Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/TQyXeJr22ZCJBPsgwhveDdCqIjk.roa
File: TQyXeJr22ZCJBPsgwhveDdCqIjk.roa (raw, json)
Hash identifier: /cbOL8qlcfaKvpCw5TFY/oLXm9p603iDajWpDAKLa/4=
Subject key identifier: 4D:0C:97:78:9A:F6:D9:90:89:04:FB:20:C2:1B:DE:0D:D0:AA:22:39
Certificate issuer: /CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Certificate serial: 018CC86F18395F91B223147A01C3339E9B79
Authority key identifier: 22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/TQyXeJr22ZCJBPsgwhveDdCqIjk.roa
Signing time: Tue 02 Jan 2024 04:29:33 +0000
ROA not before: Tue 02 Jan 2024 04:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43009
IP address blocks: 83.166.64.0/19 maxlen: 19
83.166.64.0/24 maxlen: 24
83.166.67.0/24 maxlen: 24
83.166.65.0/24 maxlen: 24
83.166.78.0/24 maxlen: 24
83.166.79.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.mft
rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:02:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:18:39:5f:91:b2:23:14:7a:01:c3:33:9e:9b:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2236ed5f5623edeb7910acd31d5f6ee81e5cb17e
Validity
Not Before: Jan 2 04:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d0c97789af6d9908904fb20c21bde0dd0aa2239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:8a:29:78:fc:8f:5d:2c:ff:e3:56:c4:9f:db:
88:1b:9b:07:ab:9c:b5:9c:fe:b0:26:18:61:af:0f:
dd:2b:82:f4:5b:36:40:af:e6:0b:f3:c6:79:06:51:
7b:73:77:74:bc:3e:92:a8:bd:92:3e:8c:1a:25:17:
7c:69:61:49:1b:94:41:a6:02:17:7f:cf:43:96:2a:
32:04:be:2f:5f:72:8b:a4:92:41:da:5d:d2:93:51:
25:60:27:c8:ad:24:aa:f9:13:d6:7f:65:16:c7:76:
3b:2f:46:2e:8b:76:f2:94:bb:06:fa:fa:9f:23:1e:
dc:72:fd:5b:e7:31:66:ad:68:76:84:90:75:e6:5f:
29:4d:c3:db:2c:ea:71:21:95:ef:c3:13:e5:5b:95:
c4:49:12:47:b2:58:ec:5d:45:7c:d1:7d:7f:7c:f0:
10:e0:5a:ba:3a:d7:37:30:15:2f:cb:70:62:42:a1:
9b:60:eb:ea:7f:9a:34:79:ee:4a:f9:c9:c8:13:9a:
e4:e0:2b:63:c3:5f:3c:18:d4:c8:94:da:d9:66:49:
46:0f:b2:1f:11:df:a1:4e:3d:5f:60:6f:9a:3a:ce:
f3:63:12:98:3c:2c:24:6b:df:cd:0f:51:4c:42:f6:
34:7a:3a:90:53:aa:8a:7e:14:88:ec:a8:39:04:8e:
34:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:0C:97:78:9A:F6:D9:90:89:04:FB:20:C2:1B:DE:0D:D0:AA:22:39
X509v3 Authority Key Identifier:
keyid:22:36:ED:5F:56:23:ED:EB:79:10:AC:D3:1D:5F:6E:E8:1E:5C:B1:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IjbtX1Yj7et5EKzTHV9u6B5csX4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/TQyXeJr22ZCJBPsgwhveDdCqIjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/1d9dda-2adf-46bd-8af7-4d16be9ba132/1/IjbtX1Yj7et5EKzTHV9u6B5csX4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.166.64.0/19
