Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ad/979296-ef7a-4bac-8c15-67771359a2b3/1/TnwZqhoWRBpOFQo36yKRT-Al1x4.roa
File: TnwZqhoWRBpOFQo36yKRT-Al1x4.roa (raw, json)
Hash identifier: e9mfISG8tmeM2RIvlBxbSWi52taMc1UhJFij8dEb8xQ=
Subject key identifier: 4E:7C:19:AA:1A:16:44:1A:4E:15:0A:37:EB:22:91:4F:E0:25:D7:1E
Certificate issuer: /CN=20c5ee02d2e05861dd906fe06b3844f04d378c73
Certificate serial: 018F156CA61A281ABD801EC0CAC035FDF75E
Authority key identifier: 20:C5:EE:02:D2:E0:58:61:DD:90:6F:E0:6B:38:44:F0:4D:37:8C:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IMXuAtLgWGHdkG_gazhE8E03jHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ad/979296-ef7a-4bac-8c15-67771359a2b3/1/TnwZqhoWRBpOFQo36yKRT-Al1x4.roa
Signing time: Thu 25 Apr 2024 13:23:12 +0000
ROA not before: Thu 25 Apr 2024 13:23:12 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6697
IP address blocks: 185.179.80.0/24 maxlen: 24
185.179.81.0/24 maxlen: 24
195.137.160.0/24 maxlen: 24
2a0a:7d80::/48 maxlen: 48
2a0a:7d80:1::/48 maxlen: 48
2a0a:7d80:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ad/979296-ef7a-4bac-8c15-67771359a2b3/1/IMXuAtLgWGHdkG_gazhE8E03jHM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ad/979296-ef7a-4bac-8c15-67771359a2b3/1/IMXuAtLgWGHdkG_gazhE8E03jHM.mft
rsync://rpki.ripe.net/repository/DEFAULT/IMXuAtLgWGHdkG_gazhE8E03jHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:15:6c:a6:1a:28:1a:bd:80:1e:c0:ca:c0:35:fd:f7:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20c5ee02d2e05861dd906fe06b3844f04d378c73
Validity
Not Before: Apr 25 13:23:12 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e7c19aa1a16441a4e150a37eb22914fe025d71e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:1f:f2:be:aa:2d:b8:9f:06:ef:c4:e2:37:ae:
83:81:15:34:36:07:fe:ff:ff:97:15:28:b5:f9:c2:
57:89:eb:97:2b:89:54:a6:ca:ce:d8:7e:38:2f:6b:
66:f8:2a:0f:41:f0:0d:b5:eb:49:1e:45:c7:da:c9:
28:c1:f4:03:20:d0:8d:b2:75:07:1b:68:a5:95:f1:
34:1d:4c:0d:28:ae:0f:68:8c:1d:13:ea:9c:13:04:
64:4a:16:2d:9f:47:de:bc:0a:d6:95:5a:3e:cf:20:
cb:dc:2c:18:1b:aa:7c:fd:27:74:2d:7f:ea:78:61:
76:5c:36:09:5c:da:7f:cb:68:4c:bd:8b:89:33:0e:
f5:a6:de:49:33:37:7f:ca:02:70:a2:8c:c4:8a:63:
fc:72:6f:f2:3b:31:7f:82:c8:1a:af:fe:ca:b4:7a:
66:b5:13:cd:89:57:39:d2:c2:10:5f:58:00:3a:b5:
76:30:19:e3:f4:a2:a1:d0:86:9f:8f:6a:a0:da:96:
5f:06:98:db:03:18:0f:eb:41:80:1b:ea:83:b5:c2:
3d:18:12:bc:cc:ec:7b:63:e4:e9:b0:0f:24:94:3c:
f2:4a:de:0a:11:9a:64:0f:3f:5b:db:a6:0b:26:fb:
61:a5:b1:26:fe:0c:15:2f:8f:e0:53:71:b3:d1:d8:
86:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:7C:19:AA:1A:16:44:1A:4E:15:0A:37:EB:22:91:4F:E0:25:D7:1E
X509v3 Authority Key Identifier:
keyid:20:C5:EE:02:D2:E0:58:61:DD:90:6F:E0:6B:38:44:F0:4D:37:8C:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IMXuAtLgWGHdkG_gazhE8E03jHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/979296-ef7a-4bac-8c15-67771359a2b3/1/TnwZqhoWRBpOFQo36yKRT-Al1x4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ad/979296-ef7a-4bac-8c15-67771359a2b3/1/IMXuAtLgWGHdkG_gazhE8E03jHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.179.80.0/23
