Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/TzWOCGPkf6RU5PWhlsbRz7VW9QI.roa
File: TzWOCGPkf6RU5PWhlsbRz7VW9QI.roa (raw, json)
Hash identifier: /9VcCS35gRZ6JbhnNioSx4CuJycfa9QsSTd+RIKMif4=
Subject key identifier: 4F:35:8E:08:63:E4:7F:A4:54:E4:F5:A1:96:C6:D1:CF:B5:56:F5:02
Certificate issuer: /CN=1858caa6832aa2a3e7cc6d144515f8f431b66762
Certificate serial: 0191BBE1A2435A4E2A3D40423BBB9C441C7D
Authority key identifier: 18:58:CA:A6:83:2A:A2:A3:E7:CC:6D:14:45:15:F8:F4:31:B6:67:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GFjKpoMqoqPnzG0URRX49DG2Z2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/TzWOCGPkf6RU5PWhlsbRz7VW9QI.roa
Signing time: Wed 04 Sep 2024 07:13:32 +0000
ROA not before: Wed 04 Sep 2024 07:13:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 196932
IP address blocks: 178.255.136.0/21 maxlen: 24
185.192.200.0/22 maxlen: 24
2a03:40e0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/GFjKpoMqoqPnzG0URRX49DG2Z2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/GFjKpoMqoqPnzG0URRX49DG2Z2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/GFjKpoMqoqPnzG0URRX49DG2Z2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:bb:e1:a2:43:5a:4e:2a:3d:40:42:3b:bb:9c:44:1c:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1858caa6832aa2a3e7cc6d144515f8f431b66762
Validity
Not Before: Sep 4 07:13:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4f358e0863e47fa454e4f5a196c6d1cfb556f502
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:cb:b9:b3:b5:c1:e3:ab:50:e3:0d:45:61:15:
ad:10:55:a6:9b:0d:1c:28:49:2e:cd:8b:75:ba:ef:
ac:f4:8c:df:1d:f7:52:50:9f:d2:93:58:1a:a5:1b:
1d:9d:40:87:f8:93:4f:c5:88:8f:6f:29:52:fa:8c:
92:f6:b4:f1:8a:ee:b8:07:db:60:f3:de:60:2d:d7:
3d:aa:c2:8d:3e:71:e3:bb:76:fa:48:f5:c6:fc:64:
c2:37:69:93:3a:b6:a7:49:38:15:7b:7b:62:cc:1e:
7f:60:09:3b:d9:85:91:0f:63:ce:5a:c2:ef:46:65:
63:e4:59:75:cb:63:d2:63:f2:bf:16:df:53:44:23:
55:68:c3:b1:88:ca:8e:60:e9:cd:27:ed:22:63:2e:
b0:d3:b5:9c:43:1e:4d:80:18:e5:92:32:44:27:00:
2f:3a:5e:e8:71:ee:94:d6:07:6b:b6:0e:21:8a:08:
38:83:d4:76:f0:7c:1d:78:28:8b:5b:a1:dd:5b:ef:
ce:31:66:4a:ba:3a:a2:c7:f1:b8:0e:3f:76:5a:13:
25:96:35:b1:0c:0f:ae:aa:7f:2c:ad:ac:2b:41:97:
2a:1c:73:1e:66:3b:74:a9:bb:78:33:a6:0e:10:b1:
70:5e:04:78:1c:79:f1:38:75:65:69:23:e8:70:2b:
bd:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:35:8E:08:63:E4:7F:A4:54:E4:F5:A1:96:C6:D1:CF:B5:56:F5:02
X509v3 Authority Key Identifier:
keyid:18:58:CA:A6:83:2A:A2:A3:E7:CC:6D:14:45:15:F8:F4:31:B6:67:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GFjKpoMqoqPnzG0URRX49DG2Z2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/TzWOCGPkf6RU5PWhlsbRz7VW9QI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/7926b8-6ea7-45b4-953e-aab7fc3f8ac5/1/GFjKpoMqoqPnzG0URRX49DG2Z2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.255.136.0/21
