Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/tTZMquYPJR2jueSg33MO_TE77g4.roa
File: tTZMquYPJR2jueSg33MO_TE77g4.roa (raw, json)
Hash identifier: DLFvSR7r3t55N18LddkE5Biiy7tDzg1DYPxv+6zlFYI=
Subject key identifier: B5:36:4C:AA:E6:0F:25:1D:A3:B9:E4:A0:DF:73:0E:FD:31:3B:EE:0E
Certificate issuer: /CN=651bad95276947c7be536af4c870a3721f0b7761
Certificate serial: 018CC26CFC6739A4B71FD0165EC8CE782558
Authority key identifier: 65:1B:AD:95:27:69:47:C7:BE:53:6A:F4:C8:70:A3:72:1F:0B:77:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZRutlSdpR8e-U2r0yHCjch8Ld2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/tTZMquYPJR2jueSg33MO_TE77g4.roa
Signing time: Mon 01 Jan 2024 00:29:31 +0000
ROA not before: Mon 01 Jan 2024 00:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49981
IP address blocks: 213.184.85.0/24 maxlen: 24
2a09:3a00:3000::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/ZRutlSdpR8e-U2r0yHCjch8Ld2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/ZRutlSdpR8e-U2r0yHCjch8Ld2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZRutlSdpR8e-U2r0yHCjch8Ld2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6c:fc:67:39:a4:b7:1f:d0:16:5e:c8:ce:78:25:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=651bad95276947c7be536af4c870a3721f0b7761
Validity
Not Before: Jan 1 00:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b5364caae60f251da3b9e4a0df730efd313bee0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:52:6f:8d:33:a9:d8:1e:05:08:8f:d0:08:cd:
47:30:02:13:ca:80:e5:54:ed:a9:e8:8e:5a:ba:2d:
5a:2c:96:15:c0:93:b2:7c:88:5c:2a:02:b1:16:a3:
25:05:f3:81:06:1c:0e:9c:b3:de:fc:9f:f9:37:5d:
0a:7e:ba:4c:45:a5:1d:1f:81:20:64:93:1b:c1:30:
8c:2f:31:3d:5c:08:a6:67:80:ea:2e:b2:c5:2f:b2:
d3:a5:10:9d:e1:78:5a:ee:8b:95:85:93:72:52:58:
c0:f7:91:ee:5c:b5:2f:cb:99:af:69:7b:bf:84:48:
8f:ca:6b:db:1f:74:1e:a4:3d:00:35:69:01:8a:17:
dc:8d:76:13:cc:6b:62:70:25:15:18:3b:6d:07:cf:
ea:04:fd:75:12:ed:54:c3:d3:58:ba:8e:c5:fe:98:
f5:28:32:7d:f5:44:4f:73:6e:f8:ae:25:36:4c:c2:
54:2c:f7:31:ed:89:d3:80:58:46:e9:23:5d:77:93:
98:2f:8f:ff:ce:ae:5a:35:ca:6f:05:3c:76:19:46:
70:40:3e:d9:6f:56:c9:6b:00:b6:67:2b:21:b8:e8:
39:6a:f2:0e:16:7b:13:3a:5c:f7:6f:03:5d:71:5e:
c8:c0:7d:76:13:a0:08:74:62:60:0c:fc:f0:e3:cb:
f4:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:36:4C:AA:E6:0F:25:1D:A3:B9:E4:A0:DF:73:0E:FD:31:3B:EE:0E
X509v3 Authority Key Identifier:
keyid:65:1B:AD:95:27:69:47:C7:BE:53:6A:F4:C8:70:A3:72:1F:0B:77:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZRutlSdpR8e-U2r0yHCjch8Ld2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/tTZMquYPJR2jueSg33MO_TE77g4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/1dbd6b-35cc-4f09-b92e-198b6a61ce85/1/ZRutlSdpR8e-U2r0yHCjch8Ld2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.184.85.0/24
