Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/tvsibIsFIr3uRyURAQgbSEtProQ.roa
File: tvsibIsFIr3uRyURAQgbSEtProQ.roa (raw, json)
Hash identifier: lrFF0t/O0T3rq/cTpkoDGNUqcf2E6Onqf+XEJZ3p3ds=
Subject key identifier: B6:FB:22:6C:8B:05:22:BD:EE:47:25:11:01:08:1B:48:4B:4F:AE:84
Certificate issuer: /CN=c3c18527e3a206af2842028d95aec41338e8daf8
Certificate serial: 018CCA29C67881E49821C662B207330BE7BA
Authority key identifier: C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/tvsibIsFIr3uRyURAQgbSEtProQ.roa
Signing time: Tue 02 Jan 2024 12:33:04 +0000
ROA not before: Tue 02 Jan 2024 12:33:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 142578
IP address blocks: 213.176.76.0/22 maxlen: 24
213.176.80.0/21 maxlen: 24
213.176.96.0/20 maxlen: 24
213.176.8.0/21 maxlen: 24
213.176.16.0/22 maxlen: 24
213.176.32.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.mft
rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 08:39:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:29:c6:78:81:e4:98:21:c6:62:b2:07:33:0b:e7:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c3c18527e3a206af2842028d95aec41338e8daf8
Validity
Not Before: Jan 2 12:33:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6fb226c8b0522bdee47251101081b484b4fae84
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:c0:26:58:ac:48:bc:3d:c4:48:41:2f:1d:08:
1d:b4:98:57:1c:58:c4:cb:8b:07:64:95:28:9b:39:
5f:3e:ec:79:81:fb:0e:fc:52:9c:06:90:3f:63:1b:
63:c7:06:dd:45:ce:79:42:24:45:95:a6:1b:80:5b:
4c:e0:bd:ad:17:2d:1d:5f:5b:1c:73:27:f0:cf:56:
9f:46:ad:a2:6b:b6:d4:03:37:aa:92:5e:a5:8f:6d:
d0:bc:b7:2b:83:b4:ae:a8:1e:a4:e2:22:cc:1e:92:
c3:76:72:e9:c2:0e:34:d7:f5:3d:da:21:f6:d6:a5:
9e:d9:f8:8c:de:db:83:c7:c8:08:3e:bf:35:2a:7c:
94:61:4b:f7:71:ff:86:44:5f:fc:80:dc:ee:08:39:
69:3c:3b:1c:9d:cc:75:d3:cd:4c:d9:81:3c:c9:95:
ac:b4:9e:0b:82:33:bc:f1:6f:a2:13:0e:7b:c8:f3:
ea:1c:8e:ba:34:b3:e6:59:c5:f9:3e:af:9e:ef:2b:
19:cc:d4:ab:c8:81:e1:8f:00:17:7b:47:d3:82:97:
83:1f:e2:90:fb:71:2d:40:13:7f:1e:46:f1:be:99:
82:46:7e:b8:1b:6b:4e:bf:5f:52:31:da:52:70:2e:
56:a1:cd:21:85:53:27:2a:3c:35:9f:4f:05:a3:27:
0c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:FB:22:6C:8B:05:22:BD:EE:47:25:11:01:08:1B:48:4B:4F:AE:84
X509v3 Authority Key Identifier:
keyid:C3:C1:85:27:E3:A2:06:AF:28:42:02:8D:95:AE:C4:13:38:E8:DA:F8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w8GFJ-OiBq8oQgKNla7EEzjo2vg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/tvsibIsFIr3uRyURAQgbSEtProQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/1339df-8e06-41de-94f3-0cba33efc5bb/1/w8GFJ-OiBq8oQgKNla7EEzjo2vg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.176.8.0-213.176.19.255
