Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/TZT7aTHTJ7d9Hvv08YPPnhSOnsI.roa
File: TZT7aTHTJ7d9Hvv08YPPnhSOnsI.roa (raw, json)
Hash identifier: QN7aYyXMbvFoFiu1CLgJYPZ3qvgGKi9QeoDMCKF9tg8=
Subject key identifier: 4D:94:FB:69:31:D3:27:B7:7D:1E:FB:F4:F1:83:CF:9E:14:8E:9E:C2
Certificate issuer: /CN=c2778de2a9be9802120382e750d159e95872c2ae
Certificate serial: 018D62D3F8E52177008F81F42A4B7B5028EC
Authority key identifier: C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/TZT7aTHTJ7d9Hvv08YPPnhSOnsI.roa
Signing time: Thu 01 Feb 2024 04:01:15 +0000
ROA not before: Thu 01 Feb 2024 04:01:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61317
IP address blocks: 83.147.216.0/23 maxlen: 24
83.147.217.0/24 maxlen: 24
91.186.214.0/23 maxlen: 24
178.253.12.0/23 maxlen: 24
178.253.31.0/24 maxlen: 24
178.253.52.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 28 Apr 2024 15:42:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:62:d3:f8:e5:21:77:00:8f:81:f4:2a:4b:7b:50:28:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c2778de2a9be9802120382e750d159e95872c2ae
Validity
Not Before: Feb 1 04:01:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d94fb6931d327b77d1efbf4f183cf9e148e9ec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:90:33:e0:3e:1e:e3:39:01:ac:23:3f:9b:14:
a6:75:9f:22:d8:be:e3:cf:45:5e:1f:60:28:ea:42:
95:3f:64:24:d3:81:0b:bc:82:c4:8b:28:43:98:70:
3f:5b:19:ee:a2:06:56:d6:e9:05:ad:c3:92:ba:1b:
3e:c5:70:ff:bb:c7:75:cc:a8:81:4d:2b:d5:98:86:
44:a6:a1:58:fb:3d:19:70:c3:cb:89:55:08:a5:09:
24:36:76:b7:f9:b1:f2:02:72:c7:09:bd:8b:77:c0:
7b:7c:63:af:65:c9:67:a1:98:89:be:1d:a7:71:77:
2a:5a:30:0a:57:61:1b:04:df:18:33:a5:2c:e4:fc:
f1:36:cb:29:bd:2d:88:81:bc:48:a7:02:2f:af:44:
9c:2f:49:95:c7:89:5b:6a:31:55:c7:f6:41:0f:a2:
c5:b5:1b:68:32:78:72:f6:3f:83:f3:08:17:10:64:
a2:03:22:41:50:ec:d2:23:65:53:c5:33:46:c2:23:
08:3d:30:0a:02:4b:62:d5:13:85:16:d7:20:0d:ea:
55:51:b0:63:a5:b5:1d:c6:a0:78:6e:49:56:ba:7c:
6c:b1:31:59:00:70:12:99:7e:66:68:b6:94:33:9d:
41:1f:54:dd:f5:2f:9f:12:cf:26:d3:ab:d3:9c:52:
08:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:94:FB:69:31:D3:27:B7:7D:1E:FB:F4:F1:83:CF:9E:14:8E:9E:C2
X509v3 Authority Key Identifier:
keyid:C2:77:8D:E2:A9:BE:98:02:12:03:82:E7:50:D1:59:E9:58:72:C2:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wneN4qm-mAISA4LnUNFZ6Vhywq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/TZT7aTHTJ7d9Hvv08YPPnhSOnsI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/410930-9d65-4be8-9eba-f98da54af434/1/wneN4qm-mAISA4LnUNFZ6Vhywq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.147.216.0/23
