Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/89/edd939-f18a-4165-b728-91a32eff6ccd/1/TEeyrQbKbwe07KbX4lWJRJEntJs.roa
File: TEeyrQbKbwe07KbX4lWJRJEntJs.roa (raw, json)
Hash identifier: CvDzFJ3H08j4czq4qq2W7y16PLYizv/g8e1VAfROaEU=
Subject key identifier: 4C:47:B2:AD:06:CA:6F:07:B4:EC:A6:D7:E2:55:89:44:91:27:B4:9B
Certificate issuer: /CN=953ac97a81c7794e62080e35b9e87b41d4b1868f
Certificate serial: 018CC6B7A885D52CDC2104371491D2B53669
Authority key identifier: 95:3A:C9:7A:81:C7:79:4E:62:08:0E:35:B9:E8:7B:41:D4:B1:86:8F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lTrJeoHHeU5iCA41ueh7QdSxho8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/89/edd939-f18a-4165-b728-91a32eff6ccd/1/TEeyrQbKbwe07KbX4lWJRJEntJs.roa
Signing time: Mon 01 Jan 2024 20:29:33 +0000
ROA not before: Mon 01 Jan 2024 20:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 553
IP address blocks: 192.52.0.0/19 maxlen: 19
192.52.32.0/20 maxlen: 20
192.52.50.0/24 maxlen: 24
192.52.48.0/23 maxlen: 23
132.230.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/89/edd939-f18a-4165-b728-91a32eff6ccd/1/lTrJeoHHeU5iCA41ueh7QdSxho8.crl
rsync://rpki.ripe.net/repository/DEFAULT/89/edd939-f18a-4165-b728-91a32eff6ccd/1/lTrJeoHHeU5iCA41ueh7QdSxho8.mft
rsync://rpki.ripe.net/repository/DEFAULT/lTrJeoHHeU5iCA41ueh7QdSxho8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:a8:85:d5:2c:dc:21:04:37:14:91:d2:b5:36:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=953ac97a81c7794e62080e35b9e87b41d4b1868f
Validity
Not Before: Jan 1 20:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c47b2ad06ca6f07b4eca6d7e25589449127b49b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7c:b4:ff:03:0c:14:1d:eb:80:4f:6e:e6:55:
4f:b7:b7:61:2e:f0:f3:5f:07:b5:aa:14:c4:ff:6a:
7d:ec:75:8c:d0:10:52:82:df:43:71:da:5d:22:3d:
5e:91:69:dc:cb:92:0e:a0:9f:96:e5:1a:9a:d7:98:
aa:f0:12:f6:4c:3a:fc:39:06:bc:db:69:2a:e1:90:
10:0f:ab:43:dd:8d:1b:dd:72:9a:cb:38:47:77:68:
c5:dc:c0:1a:60:89:40:a4:6d:b4:25:8e:68:0a:3a:
a2:42:da:82:5b:bd:55:53:20:dd:18:7c:93:06:70:
76:52:83:65:bd:83:2b:a2:fd:af:5e:3f:fc:6a:ca:
df:93:38:9d:bb:b5:7f:85:3a:e4:39:87:d7:d6:72:
17:11:22:78:bc:0d:a9:4c:0a:8d:ab:00:97:9c:8d:
6e:04:63:ef:91:6f:2f:00:10:36:2f:c2:6c:60:03:
d6:38:2c:44:60:39:82:38:bd:5a:a7:dc:94:60:85:
33:c9:0b:9d:97:3c:b4:8c:d2:62:86:d0:4b:05:81:
c6:9b:8b:d7:c0:9a:57:18:f1:49:c0:f0:48:09:b1:
ab:70:32:21:db:47:2b:da:fb:df:ff:35:8e:97:c1:
f1:09:30:69:d0:24:2c:69:bf:f6:2a:9a:1d:7d:59:
ed:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:47:B2:AD:06:CA:6F:07:B4:EC:A6:D7:E2:55:89:44:91:27:B4:9B
X509v3 Authority Key Identifier:
keyid:95:3A:C9:7A:81:C7:79:4E:62:08:0E:35:B9:E8:7B:41:D4:B1:86:8F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lTrJeoHHeU5iCA41ueh7QdSxho8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/89/edd939-f18a-4165-b728-91a32eff6ccd/1/TEeyrQbKbwe07KbX4lWJRJEntJs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/89/edd939-f18a-4165-b728-91a32eff6ccd/1/lTrJeoHHeU5iCA41ueh7QdSxho8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
