Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/417a43-55e9-4626-99c5-25cb092f5cac/1/Tb3E7F_udpjaWMAsJI3Tr6kxr2U.roa
File: Tb3E7F_udpjaWMAsJI3Tr6kxr2U.roa (raw, json)
Hash identifier: wal7aqbf/Gfzt6Un2JdiIUejn8SsuvPwvYBSsBssxhs=
Subject key identifier: 4D:BD:C4:EC:5F:EE:76:98:DA:58:C0:2C:24:8D:D3:AF:A9:31:AF:65
Certificate issuer: /CN=0d026a518947dd5bd3981ed0669c11c5621d0475
Certificate serial: 018CC72690E0A117184D272A15FE26A66D33
Authority key identifier: 0D:02:6A:51:89:47:DD:5B:D3:98:1E:D0:66:9C:11:C5:62:1D:04:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DQJqUYlH3VvTmB7QZpwRxWIdBHU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/417a43-55e9-4626-99c5-25cb092f5cac/1/Tb3E7F_udpjaWMAsJI3Tr6kxr2U.roa
Signing time: Mon 01 Jan 2024 22:30:42 +0000
ROA not before: Mon 01 Jan 2024 22:30:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62364
IP address blocks: 193.39.4.0/23 maxlen: 23
193.39.4.0/24 maxlen: 24
193.39.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/417a43-55e9-4626-99c5-25cb092f5cac/1/DQJqUYlH3VvTmB7QZpwRxWIdBHU.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/417a43-55e9-4626-99c5-25cb092f5cac/1/DQJqUYlH3VvTmB7QZpwRxWIdBHU.mft
rsync://rpki.ripe.net/repository/DEFAULT/DQJqUYlH3VvTmB7QZpwRxWIdBHU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 17:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:26:90:e0:a1:17:18:4d:27:2a:15:fe:26:a6:6d:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0d026a518947dd5bd3981ed0669c11c5621d0475
Validity
Not Before: Jan 1 22:30:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4dbdc4ec5fee7698da58c02c248dd3afa931af65
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:36:5e:b3:04:ba:b8:ef:00:ea:4a:d0:4d:95:
24:1d:5c:d2:f3:c3:91:ea:49:75:71:b2:d5:da:db:
ab:0f:d7:06:e5:55:5c:ea:fe:bf:5a:7e:4d:d4:8f:
bc:ab:06:6d:a6:b8:6a:b2:e1:b6:2c:36:76:e7:69:
b9:bf:b0:c4:72:1c:c1:c1:1d:af:ec:65:d9:73:28:
a8:1b:5a:5c:47:5a:6c:c3:68:ac:7c:57:c9:92:1b:
49:b1:5c:2b:6b:68:2c:0d:c5:ed:b4:01:b7:25:22:
59:7b:05:b5:70:54:8d:55:b4:16:38:65:b0:d2:86:
e6:1c:58:73:95:d3:ac:36:dd:c8:9b:6d:e3:37:90:
9e:e4:5d:6b:40:02:59:96:cc:bb:61:04:03:02:8b:
7a:36:16:4e:76:5b:a0:df:14:81:d1:ca:83:36:9c:
b3:02:ed:5b:6c:02:b0:67:7f:09:e6:b1:77:90:76:
98:e9:51:b0:f5:50:d0:66:51:28:2e:c2:a8:4b:be:
b1:5c:dc:ac:1a:da:07:87:4a:12:a4:54:7a:36:44:
66:63:e4:1d:15:52:65:26:0e:44:ca:5d:6b:33:4e:
56:24:90:21:c8:65:11:51:d7:c7:8f:0f:3d:72:bc:
fd:13:50:41:d4:cd:13:1d:28:7c:14:f7:78:95:41:
b2:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:BD:C4:EC:5F:EE:76:98:DA:58:C0:2C:24:8D:D3:AF:A9:31:AF:65
X509v3 Authority Key Identifier:
