Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/2c6590-ab29-46b4-a6ae-da388bc34efb/1/TjOvSFfmEV5gQSjKbbYy7wvi0I8.roa
File: TjOvSFfmEV5gQSjKbbYy7wvi0I8.roa (raw, json)
Hash identifier: JVlOTEMDXw3lgWTIsiP7THUWJxNVgJwJOOxuk/9fdlQ=
Subject key identifier: 4E:33:AF:48:57:E6:11:5E:60:41:28:CA:6D:B6:32:EF:0B:E2:D0:8F
Certificate issuer: /CN=c0c7f1ba3fae71364e932b0560d602c5725dda8e
Certificate serial: 018CC72758D71B4EC5BE01AF66F329693986
Authority key identifier: C0:C7:F1:BA:3F:AE:71:36:4E:93:2B:05:60:D6:02:C5:72:5D:DA:8E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wMfxuj-ucTZOkysFYNYCxXJd2o4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/2c6590-ab29-46b4-a6ae-da388bc34efb/1/TjOvSFfmEV5gQSjKbbYy7wvi0I8.roa
Signing time: Mon 01 Jan 2024 22:31:33 +0000
ROA not before: Mon 01 Jan 2024 22:31:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60168
IP address blocks: 194.8.53.0/24 maxlen: 24
195.177.219.0/24 maxlen: 24
195.177.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/2c6590-ab29-46b4-a6ae-da388bc34efb/1/wMfxuj-ucTZOkysFYNYCxXJd2o4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/2c6590-ab29-46b4-a6ae-da388bc34efb/1/wMfxuj-ucTZOkysFYNYCxXJd2o4.mft
rsync://rpki.ripe.net/repository/DEFAULT/wMfxuj-ucTZOkysFYNYCxXJd2o4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:58:d7:1b:4e:c5:be:01:af:66:f3:29:69:39:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c0c7f1ba3fae71364e932b0560d602c5725dda8e
Validity
Not Before: Jan 1 22:31:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e33af4857e6115e604128ca6db632ef0be2d08f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:63:fe:00:f1:ec:01:b2:ad:a7:40:50:1f:15:
68:ea:d8:4d:9d:27:c3:e8:51:71:3a:5f:0c:48:95:
71:46:fb:cf:b8:8a:a8:de:ca:ca:01:b3:65:e7:20:
f3:b1:2a:e4:82:e7:68:3a:fa:b5:99:67:12:db:37:
a1:f5:de:f2:a2:08:12:8b:8b:5d:55:de:44:b5:df:
c1:7c:89:6c:54:70:da:bc:0b:fa:1b:72:45:63:f4:
0b:db:0e:eb:96:37:7b:26:f0:89:65:39:87:69:45:
17:d0:6a:7d:fd:12:9f:79:5f:6d:5c:b1:d8:1f:e3:
ff:f5:d3:88:eb:f3:18:df:33:b8:89:5d:50:36:6d:
d3:35:34:eb:5f:af:2e:3b:b2:75:99:46:b7:77:c7:
72:88:74:39:c5:86:cf:6e:c0:68:36:c3:30:80:fd:
3b:9b:68:eb:b2:f7:77:5a:a6:a5:39:32:03:df:24:
7b:6c:5d:54:a2:6b:09:02:5e:85:cf:6c:72:6b:33:
52:ec:ef:f6:51:4e:b5:d3:60:f4:16:7b:70:f4:f5:
90:20:56:a3:f9:2b:8f:0b:db:cf:08:2e:21:d5:c8:
d1:42:36:65:27:87:49:0e:b0:28:e3:cc:ff:17:e2:
80:5d:54:b1:bf:06:c9:6c:44:4d:85:17:6d:bb:57:
46:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:33:AF:48:57:E6:11:5E:60:41:28:CA:6D:B6:32:EF:0B:E2:D0:8F
X509v3 Authority Key Identifier:
keyid:C0:C7:F1:BA:3F:AE:71:36:4E:93:2B:05:60:D6:02:C5:72:5D:DA:8E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wMfxuj-ucTZOkysFYNYCxXJd2o4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/2c6590-ab29-46b4-a6ae-da388bc34efb/1/TjOvSFfmEV5gQSjKbbYy7wvi0I8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/2c6590-ab29-46b4-a6ae-da388bc34efb/1/wMfxuj-ucTZOkysFYNYCxXJd2o4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.8.53.0/24
