Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/TPGthfRSwY7FrDmNwyFWXVI_Ywk.roa
File: TPGthfRSwY7FrDmNwyFWXVI_Ywk.roa (raw, json)
Hash identifier: 5fGbDnZdNVMQDIL4RL+d/MzV+ZD6KlWyirl3P8EbR2I=
Subject key identifier: 4C:F1:AD:85:F4:52:C1:8E:C5:AC:39:8D:C3:21:56:5D:52:3F:63:09
Certificate issuer: /CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283
Certificate serial: 018CC5DC02CEF884D4A20FB091E46603B6F2
Authority key identifier: 6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/TPGthfRSwY7FrDmNwyFWXVI_Ywk.roa
Signing time: Mon 01 Jan 2024 16:29:39 +0000
ROA not before: Mon 01 Jan 2024 16:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200070
IP address blocks: 193.29.206.0/24 maxlen: 24
212.237.229.0/24 maxlen: 24
194.0.14.0/24 maxlen: 24
194.0.12.0/23 maxlen: 30
185.43.134.0/24 maxlen: 24
2001:678:10::/47 maxlen: 64
2001:148f:fffb::/48 maxlen: 48
2001:678:1::/48 maxlen: 48
2001:148f:fffd::/48 maxlen: 48
2001:678:f::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/alf_6CKzunvBlNt6c0yF787y8oM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/alf_6CKzunvBlNt6c0yF787y8oM.mft
rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 04:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:02:ce:f8:84:d4:a2:0f:b0:91:e4:66:03:b6:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a57ffe822b3ba7bc194db7a734c85efcef2f283
Validity
Not Before: Jan 1 16:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cf1ad85f452c18ec5ac398dc321565d523f6309
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:65:f1:8b:ac:5a:e5:8c:2e:d4:56:cd:33:ba:
49:33:48:ab:a1:da:85:7c:cf:f2:5b:e5:b0:f5:aa:
92:8a:96:07:39:5e:57:ad:89:97:87:ef:37:81:ce:
6e:7e:2c:a8:a3:a0:29:af:2a:26:e1:32:22:64:de:
82:35:b4:0d:f2:53:ae:62:86:26:40:02:bc:18:a6:
d8:74:1b:d3:0f:3e:29:49:98:5a:13:c4:41:d0:22:
f7:8f:e0:87:37:bb:ba:cd:51:d6:a8:5c:5a:58:20:
87:12:2d:35:af:6d:a1:2e:80:45:36:9e:0a:35:96:
e5:55:b1:64:16:e8:e6:5b:92:58:cd:88:11:f5:3c:
21:67:d8:35:1a:7d:e1:e9:f5:b4:2b:bd:0e:0d:61:
82:8e:dd:78:94:4e:17:b1:a2:fb:cc:da:cc:ec:9a:
ae:75:4f:33:84:11:f2:14:16:be:75:62:8d:ff:71:
ff:be:61:7c:87:a7:e6:0d:4c:6e:6c:c7:67:9d:62:
e4:b2:fa:a7:56:35:d0:83:ad:15:6e:68:7f:97:9a:
b8:54:d2:ba:b1:28:73:65:c5:28:8b:37:52:cf:d9:
eb:df:f5:26:03:83:8d:16:18:3a:f1:a2:9b:e3:ff:
60:a2:2c:9b:bb:5f:09:92:d7:c1:d5:07:97:bf:ad:
aa:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:F1:AD:85:F4:52:C1:8E:C5:AC:39:8D:C3:21:56:5D:52:3F:63:09
X509v3 Authority Key Identifier:
keyid:6A:57:FF:E8:22:B3:BA:7B:C1:94:DB:7A:73:4C:85:EF:CE:F2:F2:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/alf_6CKzunvBlNt6c0yF787y8oM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/TPGthfRSwY7FrDmNwyFWXVI_Ywk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/afef12-1f08-4b46-947b-ca0c62621098/1/alf_6CKzunvBlNt6c0yF787y8oM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.43.134.0/24