Signature Algorithm: sha256WithRSAEncryption
95:5a:2d:c9:1e:82:ef:38:52:b6:db:2d:9f:1e:06:8c:38:d2:
7c:06:98:71:83:b4:70:47:28:56:e8:9b:fd:e9:75:6d:d7:0b:
0e:9b:74:62:a4:0d:cf:80:8c:a8:ec:fa:ac:8c:17:34:2a:a4:
5c:37:b1:7c:2c:a7:8d:87:71:5b:d4:99:67:cb:10:10:b2:14:
02:0a:95:6f:29:21:e0:3d:26:15:5c:73:54:56:b8:12:b0:62:
f7:4b:36:84:60:da:a5:b4:e9:f2:97:fb:de:d1:85:6f:81:2c:
49:32:fb:72:cd:f6:bd:3f:3d:28:51:ef:21:4d:7f:11:6b:cd:
02:ad:12:cf:a7:1c:2f:5f:96:2f:05:16:3b:3f:88:13:5b:05:
16:e5:63:8c:61:28:4f:eb:a1:46:91:db:b7:cd:a0:a2:4c:7c:
3e:93:c6:96:8d:de:3e:0d:2c:ae:92:a0:24:3a:4a:a4:53:73:
80:7a:d8:c1:9e:c3:23:e6:2e:ca:c2:7c:74:6c:e2:85:85:a0:
1b:cb:39:63:21:a3:dc:d4:d4:a7:d4:fe:30:bd:e6:c8:e5:35:
c1:34:a2:40:42:b7:f4:cf:88:0a:3c:cd:83:4d:2a:91:0b:af:
22:fd:be:c9:af:3c:62:b7:70:3f:f3:bf:31:14:cd:41:7c:2c:
fe:53:0e:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzIbxg5X5GyIxR6AcMznpt5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMzZlZDVmNTYyM2VkZWI3OTEwYWNkMzFkNWY2ZWU4MWU1
Y2IxN2UwHhcNMjQwMTAyMDQyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDBjOTc3ODlhZjZkOTkwODkwNGZiMjBjMjFiZGUwZGQwYWEyMjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuIopePyPXSz/41bEn9uIG5sHq5y1
nP6wJhhhrw/dK4L0WzZAr+YL88Z5BlF7c3d0vD6SqL2SPowaJRd8aWFJG5RBpgIX
f89DlioyBL4vX3KLpJJB2l3Sk1ElYCfIrSSq+RPWf2UWx3Y7L0Yui3bylLsG+vqf
Ix7ccv1b5zFmrWh2hJB15l8pTcPbLOpxIZXvwxPlW5XESRJHsljsXUV80X1/fPAQ
4Fq6Otc3MBUvy3BiQqGbYOvqf5o0ee5K+cnIE5rk4Ctjw188GNTIlNrZZklGD7If
Ed+hTj1fYG+aOs7zYxKYPCwka9/ND1FMQvY0ejqQU6qKfhSI7Kg5BI40FQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE0Ml3ia9tmQiQT7IMIb3g3QqiI5MB8GA1UdIwQY
MBaAFCI27V9WI+3reRCs0x1fbugeXLF+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjct
NGQxNmJlOWJhMTMyLzEvVFF5WGVKcjIyWkNKQlBzZ3dodmVEZENxSWprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC8xZDlkZGEtMmFkZi00NmJkLThhZjctNGQxNmJlOWJhMTMy
LzEvSWpidFgxWWo3ZXQ1RUt6VEhWOXU2QjVjc1g0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQFU6ZAMA0G
CSqGSIb3DQEBCwUAA4IBAQCVWi3JHoLvOFK22y2fHgaMONJ8Bphxg7RwRyhW6Jv9
6XVt1wsOm3RipA3PgIyo7PqsjBc0KqRcN7F8LKeNh3Fb1JlnyxAQshQCCpVvKSHg
PSYVXHNUVrgSsGL3SzaEYNqltOnyl/ve0YVvgSxJMvtyzfa9Pz0oUe8hTX8Ra80C
rRLPpxwvX5YvBRY7P4gTWwUW5WOMYShP66FGkdu3zaCiTHw+k8aWjd4+DSyukqAk
OkqkU3OAetjBnsMj5i7Kwnx0bOKFhaAbyzljIaPc1NSn1P4wvebI5TXBNKJAQrf0
z4gKPM2DTSqRC68i/b7Jrzxit3A/878xFM1BfCz+Uw4K
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:55:40 2024 by rpki-client on console-ams.rpki-client.org