Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/TWVnkjLc2eihSng2k14VRwfzgl4.roa
File: TWVnkjLc2eihSng2k14VRwfzgl4.roa (raw, json)
Hash identifier: YbdWeBMAFu/DGCrlrm/AHcvc3AkEDLZFCRdjZ0LoY6k=
Subject key identifier: 4D:65:67:92:32:DC:D9:E8:A1:4A:78:36:93:5E:15:47:07:F3:82:5E
Certificate issuer: /CN=1a12509e4f2a730e169937d40833bb893ee7b98c
Certificate serial: 018CC5012DDF666E8155D202CCFFB3D56999
Authority key identifier: 1A:12:50:9E:4F:2A:73:0E:16:99:37:D4:08:33:BB:89:3E:E7:B9:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GhJQnk8qcw4WmTfUCDO7iT7nuYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/TWVnkjLc2eihSng2k14VRwfzgl4.roa
Signing time: Mon 01 Jan 2024 12:30:37 +0000
ROA not before: Mon 01 Jan 2024 12:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29144
IP address blocks: 194.0.142.0/24 maxlen: 24
185.76.200.0/24 maxlen: 24
185.76.200.0/23 maxlen: 23
185.76.203.0/24 maxlen: 24
185.76.202.0/23 maxlen: 23
185.76.202.0/24 maxlen: 24
185.76.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/GhJQnk8qcw4WmTfUCDO7iT7nuYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/GhJQnk8qcw4WmTfUCDO7iT7nuYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/GhJQnk8qcw4WmTfUCDO7iT7nuYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 13:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:2d:df:66:6e:81:55:d2:02:cc:ff:b3:d5:69:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1a12509e4f2a730e169937d40833bb893ee7b98c
Validity
Not Before: Jan 1 12:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d65679232dcd9e8a14a7836935e154707f3825e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:60:19:ed:7b:cc:ed:c3:56:bd:a9:cb:b7:f5:
38:c1:42:d1:32:d1:fa:87:8d:88:e9:af:1f:fc:4f:
53:fd:a0:c4:3e:73:92:76:62:3e:b7:35:b6:55:3b:
c7:16:fd:91:6d:0b:7b:9b:6a:d8:20:68:b6:6e:60:
ac:c9:e6:77:b3:de:42:92:cd:80:3b:1a:fd:0c:e7:
c0:9d:11:3f:03:65:e4:79:42:4f:35:cc:3c:a3:bd:
10:cb:10:be:90:a8:21:02:6b:67:16:2f:ad:a8:a6:
1c:cf:5d:dd:4e:62:7c:36:3f:4e:33:ec:41:2b:62:
6b:02:86:3d:94:cf:c4:97:46:15:06:02:48:4a:fd:
34:ae:93:2d:1f:c7:c2:32:0e:ef:ce:b0:86:ba:8c:
89:2c:de:2f:ea:5b:c1:d2:09:1f:a8:f1:99:cd:4d:
84:94:e8:c3:1d:d8:ab:53:11:ff:9e:75:2f:e2:d9:
87:13:ff:e4:ba:74:74:2e:03:c4:62:3b:d2:7f:2c:
16:de:64:6d:cc:aa:7f:26:57:c8:c8:bf:30:7f:a8:
41:1f:9a:f7:58:79:61:9b:bd:18:77:e3:aa:27:d1:
84:83:8f:91:aa:9e:cf:55:8e:ef:85:37:62:d3:7e:
24:ba:ea:6e:39:c3:19:b7:7e:43:d6:c5:ac:a2:d4:
1b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:65:67:92:32:DC:D9:E8:A1:4A:78:36:93:5E:15:47:07:F3:82:5E
X509v3 Authority Key Identifier:
keyid:1A:12:50:9E:4F:2A:73:0E:16:99:37:D4:08:33:BB:89:3E:E7:B9:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GhJQnk8qcw4WmTfUCDO7iT7nuYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/TWVnkjLc2eihSng2k14VRwfzgl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b31731-5cd3-445e-8cb3-4196b0eacd27/1/GhJQnk8qcw4WmTfUCDO7iT7nuYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.76.200.0/22
