Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/TFwbxPo9ptuvmqxcON6N5NC3pyE.roa
File: TFwbxPo9ptuvmqxcON6N5NC3pyE.roa (raw, json)
Hash identifier: IhSi2fm+DZnUuTEl0OTeTbUsxae3Kn5COmAe7U6UpmU=
Subject key identifier: 4C:5C:1B:C4:FA:3D:A6:DB:AF:9A:AC:5C:38:DE:8D:E4:D0:B7:A7:21
Certificate issuer: /CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Certificate serial: 018CC56DF78D6A6C0080D2AF35356D12C0E7
Authority key identifier: 05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/TFwbxPo9ptuvmqxcON6N5NC3pyE.roa
Signing time: Mon 01 Jan 2024 14:29:27 +0000
ROA not before: Mon 01 Jan 2024 14:29:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57043
IP address blocks: 85.92.108.0/24 maxlen: 24
46.19.68.0/24 maxlen: 24
46.19.69.0/24 maxlen: 24
37.220.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f7:8d:6a:6c:00:80:d2:af:35:35:6d:12:c0:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05b1d13c2e26e12786246a5ec4c5bea69864b20f
Validity
Not Before: Jan 1 14:29:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c5c1bc4fa3da6dbaf9aac5c38de8de4d0b7a721
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:a0:40:17:62:87:39:e1:4b:d0:5d:eb:92:e5:
e7:d8:43:93:72:29:a1:2a:80:b3:cb:23:b8:94:b3:
93:fd:5e:38:c1:6a:2e:88:cc:05:d9:84:02:65:ee:
85:26:c5:2d:71:c4:74:42:29:79:17:f5:e3:0d:af:
94:6d:b8:20:05:0c:1c:26:46:a8:d3:45:69:f1:ea:
1a:57:c8:29:3e:6d:5c:db:62:26:84:20:58:19:8f:
9c:36:bb:5d:3d:19:91:1d:f6:4c:b9:36:40:e4:a4:
69:7c:cf:69:aa:1d:89:53:97:49:66:43:4c:41:48:
59:fc:68:a1:bb:5e:bc:31:75:96:16:52:9b:0e:e6:
39:4e:e4:af:2b:cf:40:df:ec:ee:47:b8:b2:25:68:
cc:77:e5:ac:4d:82:31:d7:e3:43:d8:00:cd:b5:ff:
8a:52:88:28:e9:6c:be:7b:75:f8:d4:7f:9e:a9:1d:
97:2b:4c:0a:cf:d9:e0:47:dc:80:c3:17:50:a1:4c:
ea:5f:8d:7c:9e:8c:2a:11:5d:b4:3f:20:c7:76:26:
0f:51:9c:51:6c:42:8a:3b:c8:bf:23:20:17:db:e0:
68:1f:6b:9b:47:75:08:b0:6d:b8:bf:6b:58:fd:e5:
8f:7c:ba:57:4c:b5:a3:58:11:40:7f:17:af:2c:40:
30:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:5C:1B:C4:FA:3D:A6:DB:AF:9A:AC:5C:38:DE:8D:E4:D0:B7:A7:21
X509v3 Authority Key Identifier:
keyid:05:B1:D1:3C:2E:26:E1:27:86:24:6A:5E:C4:C5:BE:A6:98:64:B2:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbHRPC4m4SeGJGpexMW-pphksg8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/TFwbxPo9ptuvmqxcON6N5NC3pyE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a8/c61092-734a-4eef-9d67-4905243bc828/1/BbHRPC4m4SeGJGpexMW-pphksg8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.220.85.0/24
46.19.68.0/23
