Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/TaleU1iKC6o8F0pMl4mP1INV_Dk.roa
File: TaleU1iKC6o8F0pMl4mP1INV_Dk.roa (raw, json)
Hash identifier: Vw4zCitEzPFpjmHNKSvq6yisCwoT2ZpIYFkaPnxlGeA=
Subject key identifier: 4D:A9:5E:53:58:8A:0B:AA:3C:17:4A:4C:97:89:8F:D4:83:55:FC:39
Certificate issuer: /CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Certificate serial: 018CC5DC45BD4450E809D1D0CA3302A49C4B
Authority key identifier: E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/TaleU1iKC6o8F0pMl4mP1INV_Dk.roa
Signing time: Mon 01 Jan 2024 16:29:56 +0000
ROA not before: Mon 01 Jan 2024 16:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20884
IP address blocks: 160.218.96.0/21 maxlen: 21
160.218.212.0/22 maxlen: 22
160.218.104.0/21 maxlen: 21
160.218.112.0/20 maxlen: 20
160.218.244.0/22 maxlen: 22
160.218.176.0/21 maxlen: 21
160.218.184.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.mft
rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:45:bd:44:50:e8:09:d1:d0:ca:33:02:a4:9c:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Validity
Not Before: Jan 1 16:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4da95e53588a0baa3c174a4c97898fd48355fc39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:85:42:ed:62:ce:2c:f0:61:2a:6c:47:df:c7:
f8:70:21:4c:95:b6:b6:ca:d2:3b:d6:91:50:16:f4:
73:ec:e6:0c:d0:6e:49:db:85:ac:e4:9b:56:3b:a2:
73:c3:03:f3:a8:98:94:b2:03:68:a6:85:d4:30:db:
4e:fc:1b:b2:88:7b:27:e9:36:dc:91:8c:ba:3a:97:
12:66:cb:9b:7e:17:1b:4e:ae:20:0c:13:55:13:9b:
2d:f7:81:21:c5:56:c8:90:c1:e3:25:67:fc:60:97:
bd:10:ee:07:b1:f4:47:49:7b:7e:28:bd:bc:17:3f:
3c:b4:45:b2:20:78:5e:60:8f:fc:65:7f:c4:de:fc:
1d:de:9c:ff:87:bf:24:38:fb:cd:23:25:60:bc:fb:
4e:96:0d:c4:15:8f:eb:d3:0a:98:d1:48:6c:5c:52:
27:9b:29:2c:6d:a5:28:5f:c1:99:f9:69:c3:68:a6:
ea:b5:a7:c9:62:d6:a6:6f:5b:0c:2c:5a:ac:0a:37:
fc:bd:61:fb:29:8e:66:69:0b:85:98:58:f9:e6:5c:
aa:24:15:48:9b:69:2e:2b:dd:91:32:0d:16:7a:1a:
27:22:75:d3:22:0c:95:43:d7:c8:ac:48:7d:b2:74:
e3:57:c3:18:4f:0a:d7:f5:fc:54:16:a8:a4:c7:70:
3b:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:A9:5E:53:58:8A:0B:AA:3C:17:4A:4C:97:89:8F:D4:83:55:FC:39
X509v3 Authority Key Identifier:
keyid:E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/TaleU1iKC6o8F0pMl4mP1INV_Dk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.218.96.0/19
160.218.176.0/20
160.218.212.0/22
160.218.244.0/22
