Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/9468b8-c7e9-430f-b168-8acdf96c98a0/1/tnrxt6RM5SkVmygYbH6iJ8NwOsk.roa
File: tnrxt6RM5SkVmygYbH6iJ8NwOsk.roa (raw, json)
Hash identifier: Brvp2WEPkqprcwGJC4drgz7suWtz378PERV0lnmAXW8=
Subject key identifier: B6:7A:F1:B7:A4:4C:E5:29:15:9B:28:18:6C:7E:A2:27:C3:70:3A:C9
Certificate issuer: /CN=47491c223be6e1aaa56bfec6da0da90c4a852aaf
Certificate serial: 0191B9FA6D0C230B06E9ED7C62314942ADBE
Authority key identifier: 47:49:1C:22:3B:E6:E1:AA:A5:6B:FE:C6:DA:0D:A9:0C:4A:85:2A:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/R0kcIjvm4aqla_7G2g2pDEqFKq8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/9468b8-c7e9-430f-b168-8acdf96c98a0/1/tnrxt6RM5SkVmygYbH6iJ8NwOsk.roa
Signing time: Tue 03 Sep 2024 22:21:22 +0000
ROA not before: Tue 03 Sep 2024 22:21:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62121
IP address blocks: 185.93.192.0/22 maxlen: 22
195.24.226.0/23 maxlen: 23
195.189.130.0/23 maxlen: 23
2a02:cf40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/9468b8-c7e9-430f-b168-8acdf96c98a0/1/R0kcIjvm4aqla_7G2g2pDEqFKq8.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/9468b8-c7e9-430f-b168-8acdf96c98a0/1/R0kcIjvm4aqla_7G2g2pDEqFKq8.mft
rsync://rpki.ripe.net/repository/DEFAULT/R0kcIjvm4aqla_7G2g2pDEqFKq8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b9:fa:6d:0c:23:0b:06:e9:ed:7c:62:31:49:42:ad:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=47491c223be6e1aaa56bfec6da0da90c4a852aaf
Validity
Not Before: Sep 3 22:21:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b67af1b7a44ce529159b28186c7ea227c3703ac9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:10:80:f7:db:e2:65:7a:f1:1b:4c:2d:90:e2:
ab:41:56:a2:c4:f5:ef:5b:ea:59:c8:9f:5a:7d:80:
5a:76:2e:1e:8c:ac:74:81:9c:0f:77:e7:f4:19:e9:
6a:ac:60:d9:02:a2:70:42:b3:19:d3:f2:3a:34:cf:
85:4c:eb:55:21:c1:a5:7c:7d:06:20:96:c6:05:15:
f4:26:be:e9:1f:81:86:19:30:bc:c4:56:77:85:b1:
fd:b6:13:3a:e0:57:fb:58:df:e8:af:d5:17:32:25:
1a:cb:e5:09:b1:0d:88:82:b8:22:bc:67:5e:e6:74:
68:2f:14:e3:7f:32:4f:c7:b1:e2:94:47:a6:3c:e4:
24:92:fe:dd:69:73:48:31:17:dd:20:cd:ed:77:50:
e2:33:96:7e:47:76:e5:96:0e:62:26:2f:c7:57:c7:
f0:cc:0f:a6:d1:42:50:fe:51:d3:31:d6:25:67:c6:
82:00:56:2f:07:de:02:fb:fb:2e:f1:f5:a9:2d:90:
e8:94:55:d5:6e:21:a0:8a:eb:a0:85:86:9a:b5:20:
3c:48:9f:5f:eb:86:24:28:23:96:01:ee:2c:80:0e:
88:e2:89:26:0f:cc:39:22:f1:a8:3f:e6:25:9b:92:
21:c9:8f:29:d9:c2:14:fc:91:fe:1f:20:06:d5:db:
aa:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:7A:F1:B7:A4:4C:E5:29:15:9B:28:18:6C:7E:A2:27:C3:70:3A:C9
X509v3 Authority Key Identifier:
keyid:47:49:1C:22:3B:E6:E1:AA:A5:6B:FE:C6:DA:0D:A9:0C:4A:85:2A:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/R0kcIjvm4aqla_7G2g2pDEqFKq8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9468b8-c7e9-430f-b168-8acdf96c98a0/1/tnrxt6RM5SkVmygYbH6iJ8NwOsk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/9468b8-c7e9-430f-b168-8acdf96c98a0/1/R0kcIjvm4aqla_7G2g2pDEqFKq8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.93.192.0/22