185.192.200.0/22
IPv6:
2a03:40e0::/32
Signature Algorithm: sha256WithRSAEncryption
7d:35:1a:0e:44:8a:e9:b0:1c:4f:92:ec:98:48:4a:cb:57:41:
6c:61:d7:ae:0a:4d:95:33:3d:86:cb:19:4b:18:17:41:e3:40:
4c:df:a3:a6:c8:7b:f8:aa:a7:d8:9e:f9:d8:69:d5:5d:bd:38:
28:a1:2f:99:8a:72:75:08:8f:4a:21:ad:09:35:0c:f9:46:89:
00:5a:d0:e6:31:f3:d5:8d:34:f3:a9:a6:90:02:18:6c:25:a3:
7b:17:3c:fb:26:dd:c6:32:25:d0:e1:5c:29:1f:bc:ec:1c:74:
34:16:29:26:37:80:d6:85:8c:3d:d8:8a:0e:61:3f:0e:2d:7d:
57:21:39:3e:15:9a:fd:77:61:7f:59:1d:c1:8d:8e:d7:3e:d8:
4e:ae:cd:4a:57:bf:18:9f:1f:c1:3e:cb:63:42:1c:6e:ce:6d:
06:cc:b6:67:d7:dd:31:1b:1d:ea:0e:c3:eb:eb:7f:48:3c:96:
2c:43:65:e4:35:91:30:24:52:a3:75:6c:66:c3:fd:3b:38:e4:
77:5a:28:1a:7c:e0:82:bb:2e:b5:d7:f2:c8:73:8e:56:d6:3c:
7d:54:a1:0c:e1:d4:95:d4:dc:38:17:fa:8c:6a:20:68:aa:b4:
97:ed:05:b6:f1:00:ad:19:79:93:c1:6e:ce:b1:5f:4c:fe:26:
9c:79:30:2b
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZG74aJDWk4qPUBCO7ucRBx9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4NThjYWE2ODMyYWEyYTNlN2NjNmQxNDQ1MTVmOGY0MzFi
NjY3NjIwHhcNMjQwOTA0MDcxMzMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZjM1OGUwODYzZTQ3ZmE0NTRlNGY1YTE5NmM2ZDFjZmI1NTZmNTAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr8u5s7XB46tQ4w1FYRWtEFWmmw0c
KEkuzYt1uu+s9IzfHfdSUJ/Sk1gapRsdnUCH+JNPxYiPbylS+oyS9rTxiu64B9tg
895gLdc9qsKNPnHju3b6SPXG/GTCN2mTOranSTgVe3tizB5/YAk72YWRD2POWsLv
RmVj5Fl1y2PSY/K/Ft9TRCNVaMOxiMqOYOnNJ+0iYy6w07WcQx5NgBjlkjJEJwAv
Ol7oce6U1gdrtg4higg4g9R28HwdeCiLW6HdW+/OMWZKujqix/G4Dj92WhMlljWx
DA+uqn8srawrQZcqHHMeZjt0qbt4M6YOELFwXgR4HHnxOHVlaSPocCu9MQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE81jghj5H+kVOT1oZbG0c+1VvUCMB8GA1UdIwQY
MBaAFBhYyqaDKqKj58xtFEUV+PQxtmdiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0ZqS3BvTXFvcVBuekcwVVJSWDQ5REcyWjJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC83OTI2YjgtNmVhNy00NWI0LTk1M2Ut
YWFiN2ZjM2Y4YWM1LzEvVHpXT0NHUGtmNlJVNVBXaGxzYlJ6N1ZXOVFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC83OTI2YjgtNmVhNy00NWI0LTk1M2UtYWFiN2ZjM2Y4YWM1
LzEvR0ZqS3BvTXFvcVBuekcwVVJSWDQ5REcyWjJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDsv+IAwQC
ucDIMA0EAgACMAcDBQAqA0DgMA0GCSqGSIb3DQEBCwUAA4IBAQB9NRoORIrpsBxP
kuyYSErLV0FsYdeuCk2VMz2GyxlLGBdB40BM36OmyHv4qqfYnvnYadVdvTgooS+Z
inJ1CI9KIa0JNQz5RokAWtDmMfPVjTTzqaaQAhhsJaN7Fzz7Jt3GMiXQ4VwpH7zs
HHQ0FikmN4DWhYw92IoOYT8OLX1XITk+FZr9d2F/WR3BjY7XPthOrs1KV78Ynx/B
PstjQhxuzm0GzLZn190xGx3qDsPr639IPJYsQ2XkNZEwJFKjdWxmw/07OOR3Wiga
fOCCuy611/LIc45W1jx9VKEM4dSV1Nw4F/qMaiBoqrSX7QW28QCtGXmTwW7OsV9M
/iaceTAr
-----END CERTIFICATE-----
Generated at Sat Nov 23 06:16:55 2024 by rpki-client on console-ams.rpki-client.org