Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/72bd07-3cf1-45b1-9eef-b847eb77afc8/1/tnZ23ESXSMpZTpRo_eGIE2sBXeo.roa
File: tnZ23ESXSMpZTpRo_eGIE2sBXeo.roa (raw, json)
Hash identifier: ho1iGFdpsd7UJzqy7dqJIXAfbJ4hgImkpBW0NTJ9qkM=
Subject key identifier: B6:76:76:DC:44:97:48:CA:59:4E:94:68:FD:E1:88:13:6B:01:5D:EA
Certificate issuer: /CN=98afe969cf0ea93a0e8e57ee9588caf5572b3b22
Certificate serial: 01904C318EC90052B7052D8088025DA70AC6
Authority key identifier: 98:AF:E9:69:CF:0E:A9:3A:0E:8E:57:EE:95:88:CA:F5:57:2B:3B:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mK_pac8OqToOjlfulYjK9VcrOyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/72bd07-3cf1-45b1-9eef-b847eb77afc8/1/tnZ23ESXSMpZTpRo_eGIE2sBXeo.roa
Signing time: Mon 24 Jun 2024 21:40:34 +0000
ROA not before: Mon 24 Jun 2024 21:40:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59611
IP address blocks: 91.245.80.0/21 maxlen: 21
195.20.200.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/72bd07-3cf1-45b1-9eef-b847eb77afc8/1/mK_pac8OqToOjlfulYjK9VcrOyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/72bd07-3cf1-45b1-9eef-b847eb77afc8/1/mK_pac8OqToOjlfulYjK9VcrOyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/mK_pac8OqToOjlfulYjK9VcrOyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4c:31:8e:c9:00:52:b7:05:2d:80:88:02:5d:a7:0a:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98afe969cf0ea93a0e8e57ee9588caf5572b3b22
Validity
Not Before: Jun 24 21:40:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b67676dc449748ca594e9468fde188136b015dea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:38:c8:22:1d:55:af:e1:19:4f:40:e2:28:57:
ac:a3:a9:8c:c2:39:f6:bb:f2:fc:ac:a5:f2:89:7b:
ce:4c:2a:7f:e0:5a:6e:42:37:53:87:68:69:93:6c:
8a:b6:f1:9a:f1:16:4d:db:c4:32:11:f6:e8:e5:96:
d4:d1:0b:bb:3d:e2:7c:32:96:a7:b4:38:9c:74:65:
17:ac:7c:60:9c:13:c5:28:80:e0:9d:59:99:72:d5:
80:d8:1b:3f:fc:7c:4a:cb:c8:90:fc:72:a4:15:c2:
aa:c0:87:9b:5d:fd:bb:c2:04:a0:34:c6:c2:df:9a:
dd:62:4c:f3:96:e0:b0:57:33:6f:bf:a6:4e:6a:58:
45:37:6e:90:b4:49:b3:66:4e:08:e1:32:1e:3e:87:
bb:a7:8b:6b:ee:14:b3:9f:cd:aa:b1:b5:5c:68:d8:
55:d9:24:60:ef:0c:11:9f:51:a1:d7:55:26:9d:03:
e9:50:61:f3:24:ef:4b:7f:9e:2a:80:b0:b9:97:00:
5d:8f:28:c9:a7:46:4a:f9:8c:4a:33:03:37:62:4c:
71:a6:f8:b9:5f:8d:4b:89:d0:5c:3a:47:05:2a:b9:
e1:62:13:af:4a:1f:36:94:4e:a3:58:53:8b:56:94:
32:74:aa:d4:72:56:fd:f2:83:8a:72:46:7d:61:35:
41:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:76:76:DC:44:97:48:CA:59:4E:94:68:FD:E1:88:13:6B:01:5D:EA
X509v3 Authority Key Identifier:
keyid:98:AF:E9:69:CF:0E:A9:3A:0E:8E:57:EE:95:88:CA:F5:57:2B:3B:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mK_pac8OqToOjlfulYjK9VcrOyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/72bd07-3cf1-45b1-9eef-b847eb77afc8/1/tnZ23ESXSMpZTpRo_eGIE2sBXeo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/72bd07-3cf1-45b1-9eef-b847eb77afc8/1/mK_pac8OqToOjlfulYjK9VcrOyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.245.80.0/21
