Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/tmqt1-3cEEF5pEaLnI5JGfGiR-Q.roa
File: tmqt1-3cEEF5pEaLnI5JGfGiR-Q.roa (raw, json)
Hash identifier: zFQLT0Sg2LlE1erjMpvEmbcuvRjY9Ydq+JFH133scfQ=
Subject key identifier: B6:6A:AD:D7:ED:DC:10:41:79:A4:46:8B:9C:8E:49:19:F1:A2:47:E4
Certificate issuer: /CN=af0dc12b0f1b533d8d04ec6117d6b9e512fcaa9f
Certificate serial: 01934F4E459F2589DFF832F9DE3CA2E0F789
Authority key identifier: AF:0D:C1:2B:0F:1B:53:3D:8D:04:EC:61:17:D6:B9:E5:12:FC:AA:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rw3BKw8bUz2NBOxhF9a55RL8qp8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/tmqt1-3cEEF5pEaLnI5JGfGiR-Q.roa
Signing time: Thu 21 Nov 2024 15:19:09 +0000
ROA not before: Thu 21 Nov 2024 15:19:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34762
IP address blocks: 213.158.78.0/23 maxlen: 24
213.158.84.0/22 maxlen: 24
213.158.88.0/23 maxlen: 24
213.158.90.0/23 maxlen: 24
213.158.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/rw3BKw8bUz2NBOxhF9a55RL8qp8.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/rw3BKw8bUz2NBOxhF9a55RL8qp8.mft
rsync://rpki.ripe.net/repository/DEFAULT/rw3BKw8bUz2NBOxhF9a55RL8qp8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:4f:4e:45:9f:25:89:df:f8:32:f9:de:3c:a2:e0:f7:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=af0dc12b0f1b533d8d04ec6117d6b9e512fcaa9f
Validity
Not Before: Nov 21 15:19:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b66aadd7eddc104179a4468b9c8e4919f1a247e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:72:b2:2a:34:27:89:f7:16:a7:a6:60:94:89:
d2:e2:de:14:01:de:c4:cf:42:5a:25:95:a6:c7:0b:
35:f8:3c:70:03:e8:47:85:14:e1:53:af:5d:6f:37:
cf:ad:1d:48:44:2b:9f:69:12:55:5c:a9:f2:75:54:
d0:37:4a:35:e0:bf:a2:1d:31:9f:fd:80:67:26:a9:
06:b7:88:2c:f4:69:37:a8:b6:c8:72:71:de:93:32:
65:b6:30:f3:6f:e8:a1:be:0f:e7:ba:0e:06:e4:4c:
17:76:af:6c:b2:2e:16:c3:98:8d:bb:96:c0:31:1a:
a1:b8:03:bb:b5:95:24:15:ad:e6:8b:8f:46:cb:e9:
df:fb:c2:23:71:94:81:f0:5e:6c:3d:f3:ee:2c:37:
25:f6:77:ca:6d:b8:70:b5:d1:91:bd:32:b1:a1:c1:
32:95:dd:b4:ca:23:3c:36:f6:9a:41:fc:d4:8f:c3:
52:bf:a5:41:16:11:5f:35:ec:eb:8c:bc:82:c2:88:
a2:b9:e0:17:77:aa:5b:83:34:c5:3f:4e:0a:05:8f:
95:e5:d6:2f:57:af:fa:26:7e:33:46:18:ee:ad:35:
06:69:5d:36:e2:11:e9:fd:15:7a:06:23:c8:4a:dd:
70:5a:49:be:5e:ae:a0:3d:5b:74:ee:fc:23:ab:9f:
52:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:6A:AD:D7:ED:DC:10:41:79:A4:46:8B:9C:8E:49:19:F1:A2:47:E4
X509v3 Authority Key Identifier:
keyid:AF:0D:C1:2B:0F:1B:53:3D:8D:04:EC:61:17:D6:B9:E5:12:FC:AA:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rw3BKw8bUz2NBOxhF9a55RL8qp8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/tmqt1-3cEEF5pEaLnI5JGfGiR-Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/c3174a-a794-44ee-8d26-bc5b69144587/1/rw3BKw8bUz2NBOxhF9a55RL8qp8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.158.78.0/23
