Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/tkRckDn3tbkV_yhfIUFgEoZNbBM.roa
File: tkRckDn3tbkV_yhfIUFgEoZNbBM.roa (raw, json)
Hash identifier: F4LNTnDAVxhKAp0PbHtjiPNxaXr50xcoqORfCEqHbm8=
Subject key identifier: B6:44:5C:90:39:F7:B5:B9:15:FF:28:5F:21:41:60:12:86:4D:6C:13
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0190C5E6C93CEA8512C8CC085950936CAC03
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/tkRckDn3tbkV_yhfIUFgEoZNbBM.roa
Signing time: Thu 18 Jul 2024 12:52:34 +0000
ROA not before: Thu 18 Jul 2024 12:52:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 213274
IP address blocks: 188.132.216.0/24 maxlen: 24
188.132.217.0/24 maxlen: 24
188.132.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:c5:e6:c9:3c:ea:85:12:c8:cc:08:59:50:93:6c:ac:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Jul 18 12:52:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6445c9039f7b5b915ff285f21416012864d6c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:60:a4:d1:aa:b2:4b:4b:25:72:35:38:1b:71:
74:d9:22:df:32:be:76:b7:97:ea:3b:f9:84:d6:81:
14:4b:af:64:05:58:a1:24:7e:50:4c:1f:f6:0a:94:
f0:b4:54:b3:94:5b:43:dc:cc:3e:ab:ae:bc:1c:19:
86:bb:87:7a:b2:ea:2a:02:51:97:84:e7:fc:37:37:
8d:9a:e6:4a:26:ab:2e:9f:54:27:71:2c:8f:cf:d1:
2a:e6:41:5c:83:7d:c9:c8:1b:4f:84:14:6c:21:33:
3a:68:f6:4f:ff:bc:fe:f3:1a:94:89:d0:b2:51:b5:
ee:6f:c5:6c:06:be:d8:1f:d4:5d:fd:0b:10:64:ec:
20:99:13:87:44:0e:78:bf:dc:97:c2:cf:e8:bd:a8:
5b:b2:77:1e:00:39:f5:69:1b:ad:42:d1:54:cd:1e:
8d:e7:89:2d:da:69:aa:4a:fb:cd:5b:e2:b9:c4:42:
c3:39:5c:05:9a:58:40:1a:76:fa:2c:a7:9d:61:b3:
64:85:69:3b:48:4a:2a:dc:56:90:40:99:7d:6c:15:
7f:9a:12:0a:68:7d:75:77:4d:bd:e9:9c:44:f5:9f:
f6:f6:b8:1f:df:e0:9a:67:96:2a:00:be:1b:7f:02:
fb:9e:c0:91:68:4d:fe:0d:76:19:c1:7e:e2:3f:2c:
38:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:44:5C:90:39:F7:B5:B9:15:FF:28:5F:21:41:60:12:86:4D:6C:13
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/tkRckDn3tbkV_yhfIUFgEoZNbBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.132.216.0-188.132.218.255
Signature Algorithm: sha256WithRSAEncryption
7c:e9:ad:8a:02:a1:f8:2e:0f:0e:da:dd:05:f5:69:c4:49:90:
63:b2:02:a5:9d:09:d2:6f:be:60:8d:e0:b5:89:70:e8:62:c5:
4e:e9:f4:34:1b:f3:d0:73:f2:e0:b2:c8:21:f1:81:89:9b:65:
58:e1:e8:ee:10:6e:85:0c:12:bb:d6:08:c1:ee:de:ff:b7:75:
b6:05:9c:59:f6:54:a3:7d:7f:1a:94:fb:26:2a:54:8b:06:9f:
2a:32:9c:a2:7a:ee:aa:f6:92:8f:dd:15:22:90:87:47:37:27:
50:04:c4:6e:57:bc:32:dc:4b:0d:a6:30:20:cb:ea:18:60:eb:
48:00:66:56:c0:9f:5e:d3:a0:43:93:13:e9:c4:35:fe:4d:63:
42:1e:54:ae:09:3a:06:83:38:85:d7:6e:ee:d8:75:d0:b6:cd:
0d:e4:1a:54:85:b5:a4:dc:f8:6f:3a:50:d5:c4:7f:9b:71:af:
f2:e5:43:0c:35:9f:62:95:d8:c5:78:d8:b8:ab:a2:2e:6a:bd:
8b:aa:86:8a:c9:5e:84:2b:a2:87:b7:93:58:a0:c1:8d:3e:93:
0f:39:90:39:b1:d2:db:26:96:eb:e7:c4:44:6c:de:69:36:10:
9e:b4:3d:47:c7:59:d2:7e:ea:f2:11:08:4c:73:f0:ef:d6:ae:
76:a0:bc:d3
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZDF5sk86oUSyMwIWVCTbKwDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjQwNzE4MTI1MjM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjQ0NWM5MDM5ZjdiNWI5MTVmZjI4NWYyMTQxNjAxMjg2NGQ2YzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WCk0aqyS0slcjU4G3F02SLfMr52
t5fqO/mE1oEUS69kBVihJH5QTB/2CpTwtFSzlFtD3Mw+q668HBmGu4d6suoqAlGX
hOf8NzeNmuZKJqsun1QncSyPz9Eq5kFcg33JyBtPhBRsITM6aPZP/7z+8xqUidCy
UbXub8VsBr7YH9Rd/QsQZOwgmROHRA54v9yXws/ovahbsnceADn1aRutQtFUzR6N
54kt2mmqSvvNW+K5xELDOVwFmlhAGnb6LKedYbNkhWk7SEoq3FaQQJl9bBV/mhIK
aH11d0296ZxE9Z/29rgf3+CaZ5YqAL4bfwL7nsCRaE3+DXYZwX7iPyw4rQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFLZEXJA597W5Ff8oXyFBYBKGTWwTMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvdGtSY2tEbjN0YmtWX3loZklVRmdFb1pOYkJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO8hNgD
BAC8hNowDQYJKoZIhvcNAQELBQADggEBAHzprYoCofguDw7a3QX1acRJkGOyAqWd
CdJvvmCN4LWJcOhixU7p9DQb89Bz8uCyyCHxgYmbZVjh6O4QboUMErvWCMHu3v+3
dbYFnFn2VKN9fxqU+yYqVIsGnyoynKJ67qr2ko/dFSKQh0c3J1AExG5XvDLcSw2m
MCDL6hhg60gAZlbAn17ToEOTE+nENf5NY0IeVK4JOgaDOIXXbu7YddC2zQ3kGlSF
taTc+G86UNXEf5txr/LlQww1n2KV2MV42Liroi5qvYuqhorJXoQrooe3k1igwY0+
kw85kDmx0tsmluvnxERs3mk2EJ60PUfHWdJ+6vIRCExz8O/WrnagvNM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:12:55 2024 by rpki-client on console-fra.rpki-client.org