195.20.200.0/23
Signature Algorithm: sha256WithRSAEncryption
46:e5:15:ca:64:97:ce:e4:8f:ab:3c:26:db:16:0d:77:bc:d2:
d5:1d:c8:39:2f:33:80:61:ea:52:15:d4:d1:ca:06:a7:54:8d:
d5:29:0e:23:23:05:7c:4a:27:04:8d:85:e4:80:8c:e1:50:d5:
b1:85:b2:b9:0d:fc:3b:7d:69:a8:8d:03:0b:31:aa:a5:84:42:
9d:dc:2a:e4:f9:b4:f4:b2:cb:30:d9:ba:a2:85:3c:0b:28:54:
11:94:ca:28:8c:a3:bb:fb:19:d7:4e:ed:ad:1a:63:9d:90:cb:
80:d2:36:83:b1:dc:bc:16:b4:b0:da:20:39:c5:f9:13:c4:15:
a4:f2:ce:9c:7b:f9:9b:46:21:1f:1c:8a:1d:2d:0c:fe:97:84:
84:d5:40:06:46:60:f4:ef:ca:ac:e2:7f:4e:fa:1d:02:06:c6:
c8:ba:a8:67:94:47:bc:88:52:76:d9:7a:b6:b2:cf:8b:87:f4:
5f:bf:4f:7c:f7:5c:99:eb:3a:54:1d:c8:23:6f:53:8a:28:3c:
0c:79:6d:e9:04:19:33:a7:32:bf:a1:18:31:86:ac:be:32:1b:
b9:00:82:48:ee:89:ab:10:5e:91:4a:d1:06:ca:1a:43:10:62:
e4:45:32:37:e9:91:90:cb:d6:00:72:63:0e:87:1b:c5:ad:ca:
f9:7c:53:46
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZBMMY7JAFK3BS2AiAJdpwrGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4YWZlOTY5Y2YwZWE5M2EwZThlNTdlZTk1ODhjYWY1NTcy
YjNiMjIwHhcNMjQwNjI0MjE0MDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjc2NzZkYzQ0OTc0OGNhNTk0ZTk0NjhmZGUxODgxMzZiMDE1ZGVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0jjIIh1Vr+EZT0DiKFeso6mMwjn2
u/L8rKXyiXvOTCp/4FpuQjdTh2hpk2yKtvGa8RZN28QyEfbo5ZbU0Qu7PeJ8Mpan
tDicdGUXrHxgnBPFKIDgnVmZctWA2Bs//HxKy8iQ/HKkFcKqwIebXf27wgSgNMbC
35rdYkzzluCwVzNvv6ZOalhFN26QtEmzZk4I4TIePoe7p4tr7hSzn82qsbVcaNhV
2SRg7wwRn1Gh11UmnQPpUGHzJO9Lf54qgLC5lwBdjyjJp0ZK+YxKMwM3Ykxxpvi5
X41LidBcOkcFKrnhYhOvSh82lE6jWFOLVpQydKrUclb98oOKckZ9YTVBLwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLZ2dtxEl0jKWU6UaP3hiBNrAV3qMB8GA1UdIwQY
MBaAFJiv6WnPDqk6Do5X7pWIyvVXKzsiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUtfcGFjOE9xVG9PamxmdWxZaks5VmNyT3lJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC83MmJkMDctM2NmMS00NWIxLTllZWYt
Yjg0N2ViNzdhZmM4LzEvdG5aMjNFU1hTTXBaVHBSb19lR0lFMnNCWGVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC83MmJkMDctM2NmMS00NWIxLTllZWYtYjg0N2ViNzdhZmM4
LzEvbUtfcGFjOE9xVG9PamxmdWxZaks5VmNyT3lJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDW/VQAwQB
wxTIMA0GCSqGSIb3DQEBCwUAA4IBAQBG5RXKZJfO5I+rPCbbFg13vNLVHcg5LzOA
YepSFdTRyganVI3VKQ4jIwV8SicEjYXkgIzhUNWxhbK5Dfw7fWmojQMLMaqlhEKd
3Crk+bT0sssw2bqihTwLKFQRlMoojKO7+xnXTu2tGmOdkMuA0jaDsdy8FrSw2iA5
xfkTxBWk8s6ce/mbRiEfHIodLQz+l4SE1UAGRmD078qs4n9O+h0CBsbIuqhnlEe8
iFJ22Xq2ss+Lh/Rfv09891yZ6zpUHcgjb1OKKDwMeW3pBBkzpzK/oRgxhqy+Mhu5
AIJI7omrEF6RStEGyhpDEGLkRTI36ZGQy9YAcmMOhxvFrcr5fFNG
-----END CERTIFICATE-----
Generated at Tue Nov 26 23:02:52 2024 by rpki-client on console-fra.rpki-client.org