Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/tu6io-Lg6bwbnlNrcmKPbLtUDZs.roa
File: tu6io-Lg6bwbnlNrcmKPbLtUDZs.roa (raw, json)
Hash identifier: NRqgUUKuEdEaSc5B0qwzIg7tiAsDI4L2fvnEeSXnwi0=
Subject key identifier: B6:EE:A2:A3:E2:E0:E9:BC:1B:9E:53:6B:72:62:8F:6C:BB:54:0D:9B
Certificate issuer: /CN=9e563c426d1aae4ed1e7f59536749022089e8479
Certificate serial: 018CC726F4A2AD438B8E1A9A5636C7C4CA3E
Authority key identifier: 9E:56:3C:42:6D:1A:AE:4E:D1:E7:F5:95:36:74:90:22:08:9E:84:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nlY8Qm0ark7R5_WVNnSQIgiehHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/tu6io-Lg6bwbnlNrcmKPbLtUDZs.roa
Signing time: Mon 01 Jan 2024 22:31:07 +0000
ROA not before: Mon 01 Jan 2024 22:31:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3238
IP address blocks: 213.204.32.0/19 maxlen: 24
79.133.0.0/19 maxlen: 19
194.110.176.0/20 maxlen: 24
212.17.160.0/19 maxlen: 24
194.112.0.0/20 maxlen: 24
82.199.160.0/19 maxlen: 24
2a00:5500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.mft
rsync://rpki.ripe.net/repository/DEFAULT/nlY8Qm0ark7R5_WVNnSQIgiehHk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:f4:a2:ad:43:8b:8e:1a:9a:56:36:c7:c4:ca:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e563c426d1aae4ed1e7f59536749022089e8479
Validity
Not Before: Jan 1 22:31:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6eea2a3e2e0e9bc1b9e536b72628f6cbb540d9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3b:c8:0a:1c:d8:b5:d5:a0:b1:e6:fc:d2:15:
c7:eb:aa:81:bf:77:13:a5:55:78:9d:89:18:d1:6c:
99:73:5f:bd:cc:2f:4b:27:2f:2f:72:55:3d:56:c7:
e9:b3:50:ec:3d:b6:5d:9e:3c:7b:41:e8:30:0a:aa:
56:0e:cf:84:93:72:06:f5:e4:e6:6a:90:39:3e:33:
bb:41:4d:37:bd:a3:46:40:28:98:1e:f3:d0:af:b3:
7d:ea:b2:4a:b6:c7:7c:c6:a6:23:78:d8:c2:61:93:
a8:b9:43:18:35:2f:0a:c1:1d:41:8f:c5:12:c6:0a:
43:e4:5a:81:29:0b:ae:4f:f2:23:bc:95:1f:41:c0:
10:e2:59:39:58:56:72:f0:d3:1a:05:a2:c5:bd:c8:
54:9c:73:f9:de:e1:1f:7f:2b:08:99:a0:bd:c1:9d:
36:ee:f5:dd:05:52:b3:58:64:58:89:9c:0c:0d:1c:
1e:99:83:d6:d6:15:c8:df:ca:a0:12:8b:38:db:22:
a5:10:50:3e:21:c2:61:85:f5:62:8d:c3:8e:4b:cd:
05:d2:b5:fc:38:f5:72:42:0b:bf:b8:e2:d1:5b:3b:
b5:8f:7c:c9:ae:a9:58:d5:0b:15:1b:b8:13:7a:b7:
85:95:35:22:42:9f:85:72:48:bd:2a:e4:c2:1a:49:
74:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:EE:A2:A3:E2:E0:E9:BC:1B:9E:53:6B:72:62:8F:6C:BB:54:0D:9B
X509v3 Authority Key Identifier:
keyid:9E:56:3C:42:6D:1A:AE:4E:D1:E7:F5:95:36:74:90:22:08:9E:84:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nlY8Qm0ark7R5_WVNnSQIgiehHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/tu6io-Lg6bwbnlNrcmKPbLtUDZs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/55d595-d0bc-4ba2-80a0-afbcf366bb07/1/nlY8Qm0ark7R5_WVNnSQIgiehHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.133.0.0/19
