Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/TY-IB9ZVncfGcU2O8eJb7UrjOsI.roa
File: TY-IB9ZVncfGcU2O8eJb7UrjOsI.roa (raw, json)
Hash identifier: Q88oi3M455i8e70pgS4DwOGsYMcs+PziJs3hGq1y4pM=
Subject key identifier: 4D:8F:88:07:D6:55:9D:C7:C6:71:4D:8E:F1:E2:5B:ED:4A:E3:3A:C2
Certificate issuer: /CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Certificate serial: 018CC79556B09342C80C6901719CD1DB0D18
Authority key identifier: F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/TY-IB9ZVncfGcU2O8eJb7UrjOsI.roa
Signing time: Tue 02 Jan 2024 00:31:42 +0000
ROA not before: Tue 02 Jan 2024 00:31:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51626
IP address blocks: 89.40.100.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:56:b0:93:42:c8:0c:69:01:71:9c:d1:db:0d:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f8e62634e1bd5133a9de4512ae98cad1b2219b59
Validity
Not Before: Jan 2 00:31:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d8f8807d6559dc7c6714d8ef1e25bed4ae33ac2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:de:11:2d:f9:f7:11:9e:db:96:6d:97:10:8b:
05:2d:3c:65:e4:c6:78:93:e1:af:d1:b1:97:2d:3e:
3f:da:af:a3:cf:b6:08:bd:6f:12:3a:09:c5:b2:fb:
37:71:df:2e:af:39:7e:b9:96:33:7a:66:db:0f:7d:
2b:a1:23:79:fa:da:93:14:5f:e0:07:1f:40:ca:16:
8a:e7:50:53:49:fc:5e:1e:1a:d7:7f:44:34:2f:5f:
0f:23:73:b0:07:54:b4:22:e9:cf:e8:79:e5:1d:3c:
a0:02:c3:38:2d:6a:19:c1:8c:45:50:db:70:ea:6f:
b3:fd:43:d7:c4:6f:83:2d:32:9e:13:2e:aa:45:93:
cb:b8:c4:57:d1:ba:3e:a7:37:81:90:8e:9a:de:1d:
c5:96:e8:25:9e:f0:48:d4:ce:32:27:c5:e0:1b:3d:
be:45:1f:53:b4:39:79:d5:de:e5:8e:50:63:fe:e5:
1b:09:02:f0:3f:66:fc:88:79:56:59:77:59:f1:48:
1d:15:3e:f5:b2:6a:a4:11:fe:29:c5:78:9b:0a:cf:
05:28:5b:7b:42:f6:a8:d7:10:d8:9a:58:fa:65:b5:
24:5f:70:1e:34:14:c8:09:4c:3d:71:63:df:3f:25:
a6:d1:9b:30:c8:90:3e:5f:04:f5:c3:80:10:90:96:
13:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:8F:88:07:D6:55:9D:C7:C6:71:4D:8E:F1:E2:5B:ED:4A:E3:3A:C2
X509v3 Authority Key Identifier:
keyid:F8:E6:26:34:E1:BD:51:33:A9:DE:45:12:AE:98:CA:D1:B2:21:9B:59
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/TY-IB9ZVncfGcU2O8eJb7UrjOsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/da3398-6698-45f2-baae-92e25fe16331/1/1-OYmNOG9UTOp3kUSrpjK0bIhm1k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.100.0/22
Signature Algorithm: sha256WithRSAEncryption
1d:4c:d6:49:21:10:79:c8:06:d2:44:28:d8:37:ae:70:9f:ca:
3d:de:91:90:ba:cd:b8:24:b2:07:3b:ad:46:14:55:31:3f:d9:
a8:7a:21:c5:0a:90:06:60:7c:f9:d6:8d:17:56:28:59:b5:20:
4e:82:10:ad:a2:3f:7a:34:b4:a3:71:89:71:6a:e5:28:17:24:
88:95:01:cf:6d:bb:68:fc:a2:e3:27:c0:eb:c3:6a:5f:f8:0f:
9c:09:d0:7a:1d:98:78:6a:57:e3:de:15:c3:ae:39:95:5a:dc:
e3:3a:20:de:86:38:26:3b:86:1f:4e:1e:c7:a8:89:1e:22:3b:
49:b0:bd:1d:22:d0:b3:a0:b9:22:3f:ac:7d:58:47:3b:6f:0e:
17:46:42:bc:b9:c5:03:60:3b:f1:69:cc:76:bf:cc:cf:3a:6d:
49:67:16:e6:f8:32:41:2a:a7:94:93:9b:09:6f:00:65:65:da:
aa:06:48:b0:f2:63:2a:0f:6a:31:db:35:db:d4:8d:99:90:db:
3e:1b:87:44:e9:b9:85:8d:70:ab:5a:f5:1a:fa:46:53:ed:b4:
22:99:b7:cb:02:0e:a9:10:4d:e6:f7:06:7e:b7:4d:1d:93:db:
d3:01:18:40:5f:8e:34:39:09:78:5e:92:51:43:6a:c4:f3:81:
e1:8e:aa:4c
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzHlVawk0LIDGkBcZzR2w0YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4ZTYyNjM0ZTFiZDUxMzNhOWRlNDUxMmFlOThjYWQxYjIy
MTliNTkwHhcNMjQwMTAyMDAzMTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDhmODgwN2Q2NTU5ZGM3YzY3MTRkOGVmMWUyNWJlZDRhZTMzYWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAut4RLfn3EZ7blm2XEIsFLTxl5MZ4
k+Gv0bGXLT4/2q+jz7YIvW8SOgnFsvs3cd8urzl+uZYzembbD30roSN5+tqTFF/g
Bx9AyhaK51BTSfxeHhrXf0Q0L18PI3OwB1S0IunP6HnlHTygAsM4LWoZwYxFUNtw
6m+z/UPXxG+DLTKeEy6qRZPLuMRX0bo+pzeBkI6a3h3FluglnvBI1M4yJ8XgGz2+
RR9TtDl51d7ljlBj/uUbCQLwP2b8iHlWWXdZ8UgdFT71smqkEf4pxXibCs8FKFt7
Qvao1xDYmlj6ZbUkX3AeNBTICUw9cWPfPyWm0ZswyJA+XwT1w4AQkJYTvwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFE2PiAfWVZ3HxnFNjvHiW+1K4zrCMB8GA1UdIwQY
MBaAFPjmJjThvVEzqd5FEq6YytGyIZtZMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1PWW1OT0c5VVRPcDNrVVNycGpLMGJJaG0xay5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFl
LTkyZTI1ZmUxNjMzMS8xL1RZLUlCOVpWbmNmR2NVMk84ZUpiN1Vyak9zSS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNzgvZGEzMzk4LTY2OTgtNDVmMi1iYWFlLTkyZTI1ZmUxNjMz
MS8xLzEtT1ltTk9HOVVUT3Aza1VTcnBqSzBiSWhtMWsuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAJZKGQw
DQYJKoZIhvcNAQELBQADggEBAB1M1kkhEHnIBtJEKNg3rnCfyj3ekZC6zbgksgc7
rUYUVTE/2ah6IcUKkAZgfPnWjRdWKFm1IE6CEK2iP3o0tKNxiXFq5SgXJIiVAc9t
u2j8ouMnwOvDal/4D5wJ0HodmHhqV+PeFcOuOZVa3OM6IN6GOCY7hh9OHseoiR4i
O0mwvR0i0LOguSI/rH1YRztvDhdGQry5xQNgO/FpzHa/zM86bUlnFub4MkEqp5ST
mwlvAGVl2qoGSLDyYyoPajHbNdvUjZmQ2z4bh0TpuYWNcKta9Rr6RlPttCKZt8sC
DqkQTeb3Bn63TR2T29MBGEBfjjQ5CXheklFDasTzgeGOqkw=
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:40:52 2024 by rpki-client on console-fra.rpki-client.org