Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/txKsDbfpEY9_-loDXYPleoL78E4.roa
File: txKsDbfpEY9_-loDXYPleoL78E4.roa (raw, json)
Hash identifier: nr7/91Si4/x3oCOM530wP1qNnyYqXG1mxgnvQ1eKjXo=
Subject key identifier: B7:12:AC:0D:B7:E9:11:8F:7F:FA:5A:03:5D:83:E5:7A:82:FB:F0:4E
Certificate issuer: /CN=4c8a7886662254be39ea1add72728e000eb2c25a
Certificate serial: 018CC8DF4AEDA0FD591FB2D8F698616294E2
Authority key identifier: 4C:8A:78:86:66:22:54:BE:39:EA:1A:DD:72:72:8E:00:0E:B2:C2:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TIp4hmYiVL456hrdcnKOAA6ywlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/txKsDbfpEY9_-loDXYPleoL78E4.roa
Signing time: Tue 02 Jan 2024 06:32:06 +0000
ROA not before: Tue 02 Jan 2024 06:32:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 39706
IP address blocks: 82.113.124.0/22 maxlen: 22
82.113.121.128/25 maxlen: 25
82.113.121.0/25 maxlen: 25
89.204.130.0/24 maxlen: 24
89.204.128.0/21 maxlen: 21
89.204.128.0/19 maxlen: 19
89.204.135.0/24 maxlen: 24
89.204.144.0/21 maxlen: 21
82.113.96.0/20 maxlen: 20
82.113.96.0/19 maxlen: 19
82.113.112.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/TIp4hmYiVL456hrdcnKOAA6ywlo.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/TIp4hmYiVL456hrdcnKOAA6ywlo.mft
rsync://rpki.ripe.net/repository/DEFAULT/TIp4hmYiVL456hrdcnKOAA6ywlo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:4a:ed:a0:fd:59:1f:b2:d8:f6:98:61:62:94:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c8a7886662254be39ea1add72728e000eb2c25a
Validity
Not Before: Jan 2 06:32:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b712ac0db7e9118f7ffa5a035d83e57a82fbf04e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:4b:2a:b3:0e:85:c6:cd:8c:f2:3a:0f:bd:24:
e9:08:25:5f:85:01:37:69:ee:4d:ff:e2:4d:82:07:
c4:24:72:bf:7a:93:21:ad:cd:47:fa:db:27:4c:13:
5b:85:da:97:f3:ea:38:39:9e:d6:65:d5:0c:42:96:
53:97:72:30:06:3c:d9:06:df:e0:3a:ac:4b:98:f9:
d5:eb:72:6b:86:67:29:17:32:c9:02:b9:2a:8a:4e:
2a:ac:45:32:8f:0b:dd:04:ef:21:fc:6d:1e:7e:04:
c3:73:c5:c4:5f:2c:96:d6:2d:8d:d6:2e:c2:8b:a4:
52:fd:15:80:f9:d2:2e:58:0d:be:c7:87:37:5b:1f:
83:27:81:ca:81:ef:5e:76:2c:64:91:b7:06:1a:a5:
fa:5c:3e:60:c2:0c:a9:b9:c5:ea:31:f7:3f:fe:a8:
40:ff:79:95:10:77:d3:d0:0f:cd:33:1f:a0:0f:08:
76:28:89:79:af:41:b2:19:1b:75:ac:08:b1:35:12:
33:ea:1c:cc:3d:66:d8:85:8b:7d:78:6a:8e:b6:64:
fa:c1:3c:b1:b1:67:87:59:cf:19:0e:7c:30:9a:84:
ec:59:6f:55:a3:f1:8d:45:00:0c:f9:eb:df:e5:6d:
25:9e:91:e9:4a:0e:b4:6a:e5:c7:5d:b6:42:c7:94:
10:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:12:AC:0D:B7:E9:11:8F:7F:FA:5A:03:5D:83:E5:7A:82:FB:F0:4E
X509v3 Authority Key Identifier:
