Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/TIycaW58mR8BBfno68-hzY4XBis.roa
File: TIycaW58mR8BBfno68-hzY4XBis.roa (raw, json)
Hash identifier: PIMEXiuKd4DuVI+5vzo7dVGh2kfs0HWIh7ES/6pG/s0=
Subject key identifier: 4C:8C:9C:69:6E:7C:99:1F:01:05:F9:E8:EB:CF:A1:CD:8E:17:06:2B
Certificate issuer: /CN=0ef81d9e89e2c471321d967f7092094dadfe2aa8
Certificate serial: 018CC79588025C24304A2AFED5D83E737644
Authority key identifier: 0E:F8:1D:9E:89:E2:C4:71:32:1D:96:7F:70:92:09:4D:AD:FE:2A:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/TIycaW58mR8BBfno68-hzY4XBis.roa
Signing time: Tue 02 Jan 2024 00:31:54 +0000
ROA not before: Tue 02 Jan 2024 00:31:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60072
IP address blocks: 185.58.219.0/24 maxlen: 24
185.58.216.0/22 maxlen: 22
31.171.192.0/21 maxlen: 21
31.171.197.0/24 maxlen: 24
31.171.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DvgdnonixHEyHZZ_cJIJTa3-Kqg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DvgdnonixHEyHZZ_cJIJTa3-Kqg.mft
rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:88:02:5c:24:30:4a:2a:fe:d5:d8:3e:73:76:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef81d9e89e2c471321d967f7092094dadfe2aa8
Validity
Not Before: Jan 2 00:31:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c8c9c696e7c991f0105f9e8ebcfa1cd8e17062b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:72:48:2f:98:c7:12:9b:bb:17:2b:1f:92:71:
8a:bb:a3:75:fa:08:3e:fe:f9:ce:5a:77:9a:46:ed:
c4:55:58:9e:28:d2:45:98:79:d7:95:ba:4d:78:dc:
e1:94:b0:3a:65:94:ae:d7:35:c6:21:d3:4e:df:db:
cd:f3:86:12:6b:3b:f7:05:e8:28:66:56:07:84:89:
c3:cf:37:64:41:80:d9:c5:2e:89:66:4e:f2:89:6b:
54:aa:a1:74:d9:c4:61:c1:bf:d6:48:1b:ef:2c:04:
c2:3f:b1:fd:f4:44:34:5c:86:44:66:13:96:53:e8:
a1:33:e4:5f:6c:04:2a:fb:15:23:41:d2:d2:c2:28:
18:b4:83:b7:dd:55:11:3f:fb:4b:f4:d6:d0:18:a7:
94:42:b2:28:3a:86:8d:34:8d:32:88:1f:fc:27:9b:
a0:98:b1:52:af:6c:fc:5f:0f:83:c9:51:ad:1c:b8:
48:4a:aa:5e:7f:df:25:eb:3d:35:20:3b:9a:56:35:
fa:b3:28:18:28:2d:6b:3a:d7:28:5d:82:68:9e:10:
1c:81:9a:40:cc:77:fd:2b:e2:15:1a:26:aa:47:fd:
41:77:ed:4f:4c:97:13:9e:77:41:61:d8:6d:93:1b:
c8:9d:61:b6:db:bb:16:14:ea:c8:0e:96:cb:d3:05:
aa:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:8C:9C:69:6E:7C:99:1F:01:05:F9:E8:EB:CF:A1:CD:8E:17:06:2B
X509v3 Authority Key Identifier:
keyid:0E:F8:1D:9E:89:E2:C4:71:32:1D:96:7F:70:92:09:4D:AD:FE:2A:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvgdnonixHEyHZZ_cJIJTa3-Kqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/TIycaW58mR8BBfno68-hzY4XBis.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/5d15a8-22a7-401b-8c5e-075f24e4be71/1/DvgdnonixHEyHZZ_cJIJTa3-Kqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.192.0/21