82.199.160.0/19
194.110.176.0/20
194.112.0.0/20
212.17.160.0/19
213.204.32.0/19
IPv6:
2a00:5500::/32
Signature Algorithm: sha256WithRSAEncryption
14:2f:0f:ae:5f:bf:3b:0a:35:74:9b:9f:be:b4:5e:f5:a6:de:
95:89:97:29:6b:f7:66:70:a9:77:0c:33:9d:e1:71:e7:39:7b:
6c:66:36:d7:d9:86:28:65:4e:19:8b:7a:8f:bb:38:6e:4e:8a:
29:53:d6:8c:d5:c6:d4:08:36:47:c2:cc:00:5a:e1:95:77:21:
55:84:ab:a4:cc:ec:73:b3:a9:37:bc:27:c1:6c:c1:8f:37:81:
2d:9a:93:1d:32:9e:33:bb:36:3d:12:0b:a3:29:b9:16:a9:d4:
6b:c4:da:c5:e3:e0:9b:5d:0f:e6:b1:a1:53:f6:15:99:0f:45:
99:ba:fa:94:e1:6a:c7:d2:0b:74:ad:e7:37:6e:01:f2:0c:8d:
4b:2a:d2:5d:47:3d:05:8b:0f:74:39:e1:6a:eb:23:54:4d:e6:
77:94:f3:ab:47:97:94:50:da:de:4c:86:39:c4:d4:3e:0e:ce:
ad:fb:63:7b:87:fd:c6:73:b9:90:02:bb:c7:3f:14:aa:a2:77:
03:50:65:e3:fc:01:e3:ca:09:e6:21:d0:f0:e5:85:38:90:89:
bf:b8:c5:97:94:a4:d4:f2:1a:43:ed:33:d5:33:61:dc:3c:bd:
e0:02:9e:c7:58:f9:2c:22:fc:96:87:36:3d:a9:b0:67:f0:90:
7f:b8:d9:2c
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzHJvSirUOLjhqaVjbHxMo+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllNTYzYzQyNmQxYWFlNGVkMWU3ZjU5NTM2NzQ5MDIyMDg5
ZTg0NzkwHhcNMjQwMTAxMjIzMTA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmVlYTJhM2UyZTBlOWJjMWI5ZTUzNmI3MjYyOGY2Y2JiNTQwZDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtTvIChzYtdWgseb80hXH66qBv3cT
pVV4nYkY0WyZc1+9zC9LJy8vclU9Vsfps1DsPbZdnjx7QegwCqpWDs+Ek3IG9eTm
apA5PjO7QU03vaNGQCiYHvPQr7N96rJKtsd8xqYjeNjCYZOouUMYNS8KwR1Bj8US
xgpD5FqBKQuuT/IjvJUfQcAQ4lk5WFZy8NMaBaLFvchUnHP53uEffysImaC9wZ02
7vXdBVKzWGRYiZwMDRwemYPW1hXI38qgEos42yKlEFA+IcJhhfVijcOOS80F0rX8
OPVyQgu/uOLRWzu1j3zJrqlY1QsVG7gTereFlTUiQp+Fcki9KuTCGkl0YQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFLbuoqPi4Om8G55Ta3Jij2y7VA2bMB8GA1UdIwQY
MBaAFJ5WPEJtGq5O0ef1lTZ0kCIInoR5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbmxZOFFtMGFyazdSNV9XVk5uU1FJZ2llaEhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81NWQ1OTUtZDBiYy00YmEyLTgwYTAt
YWZiY2YzNjZiYjA3LzEvdHU2aW8tTGc2YndibmxOcmNtS1BiTHRVRFpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81NWQ1OTUtZDBiYy00YmEyLTgwYTAtYWZiY2YzNjZiYjA3
LzEvbmxZOFFtMGFyazdSNV9XVk5uU1FJZ2llaEhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQFT4UAAwQF
UsegAwQEwm6wAwQEwnAAAwQF1BGgAwQF1cwgMA0EAgACMAcDBQAqAFUAMA0GCSqG
SIb3DQEBCwUAA4IBAQAULw+uX787CjV0m5++tF71pt6ViZcpa/dmcKl3DDOd4XHn
OXtsZjbX2YYoZU4Zi3qPuzhuToopU9aM1cbUCDZHwswAWuGVdyFVhKukzOxzs6k3
vCfBbMGPN4EtmpMdMp4zuzY9EgujKbkWqdRrxNrF4+CbXQ/msaFT9hWZD0WZuvqU
4WrH0gt0rec3bgHyDI1LKtJdRz0Fiw90OeFq6yNUTeZ3lPOrR5eUUNreTIY5xNQ+
Ds6t+2N7h/3Gc7mQArvHPxSqoncDUGXj/AHjygnmIdDw5YU4kIm/uMWXlKTU8hpD
7TPVM2HcPL3gAp7HWPksIvyWhzY9qbBn8JB/uNks
-----END CERTIFICATE-----
Generated at Mon May 20 15:15:56 2024 by rpki-client on console-ams.rpki-client.org