Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/43e309-75c5-4f40-9db3-f2bb69e75e74/1/ttZMSiaYcVTXuxh6JnvVVPyxzNY.roa
File: ttZMSiaYcVTXuxh6JnvVVPyxzNY.roa (raw, json)
Hash identifier: ibWr91aqkqmj2bnUJlqXdakIgKKQb0Hb5JiTi2JaglM=
Subject key identifier: B6:D6:4C:4A:26:98:71:54:D7:BB:18:7A:26:7B:D5:54:FC:B1:CC:D6
Certificate issuer: /CN=79d0d856764a3fee64be14f0a49f59a6865285d1
Certificate serial: 0192BEE8217A9B045F4C04FA9DF3048A5C71
Authority key identifier: 79:D0:D8:56:76:4A:3F:EE:64:BE:14:F0:A4:9F:59:A6:86:52:85:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/edDYVnZKP-5kvhTwpJ9ZpoZShdE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/43e309-75c5-4f40-9db3-f2bb69e75e74/1/ttZMSiaYcVTXuxh6JnvVVPyxzNY.roa
Signing time: Thu 24 Oct 2024 14:22:16 +0000
ROA not before: Thu 24 Oct 2024 14:22:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208964
IP address blocks: 193.28.243.0/24 maxlen: 24
193.28.244.0/24 maxlen: 24
193.28.249.0/24 maxlen: 24
194.124.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/43e309-75c5-4f40-9db3-f2bb69e75e74/1/edDYVnZKP-5kvhTwpJ9ZpoZShdE.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/43e309-75c5-4f40-9db3-f2bb69e75e74/1/edDYVnZKP-5kvhTwpJ9ZpoZShdE.mft
rsync://rpki.ripe.net/repository/DEFAULT/edDYVnZKP-5kvhTwpJ9ZpoZShdE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:be:e8:21:7a:9b:04:5f:4c:04:fa:9d:f3:04:8a:5c:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=79d0d856764a3fee64be14f0a49f59a6865285d1
Validity
Not Before: Oct 24 14:22:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6d64c4a26987154d7bb187a267bd554fcb1ccd6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:43:63:d1:60:af:53:0a:b4:21:0c:fb:21:e9:
f3:db:30:bc:18:9d:ee:08:28:19:9d:5f:d1:8e:24:
6f:3a:53:b8:42:ab:73:30:db:6e:8a:e9:31:20:e5:
79:6c:76:9d:20:cc:be:85:23:4c:18:2d:5e:1e:6e:
c9:33:3d:be:ff:a1:49:ca:9b:29:1e:20:4c:df:77:
0f:9e:d8:59:57:76:b5:91:3b:35:87:7c:36:c7:0f:
4a:27:86:28:46:e2:10:08:9f:c4:6a:e5:76:f0:a4:
91:d6:b5:bb:ed:4f:e6:bb:4a:0c:1c:a3:7a:47:11:
3a:33:34:c5:04:bf:80:b1:78:a4:76:b6:e3:d5:dc:
da:39:5a:a9:1d:ed:f4:c5:50:74:bc:b4:c9:a8:36:
04:c2:35:d6:d3:74:50:14:a7:60:1c:c1:08:ae:31:
5d:61:41:d6:d0:65:7a:eb:0d:4e:28:98:07:f1:63:
88:05:11:35:f3:92:47:04:b6:08:e8:6a:5a:bd:27:
03:a7:c8:1b:7e:c3:82:b2:53:d8:cf:e1:22:b7:14:
73:c5:f0:65:34:33:f6:49:ba:5b:6a:3a:9e:46:27:
46:26:0f:f9:0e:8f:d1:53:2d:c0:47:62:01:cb:aa:
d9:ee:c3:51:db:1a:99:48:e5:5a:a4:66:d5:a3:2d:
18:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:D6:4C:4A:26:98:71:54:D7:BB:18:7A:26:7B:D5:54:FC:B1:CC:D6
X509v3 Authority Key Identifier:
keyid:79:D0:D8:56:76:4A:3F:EE:64:BE:14:F0:A4:9F:59:A6:86:52:85:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/edDYVnZKP-5kvhTwpJ9ZpoZShdE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/43e309-75c5-4f40-9db3-f2bb69e75e74/1/ttZMSiaYcVTXuxh6JnvVVPyxzNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/43e309-75c5-4f40-9db3-f2bb69e75e74/1/edDYVnZKP-5kvhTwpJ9ZpoZShdE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.28.243.0-193.28.244.255
