Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/tFdKCm2FroL6DCkd6W1juUGgKso.roa
File: tFdKCm2FroL6DCkd6W1juUGgKso.roa (raw, json)
Hash identifier: IM4l28KSO7eGAq10n6OXhHPkMKvs77gUWOVk3PynyXs=
Subject key identifier: B4:57:4A:0A:6D:85:AE:82:FA:0C:29:1D:E9:6D:63:B9:41:A0:2A:CA
Certificate issuer: /CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Certificate serial: 018CC649DFC3421AECC20F9FC367BEC157D1
Authority key identifier: 19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/tFdKCm2FroL6DCkd6W1juUGgKso.roa
Signing time: Mon 01 Jan 2024 18:29:39 +0000
ROA not before: Mon 01 Jan 2024 18:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6168
IP address blocks: 151.253.180.0/24 maxlen: 24
151.253.181.0/24 maxlen: 24
213.42.110.0/24 maxlen: 24
194.170.246.0/24 maxlen: 24
195.229.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:df:c3:42:1a:ec:c2:0f:9f:c3:67:be:c1:57:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ee5f16fc144acb98977449faa0ab77de1bdcc9
Validity
Not Before: Jan 1 18:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4574a0a6d85ae82fa0c291de96d63b941a02aca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:81:eb:78:3a:50:f6:79:c5:0a:98:d4:48:f7:c7:
f6:bf:c8:db:2d:f4:99:c8:f9:bc:e6:89:d0:6c:78:
c7:e8:1f:d0:3d:59:a0:96:45:79:47:ba:3e:a7:2a:
ce:a8:e4:3d:4a:73:30:35:86:b1:eb:d2:fc:11:65:
b5:1a:30:b3:e9:d7:05:f1:f9:a8:f8:9b:84:af:f4:
69:77:ff:65:a5:4c:dc:ed:c5:f9:03:e7:f9:cc:e5:
c9:3d:89:4c:7d:95:30:e8:ad:58:96:b1:49:75:96:
b8:03:11:69:f6:b9:70:b5:74:3f:fb:2c:83:7d:a8:
c9:9b:a5:81:a4:a8:a7:c6:9a:c8:79:fd:e6:57:3c:
fd:11:bd:42:06:d4:43:df:8a:24:55:5f:18:f4:5e:
58:16:e7:1b:ae:11:a6:88:b6:a1:34:46:27:dc:55:
8d:5e:41:0b:8a:8a:3f:d6:1f:db:cf:19:b9:f8:06:
37:9b:5e:ea:df:c2:9d:c9:76:9c:fc:a0:20:6f:fc:
ce:c3:47:c4:df:0b:83:f7:a1:d2:0a:f3:3f:eb:2e:
dc:06:2a:e7:72:cc:42:3b:b5:8f:45:de:ea:75:e4:
6c:bc:17:df:d0:72:a7:4f:c6:06:f0:bd:42:16:c4:
59:84:99:ff:42:a9:47:9b:c5:cd:e8:c4:c5:aa:04:
e7:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:57:4A:0A:6D:85:AE:82:FA:0C:29:1D:E9:6D:63:B9:41:A0:2A:CA
X509v3 Authority Key Identifier:
keyid:19:EE:5F:16:FC:14:4A:CB:98:97:74:49:FA:A0:AB:77:DE:1B:DC:C9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/tFdKCm2FroL6DCkd6W1juUGgKso.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/742370-e10f-4541-aa6c-61afb66d1e8c/1/Ge5fFvwUSsuYl3RJ-qCrd94b3Mk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.253.180.0/23
194.170.246.0/24
195.229.47.0/24