keyid:0D:02:6A:51:89:47:DD:5B:D3:98:1E:D0:66:9C:11:C5:62:1D:04:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DQJqUYlH3VvTmB7QZpwRxWIdBHU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/417a43-55e9-4626-99c5-25cb092f5cac/1/Tb3E7F_udpjaWMAsJI3Tr6kxr2U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/417a43-55e9-4626-99c5-25cb092f5cac/1/DQJqUYlH3VvTmB7QZpwRxWIdBHU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.39.4.0/23
Signature Algorithm: sha256WithRSAEncryption
c1:43:d2:6e:44:c7:53:ea:ac:94:a8:e2:14:6f:34:c1:07:78:
95:26:c3:cd:96:40:fa:8d:9d:59:fe:67:75:17:54:ef:c2:4b:
c0:c0:77:40:2b:d6:1a:dc:4e:88:8d:5f:08:ad:ec:3f:2d:96:
f1:b0:52:25:04:da:67:eb:18:77:84:bc:3d:2a:8d:f7:6f:2b:
1b:94:19:c1:70:15:d4:e8:e4:10:a6:54:69:47:38:6f:c5:6b:
13:04:cd:e4:3d:46:bd:f9:09:a7:c4:02:4e:4f:5d:f5:87:f0:
72:11:53:1e:91:2e:e2:09:59:de:05:30:00:36:23:b1:80:08:
61:81:74:5c:a6:87:53:3e:ed:cf:51:7e:a2:4f:3f:63:95:d9:
4e:7e:67:93:25:84:21:3e:09:52:c1:87:6d:cf:c9:7f:5b:eb:
17:a1:9e:a1:7a:c3:a0:59:56:d4:e5:6a:39:09:f8:f2:be:3c:
68:5f:38:57:ed:28:84:77:50:30:63:17:3e:38:2a:70:ff:ac:
da:1e:e0:a0:1a:ea:0f:32:b5:37:77:13:f8:e5:c8:53:7f:95:
16:46:e2:8f:64:10:39:93:2d:18:c6:81:31:8c:30:a4:d0:bf:
54:6a:2c:cd:66:0b:1c:a7:4b:5a:13:ae:81:28:25:57:70:20:
3a:06:16:7c
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzHJpDgoRcYTScqFf4mpm0zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBkMDI2YTUxODk0N2RkNWJkMzk4MWVkMDY2OWMxMWM1NjIx
ZDA0NzUwHhcNMjQwMTAxMjIzMDQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGJkYzRlYzVmZWU3Njk4ZGE1OGMwMmMyNDhkZDNhZmE5MzFhZjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzzZeswS6uO8A6krQTZUkHVzS88OR
6kl1cbLV2turD9cG5VVc6v6/Wn5N1I+8qwZtprhqsuG2LDZ252m5v7DEchzBwR2v
7GXZcyioG1pcR1psw2isfFfJkhtJsVwra2gsDcXttAG3JSJZewW1cFSNVbQWOGWw
0obmHFhzldOsNt3Im23jN5Ce5F1rQAJZlsy7YQQDAot6NhZOdlug3xSB0cqDNpyz
Au1bbAKwZ38J5rF3kHaY6VGw9VDQZlEoLsKoS76xXNysGtoHh0oSpFR6NkRmY+Qd
FVJlJg5Eyl1rM05WJJAhyGURUdfHjw89crz9E1BB1M0THSh8FPd4lUGy9QIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFE29xOxf7naY2ljALCSN06+pMa9lMB8GA1UdIwQY
MBaAFA0CalGJR91b05ge0GacEcViHQR1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRFFKcVVZbEgzVnZUbUI3UVpwd1J4V0lkQkhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My80MTdhNDMtNTVlOS00NjI2LTk5YzUt
MjVjYjA5MmY1Y2FjLzEvVGIzRTdGX3VkcGphV01Bc0pJM1RyNmt4cjJVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82My80MTdhNDMtNTVlOS00NjI2LTk5YzUtMjVjYjA5MmY1Y2Fj
LzEvRFFKcVVZbEgzVnZUbUI3UVpwd1J4V0lkQkhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBwScEMA0G
CSqGSIb3DQEBCwUAA4IBAQDBQ9JuRMdT6qyUqOIUbzTBB3iVJsPNlkD6jZ1Z/md1
F1TvwkvAwHdAK9Ya3E6IjV8Irew/LZbxsFIlBNpn6xh3hLw9Ko33bysblBnBcBXU
6OQQplRpRzhvxWsTBM3kPUa9+QmnxAJOT131h/ByEVMekS7iCVneBTAANiOxgAhh
gXRcpodTPu3PUX6iTz9jldlOfmeTJYQhPglSwYdtz8l/W+sXoZ6hesOgWVbU5Wo5
CfjyvjxoXzhX7SiEd1AwYxc+OCpw/6zaHuCgGuoPMrU3dxP45chTf5UWRuKPZBA5
ky0YxoExjDCk0L9UaizNZgscp0taE66BKCVXcCA6BhZ8
-----END CERTIFICATE-----
Generated at Sat May 18 02:20:16 2024 by rpki-client on console-ams.rpki-client.org