Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/TDR1OVME_6_cfpLmnI5aPiM0L-4.roa
File: TDR1OVME_6_cfpLmnI5aPiM0L-4.roa (raw, json)
Hash identifier: zjtRHT9mjwwbB+/wSWbseWOBUAOIYZ49g6oCpw/5AEM=
Subject key identifier: 4C:34:75:39:53:04:FF:AF:DC:7E:92:E6:9C:8E:5A:3E:23:34:2F:EE
Certificate issuer: /CN=659c356633388e9bd897d000a3f38bc1e546ef4a
Certificate serial: 019364C71B3EC824047E50F44F53DF29B65A
Authority key identifier: 65:9C:35:66:33:38:8E:9B:D8:97:D0:00:A3:F3:8B:C1:E5:46:EF:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZZw1ZjM4jpvYl9AAo_OLweVG70o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/TDR1OVME_6_cfpLmnI5aPiM0L-4.roa
Signing time: Mon 25 Nov 2024 19:23:10 +0000
ROA not before: Mon 25 Nov 2024 19:23:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 1961
IP address blocks: 193.38.176.0/23 maxlen: 23
193.38.176.0/24 maxlen: 24
193.38.177.0/24 maxlen: 24
193.38.180.0/23 maxlen: 23
193.38.180.0/24 maxlen: 24
193.38.181.0/24 maxlen: 24
193.38.190.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/ZZw1ZjM4jpvYl9AAo_OLweVG70o.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/ZZw1ZjM4jpvYl9AAo_OLweVG70o.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZZw1ZjM4jpvYl9AAo_OLweVG70o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:64:c7:1b:3e:c8:24:04:7e:50:f4:4f:53:df:29:b6:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=659c356633388e9bd897d000a3f38bc1e546ef4a
Validity
Not Before: Nov 25 19:23:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c3475395304ffafdc7e92e69c8e5a3e23342fee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:ad:24:a3:56:65:19:3a:1e:cc:62:a2:fc:5a:
eb:16:ad:05:d4:dc:a0:23:5c:9a:e8:24:56:5a:c8:
ef:12:56:d5:99:ff:6f:3a:2a:a4:d5:cc:e4:0a:c4:
2c:47:8c:73:6f:b6:09:4a:9a:64:06:61:bd:cb:75:
c8:81:82:1b:7d:f1:0d:d1:d5:b2:9d:35:d4:44:26:
9d:bc:e4:a4:61:a9:71:17:e2:17:aa:64:3d:da:e3:
41:32:49:ab:c7:09:44:3c:05:ed:9b:a9:0c:9d:5b:
51:3b:65:94:2f:77:21:16:ed:60:fd:9e:08:32:36:
b5:9f:85:25:25:7b:20:7e:be:a9:29:70:98:f9:a4:
a6:34:7a:75:ef:9d:e9:5f:9d:e4:39:a2:1f:59:2e:
87:41:ec:bb:38:7d:b2:03:73:f5:15:f5:48:a6:9c:
64:75:ad:a5:f4:fb:75:87:5d:ab:6b:b3:d8:f7:88:
a0:46:9c:e1:4c:69:cd:25:b3:20:e6:3a:0e:47:69:
41:47:9a:9e:6b:41:72:b3:f9:37:16:7c:6f:bc:13:
ec:4a:37:2c:a9:96:25:6d:6e:b1:3b:f6:11:06:a4:
7e:91:dd:2e:c6:40:82:d1:17:36:d0:ca:e9:cd:92:
0b:b2:cb:02:f9:62:60:8b:9a:35:57:1c:96:35:bb:
c3:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:34:75:39:53:04:FF:AF:DC:7E:92:E6:9C:8E:5A:3E:23:34:2F:EE
X509v3 Authority Key Identifier:
keyid:65:9C:35:66:33:38:8E:9B:D8:97:D0:00:A3:F3:8B:C1:E5:46:EF:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZZw1ZjM4jpvYl9AAo_OLweVG70o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/TDR1OVME_6_cfpLmnI5aPiM0L-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/7c7851-585b-49f1-8be9-3c7e4f93e42b/1/ZZw1ZjM4jpvYl9AAo_OLweVG70o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.38.176.0/23
