Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/TyClMHwrWzPI_e5hs5LfNo5KO-4.roa
File: TyClMHwrWzPI_e5hs5LfNo5KO-4.roa (raw, json)
Hash identifier: TzPFeRBq7iAe4W4r91rRlUBXu4+DGl08HC9ailpxR7A=
Subject key identifier: 4F:20:A5:30:7C:2B:5B:33:C8:FD:EE:61:B3:92:DF:36:8E:4A:3B:EE
Certificate issuer: /CN=0d722e4513a39678d8ab23b2d649775340518cb9
Certificate serial: 0192966767AF0F6153840B05F17CC036BF81
Authority key identifier: 0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/TyClMHwrWzPI_e5hs5LfNo5KO-4.roa
Signing time: Wed 16 Oct 2024 17:36:51 +0000
ROA not before: Wed 16 Oct 2024 17:36:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 396356
IP address blocks: 89.249.197.0/24 maxlen: 24
89.249.198.0/24 maxlen: 24
212.42.201.0/24 maxlen: 24
212.42.204.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.mft
rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:96:67:67:af:0f:61:53:84:0b:05:f1:7c:c0:36:bf:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d722e4513a39678d8ab23b2d649775340518cb9
Validity
Not Before: Oct 16 17:36:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f20a5307c2b5b33c8fdee61b392df368e4a3bee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:32:83:32:9b:40:fa:d4:e0:2b:4a:b8:53:aa:
06:16:cb:ee:f9:44:72:5e:85:7e:10:dd:de:42:13:
99:12:c6:15:35:25:54:97:fa:ed:f1:f0:06:95:18:
24:b8:9c:9c:9b:56:19:40:19:be:2e:a3:e3:11:1b:
1e:48:3a:09:eb:0c:9f:24:66:50:4d:32:1d:99:74:
e9:33:82:fd:3e:45:f8:3e:f6:6c:21:d1:df:b2:4c:
80:b2:e4:d9:66:d9:ff:01:8b:e5:94:c2:b7:65:3b:
f5:e9:81:e6:38:06:8c:75:7f:f2:0a:12:54:be:78:
5c:51:b7:1f:1b:46:08:47:69:c9:0f:d9:98:cb:70:
3b:72:d6:b6:45:7a:a0:6d:b7:b3:8e:32:02:96:82:
4b:3d:41:5e:51:c9:0f:f1:b6:25:d4:d3:ea:87:d7:
9b:94:a4:79:3a:06:9d:6e:91:12:bf:e8:25:d8:77:
a1:be:da:03:76:02:9b:6d:4c:88:79:4d:96:a6:46:
06:ad:ea:9c:1c:f2:b9:dd:30:2f:b1:d4:2b:fd:e9:
46:a7:3a:13:24:7c:e1:dc:b5:42:5a:ac:c2:61:91:
88:e7:8a:2a:41:5e:14:11:4d:25:8f:ea:12:29:43:
c1:37:3a:c1:4c:61:e3:69:bb:f4:36:ed:3f:45:cf:
8d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:20:A5:30:7C:2B:5B:33:C8:FD:EE:61:B3:92:DF:36:8E:4A:3B:EE
X509v3 Authority Key Identifier:
keyid:0D:72:2E:45:13:A3:96:78:D8:AB:23:B2:D6:49:77:53:40:51:8C:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DXIuRROjlnjYqyOy1kl3U0BRjLk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/TyClMHwrWzPI_e5hs5LfNo5KO-4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/1c084c-982d-4098-af42-3425b125eaa7/1/DXIuRROjlnjYqyOy1kl3U0BRjLk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.197.0-89.249.198.255
