Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/T_pTZ8jXPQ_4cXxH6tcxJZIeeAM.roa
File: T_pTZ8jXPQ_4cXxH6tcxJZIeeAM.roa (raw, json)
Hash identifier: zQU/wglo9x021WsD5q0CGQFkzQguLjEJHf1EuLVer8Q=
Subject key identifier: 4F:FA:53:67:C8:D7:3D:0F:F8:71:7C:47:EA:D7:31:25:92:1E:78:03
Certificate issuer: /CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Certificate serial: 018ECDA366C304882AFDBC6D6C0B0EBD6AE2
Authority key identifier: 5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/T_pTZ8jXPQ_4cXxH6tcxJZIeeAM.roa
Signing time: Thu 11 Apr 2024 14:50:21 +0000
ROA not before: Thu 11 Apr 2024 14:50:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206894
IP address blocks: 45.89.132.0/22 maxlen: 22
45.89.132.0/24 maxlen: 24
185.38.88.0/22 maxlen: 22
185.192.104.0/22 maxlen: 22
185.215.96.0/22 maxlen: 22
185.219.192.0/22 maxlen: 22
193.142.154.0/23 maxlen: 23
2a0a:2bc0::/32 maxlen: 32
2a0b:a840::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/XP6NclJuTnOjtX2TYPOlG-tZpF8.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/XP6NclJuTnOjtX2TYPOlG-tZpF8.mft
rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:cd:a3:66:c3:04:88:2a:fd:bc:6d:6c:0b:0e:bd:6a:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cfe8d72526e4e73a3b57d9360f3a51beb59a45f
Validity
Not Before: Apr 11 14:50:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ffa5367c8d73d0ff8717c47ead73125921e7803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:40:2d:79:f3:2c:cc:12:5d:8e:f8:14:36:47:
27:54:65:d0:91:78:82:cd:51:e9:9a:5b:f9:11:31:
9f:b8:07:b0:21:84:52:76:81:f8:ca:d7:f6:25:ab:
0e:66:e5:35:47:78:de:f2:11:a2:d6:6c:7b:b4:53:
34:68:cc:dc:b3:76:e2:a9:21:69:87:12:e5:7b:e3:
73:b3:0b:86:83:54:d5:15:fe:36:f4:10:17:1a:8c:
c6:74:59:28:3f:12:c2:66:f7:9d:a0:e3:11:b9:90:
cc:10:42:03:4c:67:26:02:cd:6f:1c:0c:e7:b0:fd:
8b:28:f6:db:a7:a2:0b:9a:cc:02:26:b5:0b:3e:9e:
b6:79:93:9f:ac:e7:68:f4:a7:3b:42:c6:f8:44:14:
ca:6c:ca:ea:8f:3a:56:d6:3b:c1:b9:dc:11:d6:7e:
98:d4:f2:a0:86:02:04:31:94:97:f2:4b:9e:54:cb:
ca:d7:78:0f:10:78:c7:65:4a:c5:da:ab:ac:0b:e4:
3c:70:16:67:51:4b:d3:76:4a:38:86:db:54:65:a8:
6f:a2:88:da:95:1c:0c:a2:76:d9:74:f5:5d:25:02:
de:cb:21:3a:04:36:4f:8e:88:06:d4:92:47:74:c4:
16:73:23:e9:30:9e:c1:10:0c:72:f3:7d:0a:2a:e7:
1a:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:FA:53:67:C8:D7:3D:0F:F8:71:7C:47:EA:D7:31:25:92:1E:78:03
X509v3 Authority Key Identifier:
keyid:5C:FE:8D:72:52:6E:4E:73:A3:B5:7D:93:60:F3:A5:1B:EB:59:A4:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XP6NclJuTnOjtX2TYPOlG-tZpF8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/T_pTZ8jXPQ_4cXxH6tcxJZIeeAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/84bf54-09c3-4324-a11c-e4ddfa32e52e/1/XP6NclJuTnOjtX2TYPOlG-tZpF8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.89.132.0/22
