Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/REsDiR1C2cpb1YhkyX531u2E_Ts.roa
File: REsDiR1C2cpb1YhkyX531u2E_Ts.roa (raw, json)
Hash identifier: hIRlDu1fg5kiE/jOM5O38wNbBIEqa9xxIy4c+8GAFao=
Subject key identifier: 44:4B:03:89:1D:42:D9:CA:5B:D5:88:64:C9:7E:77:D6:ED:84:FD:3B
Certificate issuer: /CN=3ecd53c66424c3f369ca88ee7af76adb25e18451
Certificate serial: 01924D79019EE4CEA409E20132C11F4B66D2
Authority key identifier: 3E:CD:53:C6:64:24:C3:F3:69:CA:88:EE:7A:F7:6A:DB:25:E1:84:51
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/REsDiR1C2cpb1YhkyX531u2E_Ts.roa
Signing time: Wed 02 Oct 2024 13:43:48 +0000
ROA not before: Wed 02 Oct 2024 13:43:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59437
IP address blocks: 87.120.208.0/21 maxlen: 21
87.121.28.0/22 maxlen: 22
94.156.254.0/23 maxlen: 23
176.56.192.0/19 maxlen: 23
185.159.86.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/Ps1TxmQkw_Npyojuevdq2yXhhFE.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/Ps1TxmQkw_Npyojuevdq2yXhhFE.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:4d:79:01:9e:e4:ce:a4:09:e2:01:32:c1:1f:4b:66:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ecd53c66424c3f369ca88ee7af76adb25e18451
Validity
Not Before: Oct 2 13:43:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=444b03891d42d9ca5bd58864c97e77d6ed84fd3b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:b0:9d:5a:df:1e:29:06:b8:68:6f:f9:15:19:
34:aa:f2:d6:7a:c3:e3:2b:82:bd:d7:ef:89:55:21:
cb:b0:7e:b4:ee:b5:93:11:4e:eb:39:8f:aa:c6:db:
53:1c:48:fb:d4:b4:45:05:53:ba:2e:93:71:4a:c2:
28:79:d7:7f:0e:d6:9d:1e:0c:50:dd:7e:a9:0a:f5:
8f:ff:e2:3a:ff:5e:15:57:ae:57:84:d2:24:4b:83:
4e:a4:1c:a4:67:79:0f:df:25:35:7a:c4:66:3e:3c:
2d:ac:7f:f7:6e:03:83:f4:da:f8:16:c6:ba:49:dc:
ef:30:a7:54:2d:c9:02:32:45:2c:8f:88:ff:7e:86:
5b:f1:97:e5:e9:fd:c0:e4:4f:29:b5:e2:29:3d:d5:
87:a7:57:18:fa:48:02:8c:b8:f1:1e:9f:55:eb:5e:
23:e5:3c:bf:30:a1:89:1e:81:19:96:cf:d6:e8:b2:
de:48:b0:2f:12:9f:53:fa:b3:fc:79:82:34:e0:65:
e7:2c:3e:d6:ce:b0:a7:f2:d0:bf:3e:c9:9f:e1:04:
86:40:6e:a9:e8:67:81:29:07:8d:4f:cf:17:6a:2f:
20:8b:3f:20:22:ed:0d:15:5d:01:c0:9c:f0:e0:c5:
99:cd:14:d2:13:5f:ec:bb:9f:69:01:9a:09:68:9b:
7f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:4B:03:89:1D:42:D9:CA:5B:D5:88:64:C9:7E:77:D6:ED:84:FD:3B
X509v3 Authority Key Identifier:
keyid:3E:CD:53:C6:64:24:C3:F3:69:CA:88:EE:7A:F7:6A:DB:25:E1:84:51
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ps1TxmQkw_Npyojuevdq2yXhhFE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/REsDiR1C2cpb1YhkyX531u2E_Ts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/e65ada-4d4a-404d-8700-c2256804e922/1/Ps1TxmQkw_Npyojuevdq2yXhhFE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.120.208.0/21