212.42.201.0/24
212.42.204.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:80:fd:9f:59:62:b6:93:a0:f7:d1:54:47:15:b9:f6:e9:60:
9b:39:a8:66:fa:ec:a0:da:90:ca:ad:97:4e:3d:3e:a1:f4:24:
94:44:9e:32:85:55:a7:85:dd:da:ef:0d:a2:cc:c8:29:ba:d5:
f8:7a:90:8d:56:0d:6d:d0:24:d2:e5:da:32:69:cb:cb:04:5e:
61:64:08:29:cc:39:f6:33:8e:78:a3:ab:0a:05:ba:a2:7c:30:
5e:b8:07:80:b9:d1:7f:64:bc:f7:39:23:f1:80:e1:8a:0a:f0:
b2:bd:a5:13:7f:dc:cb:c4:99:08:17:a2:6b:ee:bf:42:d4:f2:
a3:88:97:47:ce:c6:d4:6c:36:a0:0f:56:3e:d8:d9:1a:24:74:
77:11:8d:4d:70:48:38:ea:be:8b:df:35:46:f6:65:39:f7:8c:
35:5a:27:6a:2b:28:16:85:28:0d:0a:23:07:0e:12:b3:b6:d0:
f8:dd:78:31:37:a3:03:89:94:15:58:ac:c3:01:48:83:ae:8c:
9b:c4:34:c2:b2:9c:67:a6:e3:c4:93:35:62:4c:3c:12:cc:26:
2d:b7:45:2d:03:e4:e5:ca:85:21:56:8a:03:49:12:67:09:af:
13:eb:18:18:ba:00:be:7d:cd:25:1d:de:d6:3e:4c:89:11:61:
b7:44:5e:9f
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZKWZ2evD2FThAsF8XzANr+BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkNzIyZTQ1MTNhMzk2NzhkOGFiMjNiMmQ2NDk3NzUzNDA1
MThjYjkwHhcNMjQxMDE2MTczNjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjIwYTUzMDdjMmI1YjMzYzhmZGVlNjFiMzkyZGYzNjhlNGEzYmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjKDMptA+tTgK0q4U6oGFsvu+URy
XoV+EN3eQhOZEsYVNSVUl/rt8fAGlRgkuJycm1YZQBm+LqPjERseSDoJ6wyfJGZQ
TTIdmXTpM4L9PkX4PvZsIdHfskyAsuTZZtn/AYvllMK3ZTv16YHmOAaMdX/yChJU
vnhcUbcfG0YIR2nJD9mYy3A7cta2RXqgbbezjjICloJLPUFeUckP8bYl1NPqh9eb
lKR5OgadbpESv+gl2HehvtoDdgKbbUyIeU2WpkYGreqcHPK53TAvsdQr/elGpzoT
JHzh3LVCWqzCYZGI54oqQV4UEU0lj+oSKUPBNzrBTGHjabv0Nu0/Rc+NMwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFE8gpTB8K1szyP3uYbOS3zaOSjvuMB8GA1UdIwQY
MBaAFA1yLkUTo5Z42KsjstZJd1NAUYy5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDIt
MzQyNWIxMjVlYWE3LzEvVHlDbE1Id3JXelBJX2U1aHM1TGZObzVLTy00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8xYzA4NGMtOTgyZC00MDk4LWFmNDItMzQyNWIxMjVlYWE3
LzEvRFhJdVJST2psbmpZcXlPeTFrbDNVMEJSakxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBABZ+cUD
BABZ+cYDBADUKskDBADUKswwDQYJKoZIhvcNAQELBQADggEBAB6A/Z9ZYraToPfR
VEcVufbpYJs5qGb67KDakMqtl049PqH0JJREnjKFVaeF3drvDaLMyCm61fh6kI1W
DW3QJNLl2jJpy8sEXmFkCCnMOfYzjnijqwoFuqJ8MF64B4C50X9kvPc5I/GA4YoK
8LK9pRN/3MvEmQgXomvuv0LU8qOIl0fOxtRsNqAPVj7Y2RokdHcRjU1wSDjqvovf
NUb2ZTn3jDVaJ2orKBaFKA0KIwcOErO20PjdeDE3owOJlBVYrMMBSIOujJvENMKy
nGem48STNWJMPBLMJi23RS0D5OXKhSFWigNJEmcJrxPrGBi6AL59zSUd3tY+TIkR
YbdEXp8=
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:17:26 2024 by rpki-client on console-ams.rpki-client.org