Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/tvayssX4BkVuOTR3Z86IM5an3Tw.roa
File: tvayssX4BkVuOTR3Z86IM5an3Tw.roa (raw, json)
Hash identifier: uc8D3rH13XfEFv2tga+qVGDnFDUb6Ec+6MFs3c3gHgw=
Subject key identifier: B6:F6:B2:B2:C5:F8:06:45:6E:39:34:77:67:CE:88:33:96:A7:DD:3C
Certificate issuer: /CN=d894365b28a082834a751a97771b791124524dec
Certificate serial: 018CC86FD281E4922E6141820D7B17292E2F
Authority key identifier: D8:94:36:5B:28:A0:82:83:4A:75:1A:97:77:1B:79:11:24:52:4D:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JQ2WyiggoNKdRqXdxt5ESRSTew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/tvayssX4BkVuOTR3Z86IM5an3Tw.roa
Signing time: Tue 02 Jan 2024 04:30:20 +0000
ROA not before: Tue 02 Jan 2024 04:30:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19607
IP address blocks: 91.108.160.0/21 maxlen: 21
185.31.152.0/22 maxlen: 22
159.253.160.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/2JQ2WyiggoNKdRqXdxt5ESRSTew.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/2JQ2WyiggoNKdRqXdxt5ESRSTew.mft
rsync://rpki.ripe.net/repository/DEFAULT/2JQ2WyiggoNKdRqXdxt5ESRSTew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:d2:81:e4:92:2e:61:41:82:0d:7b:17:29:2e:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d894365b28a082834a751a97771b791124524dec
Validity
Not Before: Jan 2 04:30:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b6f6b2b2c5f806456e39347767ce883396a7dd3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a8:81:3b:69:ab:e1:24:6c:21:91:fa:dd:46:
7a:88:72:1b:88:a1:ee:e4:cf:a6:ca:48:7c:64:06:
b8:a3:f0:35:b5:29:a0:23:a5:17:cb:68:74:90:a0:
da:e7:55:f9:53:7f:e0:d3:9a:82:96:f3:3b:28:2f:
3f:2c:fe:93:ac:3d:2f:c2:46:7c:58:03:08:5a:41:
71:6b:45:f2:b5:41:00:68:b2:72:78:88:94:e4:e1:
c4:8a:04:72:a6:da:28:86:75:a5:45:a7:ef:e8:e5:
3d:a8:0e:47:81:c3:d4:98:7f:d3:04:a8:99:bd:35:
f7:f7:0c:75:ae:11:99:ba:64:ca:0f:6e:b9:57:e3:
97:9e:4c:6c:3e:ae:bc:d1:20:47:a5:70:f1:00:e5:
a0:75:c0:de:fd:67:f6:d4:fa:df:ae:3b:54:9f:e7:
dd:47:f6:fb:6f:fb:00:3c:6b:82:48:45:36:95:6e:
73:3b:89:5d:f1:02:9e:7c:5e:50:dc:cc:d6:1e:aa:
2f:44:ef:c4:5b:37:21:96:42:f4:d0:29:44:60:77:
7d:5a:7b:17:64:91:e0:41:4b:22:0c:97:5e:7b:83:
11:f9:f2:41:16:0d:e1:03:db:d0:64:fb:4f:0a:00:
2f:8d:ca:8b:0a:66:3d:f6:a5:b9:39:d3:b4:c4:85:
b7:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:F6:B2:B2:C5:F8:06:45:6E:39:34:77:67:CE:88:33:96:A7:DD:3C
X509v3 Authority Key Identifier:
keyid:D8:94:36:5B:28:A0:82:83:4A:75:1A:97:77:1B:79:11:24:52:4D:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JQ2WyiggoNKdRqXdxt5ESRSTew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/tvayssX4BkVuOTR3Z86IM5an3Tw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/a607f4-15dc-4db5-9601-2146179d8e2b/1/2JQ2WyiggoNKdRqXdxt5ESRSTew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.108.160.0/21
