Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/TfBSYSJ2cJRA_ijHKmnV5TrUbpQ.roa
File: TfBSYSJ2cJRA_ijHKmnV5TrUbpQ.roa (raw, json)
Hash identifier: DOIwLHwfW1GLXF7aeAw3kKRT4za2AMdqqkCHaYW3+5c=
Subject key identifier: 4D:F0:52:61:22:76:70:94:40:FE:28:C7:2A:69:D5:E5:3A:D4:6E:94
Certificate issuer: /CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Certificate serial: 0191DAF749C6DF99FB3C22558A21CBC1A96E
Authority key identifier: 05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/TfBSYSJ2cJRA_ijHKmnV5TrUbpQ.roa
Signing time: Tue 10 Sep 2024 08:05:24 +0000
ROA not before: Tue 10 Sep 2024 08:05:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31479
IP address blocks: 89.42.71.0/24 maxlen: 24
89.45.209.0/24 maxlen: 24
178.19.32.0/24 maxlen: 24
178.19.33.0/24 maxlen: 24
185.28.48.0/23 maxlen: 23
201.77.58.0/24 maxlen: 24
2001:4030::/32 maxlen: 32
2001:4030:16::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.mft
rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:da:f7:49:c6:df:99:fb:3c:22:55:8a:21:cb:c1:a9:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0534c49fcfa8a45041d95ed4d8d4fc69c727a467
Validity
Not Before: Sep 10 08:05:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4df052612276709440fe28c72a69d5e53ad46e94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:ee:fb:28:df:ca:6b:81:c1:28:46:86:47:f4:
fb:3c:f3:af:9d:b8:80:d9:32:fc:24:25:1f:23:2b:
23:09:f3:01:5d:48:bc:63:96:67:62:e3:ae:c0:4a:
5f:b5:62:06:67:1c:f5:76:63:f3:f1:f9:ec:e4:41:
c8:12:23:a0:1c:81:71:a1:af:cd:86:33:25:7d:8b:
61:6b:ff:89:68:ed:a6:39:13:8e:77:b6:d4:52:c6:
ce:87:01:3b:56:dc:41:19:a2:a4:fe:a9:8e:fa:d0:
ae:02:01:80:55:c6:d4:97:ef:02:c2:59:48:81:29:
bd:9c:92:9f:9f:78:e4:1b:80:ec:16:13:55:b4:5e:
ef:29:23:ca:8b:a0:10:95:8b:14:c1:c7:81:c2:87:
17:5e:cd:1b:09:49:d5:4e:a2:d6:3e:44:83:6b:4b:
0c:5e:d2:10:04:17:8c:9c:ef:ed:e2:70:93:9e:59:
4b:33:d6:80:bb:f6:21:fc:78:82:84:3e:dc:d4:cc:
c7:58:91:e3:af:f6:3f:01:a4:96:18:f4:d2:b7:4f:
04:d5:b4:93:60:0e:0f:46:29:7b:29:8c:a8:3f:49:
67:f3:0f:93:b7:e5:fb:90:47:7f:d8:b5:d3:18:0f:
a7:7e:a8:1c:de:cf:60:e5:0e:25:04:5b:ce:95:cd:
77:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:F0:52:61:22:76:70:94:40:FE:28:C7:2A:69:D5:E5:3A:D4:6E:94
X509v3 Authority Key Identifier:
keyid:05:34:C4:9F:CF:A8:A4:50:41:D9:5E:D4:D8:D4:FC:69:C7:27:A4:67
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BTTEn8-opFBB2V7U2NT8accnpGc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/TfBSYSJ2cJRA_ijHKmnV5TrUbpQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/0ccbda-d6f1-4527-8106-cd7e06cbb531/1/BTTEn8-opFBB2V7U2NT8accnpGc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.42.71.0/24
