Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/tMJC2H5hC42J_zoGhjAgaRp_axo.roa
File: tMJC2H5hC42J_zoGhjAgaRp_axo.roa (raw, json)
Hash identifier: 2C56hQaxT9FBBlRHSzwTV2lWteS44CS7E0813hBve8I=
Subject key identifier: B4:C2:42:D8:7E:61:0B:8D:89:FF:3A:06:86:30:20:69:1A:7F:6B:1A
Certificate issuer: /CN=ecf42776be532bd0575332855d8c42c4952ed931
Certificate serial: 018CC3B7429D79B19E19B66FFC0E76DFB793
Authority key identifier: EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/tMJC2H5hC42J_zoGhjAgaRp_axo.roa
Signing time: Mon 01 Jan 2024 06:30:16 +0000
ROA not before: Mon 01 Jan 2024 06:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9042
IP address blocks: 193.5.66.0/24 maxlen: 24
193.5.76.0/22 maxlen: 22
146.109.0.0/16 maxlen: 24
193.247.180.0/24 maxlen: 24
2a01:4642:200::/40 maxlen: 40
2a01:4642:100::/40 maxlen: 40
2a01:4640:c800::/40 maxlen: 40
2a01:4640:200::/40 maxlen: 40
2a01:4640:100::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7PQndr5TK9BXUzKFXYxCxJUu2TE.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7PQndr5TK9BXUzKFXYxCxJUu2TE.mft
rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:42:9d:79:b1:9e:19:b6:6f:fc:0e:76:df:b7:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ecf42776be532bd0575332855d8c42c4952ed931
Validity
Not Before: Jan 1 06:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4c242d87e610b8d89ff3a06863020691a7f6b1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:b6:7d:2e:e9:6d:f7:09:98:22:ca:d4:ea:ab:
cf:3e:0e:1f:52:98:b7:24:7f:9a:0f:52:e5:5e:33:
d3:1b:e0:5c:e2:cb:8b:f3:4a:16:b0:75:47:a3:24:
47:47:c5:28:4b:f5:8a:b6:b8:6f:51:50:f5:79:b8:
9f:a3:55:a2:b7:38:c1:b9:63:da:b4:bb:de:fb:a0:
61:c9:6e:61:33:3f:c5:d9:c5:a9:e5:44:33:2e:28:
c3:07:8b:92:d0:01:a8:30:d4:12:73:e5:cb:2c:2d:
fe:63:fc:e9:3f:14:51:84:57:b1:16:23:23:b6:1f:
16:62:8a:66:ff:46:a6:a4:b9:e3:76:f1:45:50:81:
27:22:d1:af:f4:4f:14:80:a7:4f:a8:ec:83:cd:7e:
e9:d0:b7:7d:f9:89:74:0d:30:72:e3:42:23:22:04:
85:b8:22:6c:d1:3f:10:ee:09:56:72:b5:d3:b3:5f:
2e:ca:7f:8a:65:88:28:04:c0:f0:fd:5c:b2:73:9c:
48:78:44:c7:c2:f5:67:0f:d7:10:07:89:21:a9:e3:
b4:49:eb:d4:61:b8:3d:40:16:01:bc:22:d2:b4:29:
18:ce:81:a0:d7:a7:82:e5:c5:06:14:4b:d7:ac:0c:
05:d2:be:81:c9:e1:76:dc:75:40:c0:f8:3c:46:cd:
f4:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:C2:42:D8:7E:61:0B:8D:89:FF:3A:06:86:30:20:69:1A:7F:6B:1A
X509v3 Authority Key Identifier:
keyid:EC:F4:27:76:BE:53:2B:D0:57:53:32:85:5D:8C:42:C4:95:2E:D9:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7PQndr5TK9BXUzKFXYxCxJUu2TE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/tMJC2H5hC42J_zoGhjAgaRp_axo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/ebd49f-f569-4152-b0b8-5e53c23b55b0/1/7PQndr5TK9BXUzKFXYxCxJUu2TE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.109.0.0/16
193.5.66.0/24
193.5.76.0/22
