Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/t0ZSAUzte3ei_jgg3BFQV0LM4qo.roa
File: t0ZSAUzte3ei_jgg3BFQV0LM4qo.roa (raw, json)
Hash identifier: tDexmUoJnT8MeuFeCHAS6D1phX10WtHuxkzof35xGdI=
Subject key identifier: B7:46:52:01:4C:ED:7B:77:A2:FE:38:20:DC:11:50:57:42:CC:E2:AA
Certificate issuer: /CN=4f908a6d868ab9e9bdb10472fbec31c966e94274
Certificate serial: 018CC727557C28B9A8ABF91667E5057050A7
Authority key identifier: 4F:90:8A:6D:86:8A:B9:E9:BD:B1:04:72:FB:EC:31:C9:66:E9:42:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T5CKbYaKuem9sQRy--wxyWbpQnQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/t0ZSAUzte3ei_jgg3BFQV0LM4qo.roa
Signing time: Mon 01 Jan 2024 22:31:32 +0000
ROA not before: Mon 01 Jan 2024 22:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20612
IP address blocks: 194.242.34.0/24 maxlen: 24
185.222.12.0/22 maxlen: 24
2a0c:d000::/29 maxlen: 64
2001:67c:20ac::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/T5CKbYaKuem9sQRy--wxyWbpQnQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/T5CKbYaKuem9sQRy--wxyWbpQnQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/T5CKbYaKuem9sQRy--wxyWbpQnQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:55:7c:28:b9:a8:ab:f9:16:67:e5:05:70:50:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4f908a6d868ab9e9bdb10472fbec31c966e94274
Validity
Not Before: Jan 1 22:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b74652014ced7b77a2fe3820dc11505742cce2aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c1:20:59:c7:87:26:0a:d3:f3:0f:67:54:ce:
bb:59:07:07:88:23:73:05:88:01:23:7a:4a:65:7d:
a2:36:fd:e6:71:5e:b6:1f:b6:69:1b:a7:2c:e6:65:
96:c1:44:7c:2c:b4:14:2b:2c:08:38:12:05:bd:52:
8f:75:f7:2e:aa:24:6d:16:e4:81:8a:60:9b:62:81:
47:ac:8f:75:ec:99:bd:ef:6e:4d:6e:cb:41:96:0e:
e7:38:12:e8:34:b3:88:12:ac:0e:80:d9:fa:44:69:
70:03:ab:57:1e:cf:0c:46:1b:cd:84:6d:27:2a:0e:
68:a6:c4:16:2b:f5:13:5f:32:0d:37:2b:bd:09:c4:
a3:75:1b:f9:c1:38:50:c0:9d:1a:58:73:6b:ad:96:
2e:ad:3e:77:3b:c8:72:a8:6a:dc:10:a6:d0:2e:b6:
56:c0:10:2f:8d:17:7d:1b:2c:fb:69:70:c3:a9:43:
70:4e:a9:ae:83:b3:8c:cf:ce:7c:d4:31:f7:f8:ee:
3c:26:83:c2:2b:41:5e:4e:4e:70:d3:8a:e4:bd:85:
b9:d4:ee:23:79:f8:ee:5d:e3:1a:86:bf:f6:fd:50:
5f:a0:a9:cb:d6:8a:b6:99:9f:a1:9c:6f:db:95:99:
24:72:38:3e:90:16:49:c1:5a:4a:21:b4:03:ce:77:
3f:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:46:52:01:4C:ED:7B:77:A2:FE:38:20:DC:11:50:57:42:CC:E2:AA
X509v3 Authority Key Identifier:
keyid:4F:90:8A:6D:86:8A:B9:E9:BD:B1:04:72:FB:EC:31:C9:66:E9:42:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T5CKbYaKuem9sQRy--wxyWbpQnQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/t0ZSAUzte3ei_jgg3BFQV0LM4qo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/4d77d9-b0a3-48ad-aa2a-1c6ee5bbeb66/1/T5CKbYaKuem9sQRy--wxyWbpQnQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.222.12.0/22
