Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/85/46f501-7745-49da-b1d8-07309e796c78/1/TYjSjY_kQsIv2xH4JpRMz9E8Fw4.roa
File: TYjSjY_kQsIv2xH4JpRMz9E8Fw4.roa (raw, json)
Hash identifier: ZERaBFz4jS54W0LjWmDH7cRSjSs5ZLtNhbqWg2Q5Hlo=
Subject key identifier: 4D:88:D2:8D:8F:E4:42:C2:2F:DB:11:F8:26:94:4C:CF:D1:3C:17:0E
Certificate issuer: /CN=576b57aed853f89da2a5b23df17f9217eefa61b6
Certificate serial: 018CC7945A639512B450F3B690E9142EF17F
Authority key identifier: 57:6B:57:AE:D8:53:F8:9D:A2:A5:B2:3D:F1:7F:92:17:EE:FA:61:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V2tXrthT-J2ipbI98X-SF-76YbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/85/46f501-7745-49da-b1d8-07309e796c78/1/TYjSjY_kQsIv2xH4JpRMz9E8Fw4.roa
Signing time: Tue 02 Jan 2024 00:30:37 +0000
ROA not before: Tue 02 Jan 2024 00:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51053
IP address blocks: 185.208.160.0/22 maxlen: 24
193.104.3.0/24 maxlen: 24
141.101.40.0/21 maxlen: 24
2a01:4f80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/85/46f501-7745-49da-b1d8-07309e796c78/1/V2tXrthT-J2ipbI98X-SF-76YbY.crl
rsync://rpki.ripe.net/repository/DEFAULT/85/46f501-7745-49da-b1d8-07309e796c78/1/V2tXrthT-J2ipbI98X-SF-76YbY.mft
rsync://rpki.ripe.net/repository/DEFAULT/V2tXrthT-J2ipbI98X-SF-76YbY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:5a:63:95:12:b4:50:f3:b6:90:e9:14:2e:f1:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=576b57aed853f89da2a5b23df17f9217eefa61b6
Validity
Not Before: Jan 2 00:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d88d28d8fe442c22fdb11f826944ccfd13c170e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:80:1a:97:1f:5f:ef:77:b9:eb:b9:1c:56:52:c1:
72:86:d5:0e:a1:fe:35:a8:1c:7e:da:0c:35:21:37:
e7:e3:b8:4a:d8:a8:17:ac:d0:5f:9c:d9:8a:b9:e8:
40:4c:49:31:b3:03:c6:c0:08:54:61:01:20:d5:98:
2a:f2:05:73:37:df:bd:47:dc:70:65:fb:d1:21:f1:
eb:9f:30:8c:6e:94:93:f4:0a:b1:1e:83:f9:5d:12:
e0:0d:b2:b9:9c:b0:9f:f8:11:8d:e3:05:18:a8:0e:
a9:b0:66:a8:20:3a:89:dd:78:8d:d1:d9:c8:8e:b2:
cf:8f:4e:95:6c:dd:4f:2b:89:9a:c4:9a:e3:85:53:
b1:b2:78:64:15:25:83:33:74:ed:41:f5:22:3c:2d:
d0:dd:3d:4b:75:34:f5:d4:1f:b5:dc:84:1b:a8:33:
01:b9:97:ed:9c:85:f6:d3:7c:a1:61:eb:e0:fc:4e:
5c:7e:79:eb:e0:65:fb:05:d9:e6:b9:62:6e:c0:2a:
7a:9c:00:65:a3:35:c1:d8:57:38:d6:65:09:95:14:
79:e6:49:9f:1e:61:89:59:24:26:0a:36:6f:23:78:
50:52:77:89:98:25:6b:e6:62:00:5b:f1:98:7f:8c:
7c:3a:c6:7e:da:6c:a9:01:0a:a6:2b:be:56:e1:6f:
6a:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:88:D2:8D:8F:E4:42:C2:2F:DB:11:F8:26:94:4C:CF:D1:3C:17:0E
X509v3 Authority Key Identifier:
keyid:57:6B:57:AE:D8:53:F8:9D:A2:A5:B2:3D:F1:7F:92:17:EE:FA:61:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V2tXrthT-J2ipbI98X-SF-76YbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/85/46f501-7745-49da-b1d8-07309e796c78/1/TYjSjY_kQsIv2xH4JpRMz9E8Fw4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/85/46f501-7745-49da-b1d8-07309e796c78/1/V2tXrthT-J2ipbI98X-SF-76YbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.101.40.0/21
