Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TQH35XaXPAXBI8V07LesxhVrjw4.roa
File: TQH35XaXPAXBI8V07LesxhVrjw4.roa (raw, json)
Hash identifier: +cjP4aL5DCJhQGhl2hEMzRr5JhfJ1LMMNpOaCkb/2j4=
Subject key identifier: 4D:01:F7:E5:76:97:3C:05:C1:23:C5:74:EC:B7:AC:C6:15:6B:8F:0E
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018EB3C6CF3014DA9CA0DBDE6CC95C46817A
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TQH35XaXPAXBI8V07LesxhVrjw4.roa
Signing time: Sat 06 Apr 2024 14:18:54 +0000
ROA not before: Sat 06 Apr 2024 14:18:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215240
IP address blocks: 93.123.39.0/24 maxlen: 24
94.156.8.0/24 maxlen: 24
94.156.79.0/24 maxlen: 24
147.78.103.0/24 maxlen: 24
185.216.70.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:b3:c6:cf:30:14:da:9c:a0:db:de:6c:c9:5c:46:81:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 6 14:18:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d01f7e576973c05c123c574ecb7acc6156b8f0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:a0:03:7a:a9:f8:a8:da:de:c2:cf:e7:b8:ce:
0e:47:1b:43:4d:dc:6b:6d:6b:9c:25:ec:c9:28:3a:
91:e7:76:a3:e8:85:88:17:bd:c2:15:01:7c:04:41:
24:3c:10:a0:c1:33:bf:a4:a3:25:5b:64:b1:64:a1:
ba:74:f4:74:c8:44:e4:cf:f2:c1:a4:8f:27:1b:8b:
d4:18:52:86:fd:3c:4a:c7:9e:3b:e7:e7:e6:1f:f5:
fa:09:cd:fc:de:e6:e3:01:e1:94:f1:ac:40:dd:6e:
59:f4:47:a2:ac:50:e1:1e:57:a2:95:38:28:5e:ab:
03:eb:9c:9f:d0:e9:54:e4:64:24:2c:e5:be:af:e0:
44:bd:d8:61:aa:79:58:c3:69:7a:48:87:0e:20:3d:
ae:aa:0d:93:2a:2e:40:88:c8:27:44:37:72:42:a5:
32:85:2c:04:e0:a6:59:63:1d:f3:dd:c8:48:7e:e7:
c0:1d:9d:63:3b:c6:cc:15:85:4b:eb:d7:e3:71:b1:
f5:5c:1c:b8:3e:20:58:de:45:b5:5c:83:05:b9:72:
6e:52:2a:3f:01:a3:af:9e:1e:7d:60:b5:dc:fd:3c:
b9:69:48:a5:1e:c6:39:91:c8:0c:27:8e:48:d3:63:
46:a7:b1:89:17:1f:13:7a:d6:10:5e:e6:a5:38:45:
16:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:01:F7:E5:76:97:3C:05:C1:23:C5:74:EC:B7:AC:C6:15:6B:8F:0E
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/TQH35XaXPAXBI8V07LesxhVrjw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.123.39.0/24
94.156.8.0/24
94.156.79.0/24
147.78.103.0/24
185.216.70.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:73:a0:d0:e3:0b:2f:9f:02:af:09:2c:30:97:b9:ee:47:3d:
6e:65:e5:37:74:82:93:31:ac:58:ce:cd:f5:41:a1:cc:0a:d6:
7b:0f:c0:36:db:1e:e5:bc:4d:68:e4:d4:94:3c:78:0e:fc:0b:
06:af:37:96:60:58:37:7e:1f:3d:50:d7:9b:8b:ab:2c:02:63:
f0:da:ca:f9:c3:ac:05:ee:f3:a6:d2:13:09:9e:d9:90:22:85:
e3:bf:74:5a:ca:0c:35:24:12:bf:3d:aa:09:3a:19:ee:c6:6f:
96:7a:48:65:c4:01:8a:0d:7b:06:1f:ea:a2:29:7c:68:dc:62:
7d:48:30:d3:da:23:56:d7:a7:d2:ff:8b:f3:fc:96:aa:39:7c:
89:29:b7:45:0b:e7:1c:da:e8:c7:3e:1b:db:06:2b:82:b4:d5:
d4:92:d0:d7:7a:4a:8b:04:96:f4:74:df:55:86:ec:3a:75:eb:
02:d8:67:d9:a9:11:d6:b1:c6:96:4b:f5:c7:1a:91:bf:ef:37:
a6:93:4d:e1:d7:4a:07:26:9f:17:be:ce:37:18:92:ac:ea:49:
40:4f:66:f3:7d:1e:02:ca:34:0b:73:db:91:3b:ed:a5:6b:9f:
fa:0d:50:95:c7:09:72:05:27:ad:54:f5:36:29:62:c9:c8:2b:
2f:02:a7:d8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY6zxs8wFNqcoNvebMlcRoF6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDA2MTQxODU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDAxZjdlNTc2OTczYzA1YzEyM2M1NzRlY2I3YWNjNjE1NmI4ZjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm6ADeqn4qNrews/nuM4ORxtDTdxr
bWucJezJKDqR53aj6IWIF73CFQF8BEEkPBCgwTO/pKMlW2SxZKG6dPR0yETkz/LB
pI8nG4vUGFKG/TxKx5475+fmH/X6Cc383ubjAeGU8axA3W5Z9EeirFDhHleilTgo
XqsD65yf0OlU5GQkLOW+r+BEvdhhqnlYw2l6SIcOID2uqg2TKi5AiMgnRDdyQqUy
hSwE4KZZYx3z3chIfufAHZ1jO8bMFYVL69fjcbH1XBy4PiBY3kW1XIMFuXJuUio/
AaOvnh59YLXc/Ty5aUilHsY5kcgMJ45I02NGp7GJFx8TetYQXualOEUWKwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFE0B9+V2lzwFwSPFdOy3rMYVa48OMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvVFFIMzVYYVhQQVhCSThWMDdMZXN4aFZyanc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAXXsnAwQA
XpwIAwQAXpxPAwQAk05nAwQAudhGMA0GCSqGSIb3DQEBCwUAA4IBAQB7c6DQ4wsv
nwKvCSwwl7nuRz1uZeU3dIKTMaxYzs31QaHMCtZ7D8A22x7lvE1o5NSUPHgO/AsG
rzeWYFg3fh89UNebi6ssAmPw2sr5w6wF7vOm0hMJntmQIoXjv3Raygw1JBK/PaoJ
Ohnuxm+WekhlxAGKDXsGH+qiKXxo3GJ9SDDT2iNW16fS/4vz/JaqOXyJKbdFC+cc
2ujHPhvbBiuCtNXUktDXekqLBJb0dN9Vhuw6desC2GfZqRHWscaWS/XHGpG/7zem
k03h10oHJp8Xvs43GJKs6klAT2bzfR4CyjQLc9uRO+2la5/6DVCVxwlyBSetVPU2
KWLJyCsvAqfY
-----END CERTIFICATE-----
Generated at Mon May 20 15:02:29 2024 by rpki-client on console-ams.rpki-client.org