213.42.110.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:20:a8:f1:c2:e2:ac:5c:3e:9d:7d:a1:23:f0:47:42:fd:fe:
64:7d:bb:a5:e6:11:0c:08:f3:3b:91:d0:c5:2e:14:62:08:38:
75:cb:e2:da:7a:e0:43:cc:da:d6:94:7f:58:49:b5:3e:af:34:
d2:a0:9c:db:b2:45:e6:33:93:12:c6:4d:35:4b:6f:69:99:87:
08:b8:6f:18:f2:89:cf:45:a1:20:08:a5:51:8f:47:cb:e4:52:
4b:1c:2f:d1:79:54:d6:84:e1:ad:6c:b3:21:08:4a:35:8d:83:
dc:55:08:af:fa:31:8b:8c:d4:1c:aa:28:df:8b:93:94:bd:97:
f5:9a:93:11:e1:1c:de:b3:2a:70:41:b6:48:e7:28:03:01:af:
70:af:4a:55:e5:e9:6d:ee:85:14:a4:5c:8a:fc:cc:8f:68:c6:
13:96:29:4c:ac:39:78:53:a3:8f:fa:49:83:36:da:3c:eb:22:
8c:f5:1d:13:f4:78:78:9f:98:1b:0f:e3:67:b7:67:29:75:46:
ef:3d:8b:b4:52:2a:57:13:75:64:0e:cb:eb:7f:1e:a1:4f:8e:
a9:4b:e4:9b:55:7e:2e:5b:2b:f8:65:fd:39:a6:29:4a:5b:e3:
60:8f:7b:b0:19:b2:e2:16:47:97:67:21:7e:29:14:f3:c3:e8:
9b:11:2e:f4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzGSd/DQhrswg+fw2e+wVfRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZWU1ZjE2ZmMxNDRhY2I5ODk3NzQ0OWZhYTBhYjc3ZGUx
YmRjYzkwHhcNMjQwMTAxMTgyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDU3NGEwYTZkODVhZTgyZmEwYzI5MWRlOTZkNjNiOTQxYTAyYWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAget4OlD2ecUKmNRI98f2v8jbLfSZ
yPm85onQbHjH6B/QPVmglkV5R7o+pyrOqOQ9SnMwNYax69L8EWW1GjCz6dcF8fmo
+JuEr/Rpd/9lpUzc7cX5A+f5zOXJPYlMfZUw6K1YlrFJdZa4AxFp9rlwtXQ/+yyD
fajJm6WBpKinxprIef3mVzz9Eb1CBtRD34okVV8Y9F5YFucbrhGmiLahNEYn3FWN
XkELioo/1h/bzxm5+AY3m17q38KdyXac/KAgb/zOw0fE3wuD96HSCvM/6y7cBirn
csxCO7WPRd7qdeRsvBff0HKnT8YG8L1CFsRZhJn/QqlHm8XN6MTFqgTncQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFLRXSgptha6C+gwpHeltY7lBoCrKMB8GA1UdIwQY
MBaAFBnuXxb8FErLmJd0Sfqgq3feG9zJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMt
NjFhZmI2NmQxZThjLzEvdEZkS0NtMkZyb0w2RENrZDZXMWp1VUdnS3NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83NDIzNzAtZTEwZi00NTQxLWFhNmMtNjFhZmI2NmQxZThj
LzEvR2U1ZkZ2d1VTc3VZbDNSSi1xQ3JkOTRiM01rLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBl/20AwQA
wqr2AwQAw+UvAwQA1SpuMA0GCSqGSIb3DQEBCwUAA4IBAQCjIKjxwuKsXD6dfaEj
8EdC/f5kfbul5hEMCPM7kdDFLhRiCDh1y+LaeuBDzNrWlH9YSbU+rzTSoJzbskXm
M5MSxk01S29pmYcIuG8Y8onPRaEgCKVRj0fL5FJLHC/ReVTWhOGtbLMhCEo1jYPc
VQiv+jGLjNQcqijfi5OUvZf1mpMR4RzesypwQbZI5ygDAa9wr0pV5elt7oUUpFyK
/MyPaMYTlilMrDl4U6OP+kmDNto86yKM9R0T9Hh4n5gbD+Nnt2cpdUbvPYu0UipX
E3VkDsvrfx6hT46pS+SbVX4uWyv4Zf05pilKW+Ngj3uwGbLiFkeXZyF+KRTzw+ib
ES70
-----END CERTIFICATE-----
Generated at Thu May 23 08:44:46 2024 by rpki-client on console-ams.rpki-client.org