Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/tysWAmy5ZtD5QB3Ed1pMHAJLPYw.roa
File: tysWAmy5ZtD5QB3Ed1pMHAJLPYw.roa (raw, json)
Hash identifier: NUHKBMUT5JETCy4dvM9uiaGeQMLrOv/YXvpNzgzVsdg=
Subject key identifier: B7:2B:16:02:6C:B9:66:D0:F9:40:1D:C4:77:5A:4C:1C:02:4B:3D:8C
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 018CC86FC0153958EAD1DED1F163CCDC8456
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/tysWAmy5ZtD5QB3Ed1pMHAJLPYw.roa
Signing time: Tue 02 Jan 2024 04:30:15 +0000
ROA not before: Tue 02 Jan 2024 04:30:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56871
IP address blocks: 89.45.93.0/24 maxlen: 24
89.45.92.0/24 maxlen: 24
185.104.196.0/22 maxlen: 22
89.42.233.0/24 maxlen: 24
89.42.232.0/24 maxlen: 24
188.213.233.0/24 maxlen: 24
86.104.132.0/23 maxlen: 23
89.44.100.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:c0:15:39:58:ea:d1:de:d1:f1:63:cc:dc:84:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jan 2 04:30:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b72b16026cb966d0f9401dc4775a4c1c024b3d8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:38:26:b9:91:9a:36:e7:0a:3c:fe:03:cb:15:
bb:b0:f0:90:04:5d:bf:d2:88:f9:72:49:1b:76:3d:
85:3c:a3:57:76:78:23:ce:0e:fb:23:27:92:77:35:
5a:a4:53:a4:3c:62:8f:56:7a:57:d3:b5:35:e3:4f:
d4:50:1f:bb:67:f7:bf:01:93:c8:3c:55:83:65:f6:
1a:99:cb:3a:a2:41:0c:8a:85:2d:39:69:30:c3:46:
0a:96:20:96:5e:21:48:19:00:7f:b9:53:0b:6e:23:
05:b4:bd:c5:00:e5:b9:c5:1e:76:91:5d:5e:c1:95:
b8:58:0d:8a:d8:df:01:ff:28:a8:71:12:52:88:f2:
19:34:9b:6d:33:0a:98:da:a1:e8:78:8f:03:35:88:
03:ec:e1:30:1e:1d:0c:68:52:79:97:46:3f:68:eb:
ad:56:9e:80:2a:f7:cc:69:1d:5b:31:67:93:8a:8a:
c5:18:50:b2:4a:60:83:ef:b7:8e:9b:4c:26:97:ac:
fe:d1:a5:1f:7d:69:8c:c5:c4:e4:b2:dd:ca:00:39:
c1:ea:09:ea:31:8e:5f:3d:98:a9:91:b0:50:fd:b2:
b2:00:c4:c6:3e:9e:41:35:63:af:6a:72:9c:f1:5f:
45:f4:43:9d:26:4e:c6:ab:d6:42:dd:72:05:a7:4c:
60:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:2B:16:02:6C:B9:66:D0:F9:40:1D:C4:77:5A:4C:1C:02:4B:3D:8C
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/tysWAmy5ZtD5QB3Ed1pMHAJLPYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.132.0/23
89.42.232.0/23
89.44.100.0/23
89.45.92.0/23
185.104.196.0/22
188.213.233.0/24
Signature Algorithm: sha256WithRSAEncryption
76:a4:1c:20:8d:8d:e5:5e:18:be:a1:ba:f6:a4:7c:eb:2a:f3:
25:11:d8:d0:9d:23:2f:07:b1:72:be:20:0a:f1:84:ad:05:18:
42:17:10:35:93:1f:69:97:ac:3c:e4:fb:e4:b6:53:0e:91:2a:
0a:c1:0e:63:43:d6:e3:75:1d:19:70:0a:6c:e5:ff:b9:af:ed:
13:4f:7a:a7:7c:3c:0b:0b:2c:db:f8:c8:c2:2d:dd:7d:d6:8d:
85:6a:95:41:17:7d:a0:33:e8:fd:a1:4c:ca:72:6a:66:90:46:
a1:8e:0e:af:2f:db:c9:e0:ba:87:f9:33:0d:6f:55:d7:0e:ae:
36:93:f2:5b:d7:15:37:27:2d:95:51:5b:c2:fe:01:ab:61:cc:
56:15:c3:fc:0c:21:a6:e8:1f:84:3d:a7:da:9e:86:91:33:60:
1e:6e:32:f4:91:91:e7:7c:4f:cb:1f:f6:af:0d:d2:bb:22:de:
1c:98:71:c7:ed:50:31:89:e4:f7:0f:4d:5b:44:ee:0b:1a:12:
e5:02:98:ca:e5:03:2f:ba:0b:1e:ec:63:1c:ff:a2:bf:32:67:
f3:5d:9f:6e:4a:9f:55:64:a8:8c:3b:27:06:06:a4:f3:66:21:
d5:01:54:53:5e:28:29:aa:a0:96:fa:06:a4:59:10:64:d4:e3:
d0:d4:43:de
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzIb8AVOVjq0d7R8WPM3IRWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjQwMTAyMDQzMDE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzJiMTYwMjZjYjk2NmQwZjk0MDFkYzQ3NzVhNGMxYzAyNGIzZDhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTgmuZGaNucKPP4DyxW7sPCQBF2/
0oj5ckkbdj2FPKNXdngjzg77IyeSdzVapFOkPGKPVnpX07U140/UUB+7Z/e/AZPI
PFWDZfYamcs6okEMioUtOWkww0YKliCWXiFIGQB/uVMLbiMFtL3FAOW5xR52kV1e
wZW4WA2K2N8B/yiocRJSiPIZNJttMwqY2qHoeI8DNYgD7OEwHh0MaFJ5l0Y/aOut
Vp6AKvfMaR1bMWeTiorFGFCySmCD77eOm0wml6z+0aUffWmMxcTkst3KADnB6gnq
MY5fPZipkbBQ/bKyAMTGPp5BNWOvanKc8V9F9EOdJk7Gq9ZC3XIFp0xgKwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLcrFgJsuWbQ+UAdxHdaTBwCSz2MMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvdHlzV0FteTVadEQ1UUIzRWQxcE1IQUpMUFl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBVmiEAwQB
WSroAwQBWSxkAwQBWS1cAwQCuWjEAwQAvNXpMA0GCSqGSIb3DQEBCwUAA4IBAQB2
pBwgjY3lXhi+obr2pHzrKvMlEdjQnSMvB7FyviAK8YStBRhCFxA1kx9pl6w85Pvk
tlMOkSoKwQ5jQ9bjdR0ZcAps5f+5r+0TT3qnfDwLCyzb+MjCLd191o2FapVBF32g
M+j9oUzKcmpmkEahjg6vL9vJ4LqH+TMNb1XXDq42k/Jb1xU3Jy2VUVvC/gGrYcxW
FcP8DCGm6B+EPafanoaRM2AebjL0kZHnfE/LH/avDdK7It4cmHHH7VAxieT3D01b
RO4LGhLlApjK5QMvugse7GMc/6K/MmfzXZ9uSp9VZKiMOycGBqTzZiHVAVRTXigp
qqCW+gakWRBk1OPQ1EPe
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:21:25 2024 by rpki-client on console-ams.rpki-client.org