195.24.226.0/23
195.189.130.0/23
IPv6:
2a02:cf40::/29
Signature Algorithm: sha256WithRSAEncryption
52:58:bf:81:8a:71:4d:57:77:1b:31:2a:07:33:24:ac:13:9e:
b7:9d:ec:dd:3d:df:95:cf:cb:60:f8:ec:6f:e6:bb:10:68:62:
b6:1a:b0:a2:fb:70:31:ba:f4:ba:65:91:58:dc:85:12:67:34:
b9:e8:01:4a:e9:91:32:4b:73:b4:96:e8:c5:8f:b4:a7:19:86:
1a:0d:91:76:ca:e3:18:c6:45:5d:aa:d4:fe:29:7c:47:23:9f:
e3:db:ee:a7:22:f4:e8:21:bb:c5:d7:84:1d:6e:f0:d4:f2:96:
c6:10:e1:29:28:56:50:c3:64:80:57:42:40:98:71:60:e2:16:
a9:3a:0d:29:65:ec:1d:a9:b5:f3:52:b9:84:2f:49:b9:21:e3:
32:5e:4e:5c:6b:cd:de:71:69:96:85:6e:17:af:98:21:21:67:
ae:41:04:39:ca:a3:61:63:ee:41:d5:ba:8d:c4:ab:f1:bd:3e:
5f:7e:a2:7e:76:e0:bf:a4:72:f7:35:57:de:b5:6d:ae:5f:e8:
af:05:44:9b:cd:94:be:92:92:fd:63:3c:28:e3:b6:13:37:5a:
b6:03:47:98:3a:ec:38:5c:65:df:0f:74:3f:99:dd:d3:22:d0:
ae:6b:dd:ee:37:dd:15:21:53:c4:8d:cd:a6:1a:e4:16:d3:f8:
86:af:be:f0
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZG5+m0MIwsG6e18YjFJQq2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ3NDkxYzIyM2JlNmUxYWFhNTZiZmVjNmRhMGRhOTBjNGE4
NTJhYWYwHhcNMjQwOTAzMjIyMTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjdhZjFiN2E0NGNlNTI5MTU5YjI4MTg2YzdlYTIyN2MzNzAzYWM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtRCA99viZXrxG0wtkOKrQVaixPXv
W+pZyJ9afYBadi4ejKx0gZwPd+f0GelqrGDZAqJwQrMZ0/I6NM+FTOtVIcGlfH0G
IJbGBRX0Jr7pH4GGGTC8xFZ3hbH9thM64Ff7WN/or9UXMiUay+UJsQ2IgrgivGde
5nRoLxTjfzJPx7HilEemPOQkkv7daXNIMRfdIM3td1DiM5Z+R3bllg5iJi/HV8fw
zA+m0UJQ/lHTMdYlZ8aCAFYvB94C+/su8fWpLZDolFXVbiGgiuughYaatSA8SJ9f
64YkKCOWAe4sgA6I4okmD8w5IvGoP+Ylm5IhyY8p2cIU/JH+HyAG1duq8wIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLZ68bekTOUpFZsoGGx+oifDcDrJMB8GA1UdIwQY
MBaAFEdJHCI75uGqpWv+xtoNqQxKhSqvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUjBrY0lqdm00YXFsYV83RzJnMnBERXFGS3E4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS85NDY4YjgtYzdlOS00MzBmLWIxNjgt
OGFjZGY5NmM5OGEwLzEvdG5yeHQ2Uk01U2tWbXlnWWJINmlKOE53T3NrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS85NDY4YjgtYzdlOS00MzBmLWIxNjgtOGFjZGY5NmM5OGEw
LzEvUjBrY0lqdm00YXFsYV83RzJnMnBERXFGS3E4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuV3AAwQB
wxjiAwQBw72CMA0EAgACMAcDBQMqAs9AMA0GCSqGSIb3DQEBCwUAA4IBAQBSWL+B
inFNV3cbMSoHMySsE563nezdPd+Vz8tg+Oxv5rsQaGK2GrCi+3AxuvS6ZZFY3IUS
ZzS56AFK6ZEyS3O0lujFj7SnGYYaDZF2yuMYxkVdqtT+KXxHI5/j2+6nIvToIbvF
14QdbvDU8pbGEOEpKFZQw2SAV0JAmHFg4hapOg0pZewdqbXzUrmEL0m5IeMyXk5c
a83ecWmWhW4Xr5ghIWeuQQQ5yqNhY+5B1bqNxKvxvT5ffqJ+duC/pHL3NVfetW2u
X+ivBUSbzZS+kpL9Yzwo47YTN1q2A0eYOuw4XGXfD3Q/md3TItCua93uN90VIVPE
jc2mGuQW0/iGr77w
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:04:28 2024 by rpki-client on console-fra.rpki-client.org