Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/d4d2f8-8dc1-4070-977e-a6cec04595f8/1/TNTP2XN5pIbJKS7fNWa3AV5PPnA.roa
File: TNTP2XN5pIbJKS7fNWa3AV5PPnA.roa (raw, json)
Hash identifier: YEqotVC5Ge8Q07BEkYGF88JPICqtgEMgpqv5zl9Lwx0=
Subject key identifier: 4C:D4:CF:D9:73:79:A4:86:C9:29:2E:DF:35:66:B7:01:5E:4F:3E:70
Certificate issuer: /CN=83e2340ef5c4a4952eb413d288c29d9378342232
Certificate serial: 018CC4254D931B74CAD1F82313E22D8B1542
Authority key identifier: 83:E2:34:0E:F5:C4:A4:95:2E:B4:13:D2:88:C2:9D:93:78:34:22:32
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/g-I0DvXEpJUutBPSiMKdk3g0IjI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/d4d2f8-8dc1-4070-977e-a6cec04595f8/1/TNTP2XN5pIbJKS7fNWa3AV5PPnA.roa
Signing time: Mon 01 Jan 2024 08:30:28 +0000
ROA not before: Mon 01 Jan 2024 08:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60022
IP address blocks: 178.212.231.0/24 maxlen: 24
2a11:e680::/32 maxlen: 48
2a11:e686::/32 maxlen: 48
2a11:e685::/32 maxlen: 48
2a11:e682::/32 maxlen: 48
2a11:e681::/32 maxlen: 48
2a11:e683::/32 maxlen: 48
2a11:e684::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/d4d2f8-8dc1-4070-977e-a6cec04595f8/1/g-I0DvXEpJUutBPSiMKdk3g0IjI.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/d4d2f8-8dc1-4070-977e-a6cec04595f8/1/g-I0DvXEpJUutBPSiMKdk3g0IjI.mft
rsync://rpki.ripe.net/repository/DEFAULT/g-I0DvXEpJUutBPSiMKdk3g0IjI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 07 May 2024 10:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:4d:93:1b:74:ca:d1:f8:23:13:e2:2d:8b:15:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=83e2340ef5c4a4952eb413d288c29d9378342232
Validity
Not Before: Jan 1 08:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cd4cfd97379a486c9292edf3566b7015e4f3e70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f3:e0:7b:78:2d:b1:30:0f:13:7f:12:cd:f7:
f3:bd:0e:3b:22:44:4d:c7:63:21:9b:97:7c:07:ac:
78:29:fa:06:d7:a1:9c:c3:a2:15:b7:b5:7e:b9:ae:
49:1e:8a:02:2c:0e:94:ac:5f:63:ad:a3:11:4f:50:
4f:f8:29:95:85:54:77:f6:c4:8f:07:38:d6:43:eb:
df:83:15:1b:7e:41:44:25:a7:e8:41:7f:7c:d7:9d:
51:46:56:28:ad:81:9a:4c:28:15:cc:ee:83:2e:89:
89:5d:b2:f0:82:3f:48:c5:eb:a2:00:1d:d7:60:8a:
c2:d5:0d:2b:3b:1c:74:cf:76:56:1d:7f:9d:59:be:
00:60:55:05:89:ce:2e:82:b4:27:54:89:8e:a1:ac:
75:50:16:8c:81:c1:43:25:66:b6:7f:fe:a3:ed:9f:
21:66:77:19:87:a1:74:97:35:e0:a9:4c:e3:d8:cf:
28:93:77:97:8e:cb:c5:fc:8d:4f:59:45:65:70:f1:
b6:3a:d7:25:49:6a:13:6b:e0:23:41:25:87:9a:d9:
61:28:62:64:7d:e2:a1:ad:21:95:dc:1d:e2:62:5a:
d8:76:09:55:8e:de:6b:bc:45:ce:10:bc:3c:1c:71:
81:f3:12:6e:47:dc:48:2a:cb:8c:f0:10:96:bf:cd:
93:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:D4:CF:D9:73:79:A4:86:C9:29:2E:DF:35:66:B7:01:5E:4F:3E:70
X509v3 Authority Key Identifier:
keyid:83:E2:34:0E:F5:C4:A4:95:2E:B4:13:D2:88:C2:9D:93:78:34:22:32