87.121.28.0/22
94.156.254.0/23
176.56.192.0/19
185.159.86.0/24
Signature Algorithm: sha256WithRSAEncryption
0a:83:5b:22:29:66:1d:53:34:02:8f:7d:23:fc:fb:b2:f8:0d:
e1:6e:27:b9:5f:ba:4a:88:43:22:20:dc:71:87:36:d9:ce:4f:
51:6f:4c:a5:8b:68:a9:f8:c3:c4:85:27:d5:c4:bc:16:4e:39:
e3:47:12:d9:02:d5:8b:0b:4c:2d:75:26:90:0e:fa:1f:b3:6b:
ff:7e:cc:0c:45:e7:d6:1f:d1:42:9d:c7:e0:3e:1c:af:3e:2c:
ed:02:8c:1c:4c:b8:6a:10:c1:3d:0f:5a:c5:55:1c:38:ee:f0:
ff:d4:cb:d8:8c:eb:67:15:90:1d:71:44:ea:98:db:ec:d3:4d:
7a:03:e4:99:fd:2a:b3:b8:6e:6e:9b:bc:5d:d3:75:dd:7e:0c:
11:31:9d:c3:5b:49:64:df:f8:fa:8c:34:fd:7b:96:00:3b:b8:
a0:86:50:42:aa:51:4a:7d:8a:14:50:7e:aa:23:c3:1b:77:d9:
b7:39:81:30:ec:64:f9:a4:e4:51:32:9a:a3:ce:43:09:bf:26:
f5:4b:40:ea:82:98:69:78:3f:86:17:06:b5:94:26:d7:99:1d:
9d:51:98:54:f0:e0:ec:95:fb:b9:eb:10:1b:3b:a1:bd:03:a1:
8e:de:dc:e7:12:70:ab:e8:c4:38:53:11:75:58:f1:ba:3b:71:
26:ca:57:22
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZJNeQGe5M6kCeIBMsEfS2bSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlY2Q1M2M2NjQyNGMzZjM2OWNhODhlZTdhZjc2YWRiMjVl
MTg0NTEwHhcNMjQxMDAyMTM0MzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDRiMDM4OTFkNDJkOWNhNWJkNTg4NjRjOTdlNzdkNmVkODRmZDNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw7CdWt8eKQa4aG/5FRk0qvLWesPj
K4K91++JVSHLsH607rWTEU7rOY+qxttTHEj71LRFBVO6LpNxSsIoedd/DtadHgxQ
3X6pCvWP/+I6/14VV65XhNIkS4NOpBykZ3kP3yU1esRmPjwtrH/3bgOD9Nr4Fsa6
SdzvMKdULckCMkUsj4j/foZb8Zfl6f3A5E8pteIpPdWHp1cY+kgCjLjxHp9V614j
5Ty/MKGJHoEZls/W6LLeSLAvEp9T+rP8eYI04GXnLD7WzrCn8tC/Psmf4QSGQG6p
6GeBKQeNT88Xai8giz8gIu0NFV0BwJzw4MWZzRTSE1/su59pAZoJaJt/mQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFERLA4kdQtnKW9WIZMl+d9bthP07MB8GA1UdIwQY
MBaAFD7NU8ZkJMPzacqI7nr3atsl4YRRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHMxVHhtUWt3X05weW9qdWV2ZHEyeVhoaEZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS9lNjVhZGEtNGQ0YS00MDRkLTg3MDAt
YzIyNTY4MDRlOTIyLzEvUkVzRGlSMUMyY3BiMVloa3lYNTMxdTJFX1RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS9lNjVhZGEtNGQ0YS00MDRkLTg3MDAtYzIyNTY4MDRlOTIy
LzEvUHMxVHhtUWt3X05weW9qdWV2ZHEyeVhoaEZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQDV3jQAwQC
V3kcAwQBXpz+AwQFsDjAAwQAuZ9WMA0GCSqGSIb3DQEBCwUAA4IBAQAKg1siKWYd
UzQCj30j/Puy+A3hbie5X7pKiEMiINxxhzbZzk9Rb0yli2ip+MPEhSfVxLwWTjnj
RxLZAtWLC0wtdSaQDvofs2v/fswMRefWH9FCncfgPhyvPiztAowcTLhqEME9D1rF
VRw47vD/1MvYjOtnFZAdcUTqmNvs0016A+SZ/SqzuG5um7xd03XdfgwRMZ3DW0lk
3/j6jDT9e5YAO7ighlBCqlFKfYoUUH6qI8Mbd9m3OYEw7GT5pORRMpqjzkMJvyb1
S0DqgphpeD+GFwa1lCbXmR2dUZhU8ODslfu56xAbO6G9A6GO3tznEnCr6MQ4UxF1
WPG6O3Emylci
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:34:05 2024 by rpki-client on console-ams.rpki-client.org