Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/a4abf3-4af3-4180-8340-b13a1f20d15f/1/TKFgifUv28T6wKZ4YdWiixsRk_g.roa
File: TKFgifUv28T6wKZ4YdWiixsRk_g.roa (raw, json)
Hash identifier: bxhYAgtav2A1722yfVqJbjXC9TPtoF1tZJwNJyfGafg=
Subject key identifier: 4C:A1:60:89:F5:2F:DB:C4:FA:C0:A6:78:61:D5:A2:8B:1B:11:93:F8
Certificate issuer: /CN=c13e341c1e14d35a7496ce7828e3055f863935cf
Certificate serial: 018CC3B6EF336A9DE629DF3D52ECF5DE671A
Authority key identifier: C1:3E:34:1C:1E:14:D3:5A:74:96:CE:78:28:E3:05:5F:86:39:35:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wT40HB4U01p0ls54KOMFX4Y5Nc8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/a4abf3-4af3-4180-8340-b13a1f20d15f/1/TKFgifUv28T6wKZ4YdWiixsRk_g.roa
Signing time: Mon 01 Jan 2024 06:29:54 +0000
ROA not before: Mon 01 Jan 2024 06:29:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206561
IP address blocks: 185.173.191.0/24 maxlen: 24
185.173.188.0/24 maxlen: 24
185.173.189.0/24 maxlen: 24
185.173.190.0/24 maxlen: 24
2a0f:46c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/a4abf3-4af3-4180-8340-b13a1f20d15f/1/wT40HB4U01p0ls54KOMFX4Y5Nc8.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/a4abf3-4af3-4180-8340-b13a1f20d15f/1/wT40HB4U01p0ls54KOMFX4Y5Nc8.mft
rsync://rpki.ripe.net/repository/DEFAULT/wT40HB4U01p0ls54KOMFX4Y5Nc8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:ef:33:6a:9d:e6:29:df:3d:52:ec:f5:de:67:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c13e341c1e14d35a7496ce7828e3055f863935cf
Validity
Not Before: Jan 1 06:29:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ca16089f52fdbc4fac0a67861d5a28b1b1193f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:b4:6d:05:be:64:ce:fe:5f:7d:34:4f:0a:ac:
a0:54:1c:72:f8:d7:46:8a:90:8b:33:ea:24:89:28:
4d:72:28:2a:4a:59:89:fd:52:83:c6:c3:bf:f4:63:
c8:01:5d:60:e0:09:ff:48:a6:e4:20:5d:e8:fb:9a:
a0:4f:a1:64:9d:a9:c2:98:cd:30:94:1b:af:f9:65:
7b:1c:07:c7:f9:44:17:13:94:a2:86:1c:f1:03:4b:
f7:85:4b:5f:2e:08:0c:23:ee:91:fa:08:dd:89:4b:
69:a9:4e:bf:1a:77:d6:2d:0a:7e:ff:bb:15:c5:6e:
cf:e5:30:19:b6:34:88:91:a6:43:71:f4:fa:50:be:
33:5e:ba:0a:fe:d2:42:51:d4:4d:45:19:93:8a:e9:
51:e1:e0:ee:43:e5:a9:f8:72:c4:d9:86:d2:2d:63:
2f:49:bc:dd:1f:2f:be:1c:5e:81:6b:a9:0c:e6:9c:
8a:1a:b8:36:4c:8c:7d:bd:3f:8c:6c:9a:07:92:8d:
b1:38:a1:5e:ae:17:09:d1:f9:1c:91:f7:c8:6a:b2:
6f:83:16:bb:a0:31:43:09:56:37:f9:20:d7:fd:74:
27:1d:b5:71:67:00:25:05:d6:5e:8f:6a:d7:ef:00:
54:4f:fd:27:f4:31:5f:6b:af:f8:0e:da:6d:6f:18:
31:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A1:60:89:F5:2F:DB:C4:FA:C0:A6:78:61:D5:A2:8B:1B:11:93:F8
X509v3 Authority Key Identifier:
keyid:C1:3E:34:1C:1E:14:D3:5A:74:96:CE:78:28:E3:05:5F:86:39:35:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wT40HB4U01p0ls54KOMFX4Y5Nc8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/a4abf3-4af3-4180-8340-b13a1f20d15f/1/TKFgifUv28T6wKZ4YdWiixsRk_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/a4abf3-4af3-4180-8340-b13a1f20d15f/1/wT40HB4U01p0ls54KOMFX4Y5Nc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.173.188.0/22
