Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/TwCBjeciCIJPTnEwR0cVTqkAyF8.roa
File: TwCBjeciCIJPTnEwR0cVTqkAyF8.roa (raw, json)
Hash identifier: TYadi+IQIo5qN3tvJnUFVZ/0ZoIieMSfaRYs4O4VkZw=
Subject key identifier: 4F:00:81:8D:E7:22:08:82:4F:4E:71:30:47:47:15:4E:A9:00:C8:5F
Certificate issuer: /CN=39f086ca6211bb95d0643089c7da576fe67c2152
Certificate serial: 018EC77F9B613D297A68A0A65C55BB34A5A6
Authority key identifier: 39:F0:86:CA:62:11:BB:95:D0:64:30:89:C7:DA:57:6F:E6:7C:21:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OfCGymIRu5XQZDCJx9pXb-Z8IVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/TwCBjeciCIJPTnEwR0cVTqkAyF8.roa
Signing time: Wed 10 Apr 2024 10:13:32 +0000
ROA not before: Wed 10 Apr 2024 10:13:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62240
IP address blocks: 5.42.218.0/24 maxlen: 24
195.211.164.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/OfCGymIRu5XQZDCJx9pXb-Z8IVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/OfCGymIRu5XQZDCJx9pXb-Z8IVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/OfCGymIRu5XQZDCJx9pXb-Z8IVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 26 Apr 2024 14:10:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c7:7f:9b:61:3d:29:7a:68:a0:a6:5c:55:bb:34:a5:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=39f086ca6211bb95d0643089c7da576fe67c2152
Validity
Not Before: Apr 10 10:13:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f00818de72208824f4e71304747154ea900c85f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:11:da:b4:5e:03:d1:63:b6:eb:26:45:94:c7:
5b:d3:ca:5c:ff:02:4e:61:5d:74:fe:22:bc:56:42:
9e:70:b3:39:6b:dd:f3:1d:6c:ed:52:4a:f4:9a:09:
66:d6:3a:41:76:0a:30:8c:07:18:a6:30:80:3c:bc:
80:96:38:71:07:07:f2:a5:ed:1a:0a:a4:03:8b:bb:
7e:8c:91:fb:76:59:ad:80:7b:b5:15:56:2e:64:93:
25:69:ff:d4:1a:21:cb:cc:63:1b:c1:5f:28:92:97:
23:48:11:b1:d1:05:8d:b8:20:a8:cb:75:2d:f1:a9:
2e:0d:e9:5f:16:97:fc:dd:5f:14:e3:5e:b4:f1:63:
c9:bd:08:71:6a:d6:e5:93:d4:d9:30:8b:2f:2a:cf:
df:69:d5:0c:c1:81:57:48:96:cb:b6:bd:4c:89:9f:
a7:d1:c1:60:82:c7:4f:c2:a6:fc:11:ee:6e:5b:1b:
25:6f:1c:d1:d8:5d:2d:e8:ed:9c:18:83:34:ca:c8:
5d:cc:10:53:3b:63:42:b7:43:ce:cd:3a:2f:50:27:
61:51:50:74:16:a3:bf:96:27:2e:0a:ec:49:d3:0c:
f3:2e:70:cd:10:8d:68:ac:c3:b5:af:de:84:e5:84:
62:99:e7:2f:1e:5e:12:74:87:39:cc:2e:dc:5e:24:
6b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:00:81:8D:E7:22:08:82:4F:4E:71:30:47:47:15:4E:A9:00:C8:5F
X509v3 Authority Key Identifier:
keyid:39:F0:86:CA:62:11:BB:95:D0:64:30:89:C7:DA:57:6F:E6:7C:21:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OfCGymIRu5XQZDCJx9pXb-Z8IVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/TwCBjeciCIJPTnEwR0cVTqkAyF8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/0d64e2-e2da-468a-8f7d-7fe328571938/1/OfCGymIRu5XQZDCJx9pXb-Z8IVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.218.0/24
