Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/TpSDLpb7nZlr_y-bx52aqxEo9OI.roa
File: TpSDLpb7nZlr_y-bx52aqxEo9OI.roa (raw, json)
Hash identifier: M3dYpg2evUMgADfgRkFWDdm6BXoTX+npjMuJDGiNDlA=
Subject key identifier: 4E:94:83:2E:96:FB:9D:99:6B:FF:2F:9B:C7:9D:9A:AB:11:28:F4:E2
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 018CD872258BA914D5122C9FF84FF8E031C2
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/TpSDLpb7nZlr_y-bx52aqxEo9OI.roa
Signing time: Fri 05 Jan 2024 07:06:48 +0000
ROA not before: Fri 05 Jan 2024 07:06:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43769
IP address blocks: 195.136.197.0/24 maxlen: 24
194.183.50.0/24 maxlen: 24
82.177.95.0/24 maxlen: 24
82.177.92.0/23 maxlen: 23
82.177.100.0/24 maxlen: 24
81.15.187.0/24 maxlen: 24
82.177.110.0/24 maxlen: 24
2a00:4120:8001::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft
rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 09:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d8:72:25:8b:a9:14:d5:12:2c:9f:f8:4f:f8:e0:31:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jan 5 07:06:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e94832e96fb9d996bff2f9bc79d9aab1128f4e2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:9f:8a:82:17:a4:e6:ad:73:d9:fc:87:86:35:
10:08:7c:18:56:ee:8e:6d:8e:a2:f9:32:58:02:92:
95:fc:97:86:dd:99:91:96:eb:dc:96:05:53:4b:74:
12:d2:d3:56:9d:f3:65:23:b7:c0:7f:72:0e:89:43:
99:fe:dc:91:10:8d:c1:e8:2d:4a:7d:a0:3b:12:43:
fa:6a:af:e5:1e:e4:c6:a1:a6:a4:5d:e1:27:59:a7:
98:12:d2:56:b1:e7:1e:89:3c:b8:26:02:fa:77:e5:
40:14:8c:fe:33:ea:71:04:9e:58:c0:19:5e:d0:75:
1a:64:05:b5:37:a9:d2:c1:fc:b2:09:f3:7b:d5:53:
5e:06:9e:7c:f5:ee:1b:8a:ae:02:10:9b:13:bf:f9:
b3:27:bf:ca:61:34:82:93:c9:0f:d1:6c:cb:93:d6:
d3:71:5a:70:36:a9:f9:3d:f6:90:69:f1:fe:71:6e:
0b:55:c7:c7:da:13:2a:8d:37:54:fe:0c:e9:ab:86:
89:e1:72:e9:f4:b1:28:fb:5e:cb:46:ec:ce:65:68:
97:53:fe:42:80:93:d9:3e:70:d0:9c:2a:fe:46:7f:
64:b3:49:dd:ec:8b:2c:60:5e:79:43:52:49:62:81:
c6:ea:34:49:b9:6f:bb:a5:ee:1b:94:5f:5f:63:15:
f9:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:94:83:2E:96:FB:9D:99:6B:FF:2F:9B:C7:9D:9A:AB:11:28:F4:E2
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/TpSDLpb7nZlr_y-bx52aqxEo9OI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.15.187.0/24
82.177.92.0/23
82.177.95.0/24
82.177.100.0/24
82.177.110.0/24
194.183.50.0/24
195.136.197.0/24
IPv6:
2a00:4120:8001::/48
Signature Algorithm: sha256WithRSAEncryption
87:03:da:4a:1a:31:5c:1d:70:3e:1f:1f:c5:b0:14:6a:c0:99:
15:f4:34:b8:39:e0:aa:6a:13:31:aa:48:71:38:9f:6d:32:d4:
85:70:2e:80:d1:ad:a9:f4:e1:e7:c6:b7:7d:f5:81:27:72:08:
4e:bc:09:b6:00:6c:db:03:51:21:97:21:b1:0b:6d:45:cc:90:
12:50:9d:62:a8:33:b6:a3:b6:6c:a8:5c:36:6f:a3:1a:e5:89:
c5:a0:9a:83:fb:d1:e4:ed:9a:1b:04:c4:18:d3:3e:25:27:50:
20:26:4e:20:cc:44:81:8a:8b:7d:85:cb:3f:f7:23:38:4e:52:
9b:d3:1a:a6:85:59:a4:e1:7f:dc:83:ee:af:7a:a4:0c:de:04:
ca:a4:43:95:bb:8c:da:b1:ac:26:90:c9:06:5c:74:c2:fc:41:
62:cd:7b:cb:fa:32:e6:a2:93:d1:9b:04:b2:03:06:06:9c:43:
59:5b:7b:51:91:00:93:d9:e7:8e:e5:58:fb:0d:c4:17:10:6f:
c7:1c:9b:74:7c:97:b1:c8:77:1d:1c:f1:9a:24:d3:e4:f5:7b:
07:26:cc:e4:39:56:ad:ce:3d:57:4b:d8:4a:68:d5:6d:f5:b0:
fd:95:aa:be:9a:47:52:78:12:2b:32:4d:92:54:82:79:6e:67:
27:a0:3f:5b
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAYzYciWLqRTVEiyf+E/44DHCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjQwMTA1MDcwNjQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTk0ODMyZTk2ZmI5ZDk5NmJmZjJmOWJjNzlkOWFhYjExMjhmNGUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj5+Kghek5q1z2fyHhjUQCHwYVu6O
bY6i+TJYApKV/JeG3ZmRluvclgVTS3QS0tNWnfNlI7fAf3IOiUOZ/tyREI3B6C1K
faA7EkP6aq/lHuTGoaakXeEnWaeYEtJWseceiTy4JgL6d+VAFIz+M+pxBJ5YwBle
0HUaZAW1N6nSwfyyCfN71VNeBp589e4biq4CEJsTv/mzJ7/KYTSCk8kP0WzLk9bT
cVpwNqn5PfaQafH+cW4LVcfH2hMqjTdU/gzpq4aJ4XLp9LEo+17LRuzOZWiXU/5C
gJPZPnDQnCr+Rn9ks0nd7IssYF55Q1JJYoHG6jRJuW+7pe4blF9fYxX5+QIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFE6Ugy6W+52Za/8vm8edmqsRKPTiMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvVHBTRExwYjduWmxyX3ktYng1MmFxeEVvOU9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQAUQ+7AwQB
UrFcAwQAUrFfAwQAUrFkAwQAUrFuAwQAwrcyAwQAw4jFMA8EAgACMAkDBwAqAEEg
gAEwDQYJKoZIhvcNAQELBQADggEBAIcD2koaMVwdcD4fH8WwFGrAmRX0NLg54Kpq
EzGqSHE4n20y1IVwLoDRran04efGt331gSdyCE68CbYAbNsDUSGXIbELbUXMkBJQ
nWKoM7ajtmyoXDZvoxrlicWgmoP70eTtmhsExBjTPiUnUCAmTiDMRIGKi32Fyz/3
IzhOUpvTGqaFWaThf9yD7q96pAzeBMqkQ5W7jNqxrCaQyQZcdML8QWLNe8v6Muai
k9GbBLIDBgacQ1lbe1GRAJPZ547lWPsNxBcQb8ccm3R8l7HIdx0c8Zok0+T1ewcm
zOQ5Vq3OPVdL2Epo1W31sP2Vqr6aR1J4EisyTZJUgnluZyegP1s=
-----END CERTIFICATE-----
Generated at Fri Nov 22 13:47:44 2024 by rpki-client on console-fra.rpki-client.org