Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/TzmvFMp3MA-NLc5KGR8mw6sZbj0.roa
File: TzmvFMp3MA-NLc5KGR8mw6sZbj0.roa (raw, json)
Hash identifier: AOHqKvmMU/gc1B5uGP1Z3EGGtHHLZ162WyRQig0bbQ0=
Subject key identifier: 4F:39:AF:14:CA:77:30:0F:8D:2D:CE:4A:19:1F:26:C3:AB:19:6E:3D
Certificate issuer: /CN=222c4585bd88fb27cadf29ee5bb95d6575fcef83
Certificate serial: 018CC56ED5D24B0B6BF820B0128E052D1F72
Authority key identifier: 22:2C:45:85:BD:88:FB:27:CA:DF:29:EE:5B:B9:5D:65:75:FC:EF:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IixFhb2I-yfK3ynuW7ldZXX874M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/TzmvFMp3MA-NLc5KGR8mw6sZbj0.roa
Signing time: Mon 01 Jan 2024 14:30:24 +0000
ROA not before: Mon 01 Jan 2024 14:30:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62563
IP address blocks: 188.212.39.0/24 maxlen: 24
176.126.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/IixFhb2I-yfK3ynuW7ldZXX874M.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/IixFhb2I-yfK3ynuW7ldZXX874M.mft
rsync://rpki.ripe.net/repository/DEFAULT/IixFhb2I-yfK3ynuW7ldZXX874M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 22:35:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:d5:d2:4b:0b:6b:f8:20:b0:12:8e:05:2d:1f:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=222c4585bd88fb27cadf29ee5bb95d6575fcef83
Validity
Not Before: Jan 1 14:30:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f39af14ca77300f8d2dce4a191f26c3ab196e3d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:bd:dd:9e:2c:06:a6:f3:ab:da:71:36:03:36:
e3:2c:fe:c4:ef:09:48:43:6b:86:db:ff:0f:dc:34:
ef:d0:2d:82:90:24:7e:ee:fb:86:8c:15:76:bf:88:
4d:10:75:f6:e6:8f:38:2c:51:d0:52:85:3d:ac:62:
20:f1:8a:6a:b7:94:7b:54:5c:71:43:ff:a0:31:69:
f0:06:e0:11:60:1e:76:dd:c3:2d:9a:6f:41:8d:7a:
8a:8c:83:e8:1b:27:a4:1c:88:d9:0a:f6:89:cb:d3:
27:89:51:6c:3f:08:5a:52:a5:a1:92:82:96:ff:5c:
1e:e4:6d:04:57:6a:8b:bb:d7:4c:bd:0d:33:8e:2a:
aa:85:ac:5f:26:f9:bc:de:54:96:cf:d4:b1:f3:02:
cd:4c:38:0f:17:7e:c7:2a:1e:38:a1:dd:c0:6a:3b:
e6:5e:aa:8a:a3:4c:54:59:a9:eb:3a:d6:5f:e1:38:
36:4a:c8:6c:98:5d:ed:2e:ca:55:0f:6a:1b:4a:38:
e2:b3:62:db:91:3c:3d:25:42:ca:49:b2:84:bc:02:
a6:d4:f5:af:c3:c3:8e:44:a7:57:51:51:65:e6:82:
ed:e5:77:d2:58:13:a9:a4:ca:ef:7b:b3:96:46:dc:
a2:51:bd:de:cb:83:9b:3f:bd:a3:6a:9c:6f:1a:27:
e3:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:39:AF:14:CA:77:30:0F:8D:2D:CE:4A:19:1F:26:C3:AB:19:6E:3D
X509v3 Authority Key Identifier:
keyid:22:2C:45:85:BD:88:FB:27:CA:DF:29:EE:5B:B9:5D:65:75:FC:EF:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IixFhb2I-yfK3ynuW7ldZXX874M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/TzmvFMp3MA-NLc5KGR8mw6sZbj0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/6eb365-803a-4c2f-b7ae-c647a8c1ddfa/1/IixFhb2I-yfK3ynuW7ldZXX874M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.126.222.0/24
