Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/b722c8-14e3-4082-92d1-65f8900e5c82/1/Tv3J91tO5D3riMK-NznRcRMI65g.roa
File: Tv3J91tO5D3riMK-NznRcRMI65g.roa (raw, json)
Hash identifier: 0TajGUYp05U8zTHvBUL1yGqtDmNxaovXKAVq+WCdxlg=
Subject key identifier: 4E:FD:C9:F7:5B:4E:E4:3D:EB:88:C2:BE:37:39:D1:71:13:08:EB:98
Certificate issuer: /CN=62dd5a4075428a7fc9ac94e6d2a2d9a992ef4853
Certificate serial: 018CC94D6F71540B448ECEDEB3871B92B7E5
Authority key identifier: 62:DD:5A:40:75:42:8A:7F:C9:AC:94:E6:D2:A2:D9:A9:92:EF:48:53
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yt1aQHVCin_JrJTm0qLZqZLvSFM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/b722c8-14e3-4082-92d1-65f8900e5c82/1/Tv3J91tO5D3riMK-NznRcRMI65g.roa
Signing time: Tue 02 Jan 2024 08:32:24 +0000
ROA not before: Tue 02 Jan 2024 08:32:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47815
IP address blocks: 194.30.185.0/24 maxlen: 24
188.92.200.0/21 maxlen: 21
94.125.64.0/21 maxlen: 21
2a03:4080::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/b722c8-14e3-4082-92d1-65f8900e5c82/1/Yt1aQHVCin_JrJTm0qLZqZLvSFM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/b722c8-14e3-4082-92d1-65f8900e5c82/1/Yt1aQHVCin_JrJTm0qLZqZLvSFM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yt1aQHVCin_JrJTm0qLZqZLvSFM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Jun 2024 02:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:6f:71:54:0b:44:8e:ce:de:b3:87:1b:92:b7:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62dd5a4075428a7fc9ac94e6d2a2d9a992ef4853
Validity
Not Before: Jan 2 08:32:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4efdc9f75b4ee43deb88c2be3739d1711308eb98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:ea:47:c9:4c:0b:6e:26:73:8d:e3:c1:54:a4:
f2:9a:0c:a4:6d:99:a9:40:42:14:4f:70:72:d6:70:
cb:51:55:1b:74:a1:18:43:ba:2f:c6:1f:a9:e7:03:
e2:d7:f7:64:2b:42:e5:50:9c:62:37:af:7a:5a:ed:
d6:10:d4:ad:dc:17:d4:d1:47:66:00:63:f5:a1:e1:
d2:ae:ab:43:40:4f:f1:0a:da:81:84:ea:f7:56:e3:
30:0e:af:20:ec:dd:e4:23:0e:9b:6d:67:cc:6e:9c:
e7:27:0e:bb:d4:7e:db:a6:ec:0a:1c:8f:35:0f:34:
b6:ae:c4:69:ba:d3:39:00:f7:4b:08:7e:9f:ac:5a:
62:09:85:92:b8:fb:4f:68:ed:09:5d:cb:34:d1:b8:
09:b0:42:6f:76:99:23:31:42:da:e5:90:ef:60:35:
75:28:23:73:80:49:b4:a2:11:3e:c0:9b:56:14:af:
a4:fc:ec:63:9a:9f:c6:85:59:74:2f:36:7a:7a:78:
e4:98:1d:14:3c:c5:19:a7:f1:41:c9:f4:53:3b:f6:
de:b7:97:34:c9:ae:66:69:4a:db:db:a7:a6:af:32:
99:5a:44:89:7f:9c:4c:8f:8c:2f:23:a3:3e:8e:cf:
e9:c5:b3:58:0f:c1:41:d4:7e:5b:42:e6:6b:77:66:
85:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:FD:C9:F7:5B:4E:E4:3D:EB:88:C2:BE:37:39:D1:71:13:08:EB:98
X509v3 Authority Key Identifier:
keyid:62:DD:5A:40:75:42:8A:7F:C9:AC:94:E6:D2:A2:D9:A9:92:EF:48:53
