Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/TLNLNdGXJaCxf1N5oggAF-JbCnw.roa
File: TLNLNdGXJaCxf1N5oggAF-JbCnw.roa (raw, json)
Hash identifier: iM08eS2vY0Df5L1BnZvDQLEsOjj7mfcs52L34MGOEFI=
Subject key identifier: 4C:B3:4B:35:D1:97:25:A0:B1:7F:53:79:A2:08:00:17:E2:5B:0A:7C
Certificate issuer: /CN=74267f3ecfcc61668e0501bca60ced6dd75d347c
Certificate serial: 018CC9BC56D3BCFDE5614DB487E5B7E11815
Authority key identifier: 74:26:7F:3E:CF:CC:61:66:8E:05:01:BC:A6:0C:ED:6D:D7:5D:34:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dCZ_Ps_MYWaOBQG8pgztbdddNHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/TLNLNdGXJaCxf1N5oggAF-JbCnw.roa
Signing time: Tue 02 Jan 2024 10:33:32 +0000
ROA not before: Tue 02 Jan 2024 10:33:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50897
IP address blocks: 192.108.116.0/24 maxlen: 24
192.108.117.0/24 maxlen: 24
192.108.118.0/24 maxlen: 24
192.108.115.0/24 maxlen: 24
192.44.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/dCZ_Ps_MYWaOBQG8pgztbdddNHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/dCZ_Ps_MYWaOBQG8pgztbdddNHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/dCZ_Ps_MYWaOBQG8pgztbdddNHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:56:d3:bc:fd:e5:61:4d:b4:87:e5:b7:e1:18:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=74267f3ecfcc61668e0501bca60ced6dd75d347c
Validity
Not Before: Jan 2 10:33:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cb34b35d19725a0b17f5379a2080017e25b0a7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:38:24:a5:bd:a4:1e:d5:34:08:21:e4:ff:3d:
07:77:84:19:f6:d4:fd:30:63:11:14:6f:6b:ad:a8:
e6:5a:73:ff:ab:81:c8:f3:39:e2:e7:1e:92:d3:af:
cb:7f:16:ec:ba:ea:01:44:3a:d0:b6:35:f3:78:b1:
32:1c:a7:bf:60:e2:32:f0:71:59:a8:89:9b:7f:4a:
5e:0e:b4:dc:f8:38:5f:ae:83:f7:24:50:a6:10:fa:
47:d1:f0:50:ba:a0:61:8c:f1:24:3b:84:e4:1f:ec:
e0:5e:bf:f6:19:5f:fe:f8:ed:9a:a9:2a:29:4e:9a:
47:d3:53:8b:51:b9:4d:f6:00:59:68:be:5a:14:71:
0d:e1:5f:c1:fc:dc:00:b1:ea:82:71:a7:ff:9a:1c:
34:54:8d:34:92:c6:8b:0e:c3:7d:1a:98:db:f4:25:
cc:c3:2b:78:e8:58:32:25:77:2b:fa:7c:5b:ea:67:
01:c0:e7:52:0d:e5:58:d5:61:82:34:e5:58:2a:86:
e2:83:de:38:5a:aa:c9:20:4d:85:d1:30:04:7f:c3:
7a:8e:0c:6a:eb:a3:c3:f9:55:8f:c8:62:bc:84:a3:
ea:6a:eb:97:20:54:9f:de:f5:0c:9e:56:b1:a2:69:
38:18:f8:0c:50:39:04:f0:e2:19:f1:ae:da:2d:23:
15:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B3:4B:35:D1:97:25:A0:B1:7F:53:79:A2:08:00:17:E2:5B:0A:7C
X509v3 Authority Key Identifier:
keyid:74:26:7F:3E:CF:CC:61:66:8E:05:01:BC:A6:0C:ED:6D:D7:5D:34:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dCZ_Ps_MYWaOBQG8pgztbdddNHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/TLNLNdGXJaCxf1N5oggAF-JbCnw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70cb80-4e6d-46a5-b1b4-4e3f4d68f682/1/dCZ_Ps_MYWaOBQG8pgztbdddNHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.44.75.0/24