91.186.214.0/23
178.253.12.0/23
178.253.31.0/24
178.253.52.0/23
Signature Algorithm: sha256WithRSAEncryption
4d:f3:05:fa:a1:b2:23:e8:9b:2b:1b:a6:57:8b:82:6b:a3:e4:
15:18:95:0b:dd:f6:53:bd:48:b1:2d:aa:df:71:27:e8:10:c2:
84:92:14:db:6e:bd:85:d4:9d:23:d6:bb:d7:95:c6:9b:f3:45:
95:31:c8:1f:b9:fb:a7:3e:74:3f:f1:81:61:bf:ea:8f:9e:85:
8b:ed:4c:63:2a:37:e0:39:cb:11:91:e3:91:de:c8:2a:7f:34:
cf:7d:7c:bd:08:8d:37:32:b0:ea:41:f2:ad:68:b2:26:09:20:
ab:de:d7:b7:0b:20:ab:c7:f1:b1:29:76:5c:1a:8a:2a:10:e0:
af:8e:0e:be:b1:74:fc:79:e7:b2:ca:2f:41:f5:d8:67:36:f1:
b6:38:49:3d:e6:5b:61:0a:51:29:02:7a:c5:b9:7c:3c:e9:5f:
30:ff:c2:30:32:8e:29:6d:4b:cb:75:91:87:57:27:35:5c:11:
6d:95:03:2e:2b:61:c4:de:fc:bc:19:b6:0d:5c:e9:4f:0c:e2:
3f:10:ae:8a:00:f7:af:f7:98:81:7a:99:82:07:05:d7:69:5b:
d3:0b:aa:40:85:d9:16:29:c1:86:49:c2:a5:a0:57:74:6b:06:
ba:31:d1:2c:b0:4a:a9:5e:e3:77:41:d4:cb:56:dd:9d:3b:ad:
af:7f:dd:65
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY1i0/jlIXcAj4H0Kkt7UCjsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMyNzc4ZGUyYTliZTk4MDIxMjAzODJlNzUwZDE1OWU5NTg3
MmMyYWUwHhcNMjQwMjAxMDQwMTE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDk0ZmI2OTMxZDMyN2I3N2QxZWZiZjRmMTgzY2Y5ZTE0OGU5ZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkpAz4D4e4zkBrCM/mxSmdZ8i2L7j
z0VeH2Ao6kKVP2Qk04ELvILEiyhDmHA/WxnuogZW1ukFrcOSuhs+xXD/u8d1zKiB
TSvVmIZEpqFY+z0ZcMPLiVUIpQkkNna3+bHyAnLHCb2Ld8B7fGOvZclnoZiJvh2n
cXcqWjAKV2EbBN8YM6Us5PzxNsspvS2IgbxIpwIvr0ScL0mVx4lbajFVx/ZBD6LF
tRtoMnhy9j+D8wgXEGSiAyJBUOzSI2VTxTNGwiMIPTAKAkti1ROFFtcgDepVUbBj
pbUdxqB4bklWunxssTFZAHASmX5maLaUM51BH1Td9S+fEs8m06vTnFIIgwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFE2U+2kx0ye3fR779PGDz54Ujp7CMB8GA1UdIwQY
MBaAFMJ3jeKpvpgCEgOC51DRWelYcsKuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEt
Zjk4ZGE1NGFmNDM0LzEvVFpUN2FUSFRKN2Q5SHZ2MDhZUFBuaFNPbnNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC80MTA5MzAtOWQ2NS00YmU4LTllYmEtZjk4ZGE1NGFmNDM0
LzEvd25lTjRxbS1tQUlTQTRMblVORlo2Vmh5d3E0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBU5PYAwQB
W7rWAwQBsv0MAwQAsv0fAwQBsv00MA0GCSqGSIb3DQEBCwUAA4IBAQBN8wX6obIj
6JsrG6ZXi4Jro+QVGJUL3fZTvUixLarfcSfoEMKEkhTbbr2F1J0j1rvXlcab80WV
McgfufunPnQ/8YFhv+qPnoWL7UxjKjfgOcsRkeOR3sgqfzTPfXy9CI03MrDqQfKt
aLImCSCr3te3CyCrx/GxKXZcGooqEOCvjg6+sXT8eeeyyi9B9dhnNvG2OEk95lth
ClEpAnrFuXw86V8w/8IwMo4pbUvLdZGHVyc1XBFtlQMuK2HE3vy8GbYNXOlPDOI/
EK6KAPev95iBepmCBwXXaVvTC6pAhdkWKcGGScKloFd0awa6MdEssEqpXuN3QdTL
Vt2dO62vf91l
-----END CERTIFICATE-----
Generated at Sun Apr 28 00:05:28 2024 by rpki-client on console-ams.rpki-client.org