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yt1aQHVCin_JrJTm0qLZqZLvSFM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b722c8-14e3-4082-92d1-65f8900e5c82/1/Tv3J91tO5D3riMK-NznRcRMI65g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/b722c8-14e3-4082-92d1-65f8900e5c82/1/Yt1aQHVCin_JrJTm0qLZqZLvSFM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.125.64.0/21
188.92.200.0/21
194.30.185.0/24
IPv6:
2a03:4080::/32
Signature Algorithm: sha256WithRSAEncryption
78:5b:2f:8b:ca:bb:15:c2:c6:a8:ea:e8:76:de:c3:a7:29:2e:
8f:4a:31:44:7a:54:14:1d:cd:27:5d:b8:31:40:f3:d1:ec:02:
ed:a6:d1:b4:b2:41:a0:1d:3f:73:5c:1b:0b:f6:72:8d:68:3b:
0e:28:ee:34:ca:3f:66:90:1d:5e:10:ee:e2:01:08:e8:c1:7b:
af:88:7d:a9:10:5b:47:8d:88:87:7d:ca:cc:06:f3:91:f2:a0:
a4:1d:15:cb:73:90:5d:46:c3:ef:61:98:5f:30:36:82:4e:a9:
a7:d1:ae:90:5b:c6:40:9f:72:cc:fe:78:b8:33:bd:bd:49:4c:
a5:9e:e4:5e:7f:55:f7:3c:9b:13:a5:30:d5:19:37:e2:a8:7e:
02:ca:bb:41:60:44:b3:e1:e2:58:04:ee:9a:7a:52:e9:e5:d5:
92:85:da:0d:23:2d:fb:05:59:e1:34:93:06:95:f8:df:d9:f1:
de:2b:44:99:d7:d5:c7:6c:6f:f4:5b:0b:d9:d6:b9:4a:bf:75:
df:74:b8:07:4c:a1:5e:45:63:25:a5:f8:98:ba:f6:2a:be:40:
35:66:c5:38:37:ce:01:fc:bb:80:f3:4a:32:99:e9:ee:74:9f:
4f:36:03:44:33:8d:3c:cb:30:79:e8:27:38:48:75:6b:42:ee:
43:09:46:eb
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzJTW9xVAtEjs7es4cbkrflMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZGQ1YTQwNzU0MjhhN2ZjOWFjOTRlNmQyYTJkOWE5OTJl
ZjQ4NTMwHhcNMjQwMTAyMDgzMjI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWZkYzlmNzViNGVlNDNkZWI4OGMyYmUzNzM5ZDE3MTEzMDhlYjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOpHyUwLbiZzjePBVKTymgykbZmp
QEIUT3By1nDLUVUbdKEYQ7ovxh+p5wPi1/dkK0LlUJxiN696Wu3WENSt3BfU0Udm
AGP1oeHSrqtDQE/xCtqBhOr3VuMwDq8g7N3kIw6bbWfMbpznJw671H7bpuwKHI81
DzS2rsRputM5APdLCH6frFpiCYWSuPtPaO0JXcs00bgJsEJvdpkjMULa5ZDvYDV1
KCNzgEm0ohE+wJtWFK+k/Oxjmp/GhVl0LzZ6enjkmB0UPMUZp/FByfRTO/bet5c0
ya5maUrb26emrzKZWkSJf5xMj4wvI6M+js/pxbNYD8FB1H5bQuZrd2aFRQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFE79yfdbTuQ964jCvjc50XETCOuYMB8GA1UdIwQY
MBaAFGLdWkB1Qop/yayU5tKi2amS70hTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXQxYVFIVkNpbl9KckpUbTBxTFpxWkx2U0ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS9iNzIyYzgtMTRlMy00MDgyLTkyZDEt
NjVmODkwMGU1YzgyLzEvVHYzSjkxdE81RDNyaU1LLU56blJjUk1JNjVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS9iNzIyYzgtMTRlMy00MDgyLTkyZDEtNjVmODkwMGU1Yzgy
LzEvWXQxYVFIVkNpbl9KckpUbTBxTFpxWkx2U0ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDXn1AAwQD
vFzIAwQAwh65MA0EAgACMAcDBQAqA0CAMA0GCSqGSIb3DQEBCwUAA4IBAQB4Wy+L
yrsVwsao6uh23sOnKS6PSjFEelQUHc0nXbgxQPPR7ALtptG0skGgHT9zXBsL9nKN
aDsOKO40yj9mkB1eEO7iAQjowXuviH2pEFtHjYiHfcrMBvOR8qCkHRXLc5BdRsPv
YZhfMDaCTqmn0a6QW8ZAn3LM/ni4M729SUylnuRef1X3PJsTpTDVGTfiqH4CyrtB
YESz4eJYBO6aelLp5dWShdoNIy37BVnhNJMGlfjf2fHeK0SZ19XHbG/0WwvZ1rlK
v3XfdLgHTKFeRWMlpfiYuvYqvkA1ZsU4N84B/LuA80oymenudJ9PNgNEM408yzB5
6Cc4SHVrQu5DCUbr
-----END CERTIFICATE-----
Generated at Tue Jun 4 10:19:50 2024 by rpki-client on console-ams.rpki-client.org