Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/TfVLZB0kyyrOw2W3B_qZo8M_TqQ.roa
File: TfVLZB0kyyrOw2W3B_qZo8M_TqQ.roa (raw, json)
Hash identifier: rm0gvuhX6JEOaKuMrbDaaFEBQNkYVijJJmwOET6uXTs=
Subject key identifier: 4D:F5:4B:64:1D:24:CB:2A:CE:C3:65:B7:07:FA:99:A3:C3:3F:4E:A4
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 018CCA2A34FD919CFA21C72D25DBF752B520
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/TfVLZB0kyyrOw2W3B_qZo8M_TqQ.roa
Signing time: Tue 02 Jan 2024 12:33:32 +0000
ROA not before: Tue 02 Jan 2024 12:33:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198056
IP address blocks: 93.170.106.0/23 maxlen: 24
146.158.56.0/23 maxlen: 24
146.120.111.0/24 maxlen: 24
95.46.192.0/22 maxlen: 24
95.46.110.0/23 maxlen: 24
93.171.132.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.mft
rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:34:fd:91:9c:fa:21:c7:2d:25:db:f7:52:b5:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Jan 2 12:33:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4df54b641d24cb2acec365b707fa99a3c33f4ea4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:fa:f7:74:dc:e4:e8:21:2c:82:fa:93:1f:92:
2f:6b:cc:bd:7d:24:fe:d6:a0:37:99:d2:36:7a:aa:
b0:55:09:fb:20:11:8d:e1:e2:e8:98:2b:c2:f3:7e:
bc:44:ef:65:82:f3:6b:ed:b7:ed:42:38:84:db:ac:
71:bf:c7:19:05:4d:86:dc:a4:bf:a9:cf:38:b2:a7:
84:b6:13:16:c8:73:3f:30:3a:6e:37:03:80:ed:2e:
2a:78:63:b4:08:bf:16:aa:1a:d3:45:8d:08:a1:f5:
3c:a6:49:5b:af:1e:b2:21:e8:1b:1b:9d:df:28:3a:
a0:57:57:52:64:9e:2c:07:94:2e:ac:4e:15:8e:10:
0c:40:5f:00:39:07:53:32:79:7f:30:cb:61:35:4e:
25:cb:13:0d:38:59:58:8f:4c:99:29:08:f2:5a:17:
21:a8:af:23:cb:b7:d9:07:98:01:45:fa:65:ea:1a:
ec:dd:ab:d9:70:68:0a:5d:8c:13:3e:10:91:4c:eb:
63:13:80:ab:ea:64:97:37:a0:d1:d2:cd:8b:80:1a:
68:d8:19:c5:da:2e:e8:a5:f1:37:43:5a:21:3f:64:
05:ee:46:53:e6:a6:07:df:cd:22:35:09:74:81:bc:
90:98:61:1d:cf:86:d7:4a:7f:fe:40:b4:9f:fc:8f:
f6:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:F5:4B:64:1D:24:CB:2A:CE:C3:65:B7:07:FA:99:A3:C3:3F:4E:A4
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/TfVLZB0kyyrOw2W3B_qZo8M_TqQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.170.106.0/23
93.171.132.0/23
95.46.110.0/23
95.46.192.0/22
146.120.111.0/24
146.158.56.0/23
Signature Algorithm: sha256WithRSAEncryption
4c:7e:8c:65:77:4e:7b:a7:e9:eb:f1:10:da:42:cc:68:2c:8b:
bc:08:4f:d8:96:1b:63:13:e9:29:7a:4d:72:6a:9f:07:db:0c:
72:bc:1a:c8:ce:17:e0:30:07:de:07:c7:de:03:03:f9:1b:cf:
e1:b0:a5:e3:5a:2a:dd:ef:01:93:27:4e:42:df:dc:78:e1:ef:
b6:b1:80:40:cf:6d:4f:46:58:8c:f6:46:bf:ea:2b:74:bb:34:
a6:e4:d9:c7:9d:b2:ef:51:0e:00:70:d1:c3:9a:c4:7c:1d:70:
92:2e:53:97:5f:9b:eb:06:ae:b9:1e:08:46:34:bb:eb:23:0c:
21:28:51:29:71:68:04:e2:4b:2e:03:68:03:41:c4:ed:7b:2c:
6e:e0:b4:ea:ba:88:10:71:77:a1:ac:ed:dd:fd:5c:8c:96:7e:
fe:33:86:c3:ec:e0:4c:98:ef:c4:7f:88:df:bd:69:e5:d6:fd:
be:44:41:18:fb:40:17:83:0e:e2:68:32:4a:34:7f:2d:3b:19:
08:ca:d8:9a:94:6d:a1:ef:1c:ff:e4:96:92:64:14:50:4b:9c:
59:68:cd:e5:e4:fd:40:20:e3:4b:d1:1b:d0:3b:b0:b7:92:1c:
3f:a9:5d:d3:a9:d4:79:33:18:63:c6:8a:d0:6f:50:2c:34:6a:
96:3e:b7:87
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzKKjT9kZz6IcctJdv3UrUgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjQwMTAyMTIzMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGY1NGI2NDFkMjRjYjJhY2VjMzY1YjcwN2ZhOTlhM2MzM2Y0ZWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfr3dNzk6CEsgvqTH5Iva8y9fST+
1qA3mdI2eqqwVQn7IBGN4eLomCvC8368RO9lgvNr7bftQjiE26xxv8cZBU2G3KS/
qc84sqeEthMWyHM/MDpuNwOA7S4qeGO0CL8WqhrTRY0IofU8pklbrx6yIegbG53f
KDqgV1dSZJ4sB5QurE4VjhAMQF8AOQdTMnl/MMthNU4lyxMNOFlYj0yZKQjyWhch
qK8jy7fZB5gBRfpl6hrs3avZcGgKXYwTPhCRTOtjE4Cr6mSXN6DR0s2LgBpo2BnF
2i7opfE3Q1ohP2QF7kZT5qYH380iNQl0gbyQmGEdz4bXSn/+QLSf/I/2TwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFE31S2QdJMsqzsNltwf6maPDP06kMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvVGZWTFpCMGt5eXJPdzJXM0JfcVpvOE1fVHFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQBXapqAwQB
XauEAwQBXy5uAwQCXy7AAwQAknhvAwQBkp44MA0GCSqGSIb3DQEBCwUAA4IBAQBM
foxld057p+nr8RDaQsxoLIu8CE/YlhtjE+kpek1yap8H2wxyvBrIzhfgMAfeB8fe
AwP5G8/hsKXjWird7wGTJ05C39x44e+2sYBAz21PRliM9ka/6it0uzSm5NnHnbLv
UQ4AcNHDmsR8HXCSLlOXX5vrBq65HghGNLvrIwwhKFEpcWgE4ksuA2gDQcTteyxu
4LTquogQcXehrO3d/VyMln7+M4bD7OBMmO/Ef4jfvWnl1v2+REEY+0AXgw7iaDJK
NH8tOxkIytialG2h7xz/5JaSZBRQS5xZaM3l5P1AIONL0RvQO7C3khw/qV3TqdR5
MxhjxorQb1AsNGqWPreH
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:30:08 2024 by rpki-client on console-fra.rpki-client.org