213.176.32.0/19
213.176.76.0-213.176.87.255
213.176.96.0/20
Signature Algorithm: sha256WithRSAEncryption
88:6e:fa:9d:4b:a8:23:5a:e6:78:78:42:0a:62:a3:80:1b:8f:
09:ac:85:0c:fa:37:d6:74:ba:b0:80:4e:86:99:45:e5:89:c4:
5d:1f:e6:e3:1e:bf:f9:1a:93:aa:59:96:be:50:62:55:19:8b:
a2:ac:7b:b4:9e:b0:29:16:e4:3a:28:7e:1a:c0:6c:64:a9:a3:
a6:ee:ea:18:ba:4b:95:31:16:c9:11:c2:7f:14:26:88:be:c7:
a8:16:39:81:83:c2:dc:b8:d7:70:fe:c4:9b:6d:9e:4c:46:6b:
be:50:ed:51:60:68:d5:ab:88:69:97:f6:9a:f1:18:ce:89:7d:
09:ef:4d:8d:15:2b:1d:1f:26:a6:c6:1a:cc:f0:6f:09:61:ad:
93:88:ac:4a:a8:ae:c5:5e:d7:3a:69:ac:d1:01:75:4e:b5:87:
1c:0f:52:86:be:e5:56:50:1f:f4:49:2c:5a:37:47:99:d8:74:
1f:64:02:1d:3c:5b:21:a9:5e:44:69:02:11:8b:ec:94:58:e0:
0a:d6:a5:69:3d:3b:b2:6b:50:09:fa:b0:b9:78:37:26:73:cf:
d0:db:70:f4:33:28:f1:e6:89:4d:87:85:47:1c:a1:5c:1c:90:
5b:a7:10:a6:42:57:f5:5b:35:ed:07:d8:69:91:96:82:5d:63:
24:2d:89:1c
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAYzKKcZ4geSYIcZisgczC+e6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzYzE4NTI3ZTNhMjA2YWYyODQyMDI4ZDk1YWVjNDEzMzhl
OGRhZjgwHhcNMjQwMTAyMTIzMzA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmZiMjI2YzhiMDUyMmJkZWU0NzI1MTEwMTA4MWI0ODRiNGZhZTg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkMAmWKxIvD3ESEEvHQgdtJhXHFjE
y4sHZJUomzlfPux5gfsO/FKcBpA/YxtjxwbdRc55QiRFlaYbgFtM4L2tFy0dX1sc
cyfwz1afRq2ia7bUAzeqkl6lj23QvLcrg7SuqB6k4iLMHpLDdnLpwg401/U92iH2
1qWe2fiM3tuDx8gIPr81KnyUYUv3cf+GRF/8gNzuCDlpPDscncx1081M2YE8yZWs
tJ4LgjO88W+iEw57yPPqHI66NLPmWcX5Pq+e7ysZzNSryIHhjwAXe0fTgpeDH+KQ
+3EtQBN/HkbxvpmCRn64G2tOv19SMdpScC5Woc0hhVMnKjw1n08FoycMbQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFLb7ImyLBSK97kclEQEIG0hLT66EMB8GA1UdIwQY
MBaAFMPBhSfjogavKEICjZWuxBM46Nr4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMt
MGNiYTMzZWZjNWJiLzEvdHZzaWJJc0ZJcjN1UnlVUkFRZ2JTRXRQcm9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8xMzM5ZGYtOGUwNi00MWRlLTk0ZjMtMGNiYTMzZWZjNWJi
LzEvdzhHRkotT2lCcThvUWdLTmxhN0VFempvMnZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAPVsAgD
BALVsBADBAXVsCAwDAMEAtWwTAMEA9WwUAMEBNWwYDANBgkqhkiG9w0BAQsFAAOC
AQEAiG76nUuoI1rmeHhCCmKjgBuPCayFDPo31nS6sIBOhplF5YnEXR/m4x6/+RqT
qlmWvlBiVRmLoqx7tJ6wKRbkOih+GsBsZKmjpu7qGLpLlTEWyRHCfxQmiL7HqBY5
gYPC3LjXcP7Em22eTEZrvlDtUWBo1auIaZf2mvEYzol9Ce9NjRUrHR8mpsYazPBv
CWGtk4isSqiuxV7XOmms0QF1TrWHHA9Shr7lVlAf9EksWjdHmdh0H2QCHTxbIale
RGkCEYvslFjgCtalaT07smtQCfqwuXg3JnPP0Ntw9DMo8eaJTYeFRxyhXByQW6cQ
pkJX9Vs17QfYaZGWgl1jJC2JHA==
-----END CERTIFICATE-----
Generated at Sat Jun 1 11:42:20 2024 by rpki-client on console-fra.rpki-client.org