Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/tXpZEBraETuRlZe-_hK2AkwiY3c.roa
File: tXpZEBraETuRlZe-_hK2AkwiY3c.roa (raw, json)
Hash identifier: 4ykNe4GUo9RhbPC8ECGoP8qXHucgOmsrHEXJoOlK+uc=
Subject key identifier: B5:7A:59:10:1A:DA:11:3B:91:95:97:BE:FE:12:B6:02:4C:22:63:77
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 018FDD36CF237982AA347A34E4FBD2C2AC4A
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/tXpZEBraETuRlZe-_hK2AkwiY3c.roa
Signing time: Mon 03 Jun 2024 08:28:27 +0000
ROA not before: Mon 03 Jun 2024 08:28:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201337
IP address blocks: 84.236.137.0/24 maxlen: 24
84.236.184.0/24 maxlen: 24
84.236.189.0/24 maxlen: 24
178.156.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:dd:36:cf:23:79:82:aa:34:7a:34:e4:fb:d2:c2:ac:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jun 3 08:28:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b57a59101ada113b919597befe12b6024c226377
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:3e:7e:54:0d:6e:b9:38:26:79:8e:e8:22:b3:
f6:0f:7e:34:65:eb:a8:70:d6:de:a0:e6:9b:d4:f3:
d6:80:1a:e5:71:41:1a:cd:9d:1f:f2:b7:e0:89:d2:
69:d8:38:e9:f0:7c:b6:75:19:2c:e8:f6:35:f1:87:
9e:78:47:cc:4f:99:57:c7:18:b8:1b:3c:97:0e:bf:
af:fa:09:eb:70:a9:19:51:a6:1d:bf:3c:3b:ec:91:
a2:5d:a6:11:b3:96:83:d3:2d:2b:bb:db:d4:a7:be:
9c:ea:8f:a5:6f:3f:20:14:97:40:c9:d7:c3:35:e3:
fc:d7:4e:a5:c8:63:90:57:5b:10:27:4a:d1:cd:7c:
82:aa:65:6e:a1:96:5d:df:5a:3a:63:b4:8d:15:07:
5a:66:bb:4a:c8:f3:55:e3:31:03:97:91:0d:94:5b:
37:87:f4:b6:3f:df:d1:ae:9b:66:4e:4c:b0:a4:c4:
d0:c3:c7:92:fe:41:4c:6a:02:80:3f:e0:5e:b5:bc:
43:93:c1:e5:42:e9:d4:61:65:25:07:6c:f7:e3:90:
c4:1c:f2:db:f0:75:da:61:87:2e:73:ef:d8:d5:c0:
05:73:56:b8:da:06:53:3a:4d:0a:a1:91:71:61:89:
a8:34:1f:0c:cd:7d:6a:84:a8:6e:c8:86:73:6b:75:
b8:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:7A:59:10:1A:DA:11:3B:91:95:97:BE:FE:12:B6:02:4C:22:63:77
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/tXpZEBraETuRlZe-_hK2AkwiY3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.236.137.0/24
84.236.184.0/24
84.236.189.0/24
178.156.75.0/24
Signature Algorithm: sha256WithRSAEncryption
4e:60:88:fb:17:5d:f5:33:09:8a:91:2f:61:dd:79:ba:df:15:
5c:f0:58:c9:03:03:e2:77:d8:4c:3a:d9:00:ec:07:7a:f5:c5:
93:8a:23:bf:27:34:84:94:68:ce:1e:cc:73:50:16:1d:37:85:
f1:0d:ca:4e:ba:a6:ec:4f:43:a0:cd:e2:30:1f:b1:80:e9:a7:
5b:52:8a:ee:15:b6:61:f9:1e:3e:94:03:05:bd:db:6e:2f:d5:
08:72:62:81:11:a1:f0:9a:e4:76:03:27:6e:02:72:08:a6:21:
06:83:e4:ac:ed:51:6e:3c:8f:20:d3:86:50:f3:8b:14:41:65:
cc:de:c2:ff:e6:02:23:92:26:51:20:ba:80:fa:57:1a:de:27:
9a:48:79:27:73:e2:f2:00:cb:6b:23:0a:3e:26:db:0f:71:ef:
ae:5d:1d:10:58:a5:15:a4:f6:6c:9e:d8:1e:5e:b6:24:d1:90:
c2:b5:cc:f9:88:0b:54:8d:c7:6e:af:b0:f8:e5:77:b1:da:33:
5f:ee:c1:c0:37:30:2b:74:81:1c:ef:92:e4:23:ac:0d:97:51:
9a:ca:8c:da:3b:9c:1f:88:a8:5c:5d:e7:93:5c:8d:f4:79:6a:
94:10:3f:b3:57:7c:26:19:7d:e4:bf:70:29:12:06:94:e1:51:
f2:d2:ce:ba
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAY/dNs8jeYKqNHo05PvSwqxKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjQwNjAzMDgyODI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTdhNTkxMDFhZGExMTNiOTE5NTk3YmVmZTEyYjYwMjRjMjI2Mzc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiT5+VA1uuTgmeY7oIrP2D340Zeuo
cNbeoOab1PPWgBrlcUEazZ0f8rfgidJp2Djp8Hy2dRks6PY18YeeeEfMT5lXxxi4
GzyXDr+v+gnrcKkZUaYdvzw77JGiXaYRs5aD0y0ru9vUp76c6o+lbz8gFJdAydfD
NeP8106lyGOQV1sQJ0rRzXyCqmVuoZZd31o6Y7SNFQdaZrtKyPNV4zEDl5ENlFs3
h/S2P9/RrptmTkywpMTQw8eS/kFMagKAP+BetbxDk8HlQunUYWUlB2z345DEHPLb
8HXaYYcuc+/Y1cAFc1a42gZTOk0KoZFxYYmoNB8MzX1qhKhuyIZza3W4KwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLV6WRAa2hE7kZWXvv4StgJMImN3MB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvdFhwWkVCcmFFVHVSbFplLV9oSzJBa3dpWTNjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAVOyJAwQA
VOy4AwQAVOy9AwQAspxLMA0GCSqGSIb3DQEBCwUAA4IBAQBOYIj7F131MwmKkS9h
3Xm63xVc8FjJAwPid9hMOtkA7Ad69cWTiiO/JzSElGjOHsxzUBYdN4XxDcpOuqbs
T0OgzeIwH7GA6adbUoruFbZh+R4+lAMFvdtuL9UIcmKBEaHwmuR2AyduAnIIpiEG
g+Ss7VFuPI8g04ZQ84sUQWXM3sL/5gIjkiZRILqA+lca3ieaSHknc+LyAMtrIwo+
JtsPce+uXR0QWKUVpPZsntgeXrYk0ZDCtcz5iAtUjcdur7D45Xex2jNf7sHANzAr
dIEc75LkI6wNl1GayozaO5wfiKhcXeeTXI30eWqUED+zV3wmGX3kv3ApEgaU4VHy
0s66
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:18:56 2024 by rpki-client on console-fra.rpki-client.org