193.29.206.0/24
194.0.12.0-194.0.14.255
212.237.229.0/24
IPv6:
2001:678:1::/48
2001:678:f::-2001:678:11:ffff:ffff:ffff:ffff:ffff
2001:148f:fffb::/48
2001:148f:fffd::/48
Signature Algorithm: sha256WithRSAEncryption
20:ab:bc:0a:74:2b:41:da:9a:2a:da:7f:0f:7a:83:cf:c6:27:
53:3c:3d:41:10:89:1c:9b:97:5e:c8:a1:fb:45:2a:57:6f:cc:
cb:45:08:99:d8:5d:40:f2:62:1d:c6:40:57:ad:f1:56:49:84:
6f:91:9c:aa:2b:a9:5b:1a:f8:80:66:65:10:74:74:bf:94:83:
1c:55:74:2c:b2:57:f8:43:22:48:0f:f4:57:5d:8e:5c:3d:68:
63:08:d5:6d:a2:b8:85:87:c7:af:42:7d:c7:03:27:47:79:52:
95:0e:1b:f8:9c:5c:4f:ae:59:13:9e:19:aa:87:63:3c:f1:2f:
78:ad:f1:e0:4d:58:24:01:ad:4d:9c:76:f9:29:97:d8:fc:be:
c8:05:c5:72:53:f9:85:d4:4e:c7:08:25:ff:ae:ea:de:4b:41:
ff:13:e0:a6:4f:23:fb:93:1a:bf:34:d0:41:67:77:de:26:8e:
dc:d8:5c:27:6f:a2:55:ef:ba:f8:9b:74:bf:ce:2e:ab:19:b6:
f9:a0:e7:64:c4:22:4b:b0:94:63:3d:5c:ef:81:cb:a2:c5:f4:
cc:59:35:2e:57:7c:f6:fd:2e:69:db:fe:38:c1:c1:04:bc:49:
90:e4:8b:16:29:5d:c6:0c:9b:64:4f:5b:44:54:bb:be:46:3a:
26:f4:5d:e1
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAYzF3ALO+ITUog+wkeRmA7byMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhNTdmZmU4MjJiM2JhN2JjMTk0ZGI3YTczNGM4NWVmY2Vm
MmYyODMwHhcNMjQwMTAxMTYyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2YxYWQ4NWY0NTJjMThlYzVhYzM5OGRjMzIxNTY1ZDUyM2Y2MzA5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mXxi6xa5Ywu1FbNM7pJM0irodqF
fM/yW+Ww9aqSipYHOV5XrYmXh+83gc5ufiyoo6Apryom4TIiZN6CNbQN8lOuYoYm
QAK8GKbYdBvTDz4pSZhaE8RB0CL3j+CHN7u6zVHWqFxaWCCHEi01r22hLoBFNp4K
NZblVbFkFujmW5JYzYgR9TwhZ9g1Gn3h6fW0K70ODWGCjt14lE4XsaL7zNrM7Jqu
dU8zhBHyFBa+dWKN/3H/vmF8h6fmDUxubMdnnWLksvqnVjXQg60Vbmh/l5q4VNK6
sShzZcUoizdSz9nr3/UmA4ONFhg68aKb4/9goiybu18JktfB1QeXv62qNQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFEzxrYX0UsGOxaw5jcMhVl1SP2MJMB8GA1UdIwQY
MBaAFGpX/+gis7p7wZTbenNMhe/O8vKDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWxmXzZDS3p1bnZCbE50NmMweUY3ODd5OG9NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9hZmVmMTItMWYwOC00YjQ2LTk0N2It
Y2EwYzYyNjIxMDk4LzEvVFBHdGhmUlN3WTdGckRtTnd5RldYVklfWXdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9hZmVmMTItMWYwOC00YjQ2LTk0N2ItY2EwYzYyNjIxMDk4
LzEvYWxmXzZDS3p1bnZCbE50NmMweUY3ODd5OG9NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzAmBAIAATAgAwQAuSuGAwQA
wR3OMAwDBALCAAwDBADCAA4DBADU7eUwNQQCAAIwLwMHACABBngAATASAwcAIAEG
eAAPAwcBIAEGeAAQAwcAIAEUj//7AwcAIAEUj//9MA0GCSqGSIb3DQEBCwUAA4IB
AQAgq7wKdCtB2poq2n8PeoPPxidTPD1BEIkcm5deyKH7RSpXb8zLRQiZ2F1A8mId
xkBXrfFWSYRvkZyqK6lbGviAZmUQdHS/lIMcVXQsslf4QyJID/RXXY5cPWhjCNVt
oriFh8evQn3HAydHeVKVDhv4nFxPrlkTnhmqh2M88S94rfHgTVgkAa1NnHb5KZfY
/L7IBcVyU/mF1E7HCCX/rureS0H/E+CmTyP7kxq/NNBBZ3feJo7c2Fwnb6JV77r4
m3S/zi6rGbb5oOdkxCJLsJRjPVzvgcuixfTMWTUuV3z2/S5p2/44wcEEvEmQ5IsW
KV3GDJtkT1tEVLu+Rjom9F3h
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:43:28 2024 by rpki-client on console-ams.rpki-client.org