Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/Tpad7-k1vGrCh2L75yreZ6IEdHM.roa
File: Tpad7-k1vGrCh2L75yreZ6IEdHM.roa (raw, json)
Hash identifier: JUlWPLKFCMtqQdg/6e5N8KzEhyJOaWfDZ5aVVGKKAkE=
Subject key identifier: 4E:96:9D:EF:E9:35:BC:6A:C2:87:62:FB:E7:2A:DE:67:A2:04:74:73
Certificate issuer: /CN=22a44566764ebb511683cb6228fa91997b559379
Certificate serial: 01913194DB25385AFB4D0A38883F0E57579C
Authority key identifier: 22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/Tpad7-k1vGrCh2L75yreZ6IEdHM.roa
Signing time: Thu 08 Aug 2024 10:42:04 +0000
ROA not before: Thu 08 Aug 2024 10:42:04 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28738
IP address blocks: 78.153.128.0/24 maxlen: 24
78.153.129.0/24 maxlen: 24
78.153.132.0/23 maxlen: 23
78.153.134.0/24 maxlen: 24
78.153.141.0/24 maxlen: 24
78.153.142.0/24 maxlen: 24
78.153.152.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 17:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:31:94:db:25:38:5a:fb:4d:0a:38:88:3f:0e:57:57:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22a44566764ebb511683cb6228fa91997b559379
Validity
Not Before: Aug 8 10:42:04 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e969defe935bc6ac28762fbe72ade67a2047473
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f7:01:86:42:5d:ad:1f:62:af:28:2f:27:dd:
f3:0f:13:c0:e3:71:a4:c4:11:c1:e7:a3:06:ce:3f:
b6:e9:19:a0:73:3d:9c:1c:06:0e:1f:04:ad:53:17:
d3:fa:b4:58:45:23:ee:7f:e0:41:3f:d1:74:2e:1f:
58:1c:fe:09:01:0f:53:ac:64:61:44:66:eb:5e:f9:
1a:6b:03:c6:b8:a7:d6:0e:83:b9:63:08:34:9a:5d:
69:4d:d2:12:45:37:6e:dd:06:ca:ff:78:72:08:31:
c1:f9:e6:b2:68:ce:19:21:01:f3:1f:4c:db:3f:3d:
3d:a0:6d:47:29:66:ec:5e:9f:0e:49:37:25:9c:46:
32:9c:9e:92:7e:f7:23:4c:6b:55:f2:5d:5f:d7:29:
9e:04:a5:db:ec:68:b8:00:f9:47:81:61:e6:74:3e:
7e:ac:32:b2:f6:d2:18:a0:89:26:12:e8:ed:3e:14:
71:de:66:16:b7:b6:e9:4b:ba:f5:36:91:07:08:72:
9b:0a:57:d5:03:45:36:5f:7f:b3:a3:d5:65:98:a1:
37:e0:eb:67:21:d6:a8:f4:8b:64:d9:ad:9c:c1:ab:
55:6c:61:c7:65:bf:fc:d7:6c:5b:2e:7a:3d:2d:52:
37:ef:b6:8e:2b:a3:68:61:24:46:de:6e:cf:7d:76:
da:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:96:9D:EF:E9:35:BC:6A:C2:87:62:FB:E7:2A:DE:67:A2:04:74:73
X509v3 Authority Key Identifier:
keyid:22:A4:45:66:76:4E:BB:51:16:83:CB:62:28:FA:91:99:7B:55:93:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IqRFZnZOu1EWg8tiKPqRmXtVk3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/Tpad7-k1vGrCh2L75yreZ6IEdHM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/6b3dda-7368-4d19-b603-16b80aa28dd6/1/IqRFZnZOu1EWg8tiKPqRmXtVk3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.153.128.0/23
