Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/TkEYkt4ztdTUIJ7a5_qrI5gW3ds.roa
File: TkEYkt4ztdTUIJ7a5_qrI5gW3ds.roa (raw, json)
Hash identifier: FFu6uRp6vzUWqmfOeSkC77qrOhaQtiESJwNd6t0IKuE=
Subject key identifier: 4E:41:18:92:DE:33:B5:D4:D4:20:9E:DA:E7:FA:AB:23:98:16:DD:DB
Certificate issuer: /CN=050e3b7dfbd59910fe527cc7e29af64d53806c91
Certificate serial: 018CC801B23A9FB1AFEDCE4D4DE8AA5B2AB6
Authority key identifier: 05:0E:3B:7D:FB:D5:99:10:FE:52:7C:C7:E2:9A:F6:4D:53:80:6C:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BQ47ffvVmRD-UnzH4pr2TVOAbJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/TkEYkt4ztdTUIJ7a5_qrI5gW3ds.roa
Signing time: Tue 02 Jan 2024 02:30:03 +0000
ROA not before: Tue 02 Jan 2024 02:30:03 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 31117
IP address blocks: 217.119.112.0/20 maxlen: 20
87.244.192.0/18 maxlen: 18
212.37.64.0/19 maxlen: 19
185.171.140.0/22 maxlen: 22
2a01:328::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/BQ47ffvVmRD-UnzH4pr2TVOAbJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/BQ47ffvVmRD-UnzH4pr2TVOAbJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/BQ47ffvVmRD-UnzH4pr2TVOAbJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:b2:3a:9f:b1:af:ed:ce:4d:4d:e8:aa:5b:2a:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=050e3b7dfbd59910fe527cc7e29af64d53806c91
Validity
Not Before: Jan 2 02:30:03 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e411892de33b5d4d4209edae7faab239816dddb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:0b:06:45:53:dc:81:f3:be:63:6e:df:3f:d2:
ed:e2:e0:18:39:62:e6:23:04:72:f1:bc:c9:ed:81:
5d:80:31:54:1b:78:27:94:e3:69:33:e3:b8:df:dd:
d2:76:9f:78:34:85:88:74:97:19:78:d3:80:a1:3b:
44:87:62:bd:24:fb:b5:b9:c3:81:33:cc:af:5c:88:
58:7c:4c:4c:3c:e5:63:28:25:d0:d7:60:81:68:83:
f7:2e:27:a3:18:34:f2:f1:15:bf:57:44:b8:6e:53:
7d:f6:1c:98:7d:70:8a:89:49:34:ec:9b:5f:6d:13:
b5:3a:e7:d7:99:5d:61:ff:6a:2c:7b:c8:58:ef:2e:
5c:b1:b6:28:2d:51:f4:4c:e5:8f:af:cf:95:68:ab:
0e:09:3b:2c:1b:83:81:73:ae:8b:13:7f:6e:48:83:
d2:09:5d:ed:99:ea:51:af:11:85:bc:e9:c6:9f:44:
32:15:3e:00:56:4d:d0:28:89:be:3b:76:2e:de:c0:
52:c7:d8:e1:67:88:ed:ea:3b:a3:e2:03:20:6a:49:
c9:9e:d1:f2:46:f5:0d:9b:32:57:3f:70:4d:eb:4e:
90:73:62:98:2a:04:4f:51:22:d6:0b:a2:7f:1d:03:
48:4f:7b:86:8d:f3:16:d6:6d:e4:5a:33:6b:2a:2f:
eb:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:41:18:92:DE:33:B5:D4:D4:20:9E:DA:E7:FA:AB:23:98:16:DD:DB
X509v3 Authority Key Identifier:
keyid:05:0E:3B:7D:FB:D5:99:10:FE:52:7C:C7:E2:9A:F6:4D:53:80:6C:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BQ47ffvVmRD-UnzH4pr2TVOAbJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/TkEYkt4ztdTUIJ7a5_qrI5gW3ds.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/9d960c-e234-4a05-aba2-4a8779e478c6/1/BQ47ffvVmRD-UnzH4pr2TVOAbJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.244.192.0/18