193.28.249.0/24
194.124.62.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:e4:20:37:f4:7d:6d:8f:60:0b:cf:98:1a:af:7f:0d:3a:17:
9e:44:ca:55:56:31:5d:d0:f2:cd:0e:ea:c0:91:7c:50:b5:83:
85:2d:63:e0:bb:15:4e:4e:36:9d:e0:6f:ee:33:ac:d4:bd:8f:
01:78:ed:6a:7c:85:c4:97:a1:7b:15:c3:da:8a:52:05:3d:69:
d6:a0:7a:d4:1b:78:2f:79:73:90:bb:99:8e:83:92:7b:eb:b4:
30:b8:4e:b2:c2:da:c9:ef:02:a0:29:97:47:b5:7d:bb:4b:fc:
15:89:25:01:cf:bc:fc:5f:2f:05:fb:0d:39:46:8c:6a:f3:09:
db:c6:77:ad:75:40:8b:1d:9e:37:50:1b:3a:d3:c5:6a:f3:a0:
33:7b:40:6a:d6:f0:a7:d7:05:dd:cf:98:16:9f:55:5d:d5:25:
f6:ec:62:3d:60:f5:ec:7a:f8:6c:83:43:fc:3b:72:1d:4a:d4:
88:4b:00:ba:d7:61:9d:30:72:32:e3:3c:7a:ad:ae:9f:ac:5c:
04:21:01:51:4c:d1:8e:67:4f:31:71:d5:0f:81:c2:01:21:6e:
e8:94:6b:a4:15:49:81:b9:50:5c:0b:08:37:c4:1b:e2:25:b4:
b9:0a:bd:1a:81:36:03:ad:46:61:6e:a5:ae:4d:bb:f4:44:02:
a0:13:9f:23
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZK+6CF6mwRfTAT6nfMEilxxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc5ZDBkODU2NzY0YTNmZWU2NGJlMTRmMGE0OWY1OWE2ODY1
Mjg1ZDEwHhcNMjQxMDI0MTQyMjE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmQ2NGM0YTI2OTg3MTU0ZDdiYjE4N2EyNjdiZDU1NGZjYjFjY2Q2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv0Nj0WCvUwq0IQz7Ienz2zC8GJ3u
CCgZnV/RjiRvOlO4QqtzMNtuiukxIOV5bHadIMy+hSNMGC1eHm7JMz2+/6FJypsp
HiBM33cPnthZV3a1kTs1h3w2xw9KJ4YoRuIQCJ/EauV28KSR1rW77U/mu0oMHKN6
RxE6MzTFBL+AsXikdrbj1dzaOVqpHe30xVB0vLTJqDYEwjXW03RQFKdgHMEIrjFd
YUHW0GV66w1OKJgH8WOIBRE185JHBLYI6GpavScDp8gbfsOCslPYz+EitxRzxfBl
NDP2SbpbajqeRidGJg/5Do/RUy3AR2IBy6rZ7sNR2xqZSOVapGbVoy0YXQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFLbWTEommHFU17sYeiZ71VT8sczWMB8GA1UdIwQY
MBaAFHnQ2FZ2Sj/uZL4U8KSfWaaGUoXRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZWREWVZuWktQLTVrdmhUd3BKOVpwb1pTaGRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS80M2UzMDktNzVjNS00ZjQwLTlkYjMt
ZjJiYjY5ZTc1ZTc0LzEvdHRaTVNpYVljVlRYdXhoNkpudlZWUHl4ek5ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS80M2UzMDktNzVjNS00ZjQwLTlkYjMtZjJiYjY5ZTc1ZTc0
LzEvZWREWVZuWktQLTVrdmhUd3BKOVpwb1pTaGRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBADBHPMD
BADBHPQDBADBHPkDBADCfD4wDQYJKoZIhvcNAQELBQADggEBAD/kIDf0fW2PYAvP
mBqvfw06F55EylVWMV3Q8s0O6sCRfFC1g4UtY+C7FU5ONp3gb+4zrNS9jwF47Wp8
hcSXoXsVw9qKUgU9adagetQbeC95c5C7mY6DknvrtDC4TrLC2snvAqApl0e1fbtL
/BWJJQHPvPxfLwX7DTlGjGrzCdvGd611QIsdnjdQGzrTxWrzoDN7QGrW8KfXBd3P
mBafVV3VJfbsYj1g9ex6+GyDQ/w7ch1K1IhLALrXYZ0wcjLjPHqtrp+sXAQhAVFM
0Y5nTzFx1Q+BwgEhbuiUa6QVSYG5UFwLCDfEG+IltLkKvRqBNgOtRmFupa5Nu/RE
AqATnyM=
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:32:07 2024 by rpki-client on console-fra.rpki-client.org