195.211.164.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:f9:a6:d4:f2:c5:62:4a:c2:d3:48:4f:58:2c:f5:bb:83:f2:
b3:06:00:56:93:df:9e:8f:0c:23:a4:0e:a6:41:47:ae:0a:ef:
e2:6d:6e:6d:94:b5:8d:08:89:ff:04:d2:28:52:1b:89:e6:ba:
a7:d8:42:05:0c:7e:8b:1f:3d:94:de:db:93:ea:14:01:af:38:
0e:ad:9f:09:86:d9:96:74:48:bf:21:41:16:3b:ca:30:07:83:
97:6d:12:5d:87:ff:9e:e5:f8:a8:10:23:a9:ca:ef:4d:be:1a:
f1:e8:02:7f:e1:fd:04:a0:b0:1e:a5:3a:e4:84:23:f1:6f:2b:
5d:61:2c:44:53:38:6f:fe:7d:79:54:b2:60:1e:3e:4e:4a:8c:
23:b3:8e:05:24:a0:ea:ce:c8:e4:d0:c2:42:88:b4:a5:42:0d:
64:34:69:c2:6e:2d:75:b7:e7:f8:78:f4:f4:e1:58:59:7a:28:
e0:40:7b:63:c3:ce:c1:1b:4e:1a:43:42:ee:a8:31:26:37:a8:
b2:21:10:59:0c:0b:b1:62:e4:2a:00:ab:fb:2f:ed:0e:91:73:
e6:3e:a6:03:8b:90:01:7d:82:56:9d:52:6f:47:f3:37:1f:c5:
26:35:3d:96:10:91:fb:28:a2:8b:44:e0:c1:b7:ff:27:47:f2:
85:42:31:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY7Hf5thPSl6aKCmXFW7NKWmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM5ZjA4NmNhNjIxMWJiOTVkMDY0MzA4OWM3ZGE1NzZmZTY3
YzIxNTIwHhcNMjQwNDEwMTAxMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjAwODE4ZGU3MjIwODgyNGY0ZTcxMzA0NzQ3MTU0ZWE5MDBjODVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmRHatF4D0WO26yZFlMdb08pc/wJO
YV10/iK8VkKecLM5a93zHWztUkr0mglm1jpBdgowjAcYpjCAPLyAljhxBwfype0a
CqQDi7t+jJH7dlmtgHu1FVYuZJMlaf/UGiHLzGMbwV8okpcjSBGx0QWNuCCoy3Ut
8akuDelfFpf83V8U41608WPJvQhxatblk9TZMIsvKs/fadUMwYFXSJbLtr1MiZ+n
0cFggsdPwqb8Ee5uWxslbxzR2F0t6O2cGIM0yshdzBBTO2NCt0POzTovUCdhUVB0
FqO/licuCuxJ0wzzLnDNEI1orMO1r96E5YRimecvHl4SdIc5zC7cXiRr/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE8AgY3nIgiCT05xMEdHFU6pAMhfMB8GA1UdIwQY
MBaAFDnwhspiEbuV0GQwicfaV2/mfCFSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT2ZDR3ltSVJ1NVhRWkRDSng5cFhiLVo4SVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8wZDY0ZTItZTJkYS00NjhhLThmN2Qt
N2ZlMzI4NTcxOTM4LzEvVHdDQmplY2lDSUpQVG5Fd1IwY1ZUcWtBeUY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8wZDY0ZTItZTJkYS00NjhhLThmN2QtN2ZlMzI4NTcxOTM4
LzEvT2ZDR3ltSVJ1NVhRWkRDSng5cFhiLVo4SVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABSraAwQA
w9OkMA0GCSqGSIb3DQEBCwUAA4IBAQCM+abU8sViSsLTSE9YLPW7g/KzBgBWk9+e
jwwjpA6mQUeuCu/ibW5tlLWNCIn/BNIoUhuJ5rqn2EIFDH6LHz2U3tuT6hQBrzgO
rZ8JhtmWdEi/IUEWO8owB4OXbRJdh/+e5fioECOpyu9Nvhrx6AJ/4f0EoLAepTrk
hCPxbytdYSxEUzhv/n15VLJgHj5OSowjs44FJKDqzsjk0MJCiLSlQg1kNGnCbi11
t+f4ePT04VhZeijgQHtjw87BG04aQ0LuqDEmN6iyIRBZDAuxYuQqAKv7L+0OkXPm
PqYDi5ABfYJWnVJvR/M3H8UmNT2WEJH7KKKLRODBt/8nR/KFQjFG
-----END CERTIFICATE-----
Generated at Thu Apr 25 22:49:46 2024 by rpki-client on console-fra.rpki-client.org