Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/TT2m1CsanGQZNEOHnny4QNGnJdk.roa
File: TT2m1CsanGQZNEOHnny4QNGnJdk.roa (raw, json)
Hash identifier: uuF6+f8eT90PpMfGh6TkaNbp9qXgMEoBOvHkm6/ibw4=
Subject key identifier: 4D:3D:A6:D4:2B:1A:9C:64:19:34:43:87:9E:7C:B8:40:D1:A7:25:D9
Certificate issuer: /CN=0dd441c3ffae829842249e944b03851081f4d9e0
Certificate serial: 019017DBBAAB4F53F537F59738ECEB5B9E04
Authority key identifier: 0D:D4:41:C3:FF:AE:82:98:42:24:9E:94:4B:03:85:10:81:F4:D9:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/TT2m1CsanGQZNEOHnny4QNGnJdk.roa
Signing time: Fri 14 Jun 2024 17:46:34 +0000
ROA not before: Fri 14 Jun 2024 17:46:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6977
IP address blocks: 91.235.168.0/24 maxlen: 24
193.23.60.0/24 maxlen: 24
2001:67c:2d78::/48 maxlen: 48
2a09:8400::/29 maxlen: 48
2a0f:75c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/DdRBw_-ugphCJJ6USwOFEIH02eA.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/DdRBw_-ugphCJJ6USwOFEIH02eA.mft
rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:17:db:ba:ab:4f:53:f5:37:f5:97:38:ec:eb:5b:9e:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0dd441c3ffae829842249e944b03851081f4d9e0
Validity
Not Before: Jun 14 17:46:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d3da6d42b1a9c64193443879e7cb840d1a725d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:73:b9:02:b0:18:e2:eb:0b:24:0b:31:26:5f:
65:59:82:58:c0:84:e6:cb:a1:d2:94:6f:58:ad:b5:
7f:55:75:e1:4b:bd:9e:a4:01:c2:5a:32:68:0d:4b:
09:b8:a3:fe:e6:b7:50:8b:a6:67:5b:e0:b4:5e:3a:
63:48:0f:2b:bb:6d:58:98:12:8e:e4:60:8b:f3:d1:
26:06:5c:c3:9d:fd:6d:d5:5d:ea:e7:2a:3f:99:37:
ca:75:c7:8a:7d:82:88:07:67:9b:8f:43:32:50:8d:
b9:00:3f:88:31:aa:41:82:8c:7e:75:47:29:a8:8f:
8d:9d:51:43:49:c3:c0:a9:67:17:d0:5d:e0:83:14:
47:5b:44:13:35:f9:84:3c:9a:0c:a6:21:86:ac:a9:
03:e2:b2:07:96:fd:90:1a:c2:66:7a:eb:56:21:6b:
d0:5c:2c:8c:a1:51:2f:66:f3:6b:26:e7:88:ca:87:
73:66:c3:fa:b0:d7:57:47:08:91:a5:80:22:33:bf:
00:9c:8e:b2:38:2f:04:e8:f2:52:e7:39:09:f4:ba:
f6:7e:ea:2a:46:53:29:4e:ab:d3:90:7f:fa:b0:82:
51:50:9a:12:b0:be:68:4a:47:e4:e9:4f:d8:61:00:
65:a0:e6:fa:16:70:5f:6d:8e:05:d8:47:c1:b1:bb:
ed:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:3D:A6:D4:2B:1A:9C:64:19:34:43:87:9E:7C:B8:40:D1:A7:25:D9
X509v3 Authority Key Identifier:
keyid:0D:D4:41:C3:FF:AE:82:98:42:24:9E:94:4B:03:85:10:81:F4:D9:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DdRBw_-ugphCJJ6USwOFEIH02eA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/TT2m1CsanGQZNEOHnny4QNGnJdk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/a7ef4d-dc44-4faf-9513-e9c9132836ff/1/DdRBw_-ugphCJJ6USwOFEIH02eA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.235.168.0/24
