Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/29f55c-6032-41c2-baa4-1080e865ec6c/1/tgq4NpD4ZuDT8jP8DHkw_OMrrvs.roa
File: tgq4NpD4ZuDT8jP8DHkw_OMrrvs.roa (raw, json)
Hash identifier: c39dJDZWXM8KFQw7pKzZxUS7AOjelNp4jE35QP9S/80=
Subject key identifier: B6:0A:B8:36:90:F8:66:E0:D3:F2:33:FC:0C:79:30:FC:E3:2B:AE:FB
Certificate issuer: /CN=572bc93f1580fc95274d983940f3efaede304ae5
Certificate serial: 018CC94E100E2D8405CCE58E42A258C83136
Authority key identifier: 57:2B:C9:3F:15:80:FC:95:27:4D:98:39:40:F3:EF:AE:DE:30:4A:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VyvJPxWA_JUnTZg5QPPvrt4wSuU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/29f55c-6032-41c2-baa4-1080e865ec6c/1/tgq4NpD4ZuDT8jP8DHkw_OMrrvs.roa
Signing time: Tue 02 Jan 2024 08:33:05 +0000
ROA not before: Tue 02 Jan 2024 08:33:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200887
IP address blocks: 185.244.236.0/24 maxlen: 24
2a13:1580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/29f55c-6032-41c2-baa4-1080e865ec6c/1/VyvJPxWA_JUnTZg5QPPvrt4wSuU.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/29f55c-6032-41c2-baa4-1080e865ec6c/1/VyvJPxWA_JUnTZg5QPPvrt4wSuU.mft
rsync://rpki.ripe.net/repository/DEFAULT/VyvJPxWA_JUnTZg5QPPvrt4wSuU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:10:0e:2d:84:05:cc:e5:8e:42:a2:58:c8:31:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=572bc93f1580fc95274d983940f3efaede304ae5
Validity
Not Before: Jan 2 08:33:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b60ab83690f866e0d3f233fc0c7930fce32baefb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:b0:67:25:00:35:af:fc:1e:8e:c6:d5:a0:b2:
10:4d:33:31:2f:3e:1d:42:ec:ac:03:7a:d1:d8:46:
07:41:80:b6:23:53:c6:16:b1:d0:09:79:0f:aa:a2:
5e:c6:71:5b:cc:1a:fb:4a:47:92:a7:e1:33:dc:ed:
e0:1a:34:e0:ab:b9:5f:a6:ba:f7:1d:7e:88:04:3c:
0e:7b:ee:0e:5a:40:6a:7f:c7:ad:9d:0f:b6:06:80:
40:ca:e4:b3:3e:17:9f:55:8f:41:ec:58:ad:04:b1:
cf:6a:d7:6a:31:53:28:64:ef:db:e1:22:c1:41:61:
ca:0c:cd:8c:80:5d:6b:ba:29:b3:0e:70:f5:70:12:
93:45:fe:82:23:25:27:84:55:7d:23:e9:b0:b7:73:
2e:e4:dd:bc:ac:5f:8f:29:40:9c:1d:e6:19:ed:8c:
0b:65:70:0e:f6:2d:b8:5b:4f:dc:f5:77:d5:79:cb:
ef:0b:c3:a7:0c:07:d4:5c:1f:e7:c4:5e:ab:ca:7e:
95:ed:99:2b:71:ae:b2:92:68:95:7b:d1:d6:2a:36:
9e:81:b3:3a:e0:e3:3f:4a:70:f9:5e:eb:0a:85:41:
bf:18:f3:3e:6f:e3:71:01:87:77:6a:c3:ee:dd:2d:
de:cf:ba:02:5d:04:ef:e9:6a:7e:f8:9f:0a:07:1c:
bc:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:0A:B8:36:90:F8:66:E0:D3:F2:33:FC:0C:79:30:FC:E3:2B:AE:FB
X509v3 Authority Key Identifier:
keyid:57:2B:C9:3F:15:80:FC:95:27:4D:98:39:40:F3:EF:AE:DE:30:4A:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VyvJPxWA_JUnTZg5QPPvrt4wSuU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/29f55c-6032-41c2-baa4-1080e865ec6c/1/tgq4NpD4ZuDT8jP8DHkw_OMrrvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/29f55c-6032-41c2-baa4-1080e865ec6c/1/VyvJPxWA_JUnTZg5QPPvrt4wSuU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.244.236.0/24