IPv6:
2a0f:46c0::/29
Signature Algorithm: sha256WithRSAEncryption
8f:7d:c0:96:33:7e:f9:26:d4:83:16:8e:19:ad:f8:1f:a6:6c:
82:5f:cb:e3:4d:77:60:8e:a4:e9:d4:39:e0:42:ac:3d:96:9e:
b5:a2:53:d2:15:87:0f:b9:26:9b:41:46:1f:66:bb:4b:c1:85:
fc:67:1a:3f:44:d9:14:f5:0e:1a:b0:a2:90:cb:5f:df:5a:39:
e7:fe:89:0f:c0:a7:ca:33:88:f0:b3:81:d3:76:db:28:e9:f1:
92:22:d5:bb:5b:1a:c0:8c:ce:de:3b:8a:fc:2f:ef:ee:1f:e6:
c6:4c:ca:d4:23:ea:f6:62:35:b7:4f:a2:34:dd:f9:ad:89:eb:
70:76:e6:29:66:81:16:80:a5:de:00:86:cc:27:81:7b:8b:73:
84:05:ea:2b:48:e6:be:bf:43:95:4a:9e:90:33:76:6e:8d:90:
dc:44:63:5d:e5:ce:d2:a1:f5:0e:3c:38:a6:4a:bd:6b:0f:af:
a4:b6:fc:90:a6:50:d8:6c:88:1e:b8:90:0b:0b:c6:0d:ca:26:
4b:b1:4b:36:46:35:95:91:5e:ef:f1:b2:5a:1c:97:a2:74:74:
78:a3:8b:6f:f4:1c:43:8f:49:8e:15:b3:7b:db:99:59:a0:f0:
21:ca:a8:6e:88:63:f7:32:a4:14:77:ca:db:f4:46:0d:e3:21:
20:2d:67:ee
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzDtu8zap3mKd89Uuz13mcaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxM2UzNDFjMWUxNGQzNWE3NDk2Y2U3ODI4ZTMwNTVmODYz
OTM1Y2YwHhcNMjQwMTAxMDYyOTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2ExNjA4OWY1MmZkYmM0ZmFjMGE2Nzg2MWQ1YTI4YjFiMTE5M2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAorRtBb5kzv5ffTRPCqygVBxy+NdG
ipCLM+okiShNcigqSlmJ/VKDxsO/9GPIAV1g4An/SKbkIF3o+5qgT6FknanCmM0w
lBuv+WV7HAfH+UQXE5SihhzxA0v3hUtfLggMI+6R+gjdiUtpqU6/GnfWLQp+/7sV
xW7P5TAZtjSIkaZDcfT6UL4zXroK/tJCUdRNRRmTiulR4eDuQ+Wp+HLE2YbSLWMv
SbzdHy++HF6Ba6kM5pyKGrg2TIx9vT+MbJoHko2xOKFerhcJ0fkckffIarJvgxa7
oDFDCVY3+SDX/XQnHbVxZwAlBdZej2rX7wBUT/0n9DFfa6/4DtptbxgxBwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFEyhYIn1L9vE+sCmeGHVoosbEZP4MB8GA1UdIwQY
MBaAFME+NBweFNNadJbOeCjjBV+GOTXPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd1Q0MEhCNFUwMXAwbHM1NEtPTUZYNFk1TmM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy9hNGFiZjMtNGFmMy00MTgwLTgzNDAt
YjEzYTFmMjBkMTVmLzEvVEtGZ2lmVXYyOFQ2d0taNFlkV2lpeHNSa19nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy9hNGFiZjMtNGFmMy00MTgwLTgzNDAtYjEzYTFmMjBkMTVm
LzEvd1Q0MEhCNFUwMXAwbHM1NEtPTUZYNFk1TmM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCua28MA0E
AgACMAcDBQMqD0bAMA0GCSqGSIb3DQEBCwUAA4IBAQCPfcCWM375JtSDFo4Zrfgf
pmyCX8vjTXdgjqTp1DngQqw9lp61olPSFYcPuSabQUYfZrtLwYX8Zxo/RNkU9Q4a
sKKQy1/fWjnn/okPwKfKM4jws4HTdtso6fGSItW7WxrAjM7eO4r8L+/uH+bGTMrU
I+r2YjW3T6I03fmtietwduYpZoEWgKXeAIbMJ4F7i3OEBeorSOa+v0OVSp6QM3Zu
jZDcRGNd5c7SofUOPDimSr1rD6+ktvyQplDYbIgeuJALC8YNyiZLsUs2RjWVkV7v
8bJaHJeidHR4o4tv9BxDj0mOFbN725lZoPAhyqhuiGP3MqQUd8rb9EYN4yEgLWfu
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:35:12 2024 by rpki-client on console-ams.rpki-client.org