Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/aa7b33-deeb-4abd-b8d2-5697249f5124/1/TK_xK6zsW0paUnPsWx43Wdy-j5g.roa
File: TK_xK6zsW0paUnPsWx43Wdy-j5g.roa (raw, json)
Hash identifier: XU57BkhtcA//2ehRT42vSyNpfEyiCvYDrJ53hjDTRts=
Subject key identifier: 4C:AF:F1:2B:AC:EC:5B:4A:5A:52:73:EC:5B:1E:37:59:DC:BE:8F:98
Certificate issuer: /CN=9bff15278f53f7761c2f3d33dd9be77a8a4fbd94
Certificate serial: 018CC9BCD6447B3C2F7DD2554CDDFEB0DB20
Authority key identifier: 9B:FF:15:27:8F:53:F7:76:1C:2F:3D:33:DD:9B:E7:7A:8A:4F:BD:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/m_8VJ49T93YcLz0z3ZvneopPvZQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/aa7b33-deeb-4abd-b8d2-5697249f5124/1/TK_xK6zsW0paUnPsWx43Wdy-j5g.roa
Signing time: Tue 02 Jan 2024 10:34:05 +0000
ROA not before: Tue 02 Jan 2024 10:34:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12297
IP address blocks: 178.160.245.0/24 maxlen: 24
178.160.248.0/22 maxlen: 24
178.160.251.0/24 maxlen: 24
178.160.252.0/22 maxlen: 24
46.70.0.0/15 maxlen: 24
87.241.128.0/18 maxlen: 24
178.160.192.0/18 maxlen: 24
212.73.64.0/19 maxlen: 24
2a00:f38:0:111e::/64 maxlen: 64
2a00:f38:0:111c::/64 maxlen: 64
2a00:f38:0:111d::/64 maxlen: 64
2a00:f38::/29 maxlen: 48
2a00:f38:0:101d::/64 maxlen: 64
2a00:f38::/32 maxlen: 48
2a00:f38:0:111f::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/aa7b33-deeb-4abd-b8d2-5697249f5124/1/m_8VJ49T93YcLz0z3ZvneopPvZQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/aa7b33-deeb-4abd-b8d2-5697249f5124/1/m_8VJ49T93YcLz0z3ZvneopPvZQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/m_8VJ49T93YcLz0z3ZvneopPvZQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 07:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:d6:44:7b:3c:2f:7d:d2:55:4c:dd:fe:b0:db:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9bff15278f53f7761c2f3d33dd9be77a8a4fbd94
Validity
Not Before: Jan 2 10:34:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4caff12bacec5b4a5a5273ec5b1e3759dcbe8f98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:59:82:10:fb:7c:48:0e:9b:bf:d5:02:6a:d8:
a2:d8:61:74:21:ef:78:2e:50:1d:b7:73:0a:2d:c2:
10:9f:d9:4f:dc:1f:ef:04:c2:98:61:f3:5c:46:f1:
7a:2b:74:a1:02:6c:f4:8a:89:ed:e4:c9:99:99:6c:
cf:10:f2:7e:f7:68:61:01:16:56:37:77:bb:18:47:
89:63:06:1f:ad:bb:5c:21:d2:76:28:c5:fa:19:82:
1c:2c:ab:e6:8a:16:fc:0f:fd:5f:93:80:ce:64:24:
2e:b8:c1:4b:d8:69:32:97:35:1e:d9:49:16:1f:5a:
2d:b1:26:96:3e:b8:99:f2:08:d0:d4:e1:34:8b:f1:
15:42:7f:cf:56:d1:91:d7:ab:8d:1b:d7:f1:50:e7:
2e:31:4b:6c:ee:a0:e8:69:a1:d3:23:73:01:22:c2:
22:df:ce:41:ff:66:56:32:42:a0:6c:d6:84:e7:84:
ff:ce:a8:58:9c:c3:4f:de:6d:14:70:c2:2c:0e:86:
44:d7:1f:99:32:b8:f6:45:1d:a7:4e:80:a8:ff:07:
90:7c:1f:5a:f9:88:99:3e:2c:0e:ed:96:a8:d9:f5:
33:95:7a:ae:9c:d4:67:7a:ca:5a:d4:32:23:15:d1:
16:71:a9:2f:d5:f0:a9:3e:6e:ca:58:3e:cf:86:da:
63:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:AF:F1:2B:AC:EC:5B:4A:5A:52:73:EC:5B:1E:37:59:DC:BE:8F:98
X509v3 Authority Key Identifier:
keyid:9B:FF:15:27:8F:53:F7:76:1C:2F:3D:33:DD:9B:E7:7A:8A:4F:BD:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/m_8VJ49T93YcLz0z3ZvneopPvZQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/aa7b33-deeb-4abd-b8d2-5697249f5124/1/TK_xK6zsW0paUnPsWx43Wdy-j5g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/aa7b33-deeb-4abd-b8d2-5697249f5124/1/m_8VJ49T93YcLz0z3ZvneopPvZQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.70.0.0/15
87.241.128.0/18
178.160.192.0/18
212.73.64.0/19
IPv6:
2a00:f38::/29
Signature Algorithm: sha256WithRSAEncryption
44:a8:2e:c8:18:ad:e3:f7:f4:3c:4b:cc:d8:cb:62:31:d6:98:
76:a6:c9:5d:31:a2:62:07:22:9b:d4:d1:41:78:a9:79:9c:f7:
fc:c3:86:3e:4b:80:97:f2:53:a8:b8:92:d6:cf:50:49:b4:5d:
b5:22:bb:b4:da:10:71:92:40:1e:09:49:11:dc:b4:22:34:60:
b4:64:22:e6:1d:e5:c8:59:1c:6d:30:6a:22:7a:85:1d:ce:5b:
c8:c4:54:6a:e5:24:6d:25:16:dd:79:fe:d7:df:a8:c7:aa:2c:
a4:b3:31:a5:9d:0d:70:a3:49:14:b5:34:96:f1:b7:c8:ae:29:
f8:86:98:38:10:28:cd:4d:df:5a:1d:e0:e3:94:d0:3a:c2:a0:
7e:36:4d:c3:e1:a7:88:9e:7e:18:03:23:17:57:f1:a6:e7:23:
25:77:57:ad:f8:41:31:e2:fe:fb:c0:7e:97:fb:13:25:b8:2b:
ef:9a:e7:d2:f2:b0:d0:48:12:39:ec:97:8b:e4:6e:9f:e0:39:
c1:e1:ca:44:14:be:7a:24:44:89:8d:c8:37:1c:b7:52:f7:08:
5d:8b:2d:5b:02:d8:7b:22:6d:74:62:09:cd:69:72:f1:05:6a:
2d:68:a8:63:a3:4b:d0:61:37:0f:70:0b:8f:fd:a6:c8:26:de:
4f:da:7c:6d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzJvNZEezwvfdJVTN3+sNsgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDliZmYxNTI3OGY1M2Y3NzYxYzJmM2QzM2RkOWJlNzdhOGE0
ZmJkOTQwHhcNMjQwMTAyMTAzNDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2FmZjEyYmFjZWM1YjRhNWE1MjczZWM1YjFlMzc1OWRjYmU4Zjk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFmCEPt8SA6bv9UCatii2GF0Ie94
LlAdt3MKLcIQn9lP3B/vBMKYYfNcRvF6K3ShAmz0iont5MmZmWzPEPJ+92hhARZW
N3e7GEeJYwYfrbtcIdJ2KMX6GYIcLKvmihb8D/1fk4DOZCQuuMFL2GkylzUe2UkW
H1otsSaWPriZ8gjQ1OE0i/EVQn/PVtGR16uNG9fxUOcuMUts7qDoaaHTI3MBIsIi
385B/2ZWMkKgbNaE54T/zqhYnMNP3m0UcMIsDoZE1x+ZMrj2RR2nToCo/weQfB9a
+YiZPiwO7Zao2fUzlXqunNRnespa1DIjFdEWcakv1fCpPm7KWD7PhtpjOwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFEyv8Sus7FtKWlJz7FseN1ncvo+YMB8GA1UdIwQY
MBaAFJv/FSePU/d2HC89M92b53qKT72UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbV84Vko0OVQ5M1ljTHowejNadm5lb3BQdlpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9hYTdiMzMtZGVlYi00YWJkLWI4ZDIt
NTY5NzI0OWY1MTI0LzEvVEtfeEs2enNXMHBhVW5Qc1d4NDNXZHktajVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9hYTdiMzMtZGVlYi00YWJkLWI4ZDItNTY5NzI0OWY1MTI0
LzEvbV84Vko0OVQ5M1ljTHowejNadm5lb3BQdlpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMBLkYDBAZX
8YADBAayoMADBAXUSUAwDQQCAAIwBwMFAyoADzgwDQYJKoZIhvcNAQELBQADggEB
AESoLsgYreP39DxLzNjLYjHWmHamyV0xomIHIpvU0UF4qXmc9/zDhj5LgJfyU6i4
ktbPUEm0XbUiu7TaEHGSQB4JSRHctCI0YLRkIuYd5chZHG0waiJ6hR3OW8jEVGrl
JG0lFt15/tffqMeqLKSzMaWdDXCjSRS1NJbxt8iuKfiGmDgQKM1N31od4OOU0DrC
oH42TcPhp4iefhgDIxdX8abnIyV3V634QTHi/vvAfpf7EyW4K++a59LysNBIEjns
l4vkbp/gOcHhykQUvnokRImNyDcct1L3CF2LLVsC2HsibXRiCc1pcvEFai1oqGOj
S9BhNw9wC4/9psgm3k/afG0=
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:06:16 2024 by rpki-client on console-ams.rpki-client.org