193.247.180.0/24
IPv6:
2a01:4640:100::-2a01:4640:2ff:ffff:ffff:ffff:ffff:ffff
2a01:4640:c800::/40
2a01:4642:100::-2a01:4642:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
19:68:bf:3e:fd:4c:5c:e5:0f:a0:5c:31:f0:ae:bf:af:2f:34:
b4:f2:db:ba:ff:75:92:c7:3e:9c:bf:70:f3:12:0d:98:a9:d0:
ab:33:a1:63:44:df:db:ef:96:a6:f1:87:bd:3a:ec:e9:ab:3c:
ca:34:c1:54:12:e8:84:17:40:72:bd:2f:10:72:b0:bf:4e:31:
4c:21:ee:fb:44:c3:43:72:93:37:84:04:f0:69:9e:94:4c:6b:
27:48:8e:05:c0:65:e3:5d:95:75:84:95:4b:63:45:2c:80:2d:
5c:1c:65:80:8e:45:84:4e:44:04:8b:bf:11:8b:cb:c0:2a:9d:
a8:46:a4:b1:29:b5:a4:e5:46:6d:33:89:39:9a:f1:9f:2b:39:
46:e1:e3:1f:5c:28:15:94:9c:d9:9f:ce:8b:50:da:fd:80:04:
bb:7a:ce:28:fe:36:72:d5:54:9c:f7:68:12:f9:26:9d:9c:91:
51:f4:7f:8c:3f:0f:7e:d4:2a:16:59:81:59:f1:3f:a5:fc:58:
24:e1:59:2a:8a:d7:75:03:4e:d8:1a:bb:ee:e1:fe:9a:49:24:
11:3c:45:9d:77:d9:9c:5b:e3:36:ba:b3:64:2f:e8:73:41:2d:
c3:10:cd:33:13:27:e2:10:e7:13:a6:23:e1:22:ff:95:bd:b6:
f8:53:f7:bf
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAYzDt0KdebGeGbZv/A5237eTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjZjQyNzc2YmU1MzJiZDA1NzUzMzI4NTVkOGM0MmM0OTUy
ZWQ5MzEwHhcNMjQwMTAxMDYzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGMyNDJkODdlNjEwYjhkODlmZjNhMDY4NjMwMjA2OTFhN2Y2YjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApbZ9Lult9wmYIsrU6qvPPg4fUpi3
JH+aD1LlXjPTG+Bc4suL80oWsHVHoyRHR8UoS/WKtrhvUVD1ebifo1WitzjBuWPa
tLve+6BhyW5hMz/F2cWp5UQzLijDB4uS0AGoMNQSc+XLLC3+Y/zpPxRRhFexFiMj
th8WYopm/0ampLnjdvFFUIEnItGv9E8UgKdPqOyDzX7p0Ld9+Yl0DTBy40IjIgSF
uCJs0T8Q7glWcrXTs18uyn+KZYgoBMDw/Vyyc5xIeETHwvVnD9cQB4khqeO0SevU
Ybg9QBYBvCLStCkYzoGg16eC5cUGFEvXrAwF0r6ByeF23HVAwPg8Rs30OwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFLTCQth+YQuNif86BoYwIGkaf2saMB8GA1UdIwQY
MBaAFOz0J3a+UyvQV1MyhV2MQsSVLtkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN1BRbmRyNVRLOUJYVXpLRlhZeEN4SlV1MlRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9lYmQ0OWYtZjU2OS00MTUyLWIwYjgt
NWU1M2MyM2I1NWIwLzEvdE1KQzJINWhDNDJKX3pvR2hqQWdhUnBfYXhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9lYmQ0OWYtZjU2OS00MTUyLWIwYjgtNWU1M2MyM2I1NWIw
LzEvN1BRbmRyNVRLOUJYVXpLRlhZeEN4SlV1MlRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzAdBAIAATAXAwMAkm0DBADB
BUIDBALBBUwDBADB97QwMgQCAAIwLDAQAwYAKgFGQAEDBgAqAUZAAgMGACoBRkDI
MBADBgAqAUZCAQMGACoBRkICMA0GCSqGSIb3DQEBCwUAA4IBAQAZaL8+/Uxc5Q+g
XDHwrr+vLzS08tu6/3WSxz6cv3DzEg2YqdCrM6FjRN/b75am8Ye9OuzpqzzKNMFU
EuiEF0ByvS8QcrC/TjFMIe77RMNDcpM3hATwaZ6UTGsnSI4FwGXjXZV1hJVLY0Us
gC1cHGWAjkWETkQEi78Ri8vAKp2oRqSxKbWk5UZtM4k5mvGfKzlG4eMfXCgVlJzZ
n86LUNr9gAS7es4o/jZy1VSc92gS+SadnJFR9H+MPw9+1CoWWYFZ8T+l/Fgk4Vkq
itd1A07YGrvu4f6aSSQRPEWdd9mcW+M2urNkL+hzQS3DEM0zEyfiEOcTpiPhIv+V
vbb4U/e/
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:45:15 2024 by rpki-client on console-ams.rpki-client.org