194.242.34.0/24
IPv6:
2001:67c:20ac::/48
2a0c:d000::/29
Signature Algorithm: sha256WithRSAEncryption
29:56:38:c4:dc:3f:d7:4b:4e:28:bc:84:3c:80:69:87:65:bd:
1a:c7:16:d5:cd:5a:c3:3b:6f:17:2a:19:59:95:32:d2:36:9d:
8c:ad:b8:14:ca:4e:37:50:68:0f:bd:f6:51:fb:60:c1:fb:54:
62:1d:14:05:68:cd:80:80:c3:b1:1c:93:25:d1:88:ad:3a:84:
ba:2f:f6:9b:28:bb:51:f8:23:ca:ba:66:39:18:b5:14:4c:d7:
88:64:ee:47:6a:98:fc:97:12:99:87:94:72:15:97:86:2c:7e:
ac:0f:d0:fd:5c:94:c8:4f:c0:bb:48:f7:33:9f:bd:30:45:bc:
d7:b8:4e:43:82:15:3a:9a:e8:9d:a2:36:32:f1:be:f0:85:93:
97:7c:50:da:a8:83:e7:7e:df:4e:b7:19:5b:2e:4f:fb:2b:9a:
21:ff:46:c7:27:1b:2c:74:9e:11:fb:8d:3a:64:55:20:8f:ec:
4c:33:02:db:94:e8:7c:22:96:e3:92:10:16:40:2e:f1:8e:72:
f6:96:71:78:3e:c2:63:29:64:c6:6b:11:4a:48:88:5b:93:88:
ad:fc:c1:88:21:35:15:88:7f:e2:0c:59:64:df:69:4b:5e:3f:
48:df:b6:34:72:70:87:dc:bd:8e:41:f2:49:c3:eb:25:25:4d:
76:72:b9:34
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzHJ1V8KLmoq/kWZ+UFcFCnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmOTA4YTZkODY4YWI5ZTliZGIxMDQ3MmZiZWMzMWM5NjZl
OTQyNzQwHhcNMjQwMTAxMjIzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzQ2NTIwMTRjZWQ3Yjc3YTJmZTM4MjBkYzExNTA1NzQyY2NlMmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsEgWceHJgrT8w9nVM67WQcHiCNz
BYgBI3pKZX2iNv3mcV62H7ZpG6cs5mWWwUR8LLQUKywIOBIFvVKPdfcuqiRtFuSB
imCbYoFHrI917Jm9725NbstBlg7nOBLoNLOIEqwOgNn6RGlwA6tXHs8MRhvNhG0n
Kg5opsQWK/UTXzINNyu9CcSjdRv5wThQwJ0aWHNrrZYurT53O8hyqGrcEKbQLrZW
wBAvjRd9Gyz7aXDDqUNwTqmug7OMz8581DH3+O48JoPCK0FeTk5w04rkvYW51O4j
efjuXeMahr/2/VBfoKnL1oq2mZ+hnG/blZkkcjg+kBZJwVpKIbQDznc/awIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLdGUgFM7Xt3ov44INwRUFdCzOKqMB8GA1UdIwQY
MBaAFE+Qim2GirnpvbEEcvvsMclm6UJ0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDVDS2JZYUt1ZW05c1FSeS0td3h5V2JwUW5RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC80ZDc3ZDktYjBhMy00OGFkLWFhMmEt
MWM2ZWU1YmJlYjY2LzEvdDBaU0FVenRlM2VpX2pnZzNCRlFWMExNNHFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC80ZDc3ZDktYjBhMy00OGFkLWFhMmEtMWM2ZWU1YmJlYjY2
LzEvVDVDS2JZYUt1ZW05c1FSeS0td3h5V2JwUW5RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCud4MAwQA
wvIiMBYEAgACMBADBwAgAQZ8IKwDBQMqDNAAMA0GCSqGSIb3DQEBCwUAA4IBAQAp
VjjE3D/XS04ovIQ8gGmHZb0axxbVzVrDO28XKhlZlTLSNp2MrbgUyk43UGgPvfZR
+2DB+1RiHRQFaM2AgMOxHJMl0YitOoS6L/abKLtR+CPKumY5GLUUTNeIZO5Hapj8
lxKZh5RyFZeGLH6sD9D9XJTIT8C7SPczn70wRbzXuE5DghU6muidojYy8b7whZOX
fFDaqIPnft9OtxlbLk/7K5oh/0bHJxssdJ4R+406ZFUgj+xMMwLblOh8IpbjkhAW
QC7xjnL2lnF4PsJjKWTGaxFKSIhbk4it/MGIITUViH/iDFlk32lLXj9I37Y0cnCH
3L2OQfJJw+slJU12crk0
-----END CERTIFICATE-----
Generated at Mon May 20 04:38:17 2024 by rpki-client on console-fra.rpki-client.org