85.92.108.0/24
Signature Algorithm: sha256WithRSAEncryption
37:49:25:f7:ce:16:e3:58:37:6b:86:1f:78:b3:10:26:ab:5e:
6c:be:ac:06:d9:fb:73:cd:e5:15:35:18:4f:18:53:44:53:32:
e8:91:09:0f:39:70:10:73:74:6d:f6:e9:7b:4a:fd:14:1c:1d:
af:f1:51:04:2d:9a:ad:98:8a:ef:93:0b:9a:d0:be:f4:6f:bd:
72:45:6b:20:31:5d:c7:92:f7:d0:6f:ef:3c:b8:cb:ae:e4:76:
75:b8:a5:95:3e:5e:da:42:74:0c:13:24:d6:24:27:20:09:73:
03:fa:2d:76:8c:1a:79:8b:9f:7b:64:b6:32:73:fd:21:31:d7:
3f:2b:31:a4:c7:67:d7:05:90:1d:8c:b1:35:10:62:df:1d:92:
69:1c:c0:fd:47:a1:3a:4b:c8:62:da:67:67:fb:96:a2:a3:d9:
aa:41:d0:9f:f7:f5:0d:e6:c5:87:95:8a:8c:7f:46:8d:a7:ae:
62:3e:0e:1a:6f:a9:40:4e:00:6e:3b:54:6d:1f:a9:df:b5:27:
4e:eb:ee:6e:eb:db:a9:f9:b6:bc:04:21:e5:23:cc:f4:8d:8f:
99:b3:0d:9b:10:ee:31:58:e5:19:71:02:ad:d8:92:d3:de:b7:
26:89:a1:20:49:7e:b0:b3:46:b4:c4:b5:86:6e:c9:7d:56:30:
b7:c4:a8:8f
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzFbfeNamwAgNKvNTVtEsDnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YjFkMTNjMmUyNmUxMjc4NjI0NmE1ZWM0YzViZWE2OTg2
NGIyMGYwHhcNMjQwMTAxMTQyOTI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzVjMWJjNGZhM2RhNmRiYWY5YWFjNWMzOGRlOGRlNGQwYjdhNzIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmqBAF2KHOeFL0F3rkuXn2EOTcimh
KoCzyyO4lLOT/V44wWouiMwF2YQCZe6FJsUtccR0Qil5F/XjDa+UbbggBQwcJkao
00Vp8eoaV8gpPm1c22ImhCBYGY+cNrtdPRmRHfZMuTZA5KRpfM9pqh2JU5dJZkNM
QUhZ/Gihu168MXWWFlKbDuY5TuSvK89A3+zuR7iyJWjMd+WsTYIx1+ND2ADNtf+K
Uogo6Wy+e3X41H+eqR2XK0wKz9ngR9yAwxdQoUzqX418nowqEV20PyDHdiYPUZxR
bEKKO8i/IyAX2+BoH2ubR3UIsG24v2tY/eWPfLpXTLWjWBFAfxevLEAwOQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFExcG8T6Pabbr5qsXDjejeTQt6chMB8GA1UdIwQY
MBaAFAWx0TwuJuEnhiRqXsTFvqaYZLIPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjct
NDkwNTI0M2JjODI4LzEvVEZ3YnhQbzlwdHV2bXF4Y09ONk41TkMzcHlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hOC9jNjEwOTItNzM0YS00ZWVmLTlkNjctNDkwNTI0M2JjODI4
LzEvQmJIUlBDNG00U2VHSkdwZXhNVy1wcGhrc2c4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAJdxVAwQB
LhNEAwQAVVxsMA0GCSqGSIb3DQEBCwUAA4IBAQA3SSX3zhbjWDdrhh94sxAmq15s
vqwG2ftzzeUVNRhPGFNEUzLokQkPOXAQc3Rt9ul7Sv0UHB2v8VEELZqtmIrvkwua
0L70b71yRWsgMV3HkvfQb+88uMuu5HZ1uKWVPl7aQnQMEyTWJCcgCXMD+i12jBp5
i597ZLYyc/0hMdc/KzGkx2fXBZAdjLE1EGLfHZJpHMD9R6E6S8hi2mdn+5aio9mq
QdCf9/UN5sWHlYqMf0aNp65iPg4ab6lATgBuO1RtH6nftSdO6+5u69up+ba8BCHl
I8z0jY+Zsw2bEO4xWOUZcQKt2JLT3rcmiaEgSX6ws0a0xLWGbsl9VjC3xKiP
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:06:22 2024 by rpki-client on console-fra.rpki-client.org