185.38.88.0/22
185.192.104.0/22
185.215.96.0/22
185.219.192.0/22
193.142.154.0/23
IPv6:
2a0a:2bc0::/32
2a0b:a840::/32
Signature Algorithm: sha256WithRSAEncryption
8d:94:95:02:9b:a0:4d:04:f2:49:a5:d0:22:32:5c:64:e1:4e:
cb:4b:d8:3d:16:50:9b:43:c0:94:65:9a:5f:0e:35:16:33:54:
ab:77:53:f9:ec:39:49:8e:87:2c:2a:d5:9f:b2:f0:53:8c:df:
eb:d3:3a:cf:25:d2:c7:72:2f:19:d9:fe:75:d8:5e:c3:83:f7:
b8:cd:b2:02:d6:56:81:a9:79:d3:62:94:19:7d:77:19:ed:27:
1d:55:4d:59:4a:a6:d8:c9:9d:02:2b:06:40:ae:78:c1:92:3b:
63:4a:6d:2b:ee:fd:89:ad:3c:e4:d8:c5:dd:e3:0f:1a:d4:9b:
2e:6c:5b:5f:bc:a9:08:58:79:21:d4:40:40:00:fa:0a:55:b5:
b7:91:ed:ba:a1:ca:41:8d:5b:04:3d:86:61:52:86:5d:28:af:
cb:03:0e:53:3d:78:5d:ab:07:fc:a8:96:16:9d:c1:76:08:f9:
e4:6f:a0:85:ed:43:01:9f:31:32:ed:52:7b:eb:9e:05:fe:97:
db:df:d1:47:77:c0:5f:c5:4e:7b:0d:b3:22:2f:e8:82:f5:92:
85:4d:b9:49:ef:4f:d4:32:cc:63:c6:4f:cc:5e:f2:f0:a4:a3:
c7:93:9d:83:d0:bf:59:c3:bb:a5:04:bc:dd:0a:2c:3d:92:6d:
e5:6d:35:ac
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAY7No2bDBIgq/bxtbAsOvWriMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZmU4ZDcyNTI2ZTRlNzNhM2I1N2Q5MzYwZjNhNTFiZWI1
OWE0NWYwHhcNMjQwNDExMTQ1MDIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZmZhNTM2N2M4ZDczZDBmZjg3MTdjNDdlYWQ3MzEyNTkyMWU3ODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEAtefMszBJdjvgUNkcnVGXQkXiC
zVHpmlv5ETGfuAewIYRSdoH4ytf2JasOZuU1R3je8hGi1mx7tFM0aMzcs3biqSFp
hxLle+NzswuGg1TVFf429BAXGozGdFkoPxLCZvedoOMRuZDMEEIDTGcmAs1vHAzn
sP2LKPbbp6ILmswCJrULPp62eZOfrOdo9Kc7Qsb4RBTKbMrqjzpW1jvBudwR1n6Y
1PKghgIEMZSX8kueVMvK13gPEHjHZUrF2qusC+Q8cBZnUUvTdko4httUZahvooja
lRwMonbZdPVdJQLeyyE6BDZPjogG1JJHdMQWcyPpMJ7BEAxy830KKucabQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFE/6U2fI1z0P+HF8R+rXMSWSHngDMB8GA1UdIwQY
MBaAFFz+jXJSbk5zo7V9k2DzpRvrWaRfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFA2TmNsSnVUbk9qdFgyVFlQT2xHLXRacEY4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC84NGJmNTQtMDljMy00MzI0LWExMWMt
ZTRkZGZhMzJlNTJlLzEvVF9wVFo4alhQUV80Y1h4SDZ0Y3hKWkllZUFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC84NGJmNTQtMDljMy00MzI0LWExMWMtZTRkZGZhMzJlNTJl
LzEvWFA2TmNsSnVUbk9qdFgyVFlQT2xHLXRacEY4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQCLVmEAwQC
uSZYAwQCucBoAwQCuddgAwQCudvAAwQBwY6aMBQEAgACMA4DBQAqCivAAwUAKguo
QDANBgkqhkiG9w0BAQsFAAOCAQEAjZSVApugTQTySaXQIjJcZOFOy0vYPRZQm0PA
lGWaXw41FjNUq3dT+ew5SY6HLCrVn7LwU4zf69M6zyXSx3IvGdn+ddhew4P3uM2y
AtZWgal502KUGX13Ge0nHVVNWUqm2MmdAisGQK54wZI7Y0ptK+79ia085NjF3eMP
GtSbLmxbX7ypCFh5IdRAQAD6ClW1t5HtuqHKQY1bBD2GYVKGXSivywMOUz14XasH
/KiWFp3Bdgj55G+ghe1DAZ8xMu1Se+ueBf6X29/RR3fAX8VOew2zIi/ogvWShU25
Se9P1DLMY8ZPzF7y8KSjx5Odg9C/WcO7pQS83QosPZJt5W01rA==
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:59 2024 by rpki-client on console-ams.rpki-client.org