Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/TpZETRRGQ5RmRgUK27e-2L94feY.roa
File: TpZETRRGQ5RmRgUK27e-2L94feY.roa (raw, json)
Hash identifier: NHTKIlkTwKqcAMo1nly3o2rnzYT8pj9h3eal6O12Z6k=
Subject key identifier: 4E:96:44:4D:14:46:43:94:66:46:05:0A:DB:B7:BE:D8:BF:78:7D:E6
Certificate issuer: /CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Certificate serial: 018F4FF303E675C0D429E2A31FF2629296CC
Authority key identifier: AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/TpZETRRGQ5RmRgUK27e-2L94feY.roa
Signing time: Mon 06 May 2024 22:07:57 +0000
ROA not before: Mon 06 May 2024 22:07:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198309
IP address blocks: 158.58.152.0/21 maxlen: 21
158.58.152.0/23 maxlen: 23
185.97.84.0/22 maxlen: 22
2a00:a540::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.mft
rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:4f:f3:03:e6:75:c0:d4:29:e2:a3:1f:f2:62:92:96:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad243dcff0cb38211f7fe7db3f913169b44cf456
Validity
Not Before: May 6 22:07:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e96444d144643946646050adbb7bed8bf787de6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:bf:0a:2f:39:6f:85:d6:e1:23:9b:51:f3:d7:
f9:8f:45:c2:43:6f:7e:27:b4:54:00:e3:fb:d2:11:
30:1f:a2:ca:a8:3c:d1:9b:44:b4:42:6b:20:fb:a9:
b0:ee:84:05:36:b0:c3:17:ab:e4:a2:cf:f4:88:48:
6b:f7:65:f5:c7:35:86:02:1c:fb:b1:be:ce:97:f5:
8f:ce:17:a0:0e:48:62:f8:69:2f:2e:a7:d7:b8:91:
6f:4b:e9:f6:5f:be:2f:ec:46:08:b3:fe:47:2a:5d:
aa:b6:d7:51:06:c6:ca:4d:63:b8:e7:86:27:7c:2a:
48:21:8d:4b:6f:53:cc:c4:dc:b6:b0:4d:c9:5a:01:
47:32:53:c1:d7:69:b1:2f:56:6f:8a:70:8d:b7:2f:
7e:0b:54:ed:35:da:57:59:b7:76:e4:fa:84:f8:41:
ef:18:6d:7a:0d:d0:43:5c:14:47:d0:68:ed:b8:36:
1e:af:a2:18:11:fa:75:27:a7:3d:1a:ee:18:4d:b1:
e1:be:0c:90:cf:95:7a:57:50:42:5e:76:14:70:24:
28:da:50:b2:cb:20:f3:82:27:17:57:67:bb:47:8c:
7f:b9:4e:4b:5c:b8:cd:60:64:a4:8e:68:50:e9:d9:
36:d4:07:d0:34:a7:fe:95:23:2b:ce:3d:84:4c:60:
26:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:96:44:4D:14:46:43:94:66:46:05:0A:DB:B7:BE:D8:BF:78:7D:E6
X509v3 Authority Key Identifier:
keyid:AD:24:3D:CF:F0:CB:38:21:1F:7F:E7:DB:3F:91:31:69:B4:4C:F4:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rSQ9z_DLOCEff-fbP5ExabRM9FY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/TpZETRRGQ5RmRgUK27e-2L94feY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/a5d27b-26c0-4eb3-89bc-b9f298a798e4/1/rSQ9z_DLOCEff-fbP5ExabRM9FY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
