Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/TV2zBI68OokDQNxAUb7-0YM5VWE.roa
File: TV2zBI68OokDQNxAUb7-0YM5VWE.roa (raw, json)
Hash identifier: v1RG4M5Zv5v13MQJRKj3euaBg9NZpMl2lOlYOrVnh1Q=
Subject key identifier: 4D:5D:B3:04:8E:BC:3A:89:03:40:DC:40:51:BE:FE:D1:83:39:55:61
Certificate issuer: /CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Certificate serial: 018EA902268E59D1F7DEA3026781BC08BBCC
Authority key identifier: E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/TV2zBI68OokDQNxAUb7-0YM5VWE.roa
Signing time: Thu 04 Apr 2024 12:07:54 +0000
ROA not before: Thu 04 Apr 2024 12:07:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 21243
IP address blocks: 37.247.244.0/23 maxlen: 23
212.2.105.0/24 maxlen: 24
212.2.106.0/23 maxlen: 23
2a01:2e1:ffff:6::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 30 Apr 2024 08:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a9:02:26:8e:59:d1:f7:de:a3:02:67:81:bc:08:bb:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e29b9ac2ef631b92e82f595d73e4792c816ec6e6
Validity
Not Before: Apr 4 12:07:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d5db3048ebc3a890340dc4051befed183395561
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b1:6c:65:db:fd:d1:a9:1f:92:12:c8:f8:0d:
02:11:98:b4:13:ff:c7:4d:b1:ce:2a:fe:d8:04:0e:
d1:de:a3:1c:26:12:37:7d:e1:f3:4e:75:28:01:29:
95:35:7a:c4:1e:9a:1b:1f:06:a6:83:d4:0d:7f:f0:
7e:b3:99:9a:b8:94:c4:69:b4:c0:6e:3b:31:d5:51:
35:79:d7:44:ef:52:7e:28:6b:58:74:85:31:15:89:
c9:54:b6:45:79:a2:fe:c1:43:51:93:99:72:2e:1f:
d0:ac:12:e4:c8:d2:5a:18:aa:5d:e8:94:9b:75:25:
e7:4c:56:bb:8a:de:e6:00:7b:41:d4:ee:72:de:01:
a7:d9:87:d6:27:ef:c4:12:97:63:ee:95:9f:79:90:
f5:75:84:43:16:7d:36:80:e9:31:09:b4:76:f7:60:
3b:82:f5:e6:1e:c9:0d:d6:bd:43:75:06:5a:e9:6a:
22:3b:f6:37:67:09:c7:21:c4:5c:ea:81:8c:62:de:
d5:8c:49:d5:ed:de:19:92:8c:2f:93:98:84:b5:68:
41:7f:19:2f:ef:bc:3d:b5:c5:ee:46:9a:85:39:93:
b1:a4:ef:0a:93:a8:ca:70:7d:1a:b9:c8:23:ce:7e:
05:7c:d2:08:55:37:94:a5:78:8f:2b:d2:6b:f1:5a:
ea:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:5D:B3:04:8E:BC:3A:89:03:40:DC:40:51:BE:FE:D1:83:39:55:61
X509v3 Authority Key Identifier:
keyid:E2:9B:9A:C2:EF:63:1B:92:E8:2F:59:5D:73:E4:79:2C:81:6E:C6:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4puawu9jG5LoL1ldc-R5LIFuxuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/TV2zBI68OokDQNxAUb7-0YM5VWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/690357-dfbe-4d86-afd6-9164e352a83c/1/4puawu9jG5LoL1ldc-R5LIFuxuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.247.244.0/23