194.0.142.0/24
Signature Algorithm: sha256WithRSAEncryption
05:20:59:34:c3:af:3a:62:51:f1:52:e3:bf:0b:bc:13:8a:75:
9d:30:58:88:12:89:5b:1e:09:44:4e:0b:96:0f:45:46:c3:99:
70:b4:ba:de:2d:9f:5a:2f:d7:32:b1:3b:ee:32:95:01:13:cf:
d6:a9:32:5b:36:0a:ca:70:e5:6d:b6:a4:ba:ef:7f:c3:c5:12:
7c:db:28:f7:5a:36:52:f0:74:99:3e:2f:53:26:00:bf:a4:b3:
cb:28:2c:a6:e7:ad:cf:0e:80:3d:0b:2b:2e:1e:06:80:b1:9c:
e8:03:46:1a:97:0d:46:0b:e0:ab:79:25:18:66:53:f4:76:1e:
b5:c4:ef:87:37:29:2e:f7:98:65:55:8c:a5:e2:66:57:5c:35:
f1:28:94:c5:31:74:4c:14:41:57:ee:d0:d2:d3:d1:09:38:1f:
18:86:5e:a7:74:d3:e4:86:e0:ba:c3:cd:47:1b:65:d9:c8:1c:
cf:b3:e1:78:5d:b2:0a:0a:68:78:a3:17:87:05:cb:3e:ca:99:
38:27:ff:49:98:20:c4:30:67:e6:9a:cb:1b:31:c5:76:8d:93:
3c:bb:39:a4:03:bb:03:97:b5:2d:da:d6:ae:e3:78:94:09:fc:
85:4f:97:35:c0:59:88:ea:58:42:35:f7:f5:de:55:87:5f:20:
5d:17:fa:fa
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFAS3fZm6BVdICzP+z1WmZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhMTI1MDllNGYyYTczMGUxNjk5MzdkNDA4MzNiYjg5M2Vl
N2I5OGMwHhcNMjQwMTAxMTIzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDY1Njc5MjMyZGNkOWU4YTE0YTc4MzY5MzVlMTU0NzA3ZjM4MjVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqmAZ7XvM7cNWvanLt/U4wULRMtH6
h42I6a8f/E9T/aDEPnOSdmI+tzW2VTvHFv2RbQt7m2rYIGi2bmCsyeZ3s95Cks2A
Oxr9DOfAnRE/A2XkeUJPNcw8o70QyxC+kKghAmtnFi+tqKYcz13dTmJ8Nj9OM+xB
K2JrAoY9lM/El0YVBgJISv00rpMtH8fCMg7vzrCGuoyJLN4v6lvB0gkfqPGZzU2E
lOjDHdirUxH/nnUv4tmHE//kunR0LgPEYjvSfywW3mRtzKp/JlfIyL8wf6hBH5r3
WHlhm70Yd+OqJ9GEg4+Rqp7PVY7vhTdi034kuupuOcMZt35D1sWsotQbnwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE1lZ5Iy3NnooUp4NpNeFUcH84JeMB8GA1UdIwQY
MBaAFBoSUJ5PKnMOFpk31Agzu4k+57mMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2hKUW5rOHFjdzRXbVRmVUNETzdpVDdudVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iMzE3MzEtNWNkMy00NDVlLThjYjMt
NDE5NmIwZWFjZDI3LzEvVFdWbmtqTGMyZWloU25nMmsxNFZSd2Z6Z2w0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iMzE3MzEtNWNkMy00NDVlLThjYjMtNDE5NmIwZWFjZDI3
LzEvR2hKUW5rOHFjdzRXbVRmVUNETzdpVDdudVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuUzIAwQA
wgCOMA0GCSqGSIb3DQEBCwUAA4IBAQAFIFk0w686YlHxUuO/C7wTinWdMFiIEolb
HglETguWD0VGw5lwtLreLZ9aL9cysTvuMpUBE8/WqTJbNgrKcOVttqS673/DxRJ8
2yj3WjZS8HSZPi9TJgC/pLPLKCym563PDoA9CysuHgaAsZzoA0Yalw1GC+CreSUY
ZlP0dh61xO+HNyku95hlVYyl4mZXXDXxKJTFMXRMFEFX7tDS09EJOB8Yhl6ndNPk
huC6w81HG2XZyBzPs+F4XbIKCmh4oxeHBcs+ypk4J/9JmCDEMGfmmssbMcV2jZM8
uzmkA7sDl7Ut2tau43iUCfyFT5c1wFmI6lhCNff13lWHXyBdF/r6
-----END CERTIFICATE-----
Generated at Sun May 19 16:01:30 2024 by rpki-client on console-fra.rpki-client.org