IPv6:
2a09:3a00:3000::/40
Signature Algorithm: sha256WithRSAEncryption
69:41:95:2f:5b:7f:90:4d:7d:d7:88:ad:53:5d:17:91:e2:b8:
05:39:9b:c4:e7:b8:29:83:af:c3:5a:95:32:2e:b8:42:5d:0d:
ae:b7:4c:ee:c3:16:71:80:d6:d2:31:e6:9d:b3:e0:2e:d8:c0:
4b:04:74:a7:a2:c8:fc:d7:bf:ed:01:3e:d6:da:c0:f5:6c:2f:
26:f4:9e:c6:05:21:ab:d9:8b:39:02:4b:4e:6c:99:44:74:a5:
3f:30:40:7a:5e:00:f5:da:4b:99:57:56:83:8b:31:bf:3b:58:
13:cb:db:0f:63:61:6a:43:ee:f1:67:35:e6:4a:29:4f:62:63:
f4:06:c5:ff:a5:88:fc:df:48:67:2e:c4:d8:f5:e2:53:13:b2:
ae:9e:64:2b:e7:95:3c:cb:f5:f3:ba:87:ec:90:7f:1b:41:b0:
7b:ad:35:a3:18:b3:8b:75:eb:11:e6:c1:ca:c6:b9:6f:db:95:
e0:88:ab:f9:ff:18:fd:1f:83:88:f6:ae:9b:25:ab:e5:c8:03:
f4:60:a1:93:68:6f:fc:63:8f:11:e7:1d:16:4a:f1:e7:ec:07:
5c:93:ee:51:da:84:6d:3b:3a:77:b3:f8:13:ef:a4:cc:98:94:
c4:8b:b9:5c:fc:9d:68:e4:81:c9:a0:06:e4:b9:9b:ec:c2:bb:
92:21:6e:3d
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAYzCbPxnOaS3H9AWXsjOeCVYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1MWJhZDk1Mjc2OTQ3YzdiZTUzNmFmNGM4NzBhMzcyMWYw
Yjc3NjEwHhcNMjQwMTAxMDAyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTM2NGNhYWU2MGYyNTFkYTNiOWU0YTBkZjczMGVmZDMxM2JlZTBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVJvjTOp2B4FCI/QCM1HMAITyoDl
VO2p6I5aui1aLJYVwJOyfIhcKgKxFqMlBfOBBhwOnLPe/J/5N10KfrpMRaUdH4Eg
ZJMbwTCMLzE9XAimZ4DqLrLFL7LTpRCd4Xha7ouVhZNyUljA95HuXLUvy5mvaXu/
hEiPymvbH3QepD0ANWkBihfcjXYTzGticCUVGDttB8/qBP11Eu1Uw9NYuo7F/pj1
KDJ99URPc274riU2TMJULPcx7YnTgFhG6SNdd5OYL4//zq5aNcpvBTx2GUZwQD7Z
b1bJawC2ZyshuOg5avIOFnsTOlz3bwNdcV7IwH12E6AIdGJgDPzw48v0vQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFLU2TKrmDyUdo7nkoN9zDv0xO+4OMB8GA1UdIwQY
MBaAFGUbrZUnaUfHvlNq9Mhwo3IfC3dhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWlJ1dGxTZHBSOGUtVTJyMHlIQ2pjaDhMZDJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC8xZGJkNmItMzVjYy00ZjA5LWI5MmUt
MTk4YjZhNjFjZTg1LzEvdFRaTXF1WVBKUjJqdWVTZzMzTU9fVEU3N2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC8xZGJkNmItMzVjYy00ZjA5LWI5MmUtMTk4YjZhNjFjZTg1
LzEvWlJ1dGxTZHBSOGUtVTJyMHlIQ2pjaDhMZDJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQA1bhVMA4E
AgACMAgDBgAqCToAMDANBgkqhkiG9w0BAQsFAAOCAQEAaUGVL1t/kE1914itU10X
keK4BTmbxOe4KYOvw1qVMi64Ql0NrrdM7sMWcYDW0jHmnbPgLtjASwR0p6LI/Ne/
7QE+1trA9WwvJvSexgUhq9mLOQJLTmyZRHSlPzBAel4A9dpLmVdWg4sxvztYE8vb
D2NhakPu8Wc15kopT2Jj9AbF/6WI/N9IZy7E2PXiUxOyrp5kK+eVPMv187qH7JB/
G0Gwe601oxizi3XrEebBysa5b9uV4Iir+f8Y/R+DiPaumyWr5cgD9GChk2hv/GOP
EecdFkrx5+wHXJPuUdqEbTs6d7P4E++kzJiUxIu5XPydaOSByaAG5Lmb7MK7kiFu
PQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:35:29 2024 by rpki-client on console-fra.rpki-client.org