Signature Algorithm: sha256WithRSAEncryption
93:f5:26:a9:43:b9:58:bc:ec:4f:ef:48:e6:2e:73:c1:3f:0c:
cf:84:39:4c:18:22:df:0f:14:ed:40:13:b8:ba:6a:3e:3b:3f:
f1:47:74:5d:fd:84:0f:d1:d0:51:a5:c1:29:09:64:a9:cd:b2:
9c:2e:a9:5f:24:84:26:5c:d1:92:99:16:1a:df:a0:84:41:38:
e6:6c:7a:92:6c:b3:27:c5:97:41:21:65:69:e7:0c:b1:70:02:
6b:42:42:de:17:fd:48:27:53:11:e5:1b:31:60:2b:fe:cb:c9:
54:77:29:e6:43:4d:d6:c0:11:02:1b:96:60:16:37:27:82:57:
dc:3f:ae:b5:7b:09:6b:51:ed:9a:3c:58:b7:bf:df:ec:8e:b0:
61:01:6c:c0:7c:d1:e4:dc:06:dd:49:9a:be:d5:2e:b6:aa:f7:
89:0a:28:1f:d3:0f:e1:9e:02:78:43:14:50:28:af:c1:e6:9e:
29:18:98:ae:8a:48:28:12:7e:f7:ca:b2:23:bd:b4:dc:d4:29:
f2:0e:98:06:76:2b:0b:ca:b0:8b:76:e8:77:4c:1a:22:c9:9c:
2c:95:24:7a:86:df:3e:76:3f:f2:7e:52:77:a9:c0:56:32:2c:
10:25:50:95:11:a4:ff:6e:79:25:bb:f8:61:01:9b:b0:76:62:
1f:0a:99:a8
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzF3EW9RFDoCdHQyjMCpJxLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZDZjNmU4YmNlZDQwYmQwMzJkMTc3MThjMWIxZTM5YWU4
NDFhZTgwHhcNMjQwMTAxMTYyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGE5NWU1MzU4OGEwYmFhM2MxNzRhNGM5Nzg5OGZkNDgzNTVmYzM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm4VC7WLOLPBhKmxH38f4cCFMlba2
ytI71pFQFvRz7OYM0G5J24Ws5JtWO6JzwwPzqJiUsgNopoXUMNtO/BuyiHsn6Tbc
kYy6OpcSZsubfhcbTq4gDBNVE5st94EhxVbIkMHjJWf8YJe9EO4HsfRHSXt+KL28
Fz88tEWyIHheYI/8ZX/E3vwd3pz/h78kOPvNIyVgvPtOlg3EFY/r0wqY0UhsXFIn
myksbaUoX8GZ+WnDaKbqtafJYtamb1sMLFqsCjf8vWH7KY5maQuFmFj55lyqJBVI
m2kuK92RMg0WehonInXTIgyVQ9fIrEh9snTjV8MYTwrX9fxUFqikx3A7LwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE2pXlNYiguqPBdKTJeJj9SDVfw5MB8GA1UdIwQY
MBaAFOXWxui87UC9Ay0XcYwbHjmuhBroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQt
YmQyNDliNjI1Nzk3LzEvVGFsZVUxaUtDNm84RjBwTWw0bVAxSU5WX0RrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQtYmQyNDliNjI1Nzk3
LzEvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFoNpgAwQE
oNqwAwQCoNrUAwQCoNr0MA0GCSqGSIb3DQEBCwUAA4IBAQCT9SapQ7lYvOxP70jm
LnPBPwzPhDlMGCLfDxTtQBO4umo+Oz/xR3Rd/YQP0dBRpcEpCWSpzbKcLqlfJIQm
XNGSmRYa36CEQTjmbHqSbLMnxZdBIWVp5wyxcAJrQkLeF/1IJ1MR5RsxYCv+y8lU
dynmQ03WwBECG5ZgFjcnglfcP661ewlrUe2aPFi3v9/sjrBhAWzAfNHk3AbdSZq+
1S62qveJCigf0w/hngJ4QxRQKK/B5p4pGJiuikgoEn73yrIjvbTc1CnyDpgGdisL
yrCLduh3TBoiyZwslSR6ht8+dj/yflJ3qcBWMiwQJVCVEaT/bnklu/hhAZuwdmIf
Cpmo
-----END CERTIFICATE-----
Generated at Sun May 19 14:52:39 2024 by rpki-client on console-ams.rpki-client.org