213.158.84.0-213.158.95.255
Signature Algorithm: sha256WithRSAEncryption
27:46:17:74:68:d6:bf:12:86:3b:69:7b:7c:ef:c9:a6:88:f8:
8a:da:d6:67:99:74:04:16:da:35:3b:ee:8a:bf:a2:80:6d:f9:
e1:46:9f:f2:d6:1e:2f:bc:d5:f7:30:2b:4e:17:31:18:5e:68:
5d:ea:68:31:96:ad:e8:cc:72:d9:2e:2e:79:d7:61:07:96:6f:
b8:ce:e2:21:9a:fa:b7:7a:b2:e3:e9:8c:06:c7:4d:05:6c:f7:
66:2c:c7:5c:37:81:05:90:0f:49:40:3f:33:59:c2:cd:29:09:
e0:8f:e7:d3:84:bf:e7:d2:97:70:5e:bc:cf:a4:32:3e:af:f5:
dc:26:55:82:8c:7b:d9:a7:be:4a:39:6d:47:b8:b0:95:73:17:
84:2d:aa:a4:92:32:d0:05:6b:b1:0f:0e:b5:2d:42:72:a6:73:
36:c5:a2:9d:bc:95:c0:7a:09:47:cf:96:0f:bb:cd:f6:8f:f9:
b8:de:66:73:cd:99:ca:6f:3e:1f:87:64:e9:38:f8:f1:67:a8:
a7:bd:d5:37:04:41:ce:a4:0a:c2:f2:2a:c1:7b:59:6e:5d:9c:
f8:23:0c:31:cc:c2:43:a8:46:d5:65:bf:ba:4b:a7:62:05:29:
df:40:c2:8c:65:0a:a2:2d:3c:85:0b:92:8d:56:df:c9:bc:7d:
a6:98:1f:69
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZNPTkWfJYnf+DL53jyi4PeJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFmMGRjMTJiMGYxYjUzM2Q4ZDA0ZWM2MTE3ZDZiOWU1MTJm
Y2FhOWYwHhcNMjQxMTIxMTUxOTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjZhYWRkN2VkZGMxMDQxNzlhNDQ2OGI5YzhlNDkxOWYxYTI0N2U0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3KyKjQnifcWp6ZglInS4t4UAd7E
z0JaJZWmxws1+DxwA+hHhRThU69dbzfPrR1IRCufaRJVXKnydVTQN0o14L+iHTGf
/YBnJqkGt4gs9Gk3qLbIcnHekzJltjDzb+ihvg/nug4G5EwXdq9ssi4Ww5iNu5bA
MRqhuAO7tZUkFa3mi49Gy+nf+8IjcZSB8F5sPfPuLDcl9nfKbbhwtdGRvTKxocEy
ld20yiM8NvaaQfzUj8NSv6VBFhFfNezrjLyCwoiiueAXd6pbgzTFP04KBY+V5dYv
V6/6Jn4zRhjurTUGaV024hHp/RV6BiPISt1wWkm+Xq6gPVt07vwjq59SPwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFLZqrdft3BBBeaRGi5yOSRnxokfkMB8GA1UdIwQY
MBaAFK8NwSsPG1M9jQTsYRfWueUS/KqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnczQkt3OGJVejJOQk94aEY5YTU1Ukw4cXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9jMzE3NGEtYTc5NC00NGVlLThkMjYt
YmM1YjY5MTQ0NTg3LzEvdG1xdDEtM2NFRUY1cEVhTG5JNUpHZkdpUi1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9jMzE3NGEtYTc5NC00NGVlLThkMjYtYmM1YjY5MTQ0NTg3
LzEvcnczQkt3OGJVejJOQk94aEY5YTU1Ukw4cXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQB1Z5OMAwD
BALVnlQDBAXVnkAwDQYJKoZIhvcNAQELBQADggEBACdGF3Ro1r8Shjtpe3zvyaaI
+Ira1meZdAQW2jU77oq/ooBt+eFGn/LWHi+81fcwK04XMRheaF3qaDGWrejMctku
LnnXYQeWb7jO4iGa+rd6suPpjAbHTQVs92Ysx1w3gQWQD0lAPzNZws0pCeCP59OE
v+fSl3BevM+kMj6v9dwmVYKMe9mnvko5bUe4sJVzF4QtqqSSMtAFa7EPDrUtQnKm
czbFop28lcB6CUfPlg+7zfaP+bjeZnPNmcpvPh+HZOk4+PFnqKe91TcEQc6kCsLy
KsF7WW5dnPgjDDHMwkOoRtVlv7pLp2IFKd9AwoxlCqItPIULko1W38m8faaYH2k=
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:44:13 2024 by rpki-client on console-ams.rpki-client.org