Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/TbI8WnaKIeelQRLWip5rNW6SpeQ.roa
File: TbI8WnaKIeelQRLWip5rNW6SpeQ.roa (raw, json)
Hash identifier: U5VrWS6txS4GLTsQZARYCMPIhCzF0esgt27THOEMa9s=
Subject key identifier: 4D:B2:3C:5A:76:8A:21:E7:A5:41:12:D6:8A:9E:6B:35:6E:92:A5:E4
Certificate issuer: /CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Certificate serial: 01921DB8E1FC1D887A98B27132C4272DCC10
Authority key identifier: 68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/TbI8WnaKIeelQRLWip5rNW6SpeQ.roa
Signing time: Mon 23 Sep 2024 07:11:48 +0000
ROA not before: Mon 23 Sep 2024 07:11:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24748
IP address blocks: 77.79.192.0/24 maxlen: 24
193.111.36.0/24 maxlen: 24
212.91.0.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.mft
rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:1d:b8:e1:fc:1d:88:7a:98:b2:71:32:c4:27:2d:cc:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=68c510fc9b865d96e3afc7c56056efad9a330c5b
Validity
Not Before: Sep 23 07:11:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4db23c5a768a21e7a54112d68a9e6b356e92a5e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:40:84:eb:9e:90:ec:6b:49:53:c3:04:32:ed:
b1:b3:f3:48:a1:dd:f6:11:a6:9b:07:e8:01:ac:1b:
54:61:a8:fa:d7:4f:ac:be:b4:18:03:91:09:ca:3d:
dc:f9:b4:47:0c:39:67:8a:49:87:0e:a8:8b:5b:03:
c0:06:f3:9a:1c:e4:c3:5e:22:97:2f:f2:0a:f4:43:
ee:e2:c1:7e:7c:12:30:3c:b2:4d:24:f0:8e:3c:ce:
9c:e5:52:51:5f:ef:07:98:a8:23:46:15:3d:19:35:
26:7f:cb:21:63:ff:90:14:de:fb:33:ac:69:15:08:
fb:9c:37:30:34:a1:6c:dd:36:98:15:67:75:f2:90:
87:59:e8:11:a4:86:f2:05:87:3e:fd:3c:b2:50:09:
f4:83:92:9b:d1:ed:4d:60:51:13:e6:ec:a3:7d:f8:
5a:90:4f:61:c6:04:26:af:9e:bb:82:aa:d7:95:4f:
f5:c1:7a:5b:39:63:0b:1e:bb:13:d8:f5:86:1e:9d:
cb:0f:b9:3c:30:c0:46:42:76:27:d5:d9:ae:7d:40:
d2:2a:54:c7:17:cd:20:db:f2:f2:ac:7c:6a:18:c2:
3d:73:5c:e6:97:d7:46:7b:24:4f:93:00:21:8a:f7:
fd:60:cf:ff:8c:3a:48:21:b3:c0:05:2d:8b:c8:ef:
fe:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:B2:3C:5A:76:8A:21:E7:A5:41:12:D6:8A:9E:6B:35:6E:92:A5:E4
X509v3 Authority Key Identifier:
keyid:68:C5:10:FC:9B:86:5D:96:E3:AF:C7:C5:60:56:EF:AD:9A:33:0C:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aMUQ_JuGXZbjr8fFYFbvrZozDFs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/TbI8WnaKIeelQRLWip5rNW6SpeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/18/e0f2f6-3a8a-4daa-8271-5d665e998f6a/1/aMUQ_JuGXZbjr8fFYFbvrZozDFs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.79.192.0/24
