Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/tsrcA52UxBT4oGybQDoSJZQ1XBs.roa
File: tsrcA52UxBT4oGybQDoSJZQ1XBs.roa (raw, json)
Hash identifier: gzDA7Vm1aNs2RZB9TH8PfF4G3O1M6EMJYoll4yrJA1E=
Subject key identifier: B6:CA:DC:03:9D:94:C4:14:F8:A0:6C:9B:40:3A:12:25:94:35:5C:1B
Certificate issuer: /CN=e8a32e8a6ac6f6ec37860ee7c07eb8df93147779
Certificate serial: 018CC56E237BB3835305151596FE095681D6
Authority key identifier: E8:A3:2E:8A:6A:C6:F6:EC:37:86:0E:E7:C0:7E:B8:DF:93:14:77:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6KMuimrG9uw3hg7nwH6435MUd3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/tsrcA52UxBT4oGybQDoSJZQ1XBs.roa
Signing time: Mon 01 Jan 2024 14:29:38 +0000
ROA not before: Mon 01 Jan 2024 14:29:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3246
IP address blocks: 185.143.148.0/22 maxlen: 22
91.142.112.0/20 maxlen: 20
2a00:17b0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/6KMuimrG9uw3hg7nwH6435MUd3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/6KMuimrG9uw3hg7nwH6435MUd3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/6KMuimrG9uw3hg7nwH6435MUd3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 11 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:23:7b:b3:83:53:05:15:15:96:fe:09:56:81:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8a32e8a6ac6f6ec37860ee7c07eb8df93147779
Validity
Not Before: Jan 1 14:29:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6cadc039d94c414f8a06c9b403a122594355c1b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:88:70:fd:b7:58:8a:31:d6:13:44:3a:bf:19:
f0:fd:99:19:eb:30:7a:d0:d9:28:f8:d1:cf:96:16:
cd:89:46:85:dc:0e:31:47:26:e4:bd:74:43:32:ca:
e1:93:60:ab:b6:aa:55:70:56:fc:7d:b0:99:15:54:
60:a3:c4:5e:7b:df:11:09:cf:54:71:ca:60:b6:36:
2d:11:2d:82:03:bb:df:ed:95:9a:1f:8e:b2:f0:89:
0e:36:99:4e:0b:ed:8f:ea:ec:39:05:aa:67:38:6e:
58:6a:5d:5b:3f:1e:b7:87:e3:9e:55:81:97:b1:97:
aa:2e:cb:11:26:d0:b5:59:f3:9c:8b:22:d4:aa:7b:
05:b8:ce:d9:b3:57:ad:a9:ff:f4:01:95:0c:ac:75:
8d:de:e9:61:55:32:41:14:a9:e8:3e:32:a1:d9:d1:
a2:c3:5e:5b:18:f7:05:36:2d:02:5f:dd:55:d8:0a:
5c:d3:d1:c8:8a:36:08:c9:7f:94:9f:b2:6d:b9:ee:
3d:45:c0:39:a6:8e:80:60:ca:0e:3d:1d:80:a2:f4:
10:6a:55:7e:86:6c:c6:15:99:11:c1:04:2d:69:fb:
61:46:c8:58:c9:6c:e9:1b:ad:54:18:de:44:06:71:
1a:00:1b:97:2b:f2:06:d0:ea:aa:25:ce:6f:e5:5e:
5a:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:CA:DC:03:9D:94:C4:14:F8:A0:6C:9B:40:3A:12:25:94:35:5C:1B
X509v3 Authority Key Identifier:
keyid:E8:A3:2E:8A:6A:C6:F6:EC:37:86:0E:E7:C0:7E:B8:DF:93:14:77:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6KMuimrG9uw3hg7nwH6435MUd3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/tsrcA52UxBT4oGybQDoSJZQ1XBs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a3/c4bfd4-a0a1-4334-860a-4fa537dbe2e9/1/6KMuimrG9uw3hg7nwH6435MUd3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.142.112.0/20