158.58.152.0/21
185.97.84.0/22
IPv6:
2a00:a540::/32
Signature Algorithm: sha256WithRSAEncryption
47:f9:88:58:2e:03:cb:69:a3:04:b0:ec:30:59:6b:8e:4f:5d:
1c:93:be:99:1c:11:88:85:19:e0:25:df:9f:14:7f:c1:62:09:
51:84:e2:05:69:a0:8f:d9:18:65:af:48:48:ed:30:0b:00:95:
43:1f:4f:ec:34:a9:b2:04:37:ad:1c:ad:ad:b5:ff:e4:5d:ff:
9f:17:a1:a1:2f:69:a4:71:8b:9d:24:eb:27:f6:c8:13:92:92:
c0:ed:dd:ab:88:ff:d9:74:af:e1:b6:a0:6d:9e:50:26:ee:08:
ad:e5:62:57:0c:7c:85:91:0a:e1:74:13:5b:b7:e8:45:74:1f:
fb:41:c3:57:1c:4d:5b:2f:4c:09:93:5b:09:b7:3e:b1:23:b6:
de:88:76:f2:a8:f7:b1:16:db:cd:04:4e:0a:60:c4:a9:45:72:
f2:74:77:94:fd:8c:94:97:de:01:c3:61:4c:e9:df:34:3c:05:
cb:36:e4:4a:ef:6a:b6:ae:9b:67:28:a3:e4:35:8c:99:9a:a0:
a5:d0:6b:18:7f:9d:35:7d:75:66:f1:7f:7f:ff:3d:09:1a:83:
b8:bd:d1:a6:95:56:08:39:31:1b:e1:6d:d5:45:19:64:ad:ae:
6b:de:e0:4e:10:92:b0:a4:33:1d:92:f6:74:b4:09:37:be:6a:
8d:c0:ce:f1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAY9P8wPmdcDUKeKjH/JikpbMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkMjQzZGNmZjBjYjM4MjExZjdmZTdkYjNmOTEzMTY5YjQ0
Y2Y0NTYwHhcNMjQwNTA2MjIwNzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTk2NDQ0ZDE0NDY0Mzk0NjY0NjA1MGFkYmI3YmVkOGJmNzg3ZGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA778KLzlvhdbhI5tR89f5j0XCQ29+
J7RUAOP70hEwH6LKqDzRm0S0Qmsg+6mw7oQFNrDDF6vkos/0iEhr92X1xzWGAhz7
sb7Ol/WPzhegDkhi+GkvLqfXuJFvS+n2X74v7EYIs/5HKl2qttdRBsbKTWO454Yn
fCpIIY1Lb1PMxNy2sE3JWgFHMlPB12mxL1ZvinCNty9+C1TtNdpXWbd25PqE+EHv
GG16DdBDXBRH0GjtuDYer6IYEfp1J6c9Gu4YTbHhvgyQz5V6V1BCXnYUcCQo2lCy
yyDzgicXV2e7R4x/uU5LXLjNYGSkjmhQ6dk21AfQNKf+lSMrzj2ETGAmuwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE6WRE0URkOUZkYFCtu3vti/eH3mMB8GA1UdIwQY
MBaAFK0kPc/wyzghH3/n2z+RMWm0TPRWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMt
YjlmMjk4YTc5OGU0LzEvVHBaRVRSUkdRNVJtUmdVSzI3ZS0yTDk0ZmVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9hNWQyN2ItMjZjMC00ZWIzLTg5YmMtYjlmMjk4YTc5OGU0
LzEvclNROXpfRExPQ0VmZi1mYlA1RXhhYlJNOUZZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDnjqYAwQC
uWFUMA0EAgACMAcDBQAqAKVAMA0GCSqGSIb3DQEBCwUAA4IBAQBH+YhYLgPLaaME
sOwwWWuOT10ck76ZHBGIhRngJd+fFH/BYglRhOIFaaCP2Rhlr0hI7TALAJVDH0/s
NKmyBDetHK2ttf/kXf+fF6GhL2mkcYudJOsn9sgTkpLA7d2riP/ZdK/htqBtnlAm
7git5WJXDHyFkQrhdBNbt+hFdB/7QcNXHE1bL0wJk1sJtz6xI7beiHbyqPexFtvN
BE4KYMSpRXLydHeU/YyUl94Bw2FM6d80PAXLNuRK72q2rptnKKPkNYyZmqCl0GsY
f501fXVm8X9//z0JGoO4vdGmlVYIOTEb4W3VRRlkra5r3uBOEJKwpDMdkvZ0tAk3
vmqNwM7x
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:53:19 2024 by rpki-client on console-fra.rpki-client.org