Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/tyJYpFO3YiCFX2LFXDiHmApTXdE.roa
File: tyJYpFO3YiCFX2LFXDiHmApTXdE.roa (raw, json)
Hash identifier: Zsv/x72Vw6auIfgZwuP6P9h2RhIivJauqbO+XEMj0GM=
Subject key identifier: B7:22:58:A4:53:B7:62:20:85:5F:62:C5:5C:38:87:98:0A:53:5D:D1
Certificate issuer: /CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Certificate serial: 018CC2DB399716BD175FC0E8ADF8B80CDBC4
Authority key identifier: D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/tyJYpFO3YiCFX2LFXDiHmApTXdE.roa
Signing time: Mon 01 Jan 2024 02:29:56 +0000
ROA not before: Mon 01 Jan 2024 02:29:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212335
IP address blocks: 194.15.99.0/24 maxlen: 24
45.11.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:39:97:16:bd:17:5f:c0:e8:ad:f8:b8:0c:db:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d93da2019909d9fc37829fd9ec29d948ecff7c92
Validity
Not Before: Jan 1 02:29:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b72258a453b76220855f62c55c3887980a535dd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:0d:de:0c:9b:10:f7:d4:cd:19:84:e4:16:6a:
44:29:46:93:84:43:d3:2a:20:df:48:12:e3:ca:b9:
fd:b3:49:f0:02:25:71:5c:3c:65:f6:a9:a2:e9:4c:
8d:8c:8d:1b:25:ba:61:dc:db:7b:9e:9f:7b:91:c6:
03:ae:05:93:7c:1a:53:f9:75:7e:ae:ee:55:6c:61:
99:3d:0d:0c:34:35:7c:2f:0b:7d:9b:13:96:c4:c7:
1c:ca:75:ca:6c:98:fd:5b:e5:65:91:41:3c:22:f7:
36:0d:07:0a:e9:71:12:b6:9f:f4:c4:15:1e:dd:e9:
d6:98:53:e6:97:ea:63:98:74:0c:f4:dd:a7:db:5a:
1e:4b:98:5a:28:b8:9c:91:9c:71:89:1b:96:1e:fd:
66:96:5a:b1:ac:bb:94:4a:cd:fa:62:57:e5:d5:ec:
b9:dd:0a:7c:8a:9a:1d:0d:ef:c2:0c:3d:f8:e5:9f:
6b:0d:54:dc:12:00:f7:e4:3e:30:d9:b3:54:52:3a:
17:2f:66:1c:43:82:92:17:b1:0d:47:a9:9d:a8:e3:
b7:09:bc:00:b4:01:e2:6a:42:d0:a4:49:5f:e1:30:
cb:d7:6a:90:a1:9e:9b:cd:cf:54:60:57:4f:85:bf:
a0:d6:c6:e8:e9:14:44:c9:53:2c:cb:81:34:f1:d1:
34:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:22:58:A4:53:B7:62:20:85:5F:62:C5:5C:38:87:98:0A:53:5D:D1
X509v3 Authority Key Identifier:
keyid:D9:3D:A2:01:99:09:D9:FC:37:82:9F:D9:EC:29:D9:48:EC:FF:7C:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/tyJYpFO3YiCFX2LFXDiHmApTXdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/47afa3-ce31-4060-a078-f5addddf1ec5/1/2T2iAZkJ2fw3gp_Z7CnZSOz_fJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.188.0/24
194.15.99.0/24
Signature Algorithm: sha256WithRSAEncryption