159.253.160.0/21
185.31.152.0/22
Signature Algorithm: sha256WithRSAEncryption
31:22:ee:5a:04:b4:a0:95:dc:c4:2e:92:d0:52:d1:76:cb:d1:
ec:a9:1e:b1:96:ea:b7:cd:df:34:12:59:99:8a:32:86:03:fb:
11:47:56:7a:cb:77:75:dd:de:6e:99:66:5b:32:11:3b:04:ef:
da:e0:31:33:82:57:6d:1e:67:57:6f:35:04:c2:e6:82:1b:41:
fd:53:e2:c3:7d:04:c0:65:c5:0b:51:37:fe:c9:e1:21:fe:15:
0d:c8:07:50:a3:6c:b8:4d:3c:75:09:2f:cc:9f:eb:42:d5:25:
93:e5:7d:d5:2b:cd:fe:2c:15:9f:74:7e:bd:aa:1a:0b:f6:75:
80:b2:cf:b5:81:5e:1a:6e:e8:ad:df:44:a9:90:55:3f:48:b7:
57:a1:bd:37:8c:f8:2e:00:61:fc:89:a1:7c:19:a6:0b:ad:75:
c7:e1:ea:95:1d:da:3f:a9:29:7b:1b:46:a1:99:60:89:50:ac:
4b:a0:1d:30:0e:66:e4:a4:fb:65:f8:cf:5e:c5:d4:09:41:95:
f0:06:2a:86:e2:19:0c:b7:09:b1:48:15:15:6b:6f:44:ad:2d:
4e:b8:7c:f9:03:b5:ec:66:29:a5:31:f0:e9:ab:2b:0d:e3:ce:
be:a3:13:6f:c1:1e:ab:d8:27:8e:81:b2:e6:20:34:98:27:e7:
02:3e:cd:44
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzIb9KB5JIuYUGCDXsXKS4vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OTQzNjViMjhhMDgyODM0YTc1MWE5Nzc3MWI3OTExMjQ1
MjRkZWMwHhcNMjQwMTAyMDQzMDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmY2YjJiMmM1ZjgwNjQ1NmUzOTM0Nzc2N2NlODgzMzk2YTdkZDNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6iBO2mr4SRsIZH63UZ6iHIbiKHu
5M+mykh8ZAa4o/A1tSmgI6UXy2h0kKDa51X5U3/g05qClvM7KC8/LP6TrD0vwkZ8
WAMIWkFxa0XytUEAaLJyeIiU5OHEigRyptoohnWlRafv6OU9qA5HgcPUmH/TBKiZ
vTX39wx1rhGZumTKD265V+OXnkxsPq680SBHpXDxAOWgdcDe/Wf21PrfrjtUn+fd
R/b7b/sAPGuCSEU2lW5zO4ld8QKefF5Q3MzWHqovRO/EWzchlkL00ClEYHd9WnsX
ZJHgQUsiDJdee4MR+fJBFg3hA9vQZPtPCgAvjcqLCmY99qW5OdO0xIW3mQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLb2srLF+AZFbjk0d2fOiDOWp908MB8GA1UdIwQY
MBaAFNiUNlsooIKDSnUal3cbeREkUk3sMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkpRMld5aWdnb05LZFJxWGR4dDVFU1JTVGV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi9hNjA3ZjQtMTVkYy00ZGI1LTk2MDEt
MjE0NjE3OWQ4ZTJiLzEvdHZheXNzWDRCa1Z1T1RSM1o4NklNNWFuM1R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi9hNjA3ZjQtMTVkYy00ZGI1LTk2MDEtMjE0NjE3OWQ4ZTJi
LzEvMkpRMld5aWdnb05LZFJxWGR4dDVFU1JTVGV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDW2ygAwQD
n/2gAwQCuR+YMA0GCSqGSIb3DQEBCwUAA4IBAQAxIu5aBLSgldzELpLQUtF2y9Hs
qR6xluq3zd80ElmZijKGA/sRR1Z6y3d13d5umWZbMhE7BO/a4DEzgldtHmdXbzUE
wuaCG0H9U+LDfQTAZcULUTf+yeEh/hUNyAdQo2y4TTx1CS/Mn+tC1SWT5X3VK83+
LBWfdH69qhoL9nWAss+1gV4abuit30SpkFU/SLdXob03jPguAGH8iaF8GaYLrXXH
4eqVHdo/qSl7G0ahmWCJUKxLoB0wDmbkpPtl+M9exdQJQZXwBiqG4hkMtwmxSBUV
a29ErS1OuHz5A7XsZimlMfDpqysN486+oxNvwR6r2CeOgbLmIDSYJ+cCPs1E
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:42:40 2024 by rpki-client on console-fra.rpki-client.org