Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/turATNbNLrdtjIsY0ufXjjaQhWk.roa
File: turATNbNLrdtjIsY0ufXjjaQhWk.roa (raw, json)
Hash identifier: MFxM2Ko8FufguH+A+NOGF0B2yS9wmh/2sIA55bS9290=
Subject key identifier: B6:EA:C0:4C:D6:CD:2E:B7:6D:8C:8B:18:D2:E7:D7:8E:36:90:85:69
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 018F0A0D3933EC51BBED9A0F50AE6F54FFE9
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/turATNbNLrdtjIsY0ufXjjaQhWk.roa
Signing time: Tue 23 Apr 2024 08:23:09 +0000
ROA not before: Tue 23 Apr 2024 08:23:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50580
IP address blocks: 2.58.95.0/24 maxlen: 24
45.128.96.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0a:0d:39:33:ec:51:bb:ed:9a:0f:50:ae:6f:54:ff:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Apr 23 08:23:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6eac04cd6cd2eb76d8c8b18d2e7d78e36908569
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:5b:40:72:f0:3e:79:33:20:6c:9c:59:dd:a2:
e6:21:97:ea:e5:b0:7f:1d:ae:8b:7f:58:b2:c2:9d:
5c:9e:7c:53:9d:e6:a0:f7:41:66:de:2d:de:57:39:
c4:ec:98:83:38:f5:8c:69:11:41:be:7a:3a:b6:f6:
07:4f:1b:ad:04:ad:61:cb:b2:9d:4d:31:de:bd:4d:
05:1b:d1:d2:e3:5e:a8:10:7e:3f:c9:84:df:9a:19:
b7:b1:cb:fd:d8:4a:81:e6:2b:ee:6c:06:f0:13:15:
1c:9b:1e:b6:77:b0:43:58:bc:2e:a2:39:d4:81:7e:
77:c1:e6:04:00:7c:0d:e7:cb:0e:8d:f4:31:95:99:
5c:9c:b3:65:ba:00:98:d7:98:0e:a4:8b:70:ec:92:
30:d3:21:25:07:39:64:7a:87:f6:72:6e:8b:25:3f:
58:68:62:8c:96:40:9a:5c:40:41:22:35:1a:88:65:
f0:46:21:90:62:89:3a:ca:24:a1:e8:2e:49:da:96:
c2:42:d9:b0:42:76:86:09:4d:49:56:45:36:e6:d7:
41:2d:72:78:35:ff:26:79:91:f3:6a:c6:06:7a:97:
95:0f:d6:18:4e:fb:ea:d1:51:1e:29:17:fb:cb:5b:
d7:7d:c4:36:c6:46:a2:1d:e9:cb:78:6d:1d:3c:95:
dc:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:EA:C0:4C:D6:CD:2E:B7:6D:8C:8B:18:D2:E7:D7:8E:36:90:85:69
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/turATNbNLrdtjIsY0ufXjjaQhWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.95.0/24
45.128.96.0/24
Signature Algorithm: sha256WithRSAEncryption
08:95:e2:11:34:c3:77:13:16:7c:c6:2f:73:63:31:d1:98:cf:
4c:18:b3:3d:37:d6:65:d9:52:99:3d:b1:ef:7a:aa:f7:a2:7e:
90:9f:0b:17:1a:96:c6:24:23:54:d2:d4:6f:8f:79:b2:06:1b:
44:0d:e8:86:50:cf:be:f5:8f:15:f3:fd:4c:69:9d:b0:88:df:
a9:37:1a:e4:0c:21:9d:5e:60:40:ac:76:bf:5f:36:12:b1:3f:
db:4d:79:63:3c:48:8e:3d:82:6a:79:e1:f3:90:43:50:f1:13:
1f:b4:67:22:db:46:08:a2:97:9e:36:d6:78:95:0d:6f:0e:d0:
eb:9d:58:30:dc:be:e5:6c:2f:dc:4a:e5:b2:d0:88:b2:c8:5f:
d5:7e:a8:a9:4b:b2:73:4f:29:e3:91:4f:4d:fb:11:c5:f0:e8:
ce:f3:04:e8:db:3e:48:77:91:32:c5:f4:c9:9b:2f:cc:3a:93:
d3:18:8a:d9:7d:5d:b0:38:c5:3a:47:6a:5c:fa:5d:5f:39:85:
82:40:05:c7:c8:55:e4:e5:17:9c:78:f1:04:c4:f2:4c:d6:51:
1c:c2:9e:14:c0:cc:b7:5e:c2:ab:d7:26:f7:6a:21:e2:79:17:
77:db:2c:ca:ba:72:62:1e:d5:99:04:ca:05:73:3d:94:72:93:
0a:71:83:e7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY8KDTkz7FG77ZoPUK5vVP/pMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjQwNDIzMDgyMzA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmVhYzA0Y2Q2Y2QyZWI3NmQ4YzhiMThkMmU3ZDc4ZTM2OTA4NTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqFtAcvA+eTMgbJxZ3aLmIZfq5bB/
Ha6Lf1iywp1cnnxTneag90Fm3i3eVznE7JiDOPWMaRFBvno6tvYHTxutBK1hy7Kd
TTHevU0FG9HS416oEH4/yYTfmhm3scv92EqB5ivubAbwExUcmx62d7BDWLwuojnU
gX53weYEAHwN58sOjfQxlZlcnLNlugCY15gOpItw7JIw0yElBzlkeof2cm6LJT9Y
aGKMlkCaXEBBIjUaiGXwRiGQYok6yiSh6C5J2pbCQtmwQnaGCU1JVkU25tdBLXJ4
Nf8meZHzasYGepeVD9YYTvvq0VEeKRf7y1vXfcQ2xkaiHenLeG0dPJXcAwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLbqwEzWzS63bYyLGNLn1442kIVpMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvdHVyQVROYk5McmR0aklzWTB1ZlhqamFRaFdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAAjpfAwQA
LYBgMA0GCSqGSIb3DQEBCwUAA4IBAQAIleIRNMN3ExZ8xi9zYzHRmM9MGLM9N9Zl
2VKZPbHveqr3on6QnwsXGpbGJCNU0tRvj3myBhtEDeiGUM++9Y8V8/1MaZ2wiN+p
NxrkDCGdXmBArHa/XzYSsT/bTXljPEiOPYJqeeHzkENQ8RMftGci20YIopeeNtZ4
lQ1vDtDrnVgw3L7lbC/cSuWy0IiyyF/VfqipS7JzTynjkU9N+xHF8OjO8wTo2z5I
d5EyxfTJmy/MOpPTGIrZfV2wOMU6R2pc+l1fOYWCQAXHyFXk5RecePEExPJM1lEc
wp4UwMy3XsKr1yb3aiHieRd32yzKunJiHtWZBMoFcz2UcpMKcYPn
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:47:48 2024 by rpki-client on console-fra.rpki-client.org