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/g-I0DvXEpJUutBPSiMKdk3g0IjI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/d4d2f8-8dc1-4070-977e-a6cec04595f8/1/TNTP2XN5pIbJKS7fNWa3AV5PPnA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/d4d2f8-8dc1-4070-977e-a6cec04595f8/1/g-I0DvXEpJUutBPSiMKdk3g0IjI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.212.231.0/24
IPv6:
2a11:e680::-2a11:e686:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
7c:9a:c3:49:06:58:b9:fa:c2:7b:26:49:8a:c7:28:00:f1:55:
a2:bc:ea:e7:16:45:99:24:01:1c:b1:f6:7c:6f:6f:89:00:3c:
e3:ce:50:9f:1e:52:f5:68:be:56:b4:5b:7f:3c:a8:86:e8:d9:
6a:1a:fe:6e:ef:f4:d0:52:0b:f3:92:a3:f7:07:dd:f4:84:15:
08:e2:96:0a:f6:a7:c7:3b:7e:53:7b:b0:87:4c:83:1c:c7:db:
e1:87:54:15:18:2b:36:97:5d:c8:d1:83:1a:55:48:1a:a9:dc:
f9:d7:e8:b3:bc:cc:a2:10:c4:b8:a0:01:9b:59:84:5a:fe:29:
d1:56:9b:ec:9c:6a:aa:31:8d:85:40:0b:78:04:8a:26:97:b8:
c4:5b:34:2d:25:d0:09:6a:18:78:73:44:96:3f:a7:72:01:c3:
f8:60:c9:69:29:70:80:59:06:dd:ce:80:c2:e7:ed:11:24:85:
3b:d6:8c:2c:1e:21:91:9a:94:96:dc:f2:54:f4:4f:ca:89:47:
6d:b0:c3:f5:b6:41:e9:e5:8b:a6:3d:af:50:71:1e:a1:6c:77:
d6:2d:47:49:09:fe:a5:91:b1:b4:2c:cc:ef:c4:17:c0:7e:bc:
a6:99:0b:2b:2a:ac:0a:88:4b:fe:34:2c:51:15:94:ab:79:8a:
f4:be:51:9a
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzEJU2TG3TK0fgjE+ItixVCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgzZTIzNDBlZjVjNGE0OTUyZWI0MTNkMjg4YzI5ZDkzNzgz
NDIyMzIwHhcNMjQwMTAxMDgzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2Q0Y2ZkOTczNzlhNDg2YzkyOTJlZGYzNTY2YjcwMTVlNGYzZTcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/Pge3gtsTAPE38SzffzvQ47IkRN
x2Mhm5d8B6x4KfoG16Gcw6IVt7V+ua5JHooCLA6UrF9jraMRT1BP+CmVhVR39sSP
BzjWQ+vfgxUbfkFEJafoQX98151RRlYorYGaTCgVzO6DLomJXbLwgj9IxeuiAB3X
YIrC1Q0rOxx0z3ZWHX+dWb4AYFUFic4ugrQnVImOoax1UBaMgcFDJWa2f/6j7Z8h
ZncZh6F0lzXgqUzj2M8ok3eXjsvF/I1PWUVlcPG2OtclSWoTa+AjQSWHmtlhKGJk
feKhrSGV3B3iYlrYdglVjt5rvEXOELw8HHGB8xJuR9xIKsuM8BCWv82TlwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFEzUz9lzeaSGySku3zVmtwFeTz5wMB8GA1UdIwQY
MBaAFIPiNA71xKSVLrQT0ojCnZN4NCIyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZy1JMER2WEVwSlV1dEJQU2lNS2RrM2cwSWpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9kNGQyZjgtOGRjMS00MDcwLTk3N2Ut
YTZjZWMwNDU5NWY4LzEvVE5UUDJYTjVwSWJKS1M3Zk5XYTNBVjVQUG5BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9kNGQyZjgtOGRjMS00MDcwLTk3N2UtYTZjZWMwNDU5NWY4
LzEvZy1JMER2WEVwSlV1dEJQU2lNS2RrM2cwSWpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAstTnMBYE
AgACMBAwDgMFByoR5oADBQAqEeaGMA0GCSqGSIb3DQEBCwUAA4IBAQB8msNJBli5
+sJ7JkmKxygA8VWivOrnFkWZJAEcsfZ8b2+JADzjzlCfHlL1aL5WtFt/PKiG6Nlq
Gv5u7/TQUgvzkqP3B930hBUI4pYK9qfHO35Te7CHTIMcx9vhh1QVGCs2l13I0YMa
VUgaqdz51+izvMyiEMS4oAGbWYRa/inRVpvsnGqqMY2FQAt4BIoml7jEWzQtJdAJ
ahh4c0SWP6dyAcP4YMlpKXCAWQbdzoDC5+0RJIU71owsHiGRmpSW3PJU9E/KiUdt
sMP1tkHp5YumPa9QcR6hbHfWLUdJCf6lkbG0LMzvxBfAfrymmQsrKqwKiEv+NCxR
FZSreYr0vlGa
-----END CERTIFICATE-----
Generated at Mon May 6 17:40:34 2024 by rpki-client on console-fra.rpki-client.org