Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/TU06YUzy6FZlKzKuFyDDLYSi-KE.roa
File: TU06YUzy6FZlKzKuFyDDLYSi-KE.roa (raw, json)
Hash identifier: lxtBdpgc0gAuvauyStPdhrQRjBtBwSlShm794RTeTEo=
Subject key identifier: 4D:4D:3A:61:4C:F2:E8:56:65:2B:32:AE:17:20:C3:2D:84:A2:F8:A1
Certificate issuer: /CN=a040f968fa52e6cb2fe657109700fa074c190b85
Certificate serial: 018D5F79C98D25B6E2A6AF4C438D0DF50F1C
Authority key identifier: A0:40:F9:68:FA:52:E6:CB:2F:E6:57:10:97:00:FA:07:4C:19:0B:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oED5aPpS5ssv5lcQlwD6B0wZC4U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/TU06YUzy6FZlKzKuFyDDLYSi-KE.roa
Signing time: Wed 31 Jan 2024 12:23:53 +0000
ROA not before: Wed 31 Jan 2024 12:23:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212400
IP address blocks: 109.205.140.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/oED5aPpS5ssv5lcQlwD6B0wZC4U.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/oED5aPpS5ssv5lcQlwD6B0wZC4U.mft
rsync://rpki.ripe.net/repository/DEFAULT/oED5aPpS5ssv5lcQlwD6B0wZC4U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 18:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:5f:79:c9:8d:25:b6:e2:a6:af:4c:43:8d:0d:f5:0f:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a040f968fa52e6cb2fe657109700fa074c190b85
Validity
Not Before: Jan 31 12:23:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d4d3a614cf2e856652b32ae1720c32d84a2f8a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:cd:12:ea:49:4d:83:ce:8b:27:a2:93:eb:8e:
d5:64:94:15:59:95:a4:ba:24:1b:78:c8:7a:24:e0:
0a:ae:d4:97:3b:5d:75:aa:4d:5b:8d:5b:1a:26:cf:
15:e8:f7:fc:ba:65:58:b9:b6:64:94:0d:dc:39:87:
c4:ae:97:58:50:77:4e:0e:60:cf:9f:34:b4:8e:c8:
bb:58:a6:2b:71:74:03:4f:07:16:30:1e:d9:18:93:
e0:5a:f9:36:84:53:f0:8a:b4:b6:3d:56:f7:05:a5:
c2:ed:13:ed:0f:a0:77:a7:a3:f9:7d:65:25:8c:13:
dd:b3:57:5b:52:10:a2:64:64:16:14:aa:36:77:5f:
eb:4d:77:3f:c3:f7:a5:b6:aa:9e:0e:7d:4e:ee:94:
c5:6e:38:aa:d8:83:8b:dc:90:b6:ab:83:ae:01:e4:
00:01:1d:b5:af:3b:8d:8c:ee:82:6e:6c:fa:aa:7f:
af:ef:aa:b5:69:e1:3e:6f:79:33:ba:01:ec:ce:dc:
8d:5a:70:47:7d:05:dc:93:c6:e3:3c:98:c8:d6:c0:
aa:ca:95:44:ed:50:b9:fb:96:25:ea:6f:e0:fd:e7:
f4:f1:54:27:c7:9e:00:de:d6:35:32:f6:a8:c9:bb:
66:49:2c:7d:e3:ed:03:85:35:c1:e3:37:08:a9:39:
06:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:4D:3A:61:4C:F2:E8:56:65:2B:32:AE:17:20:C3:2D:84:A2:F8:A1
X509v3 Authority Key Identifier:
keyid:A0:40:F9:68:FA:52:E6:CB:2F:E6:57:10:97:00:FA:07:4C:19:0B:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oED5aPpS5ssv5lcQlwD6B0wZC4U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/TU06YUzy6FZlKzKuFyDDLYSi-KE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/895502-4e14-4963-a305-3b6b0a5555ef/1/oED5aPpS5ssv5lcQlwD6B0wZC4U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.205.140.0/23
