:db:9b:4e:58:24:45:c1:8f:9f:64:a2:b4:b0:71:
b5:7d:77:e7:80:9c:b8:b8:b8:0e:b9:73:6d:db:57:b9:34:3b:
99:8c:7c:e9:03:cb:6c:75:b4:fb:ed:6d:52:20:9a:e9:6a:2e:
34:c0:0c:8c:2c:57:f5:85:b4:52:8c:18:2e:7d:7a:50:33:e6:
f9:1b:c3:c7:ab:1d:71:8d:0e:27:05:ec:e7:c5:b9:0d:e1:12:
e0:8a:68:85:cf:ed:5e:f0:70:86:af:14:27:8a:e7:d4:12:fa:
c9:a3:86:3e:bd:fe:24:bb:38:03:9e:7a:e0:6e:6d:37:00:20:
89:0d:7d:17:dc:9d:70:73:8d:26:70:ce:7e:a9:4a:e6:8d:8d:
9f:c2:d9:66:e6:85:24:04:e7:f0:a3:41:5a:3b:38:c5:47:36:
27:67:07:cd:87:f7:70:5c:85:da:09:a4:7a:d3:85:ce:0c:8a:
5b:68:4e:da
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZEx1sYni4mm8O6LtcNXdatRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjMxYWZjMzZjYjY5NTUwMDdmZTk3ZWQ0YTVlMzE4NWQy
MjcxYmEwHhcNMjQwODA4MTE1NDA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDNhNjMyMDk2NTU0MTQ0NTBmMDBmMjYyNzdjYmRiZTdjMDYwZThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxYrI3YVE8Xl1x1k2pVLoxM9ZE55b
XSW28JmQGIfWy5fr6C0Lkj0aI7RtLbF9R1dNA80veN2yjSpIXbBpYapLlMn1o4D3
n3TdU/91rkkyIOslak7tQlK75bQAr71ER8h0XulgCbjqCkyTE7UcvHY6s+1osxoz
Fd9nT4akgHzg5RVc3FhAvytGzU6VQcIjDKqWjkfNFq6uIi6J5T+3QgUtaaFTY9dy
S+kiGgfc7XfKb40eImHbn9ia718AGbi7ooUDIcIy50+f7pH2Xyq+kmapyfOXqg6x
ZSxX4OkFOlHIAqLDwx7EiqCwWqpT5jHhtUtSpQwtArEqyEmvtCIwaD/YZwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE06YyCWVUFEUPAPJid8vb58Bg6MMB8GA1UdIwQY
MBaAFFzzGvw2y2lVAH/pftSl4xhdInG6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQt
NzM2ZDEyODg4Y2E4LzEvVFRwaklKWlZRVVJROEE4bUozeTl2bndHRG93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy80NThlYzMtMDQ1MS00ZTQxLTlhMzQtNzM2ZDEyODg4Y2E4
LzEvWFBNYV9EYkxhVlVBZi1sLTFLWGpHRjBpY2JvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCLVxoMA0G
CSqGSIb3DQEBCwUAA4IBAQBe+XPhHtIdtTj04WQSwTYcZHU0Fzpetasc7lEhzQgR
iv7g/6r0CE9iBxtcTtpxuh1cObMP5CWfmuNtB6BqtM3Nio7bZla/UXNsZH1D25tO
WCRFwY+fZKK0sHG1fXfngJy4uLgOuXNt21e5NDuZjHzpA8tsdbT77W1SIJrpai40
wAyMLFf1hbRSjBgufXpQM+b5G8PHqx1xjQ4nBeznxbkN4RLgimiFz+1e8HCGrxQn
iufUEvrJo4Y+vf4kuzgDnnrgbm03ACCJDX0X3J1wc40mcM5+qUrmjY2fwtlm5oUk
BOfwo0FaOzjFRzYnZwfNh/dwXIXaCaR604XODIpbaE7a
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:05:12 2024 by rpki-client on console-ams.rpki-client.org