185.58.216.0/22
Signature Algorithm: sha256WithRSAEncryption
10:4b:37:5b:c6:26:f9:77:e5:a7:52:ee:d6:85:4f:5b:8b:75:
e0:d3:5d:44:e6:0b:38:95:0c:fd:56:a0:30:f7:cb:fa:ff:8a:
88:b3:51:6d:24:3e:b3:5e:e2:75:6d:b6:e8:dd:dd:8a:9c:f4:
7a:59:0b:f2:02:d2:74:9b:46:e7:65:fa:a3:85:15:94:52:01:
6e:26:a5:eb:98:0a:46:e1:d7:f9:4d:7d:0e:c4:41:a0:89:24:
d7:4d:f6:89:d8:e4:b2:b5:96:83:9b:4f:c3:c0:65:66:22:83:
1f:f5:65:ca:11:9a:e5:e5:03:08:b8:ac:71:f3:37:8e:3c:ab:
53:17:4f:79:7a:6a:e3:8f:fa:1c:68:f3:81:8a:50:d4:93:a1:
29:ad:d9:30:13:26:4a:a4:78:3c:2f:bc:5f:69:88:fa:04:b1:
34:55:29:d7:7e:e7:bb:20:94:1f:29:d6:79:78:7a:30:90:ec:
31:26:07:ba:03:54:2c:3b:f8:32:dc:e2:3f:33:18:dc:02:c2:
6a:49:e1:64:66:ec:3d:a3:88:df:c7:a0:c5:23:48:1f:c1:f1:
2f:a4:87:bf:1f:c6:6c:21:14:74:4c:93:b5:3e:d9:10:45:74:
77:18:93:ac:19:20:c5:47:dc:42:10:10:75:f2:95:9d:09:2b:
a0:77:00:36
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHlYgCXCQwSir+1dg+c3ZEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjgxZDllODllMmM0NzEzMjFkOTY3ZjcwOTIwOTRkYWRm
ZTJhYTgwHhcNMjQwMTAyMDAzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzhjOWM2OTZlN2M5OTFmMDEwNWY5ZThlYmNmYTFjZDhlMTcwNjJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHJIL5jHEpu7FysfknGKu6N1+gg+
/vnOWneaRu3EVVieKNJFmHnXlbpNeNzhlLA6ZZSu1zXGIdNO39vN84YSazv3Bego
ZlYHhInDzzdkQYDZxS6JZk7yiWtUqqF02cRhwb/WSBvvLATCP7H99EQ0XIZEZhOW
U+ihM+RfbAQq+xUjQdLSwigYtIO33VURP/tL9NbQGKeUQrIoOoaNNI0yiB/8J5ug
mLFSr2z8Xw+DyVGtHLhISqpef98l6z01IDuaVjX6sygYKC1rOtcoXYJonhAcgZpA
zHf9K+IVGiaqR/1Bd+1PTJcTnndBYdhtkxvInWG227sWFOrIDpbL0wWq9QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFEyMnGlufJkfAQX56OvPoc2OFwYrMB8GA1UdIwQY
MBaAFA74HZ6J4sRxMh2Wf3CSCU2t/iqoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZnZG5vbml4SEV5SFpaX2NKSUpUYTMtS3FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS81ZDE1YTgtMjJhNy00MDFiLThjNWUt
MDc1ZjI0ZTRiZTcxLzEvVEl5Y2FXNThtUjhCQmZubzY4LWh6WTRYQmlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS81ZDE1YTgtMjJhNy00MDFiLThjNWUtMDc1ZjI0ZTRiZTcx
LzEvRHZnZG5vbml4SEV5SFpaX2NKSUpUYTMtS3FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDH6vAAwQC
uTrYMA0GCSqGSIb3DQEBCwUAA4IBAQAQSzdbxib5d+WnUu7WhU9bi3Xg011E5gs4
lQz9VqAw98v6/4qIs1FtJD6zXuJ1bbbo3d2KnPR6WQvyAtJ0m0bnZfqjhRWUUgFu
JqXrmApG4df5TX0OxEGgiSTXTfaJ2OSytZaDm0/DwGVmIoMf9WXKEZrl5QMIuKxx
8zeOPKtTF095emrjj/ocaPOBilDUk6EprdkwEyZKpHg8L7xfaYj6BLE0VSnXfue7
IJQfKdZ5eHowkOwxJge6A1QsO/gy3OI/MxjcAsJqSeFkZuw9o4jfx6DFI0gfwfEv
pIe/H8ZsIRR0TJO1PtkQRXR3GJOsGSDFR9xCEBB18pWdCSugdwA2
-----END CERTIFICATE-----
Generated at Sun May 19 21:43:47 2024 by rpki-client on console-ams.rpki-client.org