Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/tid-ybLY2PY04EvKwjS08tthIC0.roa
File: tid-ybLY2PY04EvKwjS08tthIC0.roa (raw, json)
Hash identifier: rLj0JXhy7g6H1s8MGnP5rSJQ56haTHzQaTxTzkCRmMA=
Subject key identifier: B6:27:7E:C9:B2:D8:D8:F6:34:E0:4B:CA:C2:34:B4:F2:DB:61:20:2D
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0191A208FD2A1DE8A8363E0455E438639D98
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/tid-ybLY2PY04EvKwjS08tthIC0.roa
Signing time: Fri 30 Aug 2024 06:46:23 +0000
ROA not before: Fri 30 Aug 2024 06:46:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59729
IP address blocks: 5.42.192.0/24 maxlen: 24
5.42.195.0/24 maxlen: 24
5.42.209.0/24 maxlen: 24
5.42.210.0/24 maxlen: 24
193.9.20.0/24 maxlen: 24
193.200.199.0/24 maxlen: 24
194.26.204.0/24 maxlen: 24
194.55.170.0/24 maxlen: 24
212.18.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 14:57:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a2:08:fd:2a:1d:e8:a8:36:3e:04:55:e4:38:63:9d:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Aug 30 06:46:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6277ec9b2d8d8f634e04bcac234b4f2db61202d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:57:ac:f5:1c:2b:51:05:a8:cc:90:7a:37:c0:
9e:dd:12:72:a9:c0:a6:c2:6e:30:5d:91:10:8d:8c:
9d:e9:48:0e:f5:fa:2b:c3:cd:ea:69:f5:27:b3:a6:
d7:54:3d:10:03:19:d4:92:09:54:46:bf:0a:b7:cb:
da:9b:c8:ad:ab:39:5e:22:12:1b:ed:bc:c0:fc:37:
a8:bb:68:83:2f:c6:d2:63:13:13:b9:47:ab:44:6c:
21:2a:cc:36:a7:22:91:ba:c0:54:f2:49:cc:05:5d:
c2:cf:6f:da:44:36:10:97:01:d8:b9:25:c1:2c:36:
af:c5:23:d9:2d:7b:17:ef:b1:63:0b:94:3a:fe:76:
cc:1a:01:22:72:6f:b2:8b:c8:87:e4:9e:7b:79:fa:
35:eb:ed:cd:20:a2:0b:35:a6:fc:4d:04:52:7f:19:
34:32:89:f1:39:d5:d5:1a:b3:f6:8e:29:ed:8b:3d:
fd:c8:18:be:78:3d:10:77:1d:b9:c6:ad:e3:2f:c3:
46:b4:a6:89:21:a2:d3:0f:81:f6:07:63:e2:8e:f3:
56:83:32:98:bb:49:90:de:de:4a:b1:bd:9b:94:1e:
09:af:42:96:9f:53:fe:62:d1:f4:40:8f:2f:cb:cb:
bc:f0:e3:59:fc:a6:a4:10:0e:0b:e6:2f:a0:2f:36:
ef:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:27:7E:C9:B2:D8:D8:F6:34:E0:4B:CA:C2:34:B4:F2:DB:61:20:2D
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/tid-ybLY2PY04EvKwjS08tthIC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.192.0/24
5.42.195.0/24
5.42.209.0-5.42.210.255
193.9.20.0/24
193.200.199.0/24
194.26.204.0/24
194.55.170.0/24
212.18.120.0/24
Signature Algorithm: sha256WithRSAEncryption
6c:86:46:13:6b:55:10:07:1b:4c:3f:62:67:ee:97:1f:36:0d:
00:8b:1a:be:6b:f4:79:45:5a:8e:63:d7:1c:78:c8:62:fe:4d:
ca:57:c7:d7:d8:da:01:25:ba:bd:32:f7:8c:08:ea:e5:1a:cc:
25:b8:6f:e6:0c:92:71:bb:dd:41:42:b4:4a:94:86:fc:9a:c6:
e7:cf:e0:d1:91:67:58:40:0a:5c:fd:e7:cc:85:b4:3d:12:3a:
31:9c:83:39:82:73:b7:6f:fa:f2:fc:61:a3:18:58:b4:ee:ae:
30:24:10:3a:e0:e1:8c:1c:62:2e:81:da:bb:26:2c:90:e3:c6:
99:24:a5:be:73:f8:b7:27:b9:16:07:1c:aa:eb:3c:20:cb:ff:
26:6e:37:55:d0:35:57:45:7d:a2:bc:42:51:42:db:e4:bc:da:
ea:e3:88:bc:73:3f:97:fd:cc:39:d8:ce:42:83:8e:93:f2:03:
30:1e:ba:25:28:e5:91:ea:f9:29:aa:8e:13:d4:e7:07:27:5c:
1a:5e:7d:c9:59:35:98:8f:7b:2b:f0:97:8a:68:5f:41:84:8b:
af:fd:e6:59:b6:6d:46:a0:f2:01:ab:a6:b8:1d:4b:b1:c8:30:
b9:6c:00:e7:6a:82:21:5e:75:24:ef:e3:99:66:d9:99:a5:3a:
f0:ee:18:56
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZGiCP0qHeioNj4EVeQ4Y52YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjQwODMwMDY0NjIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjI3N2VjOWIyZDhkOGY2MzRlMDRiY2FjMjM0YjRmMmRiNjEyMDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk1es9RwrUQWozJB6N8Ce3RJyqcCm
wm4wXZEQjYyd6UgO9forw83qafUns6bXVD0QAxnUkglURr8Kt8vam8itqzleIhIb
7bzA/Deou2iDL8bSYxMTuUerRGwhKsw2pyKRusBU8knMBV3Cz2/aRDYQlwHYuSXB
LDavxSPZLXsX77FjC5Q6/nbMGgEicm+yi8iH5J57efo16+3NIKILNab8TQRSfxk0
MonxOdXVGrP2jintiz39yBi+eD0Qdx25xq3jL8NGtKaJIaLTD4H2B2PijvNWgzKY
u0mQ3t5Ksb2blB4Jr0KWn1P+YtH0QI8vy8u88ONZ/KakEA4L5i+gLzbvTwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFLYnfsmy2Nj2NOBLysI0tPLbYSAtMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvdGlkLXliTFkyUFkwNEV2S3dqUzA4dHRoSUMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQABSrAAwQA
BSrDMAwDBAAFKtEDBAAFKtIDBADBCRQDBADByMcDBADCGswDBADCN6oDBADUEngw
DQYJKoZIhvcNAQELBQADggEBAGyGRhNrVRAHG0w/Ymfulx82DQCLGr5r9HlFWo5j
1xx4yGL+TcpXx9fY2gElur0y94wI6uUazCW4b+YMknG73UFCtEqUhvyaxufP4NGR
Z1hAClz958yFtD0SOjGcgzmCc7dv+vL8YaMYWLTurjAkEDrg4YwcYi6B2rsmLJDj
xpkkpb5z+LcnuRYHHKrrPCDL/yZuN1XQNVdFfaK8QlFC2+S82urjiLxzP5f9zDnY
zkKDjpPyAzAeuiUo5ZHq+SmqjhPU5wcnXBpefclZNZiPeyvwl4poX0GEi6/95lm2
bUag8gGrprgdS7HIMLlsAOdqgiFedSTv45lm2ZmlOvDuGFY=
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:45:48 2024 by rpki-client on console-ams.rpki-client.org