185.208.160.0/22
193.104.3.0/24
IPv6:
2a01:4f80::/29
Signature Algorithm: sha256WithRSAEncryption
2a:09:f3:6c:45:ad:a9:b4:84:c5:76:81:9d:1e:d3:30:26:52:
26:c1:d3:19:e0:76:88:a9:a5:78:b6:f2:41:2e:76:94:39:c2:
71:66:8d:a8:9d:26:c6:49:6f:26:f1:e1:74:32:d5:b9:99:b8:
2c:9e:fc:f3:c9:53:f3:93:07:16:fd:a3:50:59:32:0a:a8:8c:
86:b3:4d:d3:21:59:de:cc:d6:5d:8b:08:3d:84:6f:5f:8d:3b:
02:9e:bc:90:02:ee:0a:e2:ca:85:07:22:51:1a:0b:c2:12:55:
37:4e:d2:f3:2f:37:4b:f2:a8:ca:a4:1b:94:d2:0a:e8:29:3d:
1c:51:d7:3b:20:82:08:cf:27:33:5b:ae:c3:65:8c:7b:96:df:
36:d9:37:95:1b:1a:ec:4c:8c:20:55:02:2e:c7:d4:f1:d3:50:
36:84:3a:e4:df:d9:8f:17:16:d8:ca:61:fd:11:62:4c:d6:1b:
cf:35:6b:59:b2:a2:5c:9e:ab:49:5d:08:4e:58:2e:f7:a8:4c:
ae:19:6a:bc:e7:11:0e:95:7d:0b:e6:0a:f0:ad:d0:e0:b0:40:
6c:7c:f1:9a:60:1d:1a:d4:de:c7:38:c7:c3:aa:2b:d8:3c:16:
4e:99:4b:d4:d0:5d:99:c3:ee:9f:62:4f:f5:7c:2d:43:e2:60:
a9:15:bf:43
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzHlFpjlRK0UPO2kOkULvF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3NmI1N2FlZDg1M2Y4OWRhMmE1YjIzZGYxN2Y5MjE3ZWVm
YTYxYjYwHhcNMjQwMTAyMDAzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDg4ZDI4ZDhmZTQ0MmMyMmZkYjExZjgyNjk0NGNjZmQxM2MxNzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgBqXH1/vd7nruRxWUsFyhtUOof41
qBx+2gw1ITfn47hK2KgXrNBfnNmKuehATEkxswPGwAhUYQEg1Zgq8gVzN9+9R9xw
ZfvRIfHrnzCMbpST9AqxHoP5XRLgDbK5nLCf+BGN4wUYqA6psGaoIDqJ3XiN0dnI
jrLPj06VbN1PK4maxJrjhVOxsnhkFSWDM3TtQfUiPC3Q3T1LdTT11B+13IQbqDMB
uZftnIX203yhYevg/E5cfnnr4GX7BdnmuWJuwCp6nABlozXB2Fc41mUJlRR55kmf
HmGJWSQmCjZvI3hQUneJmCVr5mIAW/GYf4x8OsZ+2mypAQqmK75W4W9qGQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFE2I0o2P5ELCL9sR+CaUTM/RPBcOMB8GA1UdIwQY
MBaAFFdrV67YU/idoqWyPfF/khfu+mG2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjJ0WHJ0aFQtSjJpcGJJOThYLVNGLTc2WWJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NS80NmY1MDEtNzc0NS00OWRhLWIxZDgt
MDczMDllNzk2Yzc4LzEvVFlqU2pZX2tRc0l2MnhINEpwUk16OUU4Rnc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NS80NmY1MDEtNzc0NS00OWRhLWIxZDgtMDczMDllNzk2Yzc4
LzEvVjJ0WHJ0aFQtSjJpcGJJOThYLVNGLTc2WWJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDjWUoAwQC
udCgAwQAwWgDMA0EAgACMAcDBQMqAU+AMA0GCSqGSIb3DQEBCwUAA4IBAQAqCfNs
Ra2ptITFdoGdHtMwJlImwdMZ4HaIqaV4tvJBLnaUOcJxZo2onSbGSW8m8eF0MtW5
mbgsnvzzyVPzkwcW/aNQWTIKqIyGs03TIVnezNZdiwg9hG9fjTsCnryQAu4K4sqF
ByJRGgvCElU3TtLzLzdL8qjKpBuU0groKT0cUdc7IIIIzyczW67DZYx7lt822TeV
GxrsTIwgVQIux9Tx01A2hDrk39mPFxbYymH9EWJM1hvPNWtZsqJcnqtJXQhOWC73
qEyuGWq85xEOlX0L5grwrdDgsEBsfPGaYB0a1N7HOMfDqivYPBZOmUvU0F2Zw+6f
Yk/1fC1D4mCpFb9D
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:02:22 2024 by rpki-client on console-fra.rpki-client.org