195.137.160.0/24
IPv6:
2a0a:7d80::/47
2a0a:7d80:f::/48
Signature Algorithm: sha256WithRSAEncryption
23:3f:97:19:56:75:78:7a:51:18:88:f9:1b:87:e1:98:8a:a2:
8b:6a:d1:43:ea:90:8d:7c:bd:64:47:d0:79:a3:eb:e1:3f:09:
83:1b:bc:16:44:33:55:72:aa:e4:f8:8a:bd:14:eb:d3:f4:5d:
84:17:e7:ac:61:05:e1:a3:f7:be:20:5b:26:ef:35:f4:eb:7a:
97:ff:d5:6a:58:af:39:61:bb:2e:9b:9b:da:f7:49:8b:ba:f9:
3f:49:88:8d:61:f2:1b:ba:0b:a7:da:9e:05:41:33:f2:ec:ac:
cc:f0:2d:2a:58:06:99:8f:13:91:f8:e8:d6:a7:a5:84:62:fc:
7f:89:a6:d3:7d:4a:47:c9:24:d4:9f:c7:34:c7:13:40:c8:b0:
49:25:7b:b7:72:ed:67:e6:ae:7f:91:54:03:e0:8b:37:32:cd:
b2:a2:fb:5f:5d:e7:b6:39:43:c1:74:20:96:d5:2f:f3:2b:45:
30:63:b5:36:41:63:bd:ad:24:53:03:92:de:1e:0e:cf:72:03:
ea:53:11:63:9e:07:7d:ba:d9:a7:35:9b:98:c0:40:3d:7e:60:
49:11:e3:0e:11:7b:f6:1d:79:39:0b:f3:98:94:6f:73:87:b6:
af:d7:6a:c3:f3:3d:09:bb:13:db:4d:93:05:67:81:72:98:b9:
0d:b3:14:db
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAY8VbKYaKBq9gB7AysA1/fdeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwYzVlZTAyZDJlMDU4NjFkZDkwNmZlMDZiMzg0NGYwNGQz
NzhjNzMwHhcNMjQwNDI1MTMyMzEyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTdjMTlhYTFhMTY0NDFhNGUxNTBhMzdlYjIyOTE0ZmUwMjVkNzFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArR/yvqotuJ8G78TiN66DgRU0Ngf+
//+XFSi1+cJXieuXK4lUpsrO2H44L2tm+CoPQfANtetJHkXH2skowfQDINCNsnUH
G2illfE0HUwNKK4PaIwdE+qcEwRkShYtn0fevArWlVo+zyDL3CwYG6p8/Sd0LX/q
eGF2XDYJXNp/y2hMvYuJMw71pt5JMzd/ygJwoozEimP8cm/yOzF/gsgar/7KtHpm
tRPNiVc50sIQX1gAOrV2MBnj9KKh0Iafj2qg2pZfBpjbAxgP60GAG+qDtcI9GBK8
zOx7Y+TpsA8klDzySt4KEZpkDz9b26YLJvthpbEm/gwVL4/gU3Gz0diGlwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFE58GaoaFkQaThUKN+sikU/gJdceMB8GA1UdIwQY
MBaAFCDF7gLS4Fhh3ZBv4Gs4RPBNN4xzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU1YdUF0TGdXR0hka0dfZ2F6aEU4RTAzakhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZC85NzkyOTYtZWY3YS00YmFjLThjMTUt
Njc3NzEzNTlhMmIzLzEvVG53WnFob1dSQnBPRlFvMzZ5S1JULUFsMXg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZC85NzkyOTYtZWY3YS00YmFjLThjMTUtNjc3NzEzNTlhMmIz
LzEvSU1YdUF0TGdXR0hka0dfZ2F6aEU4RTAzakhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQBubNQAwQA
w4mgMBgEAgACMBIDBwEqCn2AAAADBwAqCn2AAA8wDQYJKoZIhvcNAQELBQADggEB
ACM/lxlWdXh6URiI+RuH4ZiKootq0UPqkI18vWRH0Hmj6+E/CYMbvBZEM1VyquT4
ir0U69P0XYQX56xhBeGj974gWybvNfTrepf/1WpYrzlhuy6bm9r3SYu6+T9JiI1h
8hu6C6fangVBM/LsrMzwLSpYBpmPE5H46NanpYRi/H+JptN9SkfJJNSfxzTHE0DI
sEkle7dy7Wfmrn+RVAPgizcyzbKi+19d57Y5Q8F0IJbVL/MrRTBjtTZBY72tJFMD
kt4eDs9yA+pTEWOeB3262ac1m5jAQD1+YEkR4w4Re/YdeTkL85iUb3OHtq/XasPz
PQm7E9tNkwVngXKYuQ2zFNs=
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:50:04 2024 by rpki-client on console-ams.rpki-client.org