132.230.0.0/16
192.52.0.0-192.52.50.255
Signature Algorithm: sha256WithRSAEncryption
62:5c:3f:d5:e5:b7:eb:2b:bd:37:99:20:94:57:e7:f2:2b:38:
95:ed:2e:22:8c:39:98:24:ab:d2:a0:3c:ed:e8:b3:a5:fd:d9:
61:e1:1b:76:ff:10:25:15:77:b8:b7:cf:1d:9b:45:9d:9a:d4:
6f:17:23:ff:21:27:06:e8:62:2e:10:c5:1b:12:7c:e8:4f:9a:
49:31:ec:8f:0d:4e:f0:52:6d:ab:ba:82:a6:ad:cf:00:d5:6a:
d4:45:bf:5a:db:f8:5a:7b:2e:34:02:9c:a4:6f:b6:62:3b:98:
fb:59:8f:b1:88:a8:d3:f0:67:da:74:62:94:b4:2a:9a:d6:57:
2d:6c:9c:30:b2:db:42:84:2d:60:9b:5f:b1:af:dd:7b:be:8d:
8d:74:bf:52:b3:0a:ac:10:7f:91:bc:d7:45:25:25:ff:ed:58:
f5:4b:42:30:b5:c9:1c:f3:8a:df:65:b5:92:9e:65:21:d9:74:
2f:75:40:72:ab:b2:99:78:59:c9:92:7b:6b:49:29:af:43:6d:
6d:95:a8:0c:8c:0d:4c:28:e3:2a:13:54:fe:86:d3:ef:79:98:
ee:a6:a4:65:39:55:ce:8b:f0:23:57:c0:f2:58:d0:00:51:fc:
14:4e:c1:3e:4c:0d:4b:ac:f6:38:6e:41:f7:d1:19:76:bd:28:
d6:96:e3:62
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzGt6iF1SzcIQQ3FJHStTZpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1M2FjOTdhODFjNzc5NGU2MjA4MGUzNWI5ZTg3YjQxZDRi
MTg2OGYwHhcNMjQwMTAxMjAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzQ3YjJhZDA2Y2E2ZjA3YjRlY2E2ZDdlMjU1ODk0NDkxMjdiNDliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXy0/wMMFB3rgE9u5lVPt7dhLvDz
Xwe1qhTE/2p97HWM0BBSgt9DcdpdIj1ekWncy5IOoJ+W5Rqa15iq8BL2TDr8OQa8
22kq4ZAQD6tD3Y0b3XKayzhHd2jF3MAaYIlApG20JY5oCjqiQtqCW71VUyDdGHyT
BnB2UoNlvYMrov2vXj/8asrfkzidu7V/hTrkOYfX1nIXESJ4vA2pTAqNqwCXnI1u
BGPvkW8vABA2L8JsYAPWOCxEYDmCOL1ap9yUYIUzyQudlzy0jNJihtBLBYHGm4vX
wJpXGPFJwPBICbGrcDIh20cr2vvf/zWOl8HxCTBp0CQsab/2KpodfVnt5QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFExHsq0Gym8HtOym1+JViUSRJ7SbMB8GA1UdIwQY
MBaAFJU6yXqBx3lOYggONbnoe0HUsYaPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFRySmVvSEhlVTVpQ0E0MXVlaDdRZFN4aG84LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OS9lZGQ5MzktZjE4YS00MTY1LWI3Mjgt
OTFhMzJlZmY2Y2NkLzEvVEVleXJRYktid2UwN0tiWDRsV0pSSkVudEpzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OS9lZGQ5MzktZjE4YS00MTY1LWI3MjgtOTFhMzJlZmY2Y2Nk
LzEvbFRySmVvSEhlVTVpQ0E0MXVlaDdRZFN4aG84LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwMAhOYwCwMD
AsA0AwQAwDQyMA0GCSqGSIb3DQEBCwUAA4IBAQBiXD/V5bfrK703mSCUV+fyKziV
7S4ijDmYJKvSoDzt6LOl/dlh4Rt2/xAlFXe4t88dm0WdmtRvFyP/IScG6GIuEMUb
EnzoT5pJMeyPDU7wUm2ruoKmrc8A1WrURb9a2/haey40Apykb7ZiO5j7WY+xiKjT
8GfadGKUtCqa1lctbJwwsttChC1gm1+xr917vo2NdL9SswqsEH+RvNdFJSX/7Vj1
S0Iwtckc84rfZbWSnmUh2XQvdUByq7KZeFnJkntrSSmvQ21tlagMjA1MKOMqE1T+
htPveZjupqRlOVXOi/AjV8DyWNAAUfwUTsE+TA1LrPY4bkH30Rl2vSjWluNi
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:43:58 2024 by rpki-client on console-ams.rpki-client.org