Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/2a981d-67f5-484e-be1b-ff64a9ba597c/1/TcxSRGXWMKMzQoQPacE2Vfjsr90.roa
File: TcxSRGXWMKMzQoQPacE2Vfjsr90.roa (raw, json)
Hash identifier: p9jam/5lKozVPpdV5K2BhVx1OU5ZxEwJ9sXfgxDJF10=
Subject key identifier: 4D:CC:52:44:65:D6:30:A3:33:42:84:0F:69:C1:36:55:F8:EC:AF:DD
Certificate issuer: /CN=6682890b7ed23347478d4d65db0948c3db23ebe7
Certificate serial: 018CC492FCD6ABF775EA0F3A0D9158444036
Authority key identifier: 66:82:89:0B:7E:D2:33:47:47:8D:4D:65:DB:09:48:C3:DB:23:EB:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZoKJC37SM0dHjU1l2wlIw9sj6-c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/2a981d-67f5-484e-be1b-ff64a9ba597c/1/TcxSRGXWMKMzQoQPacE2Vfjsr90.roa
Signing time: Mon 01 Jan 2024 10:30:16 +0000
ROA not before: Mon 01 Jan 2024 10:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28747
IP address blocks: 193.34.88.0/22 maxlen: 24
217.22.48.0/20 maxlen: 24
217.22.49.0/24 maxlen: 24
94.198.160.0/21 maxlen: 24
86.39.128.0/17 maxlen: 24
193.43.88.0/24 maxlen: 24
2001:1598::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/2a981d-67f5-484e-be1b-ff64a9ba597c/1/ZoKJC37SM0dHjU1l2wlIw9sj6-c.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/2a981d-67f5-484e-be1b-ff64a9ba597c/1/ZoKJC37SM0dHjU1l2wlIw9sj6-c.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZoKJC37SM0dHjU1l2wlIw9sj6-c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:92:fc:d6:ab:f7:75:ea:0f:3a:0d:91:58:44:40:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6682890b7ed23347478d4d65db0948c3db23ebe7
Validity
Not Before: Jan 1 10:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4dcc524465d630a33342840f69c13655f8ecafdd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:92:12:5d:f5:24:78:9b:a5:0a:af:40:80:63:
7e:7f:44:c3:17:f3:f4:38:6e:a5:0f:97:23:62:37:
74:19:1e:7c:5c:95:74:e9:c0:fe:57:7a:b0:f3:1c:
9a:8f:d0:7c:69:29:e1:23:14:d0:35:cc:e0:ee:89:
24:a5:66:79:01:e5:b8:41:73:f9:bc:c2:91:e4:57:
de:3a:99:e1:bf:fa:41:bf:d6:e4:2e:05:b6:5b:6b:
9c:5e:9a:53:47:6b:9e:78:25:8b:4e:cb:b1:aa:4b:
47:bf:5f:0c:e9:eb:60:02:22:db:5c:8d:bf:48:c3:
4a:7d:c4:49:5d:1c:03:ef:e5:16:3a:67:ff:cf:50:
ab:e6:31:0e:04:a7:c8:b0:15:2d:7a:01:0e:5a:1e:
b3:97:80:2d:4f:c6:11:97:7d:aa:d4:f2:10:ee:e7:
eb:87:af:f3:72:61:62:7f:b3:be:ce:6e:70:3d:4b:
b2:d0:90:52:e3:92:31:84:87:4c:aa:02:96:82:bf:
d0:85:e7:17:de:ea:1c:5b:32:b1:87:d5:ba:c3:21:
4e:5c:04:73:b8:f9:90:c6:db:58:f2:7a:ed:88:8a:
e1:a7:0d:b5:51:47:76:db:3f:7e:79:21:3d:bc:79:
d7:e8:ff:15:08:18:25:94:06:da:1b:af:9a:e3:d0:
22:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:CC:52:44:65:D6:30:A3:33:42:84:0F:69:C1:36:55:F8:EC:AF:DD
X509v3 Authority Key Identifier:
keyid:66:82:89:0B:7E:D2:33:47:47:8D:4D:65:DB:09:48:C3:DB:23:EB:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZoKJC37SM0dHjU1l2wlIw9sj6-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a981d-67f5-484e-be1b-ff64a9ba597c/1/TcxSRGXWMKMzQoQPacE2Vfjsr90.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/2a981d-67f5-484e-be1b-ff64a9ba597c/1/ZoKJC37SM0dHjU1l2wlIw9sj6-c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.39.128.0/17
