Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3c/7e38b2-bec1-4464-a0ca-7d258b620169/1/tspMs3Skyd5To9l0aCd1_JXur8Y.roa
File: tspMs3Skyd5To9l0aCd1_JXur8Y.roa (raw, json)
Hash identifier: se0t7cnwEJItd7J7l5c5eI3OL8lt39nmJeo5NSvaOTc=
Subject key identifier: B6:CA:4C:B3:74:A4:C9:DE:53:A3:D9:74:68:27:75:FC:95:EE:AF:C6
Certificate issuer: /CN=a7f94ab935054b86dcb5d6adbad2dfdb564b5248
Certificate serial: 018DA1EAE38B994D4B32CC96EA3C6A0FA65B
Authority key identifier: A7:F9:4A:B9:35:05:4B:86:DC:B5:D6:AD:BA:D2:DF:DB:56:4B:52:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/p_lKuTUFS4bctdatutLf21ZLUkg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3c/7e38b2-bec1-4464-a0ca-7d258b620169/1/tspMs3Skyd5To9l0aCd1_JXur8Y.roa
Signing time: Tue 13 Feb 2024 10:02:21 +0000
ROA not before: Tue 13 Feb 2024 10:02:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12306
IP address blocks: 185.139.157.0/24 maxlen: 24
2a0b:20c0:100::/40 maxlen: 40
2a0b:20c0:6000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3c/7e38b2-bec1-4464-a0ca-7d258b620169/1/p_lKuTUFS4bctdatutLf21ZLUkg.crl
rsync://rpki.ripe.net/repository/DEFAULT/3c/7e38b2-bec1-4464-a0ca-7d258b620169/1/p_lKuTUFS4bctdatutLf21ZLUkg.mft
rsync://rpki.ripe.net/repository/DEFAULT/p_lKuTUFS4bctdatutLf21ZLUkg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 19:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:a1:ea:e3:8b:99:4d:4b:32:cc:96:ea:3c:6a:0f:a6:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a7f94ab935054b86dcb5d6adbad2dfdb564b5248
Validity
Not Before: Feb 13 10:02:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6ca4cb374a4c9de53a3d974682775fc95eeafc6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:f1:6a:5b:08:c2:31:ad:5b:4c:b4:b2:ce:a7:
42:11:48:16:85:59:59:56:de:c3:16:cf:bf:f1:73:
eb:8f:8a:32:1b:77:f4:35:c0:b1:cd:d5:b1:da:75:
03:32:a9:14:a7:a2:f4:c2:e4:db:b6:21:1d:fb:61:
d2:01:8e:8c:80:a0:92:f7:b5:92:ca:42:d9:3e:9d:
06:32:4f:4a:de:de:36:95:88:d4:bd:a7:98:4f:e6:
b9:96:80:87:1a:0e:da:68:f8:7b:ba:e5:a0:74:b4:
9e:e3:0c:26:46:a5:a6:fe:6d:5c:b4:34:a1:58:41:
fd:44:b3:91:31:d0:bc:96:d4:8e:52:c3:f6:fb:a7:
81:30:92:4d:20:f6:0a:ff:e5:93:57:dd:b4:04:ac:
70:ac:00:24:68:2a:9d:5b:6f:4c:fb:f6:a3:67:2d:
e4:ab:36:c9:4c:49:b0:82:a9:ae:07:45:2a:72:79:
35:4d:c3:0e:6b:e8:d9:ad:ac:99:87:d3:98:43:42:
ed:45:3e:24:74:31:0a:a6:6b:14:f6:19:42:d0:ee:
d3:c3:20:55:2b:d6:58:98:38:20:42:a6:6d:97:a4:
ab:86:c0:69:68:98:a8:1d:b6:cc:b7:1b:43:51:c7:
80:e1:e5:ed:87:db:c6:ab:fb:bb:51:93:f1:9e:d9:
b1:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:CA:4C:B3:74:A4:C9:DE:53:A3:D9:74:68:27:75:FC:95:EE:AF:C6
X509v3 Authority Key Identifier:
keyid:A7:F9:4A:B9:35:05:4B:86:DC:B5:D6:AD:BA:D2:DF:DB:56:4B:52:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/p_lKuTUFS4bctdatutLf21ZLUkg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/7e38b2-bec1-4464-a0ca-7d258b620169/1/tspMs3Skyd5To9l0aCd1_JXur8Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3c/7e38b2-bec1-4464-a0ca-7d258b620169/1/p_lKuTUFS4bctdatutLf21ZLUkg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.139.157.0/24