193.38.180.0/23
193.38.190.0/23
Signature Algorithm: sha256WithRSAEncryption
a4:3d:29:73:9e:64:ee:85:1e:91:3f:66:c1:ff:73:56:67:f8:
26:d9:65:51:42:d0:27:81:24:09:1d:fa:93:62:03:0a:e8:c1:
78:6e:ab:59:91:b4:30:46:33:69:d2:94:47:d1:99:46:4d:67:
d5:99:46:78:e8:14:5d:ba:c2:44:07:b9:07:01:6c:32:d4:f5:
78:27:f2:b5:87:07:a4:9d:f6:dd:6b:f5:fe:90:2e:40:2f:72:
06:9b:c5:f9:2a:e0:22:a0:80:ad:25:5d:6f:6d:49:7a:eb:da:
2b:40:e0:d3:e2:cf:30:63:e4:60:bc:e9:fe:10:94:77:dd:c0:
f4:de:10:4e:c9:f1:2a:f7:56:af:45:f5:3b:06:f5:64:73:55:
be:e1:4f:bc:2e:4b:39:97:7e:d6:69:81:61:fe:60:9a:c0:a8:
cd:83:84:14:8c:ea:8d:42:95:67:2b:a7:86:9f:a8:68:50:8d:
a4:10:a6:87:32:ae:b9:4d:f2:4a:d7:ee:07:28:b2:30:f7:2f:
d1:c3:f5:52:0a:65:65:ca:d8:b7:7b:e8:5a:10:30:e4:fb:62:
e8:72:5a:c4:7b:fb:e3:9f:e3:e2:ae:01:fc:22:19:3b:a1:dc:
c2:38:4c:c4:22:cf:d1:28:1b:a5:6e:5e:27:67:4f:40:ad:dd:
ac:a3:48:30
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZNkxxs+yCQEflD0T1PfKbZaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1OWMzNTY2MzMzODhlOWJkODk3ZDAwMGEzZjM4YmMxZTU0
NmVmNGEwHhcNMjQxMTI1MTkyMzEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzM0NzUzOTUzMDRmZmFmZGM3ZTkyZTY5YzhlNWEzZTIzMzQyZmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtq0ko1ZlGToezGKi/FrrFq0F1Nyg
I1ya6CRWWsjvElbVmf9vOiqk1czkCsQsR4xzb7YJSppkBmG9y3XIgYIbffEN0dWy
nTXURCadvOSkYalxF+IXqmQ92uNBMkmrxwlEPAXtm6kMnVtRO2WUL3chFu1g/Z4I
Mja1n4UlJXsgfr6pKXCY+aSmNHp1753pX53kOaIfWS6HQey7OH2yA3P1FfVIppxk
da2l9Pt1h12ra7PY94igRpzhTGnNJbMg5joOR2lBR5qea0Fys/k3FnxvvBPsSjcs
qZYlbW6xO/YRBqR+kd0uxkCC0Rc20MrpzZILsssC+WJgi5o1VxyWNbvDuwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEw0dTlTBP+v3H6S5pyOWj4jNC/uMB8GA1UdIwQY
MBaAFGWcNWYzOI6b2JfQAKPzi8HlRu9KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlp3MVpqTTRqcHZZbDlBQW9fT0x3ZVZHNzBvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC83Yzc4NTEtNTg1Yi00OWYxLThiZTkt
M2M3ZTRmOTNlNDJiLzEvVERSMU9WTUVfNl9jZnBMbW5JNWFQaU0wTC00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC83Yzc4NTEtNTg1Yi00OWYxLThiZTktM2M3ZTRmOTNlNDJi
LzEvWlp3MVpqTTRqcHZZbDlBQW9fT0x3ZVZHNzBvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwSawAwQB
wSa0AwQBwSa+MA0GCSqGSIb3DQEBCwUAA4IBAQCkPSlznmTuhR6RP2bB/3NWZ/gm
2WVRQtAngSQJHfqTYgMK6MF4bqtZkbQwRjNp0pRH0ZlGTWfVmUZ46BRdusJEB7kH
AWwy1PV4J/K1hweknfbda/X+kC5AL3IGm8X5KuAioICtJV1vbUl669orQODT4s8w
Y+RgvOn+EJR33cD03hBOyfEq91avRfU7BvVkc1W+4U+8Lks5l37WaYFh/mCawKjN
g4QUjOqNQpVnK6eGn6hoUI2kEKaHMq65TfJK1+4HKLIw9y/Rw/VSCmVlyti3e+ha
EDDk+2LoclrEe/vjn+PirgH8Ihk7odzCOEzEIs/RKBulbl4nZ09Ard2so0gw
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:28:58 2024 by rpki-client on console-ams.rpki-client.org