Signature Algorithm: sha256WithRSAEncryption
55:a4:1a:2b:f6:c5:cb:f6:43:c6:d2:d0:81:41:43:3d:99:bb:
3d:14:ca:35:93:c0:f5:8b:e9:66:9d:9b:6a:53:e2:d4:44:a3:
24:eb:d7:a7:bd:71:dd:b8:67:68:18:b5:8d:cc:9d:df:a6:98:
b4:cb:3f:28:c7:45:17:9e:f8:0b:2a:49:95:f3:95:11:91:8d:
d8:e4:f5:24:89:af:0d:11:c1:b5:fe:76:d1:00:85:1b:18:8a:
38:c2:a9:a3:58:a9:b1:13:49:c1:15:69:cf:f1:f9:e0:3d:97:
9a:9e:e0:46:45:d1:cb:7a:10:73:54:6f:fd:03:44:8a:6c:58:
4a:fb:55:2f:29:2c:97:46:48:7e:5b:33:4d:11:20:52:7c:32:
6d:a8:9b:99:61:16:fe:ea:07:fc:04:6f:8e:33:69:4e:b9:8c:
86:58:a1:1e:9d:28:20:d0:aa:f3:d6:cf:b5:61:9a:b9:29:6c:
43:f7:56:0e:69:b7:39:40:9e:2f:d2:58:eb:95:6e:96:90:0e:
50:72:2e:f4:c4:16:a5:da:ed:f5:0c:a5:b8:05:11:94:05:f1:
26:86:4f:a6:41:2a:d9:aa:52:d6:1d:e9:65:d6:ea:a7:e4:e6:
07:60:71:90:4b:8f:46:db:6f:8c:d9:f0:57:df:87:3d:bb:c7:
56:ba:67:3d
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAY1fecmNJbbipq9MQ40N9Q8cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwNDBmOTY4ZmE1MmU2Y2IyZmU2NTcxMDk3MDBmYTA3NGMx
OTBiODUwHhcNMjQwMTMxMTIyMzUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDRkM2E2MTRjZjJlODU2NjUyYjMyYWUxNzIwYzMyZDg0YTJmOGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlM0S6klNg86LJ6KT647VZJQVWZWk
uiQbeMh6JOAKrtSXO111qk1bjVsaJs8V6Pf8umVYubZklA3cOYfErpdYUHdODmDP
nzS0jsi7WKYrcXQDTwcWMB7ZGJPgWvk2hFPwirS2PVb3BaXC7RPtD6B3p6P5fWUl
jBPds1dbUhCiZGQWFKo2d1/rTXc/w/eltqqeDn1O7pTFbjiq2IOL3JC2q4OuAeQA
AR21rzuNjO6Cbmz6qn+v76q1aeE+b3kzugHsztyNWnBHfQXck8bjPJjI1sCqypVE
7VC5+5Yl6m/g/ef08VQnx54A3tY1MvaoybtmSSx94+0DhTXB4zcIqTkGfQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE1NOmFM8uhWZSsyrhcgwy2EovihMB8GA1UdIwQY
MBaAFKBA+Wj6UubLL+ZXEJcA+gdMGQuFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb0VENWFQcFM1c3N2NWxjUWx3RDZCMHdaQzRVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84OTU1MDItNGUxNC00OTYzLWEzMDUt
M2I2YjBhNTU1NWVmLzEvVFUwNllVenk2RlpsS3pLdUZ5RERMWVNpLUtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84OTU1MDItNGUxNC00OTYzLWEzMDUtM2I2YjBhNTU1NWVm
LzEvb0VENWFQcFM1c3N2NWxjUWx3RDZCMHdaQzRVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBbc2MMA0G
CSqGSIb3DQEBCwUAA4IBAQBVpBor9sXL9kPG0tCBQUM9mbs9FMo1k8D1i+lmnZtq
U+LURKMk69envXHduGdoGLWNzJ3fppi0yz8ox0UXnvgLKkmV85URkY3Y5PUkia8N
EcG1/nbRAIUbGIo4wqmjWKmxE0nBFWnP8fngPZeanuBGRdHLehBzVG/9A0SKbFhK
+1UvKSyXRkh+WzNNESBSfDJtqJuZYRb+6gf8BG+OM2lOuYyGWKEenSgg0Krz1s+1
YZq5KWxD91YOabc5QJ4v0ljrlW6WkA5Qci70xBal2u31DKW4BRGUBfEmhk+mQSrZ
qlLWHell1uqn5OYHYHGQS49G22+M2fBX34c9u8dWumc9
-----END CERTIFICATE-----
Generated at Sat Jun 8 03:05:15 2024 by rpki-client on console-fra.rpki-client.org