78.153.132.0-78.153.134.255
78.153.141.0-78.153.142.255
78.153.152.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:fa:74:f1:ca:c6:43:f1:83:a3:69:28:35:34:84:f2:39:e8:
6d:31:10:e4:ff:9f:b4:55:3f:ef:88:0f:e8:5c:57:6a:4a:89:
18:32:a1:bf:fd:a5:33:54:31:70:55:2c:aa:64:3d:ea:ea:b3:
e8:d3:c5:e5:65:4b:4d:33:98:39:76:4e:8c:38:ec:39:5b:ac:
7a:80:3e:d6:8e:30:26:ce:fb:17:16:70:5f:48:bf:36:4f:9d:
2b:4c:a4:81:78:4b:ea:40:c5:23:fb:8b:fc:7e:ff:41:fa:e4:
99:a9:d9:43:98:b5:7e:70:99:16:49:75:6e:94:c4:8a:ff:d5:
44:b2:0e:11:f8:b4:02:a1:e3:29:99:a2:19:ba:c4:50:09:75:
8d:66:6b:52:ed:39:0f:f4:45:7d:cb:e6:e3:9d:7b:64:f2:89:
6b:51:96:c6:35:1e:f6:40:74:cd:34:1f:f0:8c:93:c4:40:a9:
94:87:b2:9d:3e:ce:54:c9:17:ca:34:2b:86:af:f1:5f:cc:80:
11:e7:46:d2:23:59:ee:89:9a:7d:31:e5:38:e9:0f:31:9c:f3:
05:26:cc:d4:5c:4a:0a:00:4f:48:69:f0:33:5c:d0:91:29:d8:
0e:da:7f:ed:78:85:91:be:5b:24:3e:a0:2a:33:97:75:6d:66:
0d:61:0d:7b
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZExlNslOFr7TQo4iD8OV1ecMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYTQ0NTY2NzY0ZWJiNTExNjgzY2I2MjI4ZmE5MTk5N2I1
NTkzNzkwHhcNMjQwODA4MTA0MjA0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTk2OWRlZmU5MzViYzZhYzI4NzYyZmJlNzJhZGU2N2EyMDQ3NDczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqPcBhkJdrR9irygvJ93zDxPA43Gk
xBHB56MGzj+26Rmgcz2cHAYOHwStUxfT+rRYRSPuf+BBP9F0Lh9YHP4JAQ9TrGRh
RGbrXvkaawPGuKfWDoO5Ywg0ml1pTdISRTdu3QbK/3hyCDHB+eayaM4ZIQHzH0zb
Pz09oG1HKWbsXp8OSTclnEYynJ6SfvcjTGtV8l1f1ymeBKXb7Gi4APlHgWHmdD5+
rDKy9tIYoIkmEujtPhRx3mYWt7bpS7r1NpEHCHKbClfVA0U2X3+zo9VlmKE34Otn
Idao9Itk2a2cwatVbGHHZb/812xbLno9LVI377aOK6NoYSRG3m7PfXbafQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFE6Wne/pNbxqwodi++cq3meiBHRzMB8GA1UdIwQY
MBaAFCKkRWZ2TrtRFoPLYij6kZl7VZN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMt
MTZiODBhYTI4ZGQ2LzEvVHBhZDctazF2R3JDaDJMNzV5cmVaNklFZEhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS82YjNkZGEtNzM2OC00ZDE5LWI2MDMtMTZiODBhYTI4ZGQ2
LzEvSXFSRlpuWk91MUVXZzh0aUtQcVJtWHRWazNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQBTpmAMAwD
BAJOmYQDBABOmYYwDAMEAE6ZjQMEAE6ZjgMEAU6ZmDANBgkqhkiG9w0BAQsFAAOC
AQEATfp08crGQ/GDo2koNTSE8jnobTEQ5P+ftFU/74gP6FxXakqJGDKhv/2lM1Qx
cFUsqmQ96uqz6NPF5WVLTTOYOXZOjDjsOVuseoA+1o4wJs77FxZwX0i/Nk+dK0yk
gXhL6kDFI/uL/H7/QfrkmanZQ5i1fnCZFkl1bpTEiv/VRLIOEfi0AqHjKZmiGbrE
UAl1jWZrUu05D/RFfcvm4517ZPKJa1GWxjUe9kB0zTQf8IyTxECplIeynT7OVMkX
yjQrhq/xX8yAEedG0iNZ7omafTHlOOkPMZzzBSbM1FxKCgBPSGnwM1zQkSnYDtp/
7XiFkb5bJD6gKjOXdW1mDWENew==
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:53:27 2024 by rpki-client on console-fra.rpki-client.org