212.2.105.0-212.2.107.255
IPv6:
2a01:2e1:ffff:6::/64
Signature Algorithm: sha256WithRSAEncryption
7d:32:8a:9f:d5:f8:3c:72:f2:e1:92:cb:e9:bc:7e:d4:06:11:
09:2e:1d:c1:76:18:bf:89:9d:c8:ed:3b:da:51:66:05:f7:25:
8b:3a:cd:07:b8:81:6e:cb:4f:06:8c:7f:92:6d:74:12:68:5a:
79:b6:b9:28:4b:68:0f:94:73:15:4d:e5:3f:8f:29:0e:9f:ae:
1f:20:eb:c4:e5:78:af:53:9e:ff:ee:75:a5:f9:32:d1:cd:55:
39:64:59:30:bc:3b:1b:77:85:01:b2:b8:fc:29:ca:b0:ea:ec:
0e:28:bd:3a:9d:32:5f:58:cd:cc:b8:17:aa:a5:20:bc:58:c5:
61:24:35:8b:f5:46:f5:77:88:4b:b1:92:24:ce:f7:f2:da:47:
f0:5d:8c:08:72:8e:f6:48:40:a5:43:85:bf:5a:69:f7:ba:78:
a4:f5:b5:42:8c:25:47:8f:c8:06:33:ef:e0:34:e8:d5:67:f1:
90:ef:98:e8:b6:58:3f:c6:85:48:cf:c0:48:1f:59:dc:c7:c4:
54:a3:fb:6f:6b:a1:ed:a0:70:bd:1a:27:d6:60:ea:06:be:1a:
da:80:0c:9a:17:65:12:4b:c8:04:0a:57:79:6c:5a:16:c9:57:
80:f9:b8:2f:8f:cb:4d:93:75:7b:5e:de:fa:ee:59:87:d5:b0:
de:19:05:05
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY6pAiaOWdH33qMCZ4G8CLvMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyOWI5YWMyZWY2MzFiOTJlODJmNTk1ZDczZTQ3OTJjODE2
ZWM2ZTYwHhcNMjQwNDA0MTIwNzU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDVkYjMwNDhlYmMzYTg5MDM0MGRjNDA1MWJlZmVkMTgzMzk1NTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbFsZdv90akfkhLI+A0CEZi0E//H
TbHOKv7YBA7R3qMcJhI3feHzTnUoASmVNXrEHpobHwamg9QNf/B+s5mauJTEabTA
bjsx1VE1eddE71J+KGtYdIUxFYnJVLZFeaL+wUNRk5lyLh/QrBLkyNJaGKpd6JSb
dSXnTFa7it7mAHtB1O5y3gGn2YfWJ+/EEpdj7pWfeZD1dYRDFn02gOkxCbR292A7
gvXmHskN1r1DdQZa6WoiO/Y3ZwnHIcRc6oGMYt7VjEnV7d4Zkowvk5iEtWhBfxkv
77w9tcXuRpqFOZOxpO8Kk6jKcH0aucgjzn4FfNIIVTeUpXiPK9Jr8Vrq/wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFE1dswSOvDqJA0DcQFG+/tGDOVVhMB8GA1UdIwQY
MBaAFOKbmsLvYxuS6C9ZXXPkeSyBbsbmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYt
OTE2NGUzNTJhODNjLzEvVFYyekJJNjhPb2tEUU54QVViNy0wWU01VldFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82OTAzNTctZGZiZS00ZDg2LWFmZDYtOTE2NGUzNTJhODNj
LzEvNHB1YXd1OWpHNUxvTDFsZGMtUjVMSUZ1eHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAaBAIAATAUAwQBJff0MAwD
BADUAmkDBALUAmgwEQQCAAIwCwMJACoBAuH//wAGMA0GCSqGSIb3DQEBCwUAA4IB
AQB9Moqf1fg8cvLhksvpvH7UBhEJLh3Bdhi/iZ3I7TvaUWYF9yWLOs0HuIFuy08G
jH+SbXQSaFp5trkoS2gPlHMVTeU/jykOn64fIOvE5XivU57/7nWl+TLRzVU5ZFkw
vDsbd4UBsrj8Kcqw6uwOKL06nTJfWM3MuBeqpSC8WMVhJDWL9Ub1d4hLsZIkzvfy
2kfwXYwIco72SEClQ4W/Wmn3unik9bVCjCVHj8gGM+/gNOjVZ/GQ75jotlg/xoVI
z8BIH1ncx8RUo/tva6HtoHC9GifWYOoGvhragAyaF2USS8gECld5bFoWyVeA+bgv
j8tNk3V7Xt767lmH1bDeGQUF
-----END CERTIFICATE-----
Generated at Mon Apr 29 11:34:49 2024 by rpki-client on console-ams.rpki-client.org