Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/tIYBkjX5XLRBAF-HZiXltzRrIy4.roa
File: tIYBkjX5XLRBAF-HZiXltzRrIy4.roa (raw, json)
Hash identifier: tQRZYuzpnpyjygnSMvVJ7XIX29aFWEsTgqHjFJtOsbI=
Subject key identifier: B4:86:01:92:35:F9:5C:B4:41:00:5F:87:66:25:E5:B7:34:6B:23:2E
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0191487CBD490749793F99D45297EBCADDA6
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/tIYBkjX5XLRBAF-HZiXltzRrIy4.roa
Signing time: Mon 12 Aug 2024 21:27:00 +0000
ROA not before: Mon 12 Aug 2024 21:27:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43278
IP address blocks: 5.42.211.0/24 maxlen: 24
212.46.36.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 15:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:48:7c:bd:49:07:49:79:3f:99:d4:52:97:eb:ca:dd:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 12 21:27:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b486019235f95cb441005f876625e5b7346b232e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:26:90:85:00:e2:f3:23:1b:d6:32:56:17:8f:
d5:e5:3c:e4:a2:18:0e:86:f7:cf:47:70:b9:72:2e:
e7:6b:45:6f:31:a3:91:c9:c9:77:e7:74:db:83:b3:
da:dc:cd:ff:82:20:28:0e:9d:29:44:26:43:df:33:
7f:03:29:e6:5b:6e:b1:3e:38:f7:1b:93:89:6c:8d:
cb:5d:53:b2:76:cf:6b:3b:07:06:7b:9f:03:61:d8:
24:64:c4:63:76:1b:43:16:f2:da:a8:b5:c3:08:d7:
07:fb:ee:a2:cd:a4:fc:8e:20:bb:6e:a6:3e:0d:0c:
87:f1:78:5a:89:cd:e3:31:97:74:dd:b8:b1:19:5e:
b9:00:13:69:f7:34:cd:49:cf:0f:52:14:aa:69:46:
8d:ea:4d:96:39:7b:d4:d7:90:af:96:39:c7:32:86:
c9:94:f1:f7:78:b2:a8:d9:19:e4:97:84:77:3e:7c:
f7:95:89:4d:fd:b1:0b:89:97:51:68:2a:e9:38:18:
97:47:18:00:ff:7d:30:37:38:9f:9f:02:49:f3:d4:
9d:5b:a6:8a:65:3c:c2:58:c1:6c:90:dd:62:ab:c0:
d3:b6:13:2e:a6:53:26:a8:80:a1:18:14:e4:43:f5:
e8:13:36:40:dc:d6:a7:f1:b3:d4:1a:25:33:e6:a0:
ad:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:86:01:92:35:F9:5C:B4:41:00:5F:87:66:25:E5:B7:34:6B:23:2E
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/tIYBkjX5XLRBAF-HZiXltzRrIy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.211.0/24
212.46.36.0/24
Signature Algorithm: sha256WithRSAEncryption
31:7f:08:ae:1f:7c:1b:aa:4b:fe:13:84:54:71:14:e0:79:26:
a0:89:ab:45:2b:7e:cf:7b:0e:f4:6d:e7:ef:f2:64:b2:3a:8d:
be:02:8d:72:69:95:d6:d7:b0:a5:71:93:06:0c:7d:90:f4:60:
e6:9c:de:bb:79:33:3f:9c:cd:cc:b6:55:8a:3d:08:6e:2f:cc:
84:8b:d9:54:73:d2:b5:9f:92:ae:d2:26:d5:55:96:75:eb:5e:
ee:b7:d1:62:3f:e5:b3:57:3a:a0:fd:54:c3:24:c8:50:8e:e2:
33:1b:d3:d1:ad:91:62:06:7f:bd:90:37:cf:b7:45:26:b8:f7:
1a:23:d8:4e:7b:04:1f:69:69:54:30:20:4b:d0:f1:4e:cd:d1:
6a:6e:c5:b6:05:a4:9a:49:7b:ef:90:e2:3a:20:3e:f2:db:28:
0a:dc:14:af:eb:32:b2:c0:f5:2e:02:aa:58:f9:ae:34:89:42:
a2:34:1d:3a:12:c0:c6:b7:9f:f3:fc:68:44:62:df:15:56:44:
3e:d4:9b:48:ca:1a:8e:da:bd:f1:36:8b:ff:61:e0:ed:66:3f:
92:bc:e5:d1:60:84:ad:68:87:f0:9f:b0:7e:55:e9:c6:a7:a0:
c7:d5:3c:1f:48:de:d8:f4:84:c0:39:a1:9e:aa:36:35:9f:56:
97:a0:0d:25
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZFIfL1JB0l5P5nUUpfryt2mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODEyMjEyNzAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDg2MDE5MjM1Zjk1Y2I0NDEwMDVmODc2NjI1ZTViNzM0NmIyMzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsSaQhQDi8yMb1jJWF4/V5TzkohgO
hvfPR3C5ci7na0VvMaORycl353Tbg7Pa3M3/giAoDp0pRCZD3zN/AynmW26xPjj3
G5OJbI3LXVOyds9rOwcGe58DYdgkZMRjdhtDFvLaqLXDCNcH++6izaT8jiC7bqY+
DQyH8Xhaic3jMZd03bixGV65ABNp9zTNSc8PUhSqaUaN6k2WOXvU15CvljnHMobJ
lPH3eLKo2Rnkl4R3Pnz3lYlN/bELiZdRaCrpOBiXRxgA/30wNzifnwJJ89SdW6aK
ZTzCWMFskN1iq8DTthMuplMmqIChGBTkQ/XoEzZA3Nan8bPUGiUz5qCttwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLSGAZI1+Vy0QQBfh2Yl5bc0ayMuMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvdElZQmtqWDVYTFJCQUYtSFppWGx0elJySXk0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABSrTAwQA
1C4kMA0GCSqGSIb3DQEBCwUAA4IBAQAxfwiuH3wbqkv+E4RUcRTgeSagiatFK37P
ew70befv8mSyOo2+Ao1yaZXW17ClcZMGDH2Q9GDmnN67eTM/nM3MtlWKPQhuL8yE
i9lUc9K1n5Ku0ibVVZZ1617ut9FiP+WzVzqg/VTDJMhQjuIzG9PRrZFiBn+9kDfP
t0UmuPcaI9hOewQfaWlUMCBL0PFOzdFqbsW2BaSaSXvvkOI6ID7y2ygK3BSv6zKy
wPUuAqpY+a40iUKiNB06EsDGt5/z/GhEYt8VVkQ+1JtIyhqO2r3xNov/YeDtZj+S
vOXRYIStaIfwn7B+VenGp6DH1TwfSN7Y9ITAOaGeqjY1n1aXoA0l
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:13:43 2024 by rpki-client on console-fra.rpki-client.org