193.111.36.0/24
212.91.0.0/22
Signature Algorithm: sha256WithRSAEncryption
3d:e6:f0:44:14:c5:c8:e9:11:0a:94:b0:3b:e3:c3:f9:6a:73:
a1:7c:ab:0c:1d:40:27:7d:ed:2a:32:d3:09:a8:3e:0a:1f:25:
67:48:ba:ee:92:1c:59:5f:20:c0:29:26:e4:3f:b3:08:61:2b:
62:63:64:5a:9a:15:8a:25:d3:1d:45:67:49:8e:12:19:49:f6:
f7:59:9f:48:b1:d4:ea:a3:63:e7:98:22:0f:ba:8d:08:70:df:
95:4c:75:b9:0e:00:bf:bd:6f:6b:39:37:72:eb:a8:1f:a6:5b:
54:3f:68:01:b9:2e:2e:69:9c:ec:9d:de:e4:4a:1d:23:37:2c:
e3:4d:f8:4a:d8:07:a9:cd:70:a4:e9:49:54:25:20:4b:7f:ee:
3c:72:0c:41:14:41:dc:8f:d8:fc:f9:66:a0:65:7f:d4:74:9e:
87:db:1d:9b:44:b5:66:b9:f5:de:98:ce:5c:a7:07:03:8f:68:
83:8a:a2:02:e2:ab:b6:a8:0a:bf:96:0f:80:af:e1:0a:ab:f7:
19:a9:e3:7c:16:d5:d5:87:7d:54:c2:d2:38:d7:17:6d:84:a3:
e1:50:c9:a0:39:39:59:e6:66:29:f9:ba:6e:76:c1:de:95:49:
e6:9e:5f:a2:4a:c7:fe:f3:14:7b:63:87:16:66:51:36:54:74:
19:3a:8c:b2
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZIduOH8HYh6mLJxMsQnLcwQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY4YzUxMGZjOWI4NjVkOTZlM2FmYzdjNTYwNTZlZmFkOWEz
MzBjNWIwHhcNMjQwOTIzMDcxMTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGIyM2M1YTc2OGEyMWU3YTU0MTEyZDY4YTllNmIzNTZlOTJhNWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjECE656Q7GtJU8MEMu2xs/NIod32
EaabB+gBrBtUYaj610+svrQYA5EJyj3c+bRHDDlnikmHDqiLWwPABvOaHOTDXiKX
L/IK9EPu4sF+fBIwPLJNJPCOPM6c5VJRX+8HmKgjRhU9GTUmf8shY/+QFN77M6xp
FQj7nDcwNKFs3TaYFWd18pCHWegRpIbyBYc+/TyyUAn0g5Kb0e1NYFET5uyjffha
kE9hxgQmr567gqrXlU/1wXpbOWMLHrsT2PWGHp3LD7k8MMBGQnYn1dmufUDSKlTH
F80g2/LyrHxqGMI9c1zml9dGeyRPkwAhivf9YM//jDpIIbPABS2LyO/+kQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFE2yPFp2iiHnpUES1oqeazVukqXkMB8GA1UdIwQY
MBaAFGjFEPybhl2W46/HxWBW762aMwxbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEt
NWQ2NjVlOTk4ZjZhLzEvVGJJOFduYUtJZWVsUVJMV2lwNXJOVzZTcGVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOC9lMGYyZjYtM2E4YS00ZGFhLTgyNzEtNWQ2NjVlOTk4ZjZh
LzEvYU1VUV9KdUdYWmJqcjhmRllGYnZyWm96REZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATU/AAwQA
wW8kAwQC1FsAMA0GCSqGSIb3DQEBCwUAA4IBAQA95vBEFMXI6REKlLA748P5anOh
fKsMHUAnfe0qMtMJqD4KHyVnSLrukhxZXyDAKSbkP7MIYStiY2RamhWKJdMdRWdJ
jhIZSfb3WZ9IsdTqo2PnmCIPuo0IcN+VTHW5DgC/vW9rOTdy66gfpltUP2gBuS4u
aZzsnd7kSh0jNyzjTfhK2AepzXCk6UlUJSBLf+48cgxBFEHcj9j8+WagZX/UdJ6H
2x2bRLVmufXemM5cpwcDj2iDiqIC4qu2qAq/lg+Ar+EKq/cZqeN8FtXVh31UwtI4
1xdthKPhUMmgOTlZ5mYp+bpudsHelUnmnl+iSsf+8xR7Y4cWZlE2VHQZOoyy
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:35:32 2024 by rpki-client on console-ams.rpki-client.org