94.198.160.0/21
193.34.88.0/22
193.43.88.0/24
217.22.48.0/20
IPv6:
2001:1598::/32
Signature Algorithm: sha256WithRSAEncryption
ba:32:0b:ab:0d:44:06:62:c7:78:2c:12:86:52:9a:0e:81:da:
be:7a:83:90:e6:33:b6:2c:6d:9a:a0:d6:a2:76:fe:b2:f3:17:
6d:59:ba:27:b1:9c:1d:26:6c:bd:a5:e8:20:59:6f:6e:b8:88:
cb:57:2e:5a:05:98:44:ad:97:5e:7d:75:dc:9c:54:e0:5c:a5:
57:f6:74:e5:5d:a1:b8:17:ad:de:ab:bd:21:69:6e:3a:93:27:
34:a6:6c:7b:27:22:57:c9:dd:58:03:d0:09:e0:ce:84:8a:bd:
97:9f:de:79:1b:ab:9c:fe:6d:d6:74:fa:05:a1:25:59:53:db:
68:f3:65:27:ab:5f:24:3b:66:c0:54:da:10:d1:de:2c:84:e2:
c9:8e:c1:f7:4a:dd:76:3a:2d:ef:f9:95:00:08:a6:aa:91:60:
03:32:6b:89:db:a0:c7:ae:d9:03:dd:ce:f1:b5:6b:a7:de:8d:
68:fc:b9:ca:11:11:39:4f:7b:e0:29:37:d6:d3:fe:66:4a:5b:
f9:92:a8:2f:a3:33:57:c0:2b:e1:f6:76:ac:a8:2f:24:45:ba:
35:73:20:56:7c:78:87:4f:94:54:11:71:f8:bf:26:d5:72:d6:
43:99:4d:64:ca:08:a7:4d:d7:46:39:f5:e4:72:c9:ad:6b:ce:
fb:56:04:2d
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzEkvzWq/d16g86DZFYREA2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ODI4OTBiN2VkMjMzNDc0NzhkNGQ2NWRiMDk0OGMzZGIy
M2ViZTcwHhcNMjQwMTAxMTAzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGNjNTI0NDY1ZDYzMGEzMzM0Mjg0MGY2OWMxMzY1NWY4ZWNhZmRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnZISXfUkeJulCq9AgGN+f0TDF/P0
OG6lD5cjYjd0GR58XJV06cD+V3qw8xyaj9B8aSnhIxTQNczg7okkpWZ5AeW4QXP5
vMKR5FfeOpnhv/pBv9bkLgW2W2ucXppTR2ueeCWLTsuxqktHv18M6etgAiLbXI2/
SMNKfcRJXRwD7+UWOmf/z1Cr5jEOBKfIsBUtegEOWh6zl4AtT8YRl32q1PIQ7ufr
h6/zcmFif7O+zm5wPUuy0JBS45IxhIdMqgKWgr/QhecX3uocWzKxh9W6wyFOXARz
uPmQxttY8nrtiIrhpw21UUd22z9+eSE9vHnX6P8VCBgllAbaG6+a49AizQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFE3MUkRl1jCjM0KED2nBNlX47K/dMB8GA1UdIwQY
MBaAFGaCiQt+0jNHR41NZdsJSMPbI+vnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm9LSkMzN1NNMGRIalUxbDJ3bEl3OXNqNi1jLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS8yYTk4MWQtNjdmNS00ODRlLWJlMWIt
ZmY2NGE5YmE1OTdjLzEvVGN4U1JHWFdNS016UW9RUGFjRTJWZmpzcjkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS8yYTk4MWQtNjdmNS00ODRlLWJlMWItZmY2NGE5YmE1OTdj
LzEvWm9LSkMzN1NNMGRIalUxbDJ3bEl3OXNqNi1jLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQHVieAAwQD
XsagAwQCwSJYAwQAwStYAwQE2RYwMA0EAgACMAcDBQAgARWYMA0GCSqGSIb3DQEB
CwUAA4IBAQC6MgurDUQGYsd4LBKGUpoOgdq+eoOQ5jO2LG2aoNaidv6y8xdtWbon
sZwdJmy9peggWW9uuIjLVy5aBZhErZdefXXcnFTgXKVX9nTlXaG4F63eq70haW46
kyc0pmx7JyJXyd1YA9AJ4M6Eir2Xn955G6uc/m3WdPoFoSVZU9to82Unq18kO2bA
VNoQ0d4shOLJjsH3St12Oi3v+ZUACKaqkWADMmuJ26DHrtkD3c7xtWun3o1o/LnK
ERE5T3vgKTfW0/5mSlv5kqgvozNXwCvh9nasqC8kRbo1cyBWfHiHT5RUEXH4vybV
ctZDmU1kyginTddGOfXkcsmta877VgQt
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:06:16 2024 by rpki-client on console-ams.rpki-client.org