keyid:4C:8A:78:86:66:22:54:BE:39:EA:1A:DD:72:72:8E:00:0E:B2:C2:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TIp4hmYiVL456hrdcnKOAA6ywlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/txKsDbfpEY9_-loDXYPleoL78E4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/5687c1-df9f-4ae5-a4cc-ec03ebd19000/1/TIp4hmYiVL456hrdcnKOAA6ywlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.113.96.0/19
89.204.128.0/19
Signature Algorithm: sha256WithRSAEncryption
67:b2:6a:f2:62:d7:e2:f5:90:00:a9:c3:b9:10:23:ee:9b:fd:
99:6f:ed:c1:8a:8e:f5:70:e4:bf:2e:b9:84:86:dd:1f:9b:f1:
95:0d:94:93:f6:a5:f9:03:ac:52:af:66:d2:ff:9e:0d:9d:9b:
12:16:07:ec:b0:6a:a0:7a:24:06:db:a2:8c:52:4e:cd:36:b7:
7b:16:07:12:9a:48:fe:38:ab:b8:df:b0:a4:56:3a:c2:84:00:
fd:88:30:a6:22:53:75:ff:5d:69:2c:60:ba:05:54:03:10:5b:
e3:2d:c2:37:8e:92:d3:78:f9:61:98:84:af:68:6f:fe:79:70:
61:0f:86:0a:87:0c:f4:45:5f:df:be:6b:da:89:86:4f:46:07:
7e:b4:f9:13:85:40:0e:3e:7c:63:9e:27:bd:24:a5:8e:a2:00:
eb:71:2a:a0:e7:22:88:a0:0a:f0:3b:68:66:75:9c:1e:8e:5e:
e8:e9:47:01:29:c7:3d:fd:30:01:0f:8c:d3:0a:35:e9:18:90:
5e:b1:21:72:aa:f7:24:fd:91:17:a2:ef:a7:06:33:a5:8e:90:
16:e3:c3:73:c6:0b:6d:84:1c:eb:69:fc:ed:f5:31:cb:6d:82:
99:4b:03:f0:6e:10:52:42:fc:90:c1:48:40:9e:8e:47:cf:9d:
18:e5:5a:ca
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzI30rtoP1ZH7LY9phhYpTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOGE3ODg2NjYyMjU0YmUzOWVhMWFkZDcyNzI4ZTAwMGVi
MmMyNWEwHhcNMjQwMTAyMDYzMjA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzEyYWMwZGI3ZTkxMThmN2ZmYTVhMDM1ZDgzZTU3YTgyZmJmMDRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj0sqsw6Fxs2M8joPvSTpCCVfhQE3
ae5N/+JNggfEJHK/epMhrc1H+tsnTBNbhdqX8+o4OZ7WZdUMQpZTl3IwBjzZBt/g
OqxLmPnV63JrhmcpFzLJArkqik4qrEUyjwvdBO8h/G0efgTDc8XEXyyW1i2N1i7C
i6RS/RWA+dIuWA2+x4c3Wx+DJ4HKge9edixkkbcGGqX6XD5gwgypucXqMfc//qhA
/3mVEHfT0A/NMx+gDwh2KIl5r0GyGRt1rAixNRIz6hzMPWbYhYt9eGqOtmT6wTyx
sWeHWc8ZDnwwmoTsWW9Vo/GNRQAM+evf5W0lnpHpSg60auXHXbZCx5QQQQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLcSrA236RGPf/paA12D5XqC+/BOMB8GA1UdIwQY
MBaAFEyKeIZmIlS+Oeoa3XJyjgAOssJaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVElwNGhtWWlWTDQ1NmhyZGNuS09BQTZ5d2xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81Njg3YzEtZGY5Zi00YWU1LWE0Y2Mt
ZWMwM2ViZDE5MDAwLzEvdHhLc0RiZnBFWTlfLWxvRFhZUGxlb0w3OEU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81Njg3YzEtZGY5Zi00YWU1LWE0Y2MtZWMwM2ViZDE5MDAw
LzEvVElwNGhtWWlWTDQ1NmhyZGNuS09BQTZ5d2xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQFUnFgAwQF
WcyAMA0GCSqGSIb3DQEBCwUAA4IBAQBnsmryYtfi9ZAAqcO5ECPum/2Zb+3Bio71
cOS/LrmEht0fm/GVDZST9qX5A6xSr2bS/54NnZsSFgfssGqgeiQG26KMUk7NNrd7
FgcSmkj+OKu437CkVjrChAD9iDCmIlN1/11pLGC6BVQDEFvjLcI3jpLTePlhmISv
aG/+eXBhD4YKhwz0RV/fvmvaiYZPRgd+tPkThUAOPnxjnie9JKWOogDrcSqg5yKI
oArwO2hmdZwejl7o6UcBKcc9/TABD4zTCjXpGJBesSFyqvck/ZEXou+nBjOljpAW
48NzxgtthBzrafzt9THLbYKZSwPwbhBSQvyQwUhAno5Hz50Y5VrK
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:15:26 2024 by rpki-client on console-fra.rpki-client.org