193.23.60.0/24
IPv6:
2001:67c:2d78::/48
2a09:8400::/29
2a0f:75c0::/29
Signature Algorithm: sha256WithRSAEncryption
a0:da:5c:bf:67:d2:a0:cd:18:f5:79:1c:c5:c4:85:94:f6:45:
d9:10:48:3e:32:dd:0b:df:d3:98:0d:cb:4c:cf:ce:ed:3d:42:
b9:98:c9:32:2e:39:f4:99:04:83:dd:f1:e5:5d:77:f1:9d:94:
2d:a7:5a:8d:da:39:43:64:13:24:a5:dc:cf:37:d8:53:e5:df:
80:9a:b5:57:a5:d2:7d:61:09:6d:3e:ae:71:0e:05:22:86:8b:
37:bc:63:75:9c:c0:ae:32:9d:27:8b:16:21:cd:6a:c6:2a:dd:
02:50:96:f2:a1:53:e4:eb:d6:d5:8e:4a:bc:c2:e7:58:de:02:
46:f7:5f:d3:dd:c2:b2:23:18:3b:21:16:41:46:af:1b:97:60:
8f:b2:05:e3:05:01:3f:1e:5b:d1:e2:c6:d0:2f:07:12:69:13:
9d:6e:7b:52:a6:7b:46:6b:17:2e:71:2d:7a:85:ac:a7:90:b6:
15:33:f6:10:21:1b:ca:90:d5:f3:75:0f:66:0c:0e:5d:7a:73:
48:c3:ea:24:31:0c:8a:51:cf:a9:d9:e3:3b:7d:5e:35:13:67:
49:2d:98:6a:62:ca:ca:85:37:27:0c:bb:ba:d6:72:98:aa:ec:
3d:12:3b:6f:3e:e6:dc:d7:6f:ad:93:bf:90:b6:7d:a2:e4:19:
c6:94:06:ae
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAZAX27qrT1P1N/WXOOzrW54EMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkZDQ0MWMzZmZhZTgyOTg0MjI0OWU5NDRiMDM4NTEwODFm
NGQ5ZTAwHhcNMjQwNjE0MTc0NjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDNkYTZkNDJiMWE5YzY0MTkzNDQzODc5ZTdjYjg0MGQxYTcyNWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1XO5ArAY4usLJAsxJl9lWYJYwITm
y6HSlG9YrbV/VXXhS72epAHCWjJoDUsJuKP+5rdQi6ZnW+C0XjpjSA8ru21YmBKO
5GCL89EmBlzDnf1t1V3q5yo/mTfKdceKfYKIB2ebj0MyUI25AD+IMapBgox+dUcp
qI+NnVFDScPAqWcX0F3ggxRHW0QTNfmEPJoMpiGGrKkD4rIHlv2QGsJmeutWIWvQ
XCyMoVEvZvNrJueIyodzZsP6sNdXRwiRpYAiM78AnI6yOC8E6PJS5zkJ9Lr2fuoq
RlMpTqvTkH/6sIJRUJoSsL5oSkfk6U/YYQBloOb6FnBfbY4F2EfBsbvtjQIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFE09ptQrGpxkGTRDh558uEDRpyXZMB8GA1UdIwQY
MBaAFA3UQcP/roKYQiSelEsDhRCB9NngMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGRSQndfLXVncGhDSko2VVN3T0ZFSUgwMmVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9hN2VmNGQtZGM0NC00ZmFmLTk1MTMt
ZTljOTEzMjgzNmZmLzEvVFQybTFDc2FuR1FaTkVPSG5ueTRRTkduSmRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9hN2VmNGQtZGM0NC00ZmFmLTk1MTMtZTljOTEzMjgzNmZm
LzEvRGRSQndfLXVncGhDSko2VVN3T0ZFSUgwMmVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzASBAIAATAMAwQAW+uoAwQA
wRc8MB0EAgACMBcDBwAgAQZ8LXgDBQMqCYQAAwUDKg91wDANBgkqhkiG9w0BAQsF
AAOCAQEAoNpcv2fSoM0Y9XkcxcSFlPZF2RBIPjLdC9/TmA3LTM/O7T1CuZjJMi45
9JkEg93x5V138Z2ULadajdo5Q2QTJKXczzfYU+XfgJq1V6XSfWEJbT6ucQ4FIoaL
N7xjdZzArjKdJ4sWIc1qxirdAlCW8qFT5OvW1Y5KvMLnWN4CRvdf093CsiMYOyEW
QUavG5dgj7IF4wUBPx5b0eLG0C8HEmkTnW57UqZ7RmsXLnEteoWsp5C2FTP2ECEb
ypDV83UPZgwOXXpzSMPqJDEMilHPqdnjO31eNRNnSS2YamLKyoU3Jwy7utZymKrs
PRI7bz7m3NdvrZO/kLZ9ouQZxpQGrg==
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:05:53 2024 by rpki-client on console-fra.rpki-client.org