195.177.218.0/23
Signature Algorithm: sha256WithRSAEncryption
1d:82:5e:6b:8e:e9:5c:31:6f:80:0c:53:b2:e1:ee:a6:53:56:
da:48:9a:c1:42:88:25:2d:d8:34:2a:9c:10:54:29:d7:6b:c2:
ff:61:44:9d:c6:4b:03:d9:ae:c0:18:61:1f:79:0b:12:77:bd:
cf:73:07:00:1a:9e:a3:c4:87:a3:77:5a:90:cc:67:d7:42:ab:
49:46:b2:41:b7:13:9d:06:ab:04:8a:73:9b:71:68:bf:28:fd:
84:e3:74:f9:aa:b1:ac:6e:1d:93:39:04:d9:d1:5f:7e:b6:b7:
d9:59:f9:8e:f4:9d:94:28:e3:b2:bd:84:f0:2b:95:e6:ca:b0:
dd:1b:11:14:df:e3:c4:b2:17:c7:1b:d2:ef:22:fb:e7:7f:13:
00:0d:7e:ca:49:23:a3:2b:c3:51:13:70:f1:b7:04:1a:3d:f9:
9c:b0:25:b9:bb:67:47:bf:2b:27:87:7a:9a:03:42:76:7f:67:
de:7e:96:d2:3d:7a:1c:9c:d0:c9:74:0e:15:3d:1f:bf:b4:dc:
32:cb:ce:61:b2:d2:7e:6a:12:36:1d:ed:d6:89:27:2f:5c:80:
0d:4a:c0:58:90:20:6a:33:5e:51:d6:88:d4:17:31:c9:c7:09:
da:c1:ab:03:05:b7:72:0d:74:84:10:b5:dc:74:32:4b:2b:2e:
aa:b3:02:81
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzHJ1jXG07FvgGvZvMpaTmGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMwYzdmMWJhM2ZhZTcxMzY0ZTkzMmIwNTYwZDYwMmM1NzI1
ZGRhOGUwHhcNMjQwMTAxMjIzMTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTMzYWY0ODU3ZTYxMTVlNjA0MTI4Y2E2ZGI2MzJlZjBiZTJkMDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmP+APHsAbKtp0BQHxVo6thNnSfD
6FFxOl8MSJVxRvvPuIqo3srKAbNl5yDzsSrkgudoOvq1mWcS2zeh9d7yoggSi4td
Vd5Etd/BfIlsVHDavAv6G3JFY/QL2w7rljd7JvCJZTmHaUUX0Gp9/RKfeV9tXLHY
H+P/9dOI6/MY3zO4iV1QNm3TNTTrX68uO7J1mUa3d8dyiHQ5xYbPbsBoNsMwgP07
m2jrsvd3WqalOTID3yR7bF1UomsJAl6Fz2xyazNS7O/2UU6102D0Fntw9PWQIFaj
+SuPC9vPCC4h1cjRQjZlJ4dJDrAo48z/F+KAXVSxvwbJbERNhRdtu1dGRwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE4zr0hX5hFeYEEoym22Mu8L4tCPMB8GA1UdIwQY
MBaAFMDH8bo/rnE2TpMrBWDWAsVyXdqOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd01meHVqLXVjVFpPa3lzRllOWUN4WEpkMm80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy8yYzY1OTAtYWIyOS00NmI0LWE2YWUt
ZGEzODhiYzM0ZWZiLzEvVGpPdlNGZm1FVjVnUVNqS2JiWXk3d3ZpMEk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy8yYzY1OTAtYWIyOS00NmI0LWE2YWUtZGEzODhiYzM0ZWZi
LzEvd01meHVqLXVjVFpPa3lzRllOWUN4WEpkMm80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAwgg1AwQB
w7HaMA0GCSqGSIb3DQEBCwUAA4IBAQAdgl5rjulcMW+ADFOy4e6mU1baSJrBQogl
Ldg0KpwQVCnXa8L/YUSdxksD2a7AGGEfeQsSd73PcwcAGp6jxIejd1qQzGfXQqtJ
RrJBtxOdBqsEinObcWi/KP2E43T5qrGsbh2TOQTZ0V9+trfZWfmO9J2UKOOyvYTw
K5XmyrDdGxEU3+PEshfHG9LvIvvnfxMADX7KSSOjK8NRE3DxtwQaPfmcsCW5u2dH
vysnh3qaA0J2f2fefpbSPXocnNDJdA4VPR+/tNwyy85hstJ+ahI2He3WiScvXIAN
SsBYkCBqM15R1ojUFzHJxwnawasDBbdyDXSEELXcdDJLKy6qswKB
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:34:29 2024 by rpki-client on console-ams.rpki-client.org