Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tuxF5A5JI84wz2zlmEaw5Upyg6Q.roa
File: tuxF5A5JI84wz2zlmEaw5Upyg6Q.roa (raw, json)
Hash identifier: 9lvonqEN8BG5igsFfZ4NQO/im/EtdlKBTsXE1KUhcpI=
Subject key identifier: B6:EC:45:E4:0E:49:23:CE:30:CF:6C:E5:98:46:B0:E5:4A:72:83:A4
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 018F3DA641601EF688447D1B1FCEB1B841F7
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tuxF5A5JI84wz2zlmEaw5Upyg6Q.roa
Signing time: Fri 03 May 2024 08:50:56 +0000
ROA not before: Fri 03 May 2024 08:50:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29066
IP address blocks: 2.56.102.0/24 maxlen: 24
2.59.23.0/24 maxlen: 24
45.152.203.0/24 maxlen: 24
193.39.244.0/24 maxlen: 24
2a0f:4a00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:3d:a6:41:60:1e:f6:88:44:7d:1b:1f:ce:b1:b8:41:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: May 3 08:50:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6ec45e40e4923ce30cf6ce59846b0e54a7283a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:98:d3:c4:41:fb:36:f3:4a:3f:b4:e6:a8:55:
46:27:7e:b3:41:63:b1:dc:e0:3e:37:2b:82:60:a2:
98:7e:f6:f8:0c:dc:f2:72:cb:31:30:76:5a:02:77:
d0:ff:b1:4a:d0:7e:41:66:f9:42:fe:13:20:3b:5e:
13:ad:8c:15:06:79:7c:0a:00:d1:3a:4c:db:45:05:
71:41:8f:dd:ea:dd:3b:d0:f6:ff:02:c6:95:67:4f:
e6:ac:b5:e2:1a:3b:b7:28:22:f5:5b:49:a5:ff:d3:
95:7e:31:48:7d:d4:5c:b0:e8:9e:19:cd:73:26:e6:
ce:c8:60:fc:1d:23:65:81:c3:7c:85:c8:84:09:90:
bc:1f:03:33:df:a7:10:d0:be:af:78:b7:02:4e:45:
95:ea:cb:d9:4c:74:d0:74:0d:82:bc:09:96:bf:fd:
bb:da:4a:6c:1e:bf:eb:8a:c7:e4:45:87:28:ff:7a:
a9:9a:69:b2:cb:eb:a9:0f:cc:f2:b5:12:06:c6:2f:
94:d5:12:c8:6d:c0:66:2b:f2:d3:51:bf:e1:c9:11:
45:79:5b:8d:ed:4c:35:17:a2:4f:34:81:dd:da:c6:
aa:ba:8f:76:9c:01:ff:8d:86:a9:1b:b4:53:66:bf:
6d:a9:f9:4f:a2:c4:2a:b7:d5:25:73:29:fc:c8:ce:
fa:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:EC:45:E4:0E:49:23:CE:30:CF:6C:E5:98:46:B0:E5:4A:72:83:A4
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/tuxF5A5JI84wz2zlmEaw5Upyg6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.102.0/24
2.59.23.0/24
45.152.203.0/24
193.39.244.0/24
IPv6:
2a0f:4a00::/29
Signature Algorithm: sha256WithRSAEncryption
48:cd:38:a5:36:a3:ac:19:0c:e4:d2:41:fa:cc:06:de:0a:d1:
54:b1:8a:a9:24:8c:d7:bd:7a:99:25:5d:2c:ae:e9:d1:8c:71:
1b:5f:dd:b9:bd:86:9a:50:1f:f4:d5:94:60:2a:ca:21:f0:c4:
dc:9a:03:fa:2d:60:ef:0c:f7:a8:49:d1:ee:20:5c:32:6d:2e:
e0:3c:75:40:70:82:4e:b6:29:af:9d:de:3b:ab:16:7a:82:fa:
6e:eb:e2:50:df:e3:d9:68:67:9c:45:8a:30:35:a5:4f:af:13:
62:b8:d0:e1:10:74:b4:b6:bf:62:54:a2:5e:70:76:01:e2:2f:
d6:7a:0e:70:98:cf:b7:df:bb:0d:e3:1e:c1:1e:53:0a:79:64:
e5:22:73:7a:32:1a:ac:85:46:6c:ed:a7:06:c0:9b:dc:c5:26:
9d:1c:41:da:91:70:30:31:3a:38:2d:2a:8a:a0:e2:4c:fa:09:
ce:ed:d1:75:e9:f9:98:a4:b2:c0:8d:ae:75:3b:3a:bc:10:b7:
00:fb:a5:12:80:e1:5f:70:cc:00:8e:77:ad:fc:42:40:1e:ca:
77:3d:3b:d6:30:f2:e6:af:f7:6a:23:25:62:b2:d5:4b:97:6b:
9a:3e:ab:42:de:dc:81:0d:32:fa:95:10:bc:8e:1f:ea:47:3c:
b5:05:1e:e3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY89pkFgHvaIRH0bH86xuEH3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjQwNTAzMDg1MDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmVjNDVlNDBlNDkyM2NlMzBjZjZjZTU5ODQ2YjBlNTRhNzI4M2E0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpjTxEH7NvNKP7TmqFVGJ36zQWOx
3OA+NyuCYKKYfvb4DNzycssxMHZaAnfQ/7FK0H5BZvlC/hMgO14TrYwVBnl8CgDR
OkzbRQVxQY/d6t070Pb/AsaVZ0/mrLXiGju3KCL1W0ml/9OVfjFIfdRcsOieGc1z
JubOyGD8HSNlgcN8hciECZC8HwMz36cQ0L6veLcCTkWV6svZTHTQdA2CvAmWv/27
2kpsHr/risfkRYco/3qpmmmyy+upD8zytRIGxi+U1RLIbcBmK/LTUb/hyRFFeVuN
7Uw1F6JPNIHd2saquo92nAH/jYapG7RTZr9tqflPosQqt9Ulcyn8yM76uwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLbsReQOSSPOMM9s5ZhGsOVKcoOkMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvdHV4RjVBNUpJODR3ejJ6bG1FYXc1VXB5ZzZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAAjhmAwQA
AjsXAwQALZjLAwQAwSf0MA0EAgACMAcDBQMqD0oAMA0GCSqGSIb3DQEBCwUAA4IB
AQBIzTilNqOsGQzk0kH6zAbeCtFUsYqpJIzXvXqZJV0srunRjHEbX925vYaaUB/0
1ZRgKsoh8MTcmgP6LWDvDPeoSdHuIFwybS7gPHVAcIJOtimvnd47qxZ6gvpu6+JQ
3+PZaGecRYowNaVPrxNiuNDhEHS0tr9iVKJecHYB4i/Weg5wmM+337sN4x7BHlMK
eWTlInN6MhqshUZs7acGwJvcxSadHEHakXAwMTo4LSqKoOJM+gnO7dF16fmYpLLA
ja51Ozq8ELcA+6USgOFfcMwAjnet/EJAHsp3PTvWMPLmr/dqIyVistVLl2uaPqtC
3tyBDTL6lRC8jh/qRzy1BR7j
-----END CERTIFICATE-----
Generated at Mon Nov 25 03:41:19 2024 by rpki-client on console-fra.rpki-client.org