Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/1-TQzBRsk_BUMpQjpaA7CVQWyU_A.roa
File: 1-TQzBRsk_BUMpQjpaA7CVQWyU_A.roa (raw, json)
Hash identifier: utGksgbrn+kjS5cZR+TRF+YsUYmEwqtppBPIkLGZ8xk=
Subject key identifier: F9:34:33:05:1B:24:FC:15:0C:A5:08:E9:68:0E:C2:55:05:B2:53:F0
Certificate issuer: /CN=4c87389ef41f18c1fcc82754349ea7096980b1e3
Certificate serial: 018CC5001E9606B34A6E981A91BA0432188E
Authority key identifier: 4C:87:38:9E:F4:1F:18:C1:FC:C8:27:54:34:9E:A7:09:69:80:B1:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIc4nvQfGMH8yCdUNJ6nCWmAseM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/1-TQzBRsk_BUMpQjpaA7CVQWyU_A.roa
Signing time: Mon 01 Jan 2024 12:29:28 +0000
ROA not before: Mon 01 Jan 2024 12:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49673
IP address blocks: 185.54.244.0/22 maxlen: 22
185.54.244.0/24 maxlen: 24
94.247.104.0/21 maxlen: 21
94.247.111.0/24 maxlen: 24
94.247.110.0/23 maxlen: 23
94.247.110.0/24 maxlen: 24
2a02:47a0:a:115::/64 maxlen: 64
2a02:47a0:a:112::/64 maxlen: 64
2a02:47a0:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/TIc4nvQfGMH8yCdUNJ6nCWmAseM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/TIc4nvQfGMH8yCdUNJ6nCWmAseM.mft
rsync://rpki.ripe.net/repository/DEFAULT/TIc4nvQfGMH8yCdUNJ6nCWmAseM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 02 Jul 2024 08:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:1e:96:06:b3:4a:6e:98:1a:91:ba:04:32:18:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c87389ef41f18c1fcc82754349ea7096980b1e3
Validity
Not Before: Jan 1 12:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=f93433051b24fc150ca508e9680ec25505b253f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2f:c9:cf:49:96:28:71:17:d1:5f:2b:53:92:
7b:7f:a6:63:a8:a9:d6:b6:b8:a3:da:9c:3b:20:8d:
d8:1f:d3:a1:a3:4f:93:80:46:39:6d:c6:0c:ea:f6:
a4:4c:ce:32:e2:f3:70:eb:0c:7e:bc:35:f0:cc:df:
0d:23:ed:73:3c:7b:3c:43:45:c5:42:65:8f:99:d4:
49:71:3c:46:a4:ec:3b:b8:11:15:b7:5d:ba:63:05:
a3:ec:b6:cd:f1:3d:c5:97:f9:fc:41:a9:4f:b8:1c:
34:9b:38:a5:7d:e7:a4:0b:09:eb:55:7b:2b:38:e1:
49:65:3f:8d:4b:d9:76:c4:2a:d7:73:95:94:2c:02:
4e:b7:b6:19:81:b9:6b:33:02:48:c3:3b:9a:71:7b:
4b:15:29:35:2d:19:73:77:f2:7d:d6:14:78:8c:ce:
94:0a:b3:ca:b4:fd:e8:34:cf:c0:6f:74:95:39:51:
86:56:7c:1a:bd:8d:79:76:72:52:0e:e7:a3:84:39:
1e:4d:e8:72:14:ec:1e:20:41:7b:24:fe:4e:72:83:
5e:00:f4:df:22:3d:bc:a1:ad:e9:ad:a2:e9:a1:7f:
b7:42:3f:fa:22:e5:4c:a6:1b:1a:82:bf:1a:ae:0d:
1a:94:ba:13:f8:49:d6:d6:21:a2:ca:86:1b:38:51:
29:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:34:33:05:1B:24:FC:15:0C:A5:08:E9:68:0E:C2:55:05:B2:53:F0
X509v3 Authority Key Identifier:
keyid:4C:87:38:9E:F4:1F:18:C1:FC:C8:27:54:34:9E:A7:09:69:80:B1:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIc4nvQfGMH8yCdUNJ6nCWmAseM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/1-TQzBRsk_BUMpQjpaA7CVQWyU_A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/2215f7-887a-4bd5-bf97-ffb709f7668c/1/TIc4nvQfGMH8yCdUNJ6nCWmAseM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.247.104.0/21