IPv6:
2a0b:20c0:100::/40
2a0b:20c0:6000::/36
Signature Algorithm: sha256WithRSAEncryption
8b:e8:4b:31:1c:7d:b6:be:50:88:ed:32:89:db:e3:f8:b0:50:
58:31:5b:2f:b9:4f:29:d2:63:d0:c8:07:bb:c4:db:f8:f5:d7:
b9:37:10:91:8f:52:96:e3:39:c4:6e:07:0b:24:12:ad:90:64:
02:c8:80:96:78:f8:fe:51:b8:25:06:9c:f3:77:44:01:76:c6:
0e:da:e0:10:13:e7:9b:90:7b:0b:6e:47:0d:b9:94:08:56:9f:
ee:7b:ab:24:c1:08:f9:69:34:4b:6f:48:35:e1:f5:a2:8e:99:
ce:9f:fb:93:a1:d7:8a:f7:76:69:09:bc:a5:af:ce:cc:56:1f:
46:f4:a2:16:07:b7:2d:f4:a5:da:e6:d8:30:a5:ad:85:be:ff:
13:ee:00:d2:1b:86:4b:22:d5:e3:98:ec:5f:4e:b1:1f:c3:31:
94:22:0c:08:48:f1:df:bc:a7:7f:c6:7f:99:0f:60:08:9b:8a:
89:60:08:d6:01:ad:a4:8b:6d:65:23:ce:99:af:70:6a:bf:d9:
b3:22:16:9c:1e:fa:38:48:cd:d4:91:77:73:73:e4:f3:10:58:
0f:ba:7b:7b:84:69:b3:8e:54:cf:a3:60:c1:1d:8d:90:23:c8:
76:9c:72:8d:5c:09:fc:3a:60:bc:bb:65:dc:a9:b3:15:c8:86:
62:b3:a9:c4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY2h6uOLmU1LMsyW6jxqD6ZbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE3Zjk0YWI5MzUwNTRiODZkY2I1ZDZhZGJhZDJkZmRiNTY0
YjUyNDgwHhcNMjQwMjEzMTAwMjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmNhNGNiMzc0YTRjOWRlNTNhM2Q5NzQ2ODI3NzVmYzk1ZWVhZmM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi/FqWwjCMa1bTLSyzqdCEUgWhVlZ
Vt7DFs+/8XPrj4oyG3f0NcCxzdWx2nUDMqkUp6L0wuTbtiEd+2HSAY6MgKCS97WS
ykLZPp0GMk9K3t42lYjUvaeYT+a5loCHGg7aaPh7uuWgdLSe4wwmRqWm/m1ctDSh
WEH9RLORMdC8ltSOUsP2+6eBMJJNIPYK/+WTV920BKxwrAAkaCqdW29M+/ajZy3k
qzbJTEmwgqmuB0Uqcnk1TcMOa+jZrayZh9OYQ0LtRT4kdDEKpmsU9hlC0O7TwyBV
K9ZYmDggQqZtl6SrhsBpaJioHbbMtxtDUceA4eXth9vGq/u7UZPxntmxFwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFLbKTLN0pMneU6PZdGgndfyV7q/GMB8GA1UdIwQY
MBaAFKf5Srk1BUuG3LXWrbrS39tWS1JIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcF9sS3VUVUZTNGJjdGRhdHV0TGYyMVpMVWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYy83ZTM4YjItYmVjMS00NDY0LWEwY2Et
N2QyNThiNjIwMTY5LzEvdHNwTXMzU2t5ZDVUbzlsMGFDZDFfSlh1cjhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYy83ZTM4YjItYmVjMS00NDY0LWEwY2EtN2QyNThiNjIwMTY5
LzEvcF9sS3VUVUZTNGJjdGRhdHV0TGYyMVpMVWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAMBAIAATAGAwQAuYudMBYE
AgACMBADBgAqCyDAAQMGBCoLIMBgMA0GCSqGSIb3DQEBCwUAA4IBAQCL6EsxHH22
vlCI7TKJ2+P4sFBYMVsvuU8p0mPQyAe7xNv49de5NxCRj1KW4znEbgcLJBKtkGQC
yICWePj+UbglBpzzd0QBdsYO2uAQE+ebkHsLbkcNuZQIVp/ue6skwQj5aTRLb0g1
4fWijpnOn/uTodeK93ZpCbylr87MVh9G9KIWB7ct9KXa5tgwpa2Fvv8T7gDSG4ZL
ItXjmOxfTrEfwzGUIgwISPHfvKd/xn+ZD2AIm4qJYAjWAa2ki21lI86Zr3Bqv9mz
IhacHvo4SM3UkXdzc+TzEFgPunt7hGmzjlTPo2DBHY2QI8h2nHKNXAn8OmC8u2Xc
qbMVyIZis6nE
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:58:34 2024 by rpki-client on console-fra.rpki-client.org