Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/37/65fa3c-0175-4cee-9930-59cfd453dd17/1/tUv9CEQ42PcWO5tQdbjfFX5viQg.roa
File: tUv9CEQ42PcWO5tQdbjfFX5viQg.roa (raw, json)
Hash identifier: hejDFhXY5NB2mzOCrhUZOtldEGQmQEo+hPCUSJ/5ESY=
Subject key identifier: B5:4B:FD:08:44:38:D8:F7:16:3B:9B:50:75:B8:DF:15:7E:6F:89:08
Certificate issuer: /CN=d1e5eb7536620b5857d1bf590183d650ca23227f
Certificate serial: 019307D63E074BD699DF32D90D578096D21A
Authority key identifier: D1:E5:EB:75:36:62:0B:58:57:D1:BF:59:01:83:D6:50:CA:23:22:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0eXrdTZiC1hX0b9ZAYPWUMojIn8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/37/65fa3c-0175-4cee-9930-59cfd453dd17/1/tUv9CEQ42PcWO5tQdbjfFX5viQg.roa
Signing time: Thu 07 Nov 2024 18:15:01 +0000
ROA not before: Thu 07 Nov 2024 18:15:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 56869
IP address blocks: 91.228.136.0/22 maxlen: 22
193.168.240.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/37/65fa3c-0175-4cee-9930-59cfd453dd17/1/0eXrdTZiC1hX0b9ZAYPWUMojIn8.crl
rsync://rpki.ripe.net/repository/DEFAULT/37/65fa3c-0175-4cee-9930-59cfd453dd17/1/0eXrdTZiC1hX0b9ZAYPWUMojIn8.mft
rsync://rpki.ripe.net/repository/DEFAULT/0eXrdTZiC1hX0b9ZAYPWUMojIn8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:07:d6:3e:07:4b:d6:99:df:32:d9:0d:57:80:96:d2:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1e5eb7536620b5857d1bf590183d650ca23227f
Validity
Not Before: Nov 7 18:15:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b54bfd084438d8f7163b9b5075b8df157e6f8908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:1b:ff:a8:30:e6:86:88:7a:ba:37:2a:34:61:
5e:fc:9c:52:fb:7a:7f:cd:4a:5a:77:b5:ed:ba:06:
46:4e:33:63:47:4a:e6:01:24:59:4e:a1:69:bf:10:
e1:8c:dc:b4:85:39:b9:f3:06:36:04:df:a1:04:17:
f8:3f:eb:c0:96:62:de:89:68:f3:e3:65:34:f5:a0:
af:58:67:52:8e:52:a5:a7:c4:1a:93:40:f1:d5:ee:
d2:57:a6:88:83:12:e5:fd:8e:b0:6c:20:6d:14:d9:
61:81:b5:30:70:4a:04:b8:0d:7f:50:a6:6c:55:bd:
0c:d0:cb:4c:eb:48:00:5c:3a:58:68:fa:6a:78:6b:
24:23:11:07:75:d7:9b:63:3c:86:b6:f0:c4:06:9e:
f5:f4:14:ae:01:51:8e:d8:fd:c8:4d:a8:e4:9e:98:
ce:ce:b8:4f:15:03:ef:5b:c3:73:58:bb:8a:b8:c8:
e7:d3:32:5c:59:d2:3f:60:ba:1d:bd:73:af:96:7a:
0d:c7:94:7a:2e:17:b8:df:80:d3:71:6e:f3:e2:e5:
6d:a2:32:5b:17:7f:9c:d9:18:b1:e5:ab:00:e3:ef:
8d:0d:9a:ea:0d:63:e5:05:61:d4:bc:a5:2f:a0:2a:
3a:ac:f0:04:92:88:ad:4f:45:36:00:10:3c:6e:52:
28:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:4B:FD:08:44:38:D8:F7:16:3B:9B:50:75:B8:DF:15:7E:6F:89:08
X509v3 Authority Key Identifier:
keyid:D1:E5:EB:75:36:62:0B:58:57:D1:BF:59:01:83:D6:50:CA:23:22:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0eXrdTZiC1hX0b9ZAYPWUMojIn8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/37/65fa3c-0175-4cee-9930-59cfd453dd17/1/tUv9CEQ42PcWO5tQdbjfFX5viQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/37/65fa3c-0175-4cee-9930-59cfd453dd17/1/0eXrdTZiC1hX0b9ZAYPWUMojIn8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.228.136.0/22