185.54.244.0/22
IPv6:
2a02:47a0:a::/48
Signature Algorithm: sha256WithRSAEncryption
2f:18:c9:7c:c2:1a:bc:ef:80:20:9d:e6:e0:c9:56:94:a8:40:
eb:1d:a2:1b:c5:c6:2e:89:a0:0d:40:b6:a0:c9:a4:4d:f6:c9:
72:f9:0e:c6:70:79:4d:5a:53:4b:1e:9d:e5:6b:eb:3a:2d:60:
11:7c:7f:6d:91:cd:31:06:cf:b1:54:95:23:a7:e1:75:fd:a5:
4c:d7:51:22:99:4d:84:11:5f:94:9b:35:af:f2:93:8a:c3:84:
c2:37:81:d0:6c:1a:a8:e5:a1:17:90:44:5e:8f:6e:0d:b8:5c:
18:b0:af:3a:8d:5c:17:0b:5e:a2:16:6f:bc:37:71:00:39:97:
a9:36:8d:da:4a:0b:ce:0c:be:1d:84:01:f5:c5:0b:22:bf:b0:
7e:28:dd:fa:f4:fa:2d:1b:c6:51:72:48:ad:61:36:02:96:4b:
cc:c2:a4:22:a4:e2:e4:34:b0:81:ff:9c:68:84:ac:89:00:14:
89:df:b0:f4:c3:40:46:02:4b:0e:56:7d:73:d4:89:1e:cc:aa:
95:3c:09:7f:fd:c2:c9:80:88:89:3f:5d:f9:84:2d:72:a8:5d:
cb:f3:59:05:1e:93:d0:03:a9:8c:98:61:2c:93:fa:e0:95:2d:
a5:95:c6:d5:0e:16:e0:89:0e:5c:f8:39:1f:18:f3:3b:6b:7b:
a4:3a:2a:0b
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzFAB6WBrNKbpgakboEMhiOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjODczODllZjQxZjE4YzFmY2M4Mjc1NDM0OWVhNzA5Njk4
MGIxZTMwHhcNMjQwMTAxMTIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTM0MzMwNTFiMjRmYzE1MGNhNTA4ZTk2ODBlYzI1NTA1YjI1M2YwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAji/Jz0mWKHEX0V8rU5J7f6ZjqKnW
trij2pw7II3YH9Oho0+TgEY5bcYM6vakTM4y4vNw6wx+vDXwzN8NI+1zPHs8Q0XF
QmWPmdRJcTxGpOw7uBEVt126YwWj7LbN8T3Fl/n8QalPuBw0mzilfeekCwnrVXsr
OOFJZT+NS9l2xCrXc5WULAJOt7YZgblrMwJIwzuacXtLFSk1LRlzd/J91hR4jM6U
CrPKtP3oNM/Ab3SVOVGGVnwavY15dnJSDuejhDkeTehyFOweIEF7JP5OcoNeAPTf
Ij28oa3praLpoX+3Qj/6IuVMphsagr8arg0alLoT+EnW1iGiyoYbOFEpHwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFPk0MwUbJPwVDKUI6WgOwlUFslPwMB8GA1UdIwQY
MBaAFEyHOJ70HxjB/MgnVDSepwlpgLHjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEljNG52UWZHTUg4eUNkVU5KNm5DV21Bc2VNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC8yMjE1ZjctODg3YS00YmQ1LWJmOTct
ZmZiNzA5Zjc2NjhjLzEvMS1UUXpCUnNrX0JVTXBRanBhQTdDVlFXeVVfQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTgvMjIxNWY3LTg4N2EtNGJkNS1iZjk3LWZmYjcwOWY3NjY4
Yy8xL1RJYzRudlFmR01IOHlDZFVOSjZuQ1dtQXNlTS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA2BggrBgEFBQcBBwEB/wQnMCUwEgQCAAEwDAMEA173aAME
Ark29DAPBAIAAjAJAwcAKgJHoAAKMA0GCSqGSIb3DQEBCwUAA4IBAQAvGMl8whq8
74AgnebgyVaUqEDrHaIbxcYuiaANQLagyaRN9sly+Q7GcHlNWlNLHp3la+s6LWAR
fH9tkc0xBs+xVJUjp+F1/aVM11EimU2EEV+UmzWv8pOKw4TCN4HQbBqo5aEXkERe
j24NuFwYsK86jVwXC16iFm+8N3EAOZepNo3aSgvODL4dhAH1xQsiv7B+KN369Pot
G8ZRckitYTYClkvMwqQipOLkNLCB/5xohKyJABSJ37D0w0BGAksOVn1z1IkezKqV
PAl//cLJgIiJP135hC1yqF3L81kFHpPQA6mMmGEsk/rglS2llcbVDhbgiQ5c+Dkf
GPM7a3ukOioL
-----END CERTIFICATE-----
Generated at Mon Jul 1 11:31:28 2024 by rpki-client on console-fra.rpki-client.org