Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/ToAJau8o57uU_i46wPA6b9m5YTs.roa
File: ToAJau8o57uU_i46wPA6b9m5YTs.roa (raw, json)
Hash identifier: Esb76ODpCEu5PtaLMlJiPWdnEa25xj0LDHkzNrS+yb4=
Subject key identifier: 4E:80:09:6A:EF:28:E7:BB:94:FE:2E:3A:C0:F0:3A:6F:D9:B9:61:3B
Certificate issuer: /CN=567190854786a16afa6b0ec78dfb0620abaacfef
Certificate serial: 0192F8FCFAA534BF4FA8A8198440C731E354
Authority key identifier: 56:71:90:85:47:86:A1:6A:FA:6B:0E:C7:8D:FB:06:20:AB:AA:CF:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VnGQhUeGoWr6aw7HjfsGIKuqz-8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/ToAJau8o57uU_i46wPA6b9m5YTs.roa
Signing time: Mon 04 Nov 2024 21:03:01 +0000
ROA not before: Mon 04 Nov 2024 21:03:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20712
IP address blocks: 5.172.160.0/20 maxlen: 24
5.172.170.0/24 maxlen: 24
81.2.64.0/18 maxlen: 24
81.187.0.0/16 maxlen: 24
81.187.161.0/24 maxlen: 24
90.155.0.0/18 maxlen: 24
90.155.64.0/19 maxlen: 20
90.155.96.0/20 maxlen: 20
178.238.144.0/20 maxlen: 24
194.4.172.0/22 maxlen: 24
217.169.0.0/19 maxlen: 24
2001:8b0::/32 maxlen: 63
2001:8b0:a::666/128 maxlen: 128
2001:8b6::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/VnGQhUeGoWr6aw7HjfsGIKuqz-8.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/VnGQhUeGoWr6aw7HjfsGIKuqz-8.mft
rsync://rpki.ripe.net/repository/DEFAULT/VnGQhUeGoWr6aw7HjfsGIKuqz-8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f8:fc:fa:a5:34:bf:4f:a8:a8:19:84:40:c7:31:e3:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=567190854786a16afa6b0ec78dfb0620abaacfef
Validity
Not Before: Nov 4 21:03:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e80096aef28e7bb94fe2e3ac0f03a6fd9b9613b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:0a:59:6d:65:8a:f8:fb:a2:14:66:14:0d:67:
f5:89:18:07:0f:84:58:0f:21:a8:c1:4a:a3:19:e1:
d4:09:d4:b2:7f:ec:83:ff:25:a6:cf:17:ab:28:44:
f7:66:29:9e:c7:61:a6:4a:13:af:f2:36:f3:e1:83:
ef:91:bd:37:be:55:dd:56:11:29:ba:80:8c:20:fb:
ac:db:2b:95:a6:f8:f5:ea:0f:4e:d1:39:5a:e2:a8:
90:92:5e:07:80:1f:41:2e:8d:c3:41:6d:cd:9f:b9:
d7:67:90:3c:a9:82:ee:5f:1f:22:6d:62:44:4a:5d:
1a:34:a0:2c:1b:76:80:a4:5b:82:be:dd:05:5f:42:
53:61:f2:93:36:ae:f3:7f:22:12:3d:77:7c:03:0a:
cf:e0:8d:0c:71:0f:47:fa:64:38:28:75:8b:34:1c:
e2:94:fa:71:be:41:2f:50:05:8c:75:16:9a:d5:b6:
d7:93:a1:90:02:74:a9:49:f2:08:62:24:b5:34:4a:
41:b1:29:86:8e:ea:0c:0b:91:91:d9:08:79:ef:37:
a0:64:3d:bc:03:6f:9d:09:e0:ef:5d:9b:c1:b1:39:
31:9b:7b:39:83:c6:f2:61:7e:f6:6e:fc:cd:b8:57:
2d:5b:9b:dc:b3:e4:78:4a:af:bb:c7:70:7d:9f:f6:
6d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:80:09:6A:EF:28:E7:BB:94:FE:2E:3A:C0:F0:3A:6F:D9:B9:61:3B
X509v3 Authority Key Identifier:
keyid:56:71:90:85:47:86:A1:6A:FA:6B:0E:C7:8D:FB:06:20:AB:AA:CF:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VnGQhUeGoWr6aw7HjfsGIKuqz-8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/ToAJau8o57uU_i46wPA6b9m5YTs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/24c324-a15e-4cd0-94c1-73ff40959348/1/VnGQhUeGoWr6aw7HjfsGIKuqz-8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.160.0/20