89.45.209.0/24
178.19.32.0/23
185.28.48.0/23
201.77.58.0/24
IPv6:
2001:4030::/32
Signature Algorithm: sha256WithRSAEncryption
8a:b9:47:c2:c7:ce:c3:58:51:56:cc:17:2f:7e:f9:95:70:62:
99:8a:08:1d:37:f5:40:b3:2c:e8:b8:67:65:16:79:0a:26:d7:
e1:9a:d0:bb:ed:64:84:37:f1:c7:72:b4:5d:c9:d7:09:9a:86:
f6:0e:8a:0a:5a:fe:d2:ee:fa:57:76:b6:ea:3b:4d:20:7b:f1:
7c:77:59:76:df:b0:86:88:30:8f:a2:06:20:9d:10:0c:12:92:
be:9d:92:73:8d:d0:44:60:65:7e:ac:43:13:85:6b:b2:0f:d5:
26:84:b5:e1:33:c7:25:ff:ae:6a:41:03:d2:af:06:04:0e:b7:
03:3d:6a:01:a2:8e:3c:f5:31:f2:83:7e:a6:c4:d4:48:24:21:
c8:7b:af:df:89:21:77:4b:fb:56:1d:14:6d:50:e1:7a:b0:48:
3c:23:6d:ae:63:ce:aa:b0:6a:04:d4:6f:2f:6f:38:1a:85:ce:
1c:7b:8f:4b:1d:ba:b5:67:d9:ee:b4:ba:dd:bc:d5:b5:28:d2:
89:b9:0c:45:c4:2c:d3:68:66:f1:7a:b4:10:a3:73:ca:e9:b2:
3e:f2:de:2a:7a:f2:46:05:4b:7e:81:7e:65:be:c5:bd:2f:bb:
f1:fe:a8:e9:56:1f:40:49:cd:b7:c3:9a:9a:4f:aa:19:b2:f7:
89:4a:bb:bf
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZHa90nG35n7PCJViiHLwaluMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MzRjNDlmY2ZhOGE0NTA0MWQ5NWVkNGQ4ZDRmYzY5Yzcy
N2E0NjcwHhcNMjQwOTEwMDgwNTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGYwNTI2MTIyNzY3MDk0NDBmZTI4YzcyYTY5ZDVlNTNhZDQ2ZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArO77KN/Ka4HBKEaGR/T7PPOvnbiA
2TL8JCUfIysjCfMBXUi8Y5ZnYuOuwEpftWIGZxz1dmPz8fns5EHIEiOgHIFxoa/N
hjMlfYtha/+JaO2mOROOd7bUUsbOhwE7VtxBGaKk/qmO+tCuAgGAVcbUl+8CwllI
gSm9nJKfn3jkG4DsFhNVtF7vKSPKi6AQlYsUwceBwocXXs0bCUnVTqLWPkSDa0sM
XtIQBBeMnO/t4nCTnllLM9aAu/Yh/HiChD7c1MzHWJHjr/Y/AaSWGPTSt08E1bST
YA4PRil7KYyoP0ln8w+Tt+X7kEd/2LXTGA+nfqgc3s9g5Q4lBFvOlc13hQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFE3wUmEidnCUQP4oxypp1eU61G6UMB8GA1UdIwQY
MBaAFAU0xJ/PqKRQQdle1NjU/GnHJ6RnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYt
Y2Q3ZTA2Y2JiNTMxLzEvVGZCU1lTSjJjSlJBX2lqSEttblY1VHJVYnBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS8wY2NiZGEtZDZmMS00NTI3LTgxMDYtY2Q3ZTA2Y2JiNTMx
LzEvQlRURW44LW9wRkJCMlY3VTJOVDhhY2NucEdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQAWSpHAwQA
WS3RAwQBshMgAwQBuRwwAwQAyU06MA0EAgACMAcDBQAgAUAwMA0GCSqGSIb3DQEB
CwUAA4IBAQCKuUfCx87DWFFWzBcvfvmVcGKZiggdN/VAsyzouGdlFnkKJtfhmtC7
7WSEN/HHcrRdydcJmob2DooKWv7S7vpXdrbqO00ge/F8d1l237CGiDCPogYgnRAM
EpK+nZJzjdBEYGV+rEMThWuyD9UmhLXhM8cl/65qQQPSrwYEDrcDPWoBoo489THy
g36mxNRIJCHIe6/fiSF3S/tWHRRtUOF6sEg8I22uY86qsGoE1G8vbzgahc4ce49L
Hbq1Z9nutLrdvNW1KNKJuQxFxCzTaGbxerQQo3PK6bI+8t4qevJGBUt+gX5lvsW9
L7vx/qjpVh9ASc23w5qaT6oZsveJSru/
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:25:56 2024 by rpki-client on console-ams.rpki-client.org