Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/TSUP2PASxQr91gp5eHnCSEl4Qh8.roa
File: TSUP2PASxQr91gp5eHnCSEl4Qh8.roa (raw, json)
Hash identifier: 2qzdFkLWCM1a0fM7r3JNVr8sXcfeHYFnmOwRzSA34oo=
Subject key identifier: 4D:25:0F:D8:F0:12:C5:0A:FD:D6:0A:79:78:79:C2:48:49:78:42:1F
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 018CC4256CAB23BC7269DFAE8300F60FC189
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/TSUP2PASxQr91gp5eHnCSEl4Qh8.roa
Signing time: Mon 01 Jan 2024 08:30:36 +0000
ROA not before: Mon 01 Jan 2024 08:30:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209181
IP address blocks: 5.182.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:6c:ab:23:bc:72:69:df:ae:83:00:f6:0f:c1:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jan 1 08:30:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d250fd8f012c50afdd60a797879c2484978421f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:c5:f4:db:e6:09:0e:59:a4:4e:0c:b7:92:6c:
1c:19:4a:71:eb:c0:68:04:28:fb:2c:89:98:0d:63:
35:89:6f:d9:56:1e:dd:9c:ae:a3:14:c2:03:00:12:
0e:54:1c:73:37:97:f3:78:dc:62:55:8e:b9:61:58:
02:e3:de:2f:0d:74:a7:32:33:9e:dd:e0:b6:18:d9:
0d:ba:b3:a6:66:83:29:a4:54:5d:c7:bf:a0:24:17:
54:52:97:ab:8e:61:b0:35:fb:04:f5:8c:35:f1:88:
58:27:49:eb:d2:47:ce:ac:7a:10:6f:98:0c:4d:61:
5a:e2:e7:ee:45:a0:db:c5:c5:03:2e:96:75:55:2d:
9f:2d:bb:09:de:f9:7b:0d:14:24:20:5d:a7:4e:56:
f1:23:c3:ef:43:ba:42:e2:38:67:a0:a8:fe:e2:92:
02:27:76:74:45:c4:30:09:37:a0:a4:f8:51:bd:1d:
25:18:59:fe:f5:9b:aa:40:87:05:44:7f:ea:ad:2c:
b5:bc:0d:da:70:6c:0d:22:4f:2f:64:e4:89:80:d4:
63:b7:68:86:c3:a0:e1:75:7c:c5:20:22:e9:fa:41:
95:fa:7a:90:45:8a:23:82:4d:b1:dd:b2:2f:31:81:
26:5b:e6:94:e7:2a:cb:89:fb:7d:a0:89:fc:cf:18:
91:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:25:0F:D8:F0:12:C5:0A:FD:D6:0A:79:78:79:C2:48:49:78:42:1F
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/TSUP2PASxQr91gp5eHnCSEl4Qh8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.49.0/24
Signature Algorithm: sha256WithRSAEncryption
83:c9:70:14:65:b2:30:c7:0a:be:bb:88:4a:47:3c:ca:97:88:
82:55:23:01:eb:7e:1e:46:ca:c2:06:5b:69:7c:4e:d0:d2:de:
cb:04:d6:17:83:84:3d:67:b2:fe:32:ba:0f:e9:43:73:14:da:
9b:e9:c4:1c:3a:d3:9e:6c:04:59:64:75:14:0d:4e:23:30:b0:
40:a2:34:41:a0:1c:d8:b8:b0:c2:b8:5b:ce:ed:84:2c:6f:1a:
f7:b0:e0:f1:28:96:84:b6:d2:b9:74:4b:5f:83:ca:0b:a7:f9:
f0:99:58:de:b3:52:3f:4e:da:90:c8:67:f9:27:6f:c6:e9:c1:
08:6e:a8:e6:22:18:bc:45:ca:bb:cd:85:33:da:ee:07:06:cc:
93:44:e7:bd:a2:21:cb:85:b1:8a:e9:ce:2f:ce:6b:f3:d1:a4:
4e:c4:ef:b9:23:37:52:5c:2d:08:86:46:36:5c:86:4b:96:45:
06:9b:e1:7e:47:c7:0c:f1:d0:98:a0:34:73:6c:3f:ae:18:f3:
61:93:d2:49:f1:73:1a:54:38:87:1c:37:92:44:c5:ea:16:7e:
e6:09:13:4b:d1:da:52:68:18:a1:fe:0a:c5:71:0a:bc:83:94:
8d:85:03:e5:7b:0b:45:4c:55:25:ef:9b:81:33:95:a6:5f:6c:
52:02:ea:ae
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzEJWyrI7xyad+ugwD2D8GJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjQwMTAxMDgzMDM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDI1MGZkOGYwMTJjNTBhZmRkNjBhNzk3ODc5YzI0ODQ5Nzg0MjFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcX02+YJDlmkTgy3kmwcGUpx68Bo
BCj7LImYDWM1iW/ZVh7dnK6jFMIDABIOVBxzN5fzeNxiVY65YVgC494vDXSnMjOe
3eC2GNkNurOmZoMppFRdx7+gJBdUUperjmGwNfsE9Yw18YhYJ0nr0kfOrHoQb5gM
TWFa4ufuRaDbxcUDLpZ1VS2fLbsJ3vl7DRQkIF2nTlbxI8PvQ7pC4jhnoKj+4pIC
J3Z0RcQwCTegpPhRvR0lGFn+9ZuqQIcFRH/qrSy1vA3acGwNIk8vZOSJgNRjt2iG
w6DhdXzFICLp+kGV+nqQRYojgk2x3bIvMYEmW+aU5yrLift9oIn8zxiRgQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE0lD9jwEsUK/dYKeXh5wkhJeEIfMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvVFNVUDJQQVN4UXI5MWdwNWVIbkNTRWw0UWg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQABbYxMA0G
CSqGSIb3DQEBCwUAA4IBAQCDyXAUZbIwxwq+u4hKRzzKl4iCVSMB634eRsrCBltp
fE7Q0t7LBNYXg4Q9Z7L+MroP6UNzFNqb6cQcOtOebARZZHUUDU4jMLBAojRBoBzY
uLDCuFvO7YQsbxr3sODxKJaEttK5dEtfg8oLp/nwmVjes1I/TtqQyGf5J2/G6cEI
bqjmIhi8Rcq7zYUz2u4HBsyTROe9oiHLhbGK6c4vzmvz0aROxO+5IzdSXC0IhkY2
XIZLlkUGm+F+R8cM8dCYoDRzbD+uGPNhk9JJ8XMaVDiHHDeSRMXqFn7mCRNL0dpS
aBih/grFcQq8g5SNhQPlewtFTFUl75uBM5WmX2xSAuqu
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:07:04 2024 by rpki-client on console-ams.rpki-client.org