IPv6:
2a13:1580::/29
Signature Algorithm: sha256WithRSAEncryption
74:eb:b4:09:1c:bc:a0:12:f7:ad:4a:e0:1a:88:1b:02:cb:6f:
68:ea:b7:fc:42:19:97:b3:40:0e:4b:88:0e:fb:44:b0:87:f3:
fe:78:10:0f:1f:af:a3:b7:13:b9:6d:6d:21:fb:65:72:40:22:
cd:71:c4:b9:ff:09:4b:e7:37:cc:06:72:a7:92:e9:19:df:dd:
d5:b7:f0:22:28:bd:0b:4c:dc:36:9a:80:f5:fa:fb:79:54:4f:
c9:07:0c:1d:c0:34:cf:ce:6b:6f:59:e2:3a:09:d9:7f:d8:b9:
cb:2b:14:1f:c9:39:2d:33:89:b8:99:4a:58:77:e2:19:8f:ad:
2f:98:0c:4f:64:df:7a:f1:25:2f:4c:f2:57:20:01:2f:49:26:
f6:e7:14:47:ca:64:ab:02:a0:84:ce:65:e4:2d:99:15:aa:ec:
b9:10:46:c7:a2:f4:e4:80:d8:f1:7f:07:ff:b4:11:13:1c:31:
bb:0a:55:22:3c:d6:29:87:26:f5:13:ca:9f:e6:a7:f0:82:a7:
ce:39:6e:d2:f3:4e:3a:9e:2c:c3:4a:23:18:85:c4:4c:fd:ad:
49:4d:75:18:e7:87:cd:22:55:88:6d:87:65:1a:14:a6:f6:a0:
81:3d:96:8f:58:a4:40:09:3a:28:5d:de:91:37:08:f6:67:6f:
c4:af:aa:4d
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJThAOLYQFzOWOQqJYyDE2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3MmJjOTNmMTU4MGZjOTUyNzRkOTgzOTQwZjNlZmFlZGUz
MDRhZTUwHhcNMjQwMTAyMDgzMzA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjBhYjgzNjkwZjg2NmUwZDNmMjMzZmMwYzc5MzBmY2UzMmJhZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzrBnJQA1r/wejsbVoLIQTTMxLz4d
QuysA3rR2EYHQYC2I1PGFrHQCXkPqqJexnFbzBr7SkeSp+Ez3O3gGjTgq7lfprr3
HX6IBDwOe+4OWkBqf8etnQ+2BoBAyuSzPhefVY9B7FitBLHPatdqMVMoZO/b4SLB
QWHKDM2MgF1ruimzDnD1cBKTRf6CIyUnhFV9I+mwt3Mu5N28rF+PKUCcHeYZ7YwL
ZXAO9i24W0/c9XfVecvvC8OnDAfUXB/nxF6ryn6V7Zkrca6ykmiVe9HWKjaegbM6
4OM/SnD5XusKhUG/GPM+b+NxAYd3asPu3S3ez7oCXQTv6Wp++J8KBxy8UQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLYKuDaQ+Gbg0/Iz/Ax5MPzjK677MB8GA1UdIwQY
MBaAFFcryT8VgPyVJ02YOUDz767eMErlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVnl2SlB4V0FfSlVuVFpnNVFQUHZydDR3U3VVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8yOWY1NWMtNjAzMi00MWMyLWJhYTQt
MTA4MGU4NjVlYzZjLzEvdGdxNE5wRDRadURUOGpQOERIa3dfT01ycnZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8yOWY1NWMtNjAzMi00MWMyLWJhYTQtMTA4MGU4NjVlYzZj
LzEvVnl2SlB4V0FfSlVuVFpnNVFQUHZydDR3U3VVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAufTsMA0E
AgACMAcDBQMqExWAMA0GCSqGSIb3DQEBCwUAA4IBAQB067QJHLygEvetSuAaiBsC
y29o6rf8QhmXs0AOS4gO+0Swh/P+eBAPH6+jtxO5bW0h+2VyQCLNccS5/wlL5zfM
BnKnkukZ393Vt/AiKL0LTNw2moD1+vt5VE/JBwwdwDTPzmtvWeI6Cdl/2LnLKxQf
yTktM4m4mUpYd+IZj60vmAxPZN968SUvTPJXIAEvSSb25xRHymSrAqCEzmXkLZkV
quy5EEbHovTkgNjxfwf/tBETHDG7ClUiPNYphyb1E8qf5qfwgqfOOW7S8046nizD
SiMYhcRM/a1JTXUY54fNIlWIbYdlGhSm9qCBPZaPWKRACTooXd6RNwj2Z2/Er6pN
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:44:28 2024 by rpki-client on console-fra.rpki-client.org