192.108.115.0-192.108.118.255
Signature Algorithm: sha256WithRSAEncryption
95:e0:7d:cf:1e:85:d8:d5:cb:d5:d4:86:b9:41:47:51:66:7b:
c9:81:ea:c8:f3:69:f1:04:e4:06:ee:94:50:69:94:71:58:c0:
6a:f6:5f:16:36:ce:99:97:59:b2:d6:7c:23:b6:76:7b:6d:58:
58:a8:9c:1f:16:da:48:8f:06:da:e5:39:aa:76:a7:df:56:43:
19:80:06:d0:96:5b:10:21:22:e0:61:4e:3d:b1:02:0d:18:64:
4e:38:91:49:52:c9:8f:3a:15:df:6e:4f:dc:72:0e:7a:24:2c:
00:08:22:fb:4b:02:40:c5:c8:63:ae:bd:a0:c6:9d:d5:0e:fd:
e7:7c:3a:5b:a6:40:bc:e5:a6:07:01:e2:23:b9:eb:3d:77:6f:
3c:4d:51:4a:eb:27:03:07:7d:12:0d:0a:ea:d6:18:fa:d1:63:
5e:e8:cd:be:72:de:80:01:37:4d:fc:21:73:76:2f:20:6e:e0:
36:86:a7:99:06:d7:3b:bc:af:ca:c8:51:1c:70:61:0a:5d:17:
2e:be:a2:03:e0:ca:00:ea:a0:53:fd:d8:2a:1d:d2:fb:80:65:
a0:26:c5:2c:68:fd:9f:c3:2b:d5:bd:a3:11:40:90:0b:5f:81:
02:49:88:fa:4e:17:02:c3:3b:1d:82:04:e9:30:68:f2:9c:0e:
53:bc:ae:a2
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAYzJvFbTvP3lYU20h+W34RgVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0MjY3ZjNlY2ZjYzYxNjY4ZTA1MDFiY2E2MGNlZDZkZDc1
ZDM0N2MwHhcNMjQwMTAyMTAzMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2IzNGIzNWQxOTcyNWEwYjE3ZjUzNzlhMjA4MDAxN2UyNWIwYTdjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyTgkpb2kHtU0CCHk/z0Hd4QZ9tT9
MGMRFG9rrajmWnP/q4HI8zni5x6S06/LfxbsuuoBRDrQtjXzeLEyHKe/YOIy8HFZ
qImbf0peDrTc+DhfroP3JFCmEPpH0fBQuqBhjPEkO4TkH+zgXr/2GV/++O2aqSop
TppH01OLUblN9gBZaL5aFHEN4V/B/NwAseqCcaf/mhw0VI00ksaLDsN9Gpjb9CXM
wyt46FgyJXcr+nxb6mcBwOdSDeVY1WGCNOVYKobig944WqrJIE2F0TAEf8N6jgxq
66PD+VWPyGK8hKPqauuXIFSf3vUMnlaxomk4GPgMUDkE8OIZ8a7aLSMVSwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFEyzSzXRlyWgsX9TeaIIABfiWwp8MB8GA1UdIwQY
MBaAFHQmfz7PzGFmjgUBvKYM7W3XXTR8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZENaX1BzX01ZV2FPQlFHOHBnenRiZGRkTkh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83MGNiODAtNGU2ZC00NmE1LWIxYjQt
NGUzZjRkNjhmNjgyLzEvVExOTE5kR1hKYUN4ZjFONW9nZ0FGLUpiQ253LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83MGNiODAtNGU2ZC00NmE1LWIxYjQtNGUzZjRkNjhmNjgy
LzEvZENaX1BzX01ZV2FPQlFHOHBnenRiZGRkTkh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQAwCxLMAwD
BADAbHMDBADAbHYwDQYJKoZIhvcNAQELBQADggEBAJXgfc8ehdjVy9XUhrlBR1Fm
e8mB6sjzafEE5AbulFBplHFYwGr2XxY2zpmXWbLWfCO2dnttWFionB8W2kiPBtrl
Oap2p99WQxmABtCWWxAhIuBhTj2xAg0YZE44kUlSyY86Fd9uT9xyDnokLAAIIvtL
AkDFyGOuvaDGndUO/ed8OlumQLzlpgcB4iO56z13bzxNUUrrJwMHfRINCurWGPrR
Y17ozb5y3oABN038IXN2LyBu4DaGp5kG1zu8r8rIURxwYQpdFy6+ogPgygDqoFP9
2Cod0vuAZaAmxSxo/Z/DK9W9oxFAkAtfgQJJiPpOFwLDOx2CBOkwaPKcDlO8rqI=
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:59:49 2024 by rpki-client on console-fra.rpki-client.org