Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/TIFlLaX-at075ZCD576gdKkGRGE.roa
File: TIFlLaX-at075ZCD576gdKkGRGE.roa (raw, json)
Hash identifier: XERxXxon8IIgmLqz6Jx0rlqn/egMrPZzdvrOTe9z/Fg=
Subject key identifier: 4C:81:65:2D:A5:FE:6A:DD:3B:E5:90:83:E7:BE:A0:74:A9:06:44:61
Certificate issuer: /CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Certificate serial: 018CC50063CFA93A1923787CB119F1487C23
Authority key identifier: 37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/TIFlLaX-at075ZCD576gdKkGRGE.roa
Signing time: Mon 01 Jan 2024 12:29:46 +0000
ROA not before: Mon 01 Jan 2024 12:29:46 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3356
IP address blocks: 185.148.224.0/22 maxlen: 24
109.234.0.0/21 maxlen: 24
91.205.116.0/22 maxlen: 24
193.242.174.0/23 maxlen: 24
2a07:6200:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.mft
rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 16:59:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:63:cf:a9:3a:19:23:78:7c:b1:19:f1:48:7c:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=37949ac84d0b86910f4fd3cf5962927d83450aeb
Validity
Not Before: Jan 1 12:29:46 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c81652da5fe6add3be59083e7bea074a9064461
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:14:ec:08:90:b3:4a:bc:50:b0:a1:34:96:65:
e6:06:18:b2:fe:48:9e:81:2b:56:b1:87:14:ba:50:
4a:9f:b9:62:06:16:f4:22:b8:33:56:56:f4:89:69:
57:0a:3b:99:90:76:70:b1:6f:72:72:1e:32:e5:39:
87:41:04:e8:56:4d:e0:a9:80:15:7f:f5:d2:ef:07:
6d:3f:e3:ae:b7:75:9f:94:aa:44:98:2f:30:60:16:
2e:e9:a8:9e:2e:d1:47:f1:1d:f4:36:7c:25:32:b1:
1a:12:4a:3c:a9:36:6a:4c:fc:ee:3e:27:05:11:2d:
78:d9:59:ff:dc:6d:26:4d:e3:9f:64:b0:3f:7b:85:
61:c9:c9:fb:d0:29:71:4a:53:10:46:ef:64:54:c7:
bf:d1:bf:a3:35:b0:1d:ba:81:0e:60:de:86:95:35:
8f:c7:c9:f5:7a:3d:a4:d2:a7:d8:ea:83:74:94:1b:
bd:9c:cb:dc:32:bc:a7:6d:10:c6:ae:de:e2:6c:f1:
64:61:f9:a7:79:94:04:69:ba:05:20:96:33:77:3f:
9c:58:7e:c7:5f:53:42:23:6c:7c:cb:43:d3:6d:8e:
78:59:09:de:55:71:a8:74:bc:6e:55:be:6c:1b:76:
66:65:7f:84:d3:b2:b9:8d:d2:89:da:58:12:43:bf:
1b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:81:65:2D:A5:FE:6A:DD:3B:E5:90:83:E7:BE:A0:74:A9:06:44:61
X509v3 Authority Key Identifier:
keyid:37:94:9A:C8:4D:0B:86:91:0F:4F:D3:CF:59:62:92:7D:83:45:0A:EB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N5SayE0LhpEPT9PPWWKSfYNFCus.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/TIFlLaX-at075ZCD576gdKkGRGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/c28ea4-059c-49dd-9278-a4db396c8987/1/N5SayE0LhpEPT9PPWWKSfYNFCus.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.116.0/22