193.168.240.0/22
Signature Algorithm: sha256WithRSAEncryption
47:c1:7a:d4:68:60:8a:32:79:94:df:a6:0e:59:2f:50:23:ad:
e0:71:95:12:6c:1b:88:cb:45:e0:2a:5c:73:e2:c5:6d:ef:7a:
5a:9d:4a:ce:f4:92:09:59:74:0c:8b:dc:2e:12:d0:39:14:0e:
9a:90:65:fc:f6:bd:b2:67:5a:ee:2f:ba:fc:08:35:12:79:6e:
21:65:6e:8d:83:5d:9a:b8:7c:e8:3f:e0:62:29:96:36:ae:49:
ee:cc:d4:95:a4:c5:92:04:6c:7e:4b:1f:ee:c2:67:1c:db:ce:
69:9f:3b:20:29:ca:ec:36:aa:a1:f2:46:c0:9a:51:b8:dd:0d:
ee:c8:68:18:8b:10:37:94:02:27:71:46:dd:48:86:91:4c:ce:
48:d1:93:56:e0:35:95:45:5e:68:98:61:4b:dc:cc:a1:99:14:
a5:a2:b4:0f:04:ba:66:2a:c1:fa:90:7b:cd:2f:f2:cc:3c:c2:
f3:04:e8:2a:22:78:32:4f:da:95:14:f2:62:05:45:c6:20:41:
11:94:37:76:1d:35:a6:dc:94:41:ed:bd:e9:54:e6:d0:16:e1:
56:6d:6e:63:6d:08:46:cf:e4:f3:95:0b:51:0d:5a:ca:2d:b0:
da:a0:b4:2a:c9:c4:32:a7:d8:4a:d0:e7:5f:cc:dd:bd:b0:95:
e2:6d:69:ed
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZMH1j4HS9aZ3zLZDVeAltIaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZTVlYjc1MzY2MjBiNTg1N2QxYmY1OTAxODNkNjUwY2Ey
MzIyN2YwHhcNMjQxMTA3MTgxNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTRiZmQwODQ0MzhkOGY3MTYzYjliNTA3NWI4ZGYxNTdlNmY4OTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Rv/qDDmhoh6ujcqNGFe/JxS+3p/
zUpad7XtugZGTjNjR0rmASRZTqFpvxDhjNy0hTm58wY2BN+hBBf4P+vAlmLeiWjz
42U09aCvWGdSjlKlp8Qak0Dx1e7SV6aIgxLl/Y6wbCBtFNlhgbUwcEoEuA1/UKZs
Vb0M0MtM60gAXDpYaPpqeGskIxEHddebYzyGtvDEBp719BSuAVGO2P3ITajknpjO
zrhPFQPvW8NzWLuKuMjn0zJcWdI/YLodvXOvlnoNx5R6Lhe434DTcW7z4uVtojJb
F3+c2Rix5asA4++NDZrqDWPlBWHUvKUvoCo6rPAEkoitT0U2ABA8blIoDQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLVL/QhEONj3FjubUHW43xV+b4kIMB8GA1UdIwQY
MBaAFNHl63U2YgtYV9G/WQGD1lDKIyJ/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGVYcmRUWmlDMWhYMGI5WkFZUFdVTW9qSW44LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNy82NWZhM2MtMDE3NS00Y2VlLTk5MzAt
NTljZmQ0NTNkZDE3LzEvdFV2OUNFUTQyUGNXTzV0UWRiamZGWDV2aVFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNy82NWZhM2MtMDE3NS00Y2VlLTk5MzAtNTljZmQ0NTNkZDE3
LzEvMGVYcmRUWmlDMWhYMGI5WkFZUFdVTW9qSW44LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCW+SIAwQC
wajwMA0GCSqGSIb3DQEBCwUAA4IBAQBHwXrUaGCKMnmU36YOWS9QI63gcZUSbBuI
y0XgKlxz4sVt73panUrO9JIJWXQMi9wuEtA5FA6akGX89r2yZ1ruL7r8CDUSeW4h
ZW6Ng12auHzoP+BiKZY2rknuzNSVpMWSBGx+Sx/uwmcc285pnzsgKcrsNqqh8kbA
mlG43Q3uyGgYixA3lAIncUbdSIaRTM5I0ZNW4DWVRV5omGFL3MyhmRSlorQPBLpm
KsH6kHvNL/LMPMLzBOgqIngyT9qVFPJiBUXGIEERlDd2HTWm3JRB7b3pVObQFuFW
bW5jbQhGz+TzlQtRDVrKLbDaoLQqycQyp9hK0OdfzN29sJXibWnt
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:37:55 2024 by rpki-client on console-ams.rpki-client.org