188.212.39.0/24
Signature Algorithm: sha256WithRSAEncryption
5f:1e:c2:b6:de:dc:a6:80:cb:d2:f9:41:9c:79:30:d2:64:10:
0e:50:2b:32:f7:55:fe:4f:c4:7c:ed:db:6d:1e:1e:a8:7d:1f:
63:71:fa:13:ab:da:7d:52:01:ed:2f:0a:d8:4a:a8:92:31:19:
1e:ec:1a:47:7b:05:56:e4:41:34:5f:60:cd:89:16:33:50:9e:
c5:1c:9f:a0:81:6b:aa:05:01:c5:02:9a:b7:9d:0b:b4:b4:43:
ae:91:e8:b4:47:3c:bb:f8:fd:39:75:6e:84:2d:e4:01:a7:92:
3f:54:a4:6b:12:cb:bb:5c:59:f9:d2:e2:cb:c0:08:51:30:1a:
0e:a5:24:fb:34:fb:2c:e1:60:8d:d5:92:79:20:9c:58:83:ba:
70:cc:71:79:a9:9c:de:66:2a:e7:3c:74:ea:b1:7a:5f:23:11:
1c:dc:2e:05:fb:63:95:28:29:40:c7:dc:b8:d2:e8:92:c0:49:
d5:82:59:52:c8:5e:44:ff:71:b6:e2:01:36:04:46:83:55:6c:
e1:48:09:52:73:57:0b:3a:7c:64:ce:bc:54:e0:c5:69:f3:c3:
e1:8b:66:d5:16:a0:d7:d7:94:54:33:2c:bc:2d:ca:51:9c:10:
39:36:9a:66:6c:98:b6:05:17:e8:b1:14:ae:fc:bc:04:56:85:
ac:e7:43:c8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFbtXSSwtr+CCwEo4FLR9yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyMmM0NTg1YmQ4OGZiMjdjYWRmMjllZTViYjk1ZDY1NzVm
Y2VmODMwHhcNMjQwMTAxMTQzMDI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjM5YWYxNGNhNzczMDBmOGQyZGNlNGExOTFmMjZjM2FiMTk2ZTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApb3dniwGpvOr2nE2AzbjLP7E7wlI
Q2uG2/8P3DTv0C2CkCR+7vuGjBV2v4hNEHX25o84LFHQUoU9rGIg8Ypqt5R7VFxx
Q/+gMWnwBuARYB523cMtmm9BjXqKjIPoGyekHIjZCvaJy9MniVFsPwhaUqWhkoKW
/1we5G0EV2qLu9dMvQ0zjiqqhaxfJvm83lSWz9Sx8wLNTDgPF37HKh44od3Aajvm
XqqKo0xUWanrOtZf4Tg2SshsmF3tLspVD2obSjjis2LbkTw9JULKSbKEvAKm1PWv
w8OORKdXUVFl5oLt5XfSWBOppMrve7OWRtyiUb3ey4ObP72japxvGifjvQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE85rxTKdzAPjS3OShkfJsOrGW49MB8GA1UdIwQY
MBaAFCIsRYW9iPsnyt8p7lu5XWV1/O+DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWl4RmhiMkkteWZLM3ludVc3bGRaWFg4NzRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC82ZWIzNjUtODAzYS00YzJmLWI3YWUt
YzY0N2E4YzFkZGZhLzEvVHptdkZNcDNNQS1OTGM1S0dSOG13NnNaYmowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC82ZWIzNjUtODAzYS00YzJmLWI3YWUtYzY0N2E4YzFkZGZh
LzEvSWl4RmhiMkkteWZLM3ludVc3bGRaWFg4NzRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAsH7eAwQA
vNQnMA0GCSqGSIb3DQEBCwUAA4IBAQBfHsK23tymgMvS+UGceTDSZBAOUCsy91X+
T8R87dttHh6ofR9jcfoTq9p9UgHtLwrYSqiSMRke7BpHewVW5EE0X2DNiRYzUJ7F
HJ+ggWuqBQHFApq3nQu0tEOukei0Rzy7+P05dW6ELeQBp5I/VKRrEsu7XFn50uLL
wAhRMBoOpST7NPss4WCN1ZJ5IJxYg7pwzHF5qZzeZirnPHTqsXpfIxEc3C4F+2OV
KClAx9y40uiSwEnVgllSyF5E/3G24gE2BEaDVWzhSAlSc1cLOnxkzrxU4MVp88Ph
i2bVFqDX15RUMyy8LcpRnBA5NppmbJi2BRfosRSu/LwEVoWs50PI
-----END CERTIFICATE-----
Generated at Thu May 23 04:35:05 2024 by rpki-client on console-ams.rpki-client.org