62:e2:07:2e:36:d9:2b:94:fe:b1:a9:3d:b9:b6:8f:cc:04:28:
27:37:41:51:f5:c0:5b:8b:e7:60:bf:0d:d1:24:60:28:07:cc:
2b:8d:aa:49:1f:0b:28:3e:e6:0b:b4:98:5a:5a:f9:7f:70:53:
42:12:99:6d:ae:9c:20:c0:e6:6f:5b:a7:e5:04:35:ed:29:2f:
7b:ac:ba:d4:bd:3a:7e:d1:24:3d:81:33:bd:20:fd:02:4d:43:
ae:00:00:e9:63:76:75:17:62:75:e9:8f:35:2b:8f:21:43:5d:
b1:68:9b:4e:0c:f8:4d:09:1c:f9:19:3f:7a:1a:b2:16:02:70:
88:8e:2f:cf:f1:00:05:7a:64:98:38:88:bc:58:b3:55:3d:38:
f2:9c:15:46:17:cc:f1:2d:9d:82:e4:20:bf:51:5f:b9:2a:d3:
cb:70:b9:7a:9e:f6:4e:4f:de:87:0a:96:8b:f3:67:6e:c1:c8:
48:ac:94:a1:b0:65:99:a7:21:aa:28:05:c1:88:77:bc:08:24:
84:93:fc:bf:52:10:ad:cc:ca:53:2d:dc:83:c9:b3:1a:f0:65:
0a:57:45:25:c5:72:ea:ed:95:cb:b0:dc:46:ac:76:9f:a1:e0:
73:ca:d4:e1:1b:33:1f:85:65:97:5e:56:1f:27:16:d8:9f:2c:
4e:2b:0a:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2zmXFr0XX8Dorfi4DNvEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5M2RhMjAxOTkwOWQ5ZmMzNzgyOWZkOWVjMjlkOTQ4ZWNm
ZjdjOTIwHhcNMjQwMTAxMDIyOTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzIyNThhNDUzYjc2MjIwODU1ZjYyYzU1YzM4ODc5ODBhNTM1ZGQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnA3eDJsQ99TNGYTkFmpEKUaThEPT
KiDfSBLjyrn9s0nwAiVxXDxl9qmi6UyNjI0bJbph3Nt7np97kcYDrgWTfBpT+XV+
ru5VbGGZPQ0MNDV8Lwt9mxOWxMccynXKbJj9W+VlkUE8Ivc2DQcK6XEStp/0xBUe
3enWmFPml+pjmHQM9N2n21oeS5haKLickZxxiRuWHv1mllqxrLuUSs36Ylfl1ey5
3Qp8ipodDe/CDD345Z9rDVTcEgD35D4w2bNUUjoXL2YcQ4KSF7ENR6mdqOO3CbwA
tAHiakLQpElf4TDL12qQoZ6bzc9UYFdPhb+g1sbo6RREyVMsy4E08dE0lQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLciWKRTt2IghV9ixVw4h5gKU13RMB8GA1UdIwQY
MBaAFNk9ogGZCdn8N4Kf2ewp2Ujs/3ySMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgt
ZjVhZGRkZGYxZWM1LzEvdHlKWXBGTzNZaUNGWDJMRlhEaUhtQXBUWGRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi80N2FmYTMtY2UzMS00MDYwLWEwNzgtZjVhZGRkZGYxZWM1
LzEvMlQyaUFaa0oyZnczZ3BfWjdDblpTT3pfZkpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALQu8AwQA
wg9jMA0GCSqGSIb3DQEBCwUAA4IBAQBi4gcuNtkrlP6xqT25to/MBCgnN0FR9cBb
i+dgvw3RJGAoB8wrjapJHwsoPuYLtJhaWvl/cFNCEpltrpwgwOZvW6flBDXtKS97
rLrUvTp+0SQ9gTO9IP0CTUOuAADpY3Z1F2J16Y81K48hQ12xaJtODPhNCRz5GT96
GrIWAnCIji/P8QAFemSYOIi8WLNVPTjynBVGF8zxLZ2C5CC/UV+5KtPLcLl6nvZO
T96HCpaL82duwchIrJShsGWZpyGqKAXBiHe8CCSEk/y/UhCtzMpTLdyDybMa8GUK
V0UlxXLq7ZXLsNxGrHafoeBzytThGzMfhWWXXlYfJxbYnyxOKwrq
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:47:01 2024 by rpki-client on console-ams.rpki-client.org