185.143.148.0/22
IPv6:
2a00:17b0::/32
Signature Algorithm: sha256WithRSAEncryption
77:7f:ba:28:0b:ee:2b:ca:2e:04:50:f3:5c:a2:05:a0:0a:3a:
57:3f:89:41:6a:cd:71:8b:1c:3b:6f:d1:84:d1:45:10:67:61:
14:95:51:0e:8d:bd:b1:23:bd:00:28:51:14:c2:4c:1d:cb:3b:
b9:3e:25:b4:a1:21:28:d8:b4:bf:8e:63:c4:7c:ea:3a:c0:ef:
ca:81:8a:7e:22:c1:42:af:e0:d9:79:c3:36:f1:11:98:90:30:
f2:89:21:99:21:38:e5:4c:ff:90:a8:34:f8:be:4c:6f:3a:2f:
a7:76:63:e9:1a:37:e9:65:40:47:7a:b6:53:62:27:d6:88:c9:
8d:c2:16:87:79:21:d3:3a:d7:c8:86:41:fe:87:6d:38:60:1b:
75:8e:1a:29:87:32:97:ed:04:e5:5f:ad:35:02:59:7a:a3:97:
73:3e:b8:d6:33:ac:24:81:d9:78:91:62:c8:05:8c:1a:c4:e7:
87:fb:17:78:22:9e:05:04:4f:b7:fc:ee:da:80:87:83:04:93:
79:da:95:32:16:1a:57:5f:39:b6:68:79:bb:ce:16:3b:92:3f:
89:c3:af:45:71:4c:97:4a:5d:16:74:db:c8:f2:67:9e:a2:3c:
1c:84:28:35:18:cc:f7:0d:89:01:92:fd:97:ed:f9:7c:3a:a1:
4a:8d:83:63
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFbiN7s4NTBRUVlv4JVoHWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4YTMyZThhNmFjNmY2ZWMzNzg2MGVlN2MwN2ViOGRmOTMx
NDc3NzkwHhcNMjQwMTAxMTQyOTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmNhZGMwMzlkOTRjNDE0ZjhhMDZjOWI0MDNhMTIyNTk0MzU1YzFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApIhw/bdYijHWE0Q6vxnw/ZkZ6zB6
0Nko+NHPlhbNiUaF3A4xRybkvXRDMsrhk2CrtqpVcFb8fbCZFVRgo8Ree98RCc9U
ccpgtjYtES2CA7vf7ZWaH46y8IkONplOC+2P6uw5BapnOG5Yal1bPx63h+OeVYGX
sZeqLssRJtC1WfOciyLUqnsFuM7Zs1etqf/0AZUMrHWN3ulhVTJBFKnoPjKh2dGi
w15bGPcFNi0CX91V2Apc09HIijYIyX+Un7Jtue49RcA5po6AYMoOPR2AovQQalV+
hmzGFZkRwQQtafthRshYyWzpG61UGN5EBnEaABuXK/IG0OqqJc5v5V5aVwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFLbK3AOdlMQU+KBsm0A6EiWUNVwbMB8GA1UdIwQY
MBaAFOijLopqxvbsN4YO58B+uN+TFHd5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNktNdWltckc5dXczaGc3bndINjQzNU1VZDNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMy9jNGJmZDQtYTBhMS00MzM0LTg2MGEt
NGZhNTM3ZGJlMmU5LzEvdHNyY0E1MlV4QlQ0b0d5YlFEb1NKWlExWEJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMy9jNGJmZDQtYTBhMS00MzM0LTg2MGEtNGZhNTM3ZGJlMmU5
LzEvNktNdWltckc5dXczaGc3bndINjQzNU1VZDNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQEW45wAwQC
uY+UMA0EAgACMAcDBQAqABewMA0GCSqGSIb3DQEBCwUAA4IBAQB3f7ooC+4ryi4E
UPNcogWgCjpXP4lBas1xixw7b9GE0UUQZ2EUlVEOjb2xI70AKFEUwkwdyzu5PiW0
oSEo2LS/jmPEfOo6wO/KgYp+IsFCr+DZecM28RGYkDDyiSGZITjlTP+QqDT4vkxv
Oi+ndmPpGjfpZUBHerZTYifWiMmNwhaHeSHTOtfIhkH+h204YBt1jhophzKX7QTl
X601All6o5dzPrjWM6wkgdl4kWLIBYwaxOeH+xd4Ip4FBE+3/O7agIeDBJN52pUy
FhpXXzm2aHm7zhY7kj+Jw69FcUyXSl0WdNvI8meeojwchCg1GMz3DYkBkv2X7fl8
OqFKjYNj
-----END CERTIFICATE-----
Generated at Fri May 10 10:02:46 2024 by rpki-client on console-ams.rpki-client.org