81.2.64.0/18
81.187.0.0/16
90.155.0.0-90.155.111.255
178.238.144.0/20
194.4.172.0/22
217.169.0.0/19
IPv6:
2001:8b0::/32
2001:8b6::/32
Signature Algorithm: sha256WithRSAEncryption
2c:60:e0:97:07:98:9d:ce:b8:5e:dd:8a:ac:18:06:0a:f6:06:
c3:44:12:f0:b8:4a:9c:57:20:f7:91:6d:a1:03:42:1f:ce:25:
70:db:61:e7:26:62:e2:ff:0b:9e:1b:48:93:17:02:83:0e:68:
70:86:fc:92:0d:52:f9:63:c8:b2:a3:7c:b7:7f:d5:b8:ab:4a:
40:9a:9f:dc:65:78:3b:6a:04:6e:ba:01:dc:f4:38:63:83:8f:
4e:70:56:ef:97:43:24:e6:68:97:ea:16:2d:06:73:3e:1b:11:
57:4d:3f:e1:d5:cc:43:6f:b1:67:d1:9e:e5:d7:90:95:e1:35:
b0:15:62:be:59:e1:ae:a2:54:1d:3c:9e:90:d9:59:c9:4c:68:
4c:1f:e2:7d:94:84:60:d5:82:4a:e9:7c:ac:90:86:2e:d5:1f:
f6:f2:51:c6:67:f9:a2:1e:9d:6d:54:4e:cf:74:b9:3e:a7:02:
19:ae:e8:7c:ba:56:a3:c0:ed:a1:38:f5:15:3d:b6:df:54:52:
e0:1d:91:a4:21:e0:4a:67:49:e9:03:ed:7c:56:d3:4f:6c:76:
15:51:eb:8a:9c:6c:46:12:ba:9e:d8:05:e5:b8:2c:97:2a:7c:
9b:ef:e4:0e:2a:70:36:59:26:2f:42:f7:74:14:fc:b0:46:b7:
6b:93:19:24
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZL4/PqlNL9PqKgZhEDHMeNUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU2NzE5MDg1NDc4NmExNmFmYTZiMGVjNzhkZmIwNjIwYWJh
YWNmZWYwHhcNMjQxMTA0MjEwMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTgwMDk2YWVmMjhlN2JiOTRmZTJlM2FjMGYwM2E2ZmQ5Yjk2MTNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyQpZbWWK+PuiFGYUDWf1iRgHD4RY
DyGowUqjGeHUCdSyf+yD/yWmzxerKET3Zimex2GmShOv8jbz4YPvkb03vlXdVhEp
uoCMIPus2yuVpvj16g9O0Tla4qiQkl4HgB9BLo3DQW3Nn7nXZ5A8qYLuXx8ibWJE
Sl0aNKAsG3aApFuCvt0FX0JTYfKTNq7zfyISPXd8AwrP4I0McQ9H+mQ4KHWLNBzi
lPpxvkEvUAWMdRaa1bbXk6GQAnSpSfIIYiS1NEpBsSmGjuoMC5GR2Qh57zegZD28
A2+dCeDvXZvBsTkxm3s5g8byYX72bvzNuFctW5vcs+R4Sq+7x3B9n/ZtpQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFE6ACWrvKOe7lP4uOsDwOm/ZuWE7MB8GA1UdIwQY
MBaAFFZxkIVHhqFq+msOx437BiCrqs/vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVm5HUWhVZUdvV3I2YXc3SGpmc0dJS3Vxei04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8yNGMzMjQtYTE1ZS00Y2QwLTk0YzEt
NzNmZjQwOTU5MzQ4LzEvVG9BSmF1OG81N3VVX2k0NndQQTZiOW01WVRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8yNGMzMjQtYTE1ZS00Y2QwLTk0YzEtNzNmZjQwOTU5MzQ4
LzEvVm5HUWhVZUdvV3I2YXc3SGpmc0dJS3Vxei04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA2BAIAATAwAwQEBaygAwQG
UQJAAwMAUbswCwMDAFqbAwQEWptgAwQEsu6QAwQCwgSsAwQF2akAMBQEAgACMA4D
BQAgAQiwAwUAIAEItjANBgkqhkiG9w0BAQsFAAOCAQEALGDglweYnc64Xt2KrBgG
CvYGw0QS8LhKnFcg95FtoQNCH84lcNth5yZi4v8LnhtIkxcCgw5ocIb8kg1S+WPI
sqN8t3/VuKtKQJqf3GV4O2oEbroB3PQ4Y4OPTnBW75dDJOZol+oWLQZzPhsRV00/
4dXMQ2+xZ9Ge5deQleE1sBVivlnhrqJUHTyekNlZyUxoTB/ifZSEYNWCSul8rJCG
LtUf9vJRxmf5oh6dbVROz3S5PqcCGa7ofLpWo8DtoTj1FT2231RS4B2RpCHgSmdJ
6QPtfFbTT2x2FVHripxsRhK6ntgF5bgslyp8m+/kDipwNlkmL0L3dBT8sEa3a5MZ
JA==
-----END CERTIFICATE-----
Generated at Tue Nov 26 07:08:37 2024 by rpki-client on console-ams.rpki-client.org