185.171.140.0/22
212.37.64.0/19
217.119.112.0/20
IPv6:
2a01:328::/32
Signature Algorithm: sha256WithRSAEncryption
12:03:ae:e5:5f:65:c3:9e:72:be:f1:e3:3a:6d:cc:36:1f:56:
06:0e:72:35:c1:bd:30:8e:a9:93:18:5f:9e:cd:a2:0b:f4:29:
b9:74:5a:5a:db:5a:5c:bc:eb:51:1e:dc:2e:4a:57:0f:9d:cb:
2a:e5:ea:79:d3:79:65:85:a1:99:e5:8b:ad:21:78:cd:03:4e:
89:ee:82:00:1a:6d:a7:0c:7a:e7:14:34:b4:da:d9:53:dd:3e:
2c:0e:15:19:39:92:31:a8:34:97:4e:d8:8b:e8:0c:26:e6:d5:
19:cb:02:95:d7:06:28:32:e5:4e:64:9a:f3:86:d4:4e:10:56:
11:30:c2:19:71:20:b6:94:fe:45:7f:2b:d2:1c:1e:12:67:62:
27:03:27:11:99:9f:41:a5:61:24:4e:02:19:7d:bb:72:fa:01:
58:04:dc:62:82:97:f9:01:51:26:26:5a:0f:77:f8:21:d1:95:
17:f3:0c:22:6d:c1:01:45:d6:95:84:b7:58:c7:17:83:ae:41:
32:fd:dd:34:c3:5f:eb:85:29:32:fa:07:c3:e5:e0:d7:a4:c9:
40:cf:83:c6:9a:5e:14:c6:b9:bf:97:34:9c:b4:0f:2d:f2:b6:
b4:b5:9e:84:68:de:53:96:72:9a:5a:ab:fb:40:0e:6c:10:a2:
a6:f2:1d:23
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzIAbI6n7Gv7c5NTeiqWyq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1MGUzYjdkZmJkNTk5MTBmZTUyN2NjN2UyOWFmNjRkNTM4
MDZjOTEwHhcNMjQwMTAyMDIzMDAzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTQxMTg5MmRlMzNiNWQ0ZDQyMDllZGFlN2ZhYWIyMzk4MTZkZGRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAngsGRVPcgfO+Y27fP9Lt4uAYOWLm
IwRy8bzJ7YFdgDFUG3gnlONpM+O4393Sdp94NIWIdJcZeNOAoTtEh2K9JPu1ucOB
M8yvXIhYfExMPOVjKCXQ12CBaIP3LiejGDTy8RW/V0S4blN99hyYfXCKiUk07Jtf
bRO1OufXmV1h/2ose8hY7y5csbYoLVH0TOWPr8+VaKsOCTssG4OBc66LE39uSIPS
CV3tmepRrxGFvOnGn0QyFT4AVk3QKIm+O3Yu3sBSx9jhZ4jt6juj4gMgaknJntHy
RvUNmzJXP3BN606Qc2KYKgRPUSLWC6J/HQNIT3uGjfMW1m3kWjNrKi/rMwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFE5BGJLeM7XU1CCe2uf6qyOYFt3bMB8GA1UdIwQY
MBaAFAUOO3371ZkQ/lJ8x+Ka9k1TgGyRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlE0N2ZmdlZtUkQtVW56SDRwcjJUVk9BYkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi85ZDk2MGMtZTIzNC00YTA1LWFiYTIt
NGE4Nzc5ZTQ3OGM2LzEvVGtFWWt0NHp0ZFRVSUo3YTVfcXJJNWdXM2RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi85ZDk2MGMtZTIzNC00YTA1LWFiYTItNGE4Nzc5ZTQ3OGM2
LzEvQlE0N2ZmdlZtUkQtVW56SDRwcjJUVk9BYkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQGV/TAAwQC
uauMAwQF1CVAAwQE2XdwMA0EAgACMAcDBQAqAQMoMA0GCSqGSIb3DQEBCwUAA4IB
AQASA67lX2XDnnK+8eM6bcw2H1YGDnI1wb0wjqmTGF+ezaIL9Cm5dFpa21pcvOtR
HtwuSlcPncsq5ep503llhaGZ5YutIXjNA06J7oIAGm2nDHrnFDS02tlT3T4sDhUZ
OZIxqDSXTtiL6Awm5tUZywKV1wYoMuVOZJrzhtROEFYRMMIZcSC2lP5FfyvSHB4S
Z2InAycRmZ9BpWEkTgIZfbty+gFYBNxigpf5AVEmJloPd/gh0ZUX8wwibcEBRdaV
hLdYxxeDrkEy/d00w1/rhSky+gfD5eDXpMlAz4PGml4Uxrm/lzSctA8t8ra0tZ6E
aN5TlnKaWqv7QA5sEKKm8h0j
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:12:44 2024 by rpki-client on console-ams.rpki-client.org