Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/TLLttEdh9bsLbdNk9sXfHaqiqq8.roa
File: TLLttEdh9bsLbdNk9sXfHaqiqq8.roa (raw, json)
Hash identifier: mFKoLBln1TY0VqQ91vlNCEotkodEJ4VSSNjUsMJY5fo=
Subject key identifier: 4C:B2:ED:B4:47:61:F5:BB:0B:6D:D3:64:F6:C5:DF:1D:AA:A2:AA:AF
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 019027CC3C4F8F28C3F85960ED617B134303
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/TLLttEdh9bsLbdNk9sXfHaqiqq8.roa
Signing time: Mon 17 Jun 2024 20:03:34 +0000
ROA not before: Mon 17 Jun 2024 20:03:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39238
IP address blocks: 147.45.52.0/22 maxlen: 22
147.45.56.0/22 maxlen: 22
147.45.80.0/22 maxlen: 22
193.233.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:27:cc:3c:4f:8f:28:c3:f8:59:60:ed:61:7b:13:43:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: Jun 17 20:03:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cb2edb44761f5bb0b6dd364f6c5df1daaa2aaaf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c6:c5:e1:96:29:01:05:d8:e4:c2:1d:3c:a5:
4c:e4:0e:97:b8:29:d9:d9:80:55:15:6d:7f:a7:bc:
06:26:55:00:ac:b2:e6:86:04:6a:40:4c:28:db:6a:
4a:e7:f4:9d:ed:21:a3:77:0d:8c:bd:c3:2f:99:61:
82:c5:95:a2:d0:a9:c6:c8:b9:ea:3d:9b:4f:1d:46:
99:f0:56:22:72:80:6d:b4:f4:86:43:a1:71:e7:72:
6a:ee:30:1f:24:65:c5:30:f6:12:d5:b4:12:96:97:
f7:72:04:48:a8:7b:8e:88:29:d1:0e:db:97:c6:69:
4a:64:67:7a:77:09:fb:40:06:92:fa:e7:63:c1:1b:
6b:0b:e5:d7:b3:59:86:31:3c:8b:00:36:0b:f6:10:
ed:9a:13:4e:c3:f8:ba:44:08:a0:93:2d:c6:79:33:
5e:d4:1e:3d:0b:a5:58:5c:bc:b3:ab:7e:47:64:23:
19:48:e1:0d:57:8a:da:4f:56:73:eb:ad:e6:47:c6:
2e:4c:9f:3b:39:ec:7e:3c:6f:47:a8:80:54:91:30:
6f:8e:7b:91:80:b8:e0:8b:54:75:af:99:65:8d:ad:
59:19:bd:a9:8a:cf:43:6b:8e:0b:40:8b:30:9a:5b:
fe:7d:58:2a:5c:fd:d2:0f:68:35:fe:b1:a6:db:61:
3f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B2:ED:B4:47:61:F5:BB:0B:6D:D3:64:F6:C5:DF:1D:AA:A2:AA:AF
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/TLLttEdh9bsLbdNk9sXfHaqiqq8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.52.0-147.45.59.255
147.45.80.0/22
193.233.238.0/24
Signature Algorithm: sha256WithRSAEncryption
69:bc:68:64:6e:9d:cd:df:02:b1:3b:73:18:e5:11:ac:04:7b:
df:db:93:4b:31:a3:7d:66:3e:49:07:32:c3:0c:f3:61:68:91:
5b:2e:57:88:e4:0f:ee:03:f4:fc:2e:1e:d5:66:91:f7:c0:34:
c8:75:cb:d7:4d:6a:0b:60:84:a3:e3:01:02:a7:87:8f:65:b4:
54:ae:c0:2d:40:3a:62:8e:40:f1:92:2a:d9:c1:c6:ef:6b:9f:
56:47:39:0c:b4:19:b7:e8:2b:8e:27:35:36:7c:8e:3f:ca:3e:
fe:e7:19:78:c6:86:4c:1e:ed:29:10:00:35:51:ab:67:5c:55:
fe:03:61:09:5f:c4:e6:45:be:17:d0:76:87:34:0a:d9:12:49:
1c:a2:f4:c1:03:b6:34:10:4e:87:0b:11:19:7b:72:bb:05:1b:
7d:30:a9:f1:f1:23:ed:3a:40:48:77:51:65:2f:df:cd:13:5f:
9c:5a:f2:c8:84:d4:57:3c:ac:d3:c1:1f:cb:90:f9:4f:31:0a:
48:17:81:aa:9f:90:7f:ee:59:d7:b0:51:4d:f3:47:c3:43:3f:
2e:a0:5b:e8:c9:c2:e7:a9:f4:6f:59:ad:30:42:b9:26:04:89:
c8:e1:21:c6:ff:d6:66:26:86:f0:42:53:78:3c:e1:4c:5d:e7:
eb:bb:89:0b
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZAnzDxPjyjD+Flg7WF7E0MDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwNjE3MjAwMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2IyZWRiNDQ3NjFmNWJiMGI2ZGQzNjRmNmM1ZGYxZGFhYTJhYWFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMbF4ZYpAQXY5MIdPKVM5A6XuCnZ
2YBVFW1/p7wGJlUArLLmhgRqQEwo22pK5/Sd7SGjdw2MvcMvmWGCxZWi0KnGyLnq
PZtPHUaZ8FYicoBttPSGQ6Fx53Jq7jAfJGXFMPYS1bQSlpf3cgRIqHuOiCnRDtuX
xmlKZGd6dwn7QAaS+udjwRtrC+XXs1mGMTyLADYL9hDtmhNOw/i6RAigky3GeTNe
1B49C6VYXLyzq35HZCMZSOENV4raT1Zz663mR8YuTJ87Oex+PG9HqIBUkTBvjnuR
gLjgi1R1r5llja1ZGb2pis9Da44LQIswmlv+fVgqXP3SD2g1/rGm22E/9wIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFEyy7bRHYfW7C23TZPbF3x2qoqqvMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvVExMdHRFZGg5YnNMYmROazlzWGZIYXFpcXE4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAKTLTQD
BAKTLTgDBAKTLVADBADB6e4wDQYJKoZIhvcNAQELBQADggEBAGm8aGRunc3fArE7
cxjlEawEe9/bk0sxo31mPkkHMsMM82FokVsuV4jkD+4D9PwuHtVmkffANMh1y9dN
agtghKPjAQKnh49ltFSuwC1AOmKOQPGSKtnBxu9rn1ZHOQy0GbfoK44nNTZ8jj/K
Pv7nGXjGhkwe7SkQADVRq2dcVf4DYQlfxOZFvhfQdoc0CtkSSRyi9MEDtjQQTocL
ERl7crsFG30wqfHxI+06QEh3UWUv380TX5xa8siE1Fc8rNPBH8uQ+U8xCkgXgaqf
kH/uWdewUU3zR8NDPy6gW+jJwuep9G9ZrTBCuSYEicjhIcb/1mYmhvBCU3g84Uxd
5+u7iQs=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:39:24 2024 by rpki-client on console-fra.rpki-client.org