109.234.0.0/21
185.148.224.0/22
193.242.174.0/23
IPv6:
2a07:6200:1::/48
Signature Algorithm: sha256WithRSAEncryption
39:7c:7b:87:56:ac:7b:1a:73:57:d8:0e:22:a5:7c:6e:d6:5d:
d2:ec:0d:7f:67:d5:83:b2:30:46:7a:d0:0d:31:cf:fd:22:ba:
2c:17:e0:4d:0d:bd:44:da:75:d6:48:10:48:1b:42:58:95:b4:
c9:12:34:4d:dc:85:85:fe:d3:3d:8a:25:d6:aa:33:4d:f9:50:
4d:2b:3d:4c:20:ef:ff:8b:79:14:50:d6:76:6e:95:a8:1a:1c:
5e:78:23:91:d8:2e:27:9f:19:62:4f:bd:30:ce:b9:c3:56:c3:
3e:81:d4:38:d6:e2:dc:67:86:18:39:a2:2e:ac:68:8b:15:e2:
d4:47:3d:cf:03:59:62:56:61:d3:07:da:4e:2f:70:b5:c6:e1:
bc:51:19:29:25:4d:9c:19:ed:2e:81:10:fe:19:db:54:e9:84:
29:cd:83:f1:ce:37:17:f5:84:97:e8:f2:22:4f:da:a7:84:5c:
f6:aa:3d:a9:1a:61:a3:05:9a:f8:81:3b:b5:17:a0:8b:3e:b0:
6d:1e:f7:98:b9:2e:dd:d2:c4:5c:e8:fa:c8:36:79:de:40:38:
56:46:47:21:6a:af:a0:bc:86:92:fa:7a:74:8d:5e:33:97:3a:
b7:b3:7c:ae:f5:fc:db:a6:41:9c:1d:47:f6:44:42:5a:e0:28:
3d:06:fb:05
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAYzFAGPPqToZI3h8sRnxSHwjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3OTQ5YWM4NGQwYjg2OTEwZjRmZDNjZjU5NjI5MjdkODM0
NTBhZWIwHhcNMjQwMTAxMTIyOTQ2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzgxNjUyZGE1ZmU2YWRkM2JlNTkwODNlN2JlYTA3NGE5MDY0NDYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRTsCJCzSrxQsKE0lmXmBhiy/kie
gStWsYcUulBKn7liBhb0IrgzVlb0iWlXCjuZkHZwsW9ych4y5TmHQQToVk3gqYAV
f/XS7wdtP+Out3WflKpEmC8wYBYu6aieLtFH8R30NnwlMrEaEko8qTZqTPzuPicF
ES142Vn/3G0mTeOfZLA/e4Vhycn70ClxSlMQRu9kVMe/0b+jNbAduoEOYN6GlTWP
x8n1ej2k0qfY6oN0lBu9nMvcMrynbRDGrt7ibPFkYfmneZQEaboFIJYzdz+cWH7H
X1NCI2x8y0PTbY54WQneVXGodLxuVb5sG3ZmZX+E07K5jdKJ2lgSQ78bnwIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFEyBZS2l/mrdO+WQg+e+oHSpBkRhMB8GA1UdIwQY
MBaAFDeUmshNC4aRD0/Tz1likn2DRQrrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgt
YTRkYjM5NmM4OTg3LzEvVElGbExhWC1hdDA3NVpDRDU3NmdkS2tHUkdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NC9jMjhlYTQtMDU5Yy00OWRkLTkyNzgtYTRkYjM5NmM4OTg3
LzEvTjVTYXlFMExocEVQVDlQUFdXS1NmWU5GQ3VzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAeBAIAATAYAwQCW810AwQD
beoAAwQCuZTgAwQBwfKuMA8EAgACMAkDBwAqB2IAAAEwDQYJKoZIhvcNAQELBQAD
ggEBADl8e4dWrHsac1fYDiKlfG7WXdLsDX9n1YOyMEZ60A0xz/0iuiwX4E0NvUTa
ddZIEEgbQliVtMkSNE3chYX+0z2KJdaqM035UE0rPUwg7/+LeRRQ1nZulagaHF54
I5HYLiefGWJPvTDOucNWwz6B1DjW4txnhhg5oi6saIsV4tRHPc8DWWJWYdMH2k4v
cLXG4bxRGSklTZwZ7S6BEP4Z21TphCnNg/HONxf1hJfo8iJP2qeEXPaqPakaYaMF
mviBO7UXoIs+sG0e95i5Lt3SxFzo+sg2ed5AOFZGRyFqr6C8hpL6enSNXjOXOrez
fK71/NumQZwdR/ZEQlrgKD0G+wU=
-----END CERTIFICATE-----
Generated at Thu May 2 20:44:03 2024 by rpki-client on console-ams.rpki-client.org