Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/da/1e4a64-7aa0-4c94-9bb0-deb7b9189169/1/TCXq0PS3FdAx6dJnUiPO1qDgpMY.roa
File: TCXq0PS3FdAx6dJnUiPO1qDgpMY.roa (raw, json)
Hash identifier: OiTLmfzCfBl4mauA5DM42HGHbSxMXKsrVtVScc5YTvc=
Subject key identifier: 4C:25:EA:D0:F4:B7:15:D0:31:E9:D2:67:52:23:CE:D6:A0:E0:A4:C6
Certificate issuer: /CN=45effe98c24c3d6d6087c8d1d3f901b8ccd40088
Certificate serial: 0193555898CD37DF4041BD7F9E8377FE39C4
Authority key identifier: 45:EF:FE:98:C2:4C:3D:6D:60:87:C8:D1:D3:F9:01:B8:CC:D4:00:88
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Re_-mMJMPW1gh8jR0_kBuMzUAIg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/da/1e4a64-7aa0-4c94-9bb0-deb7b9189169/1/TCXq0PS3FdAx6dJnUiPO1qDgpMY.roa
Signing time: Fri 22 Nov 2024 19:28:09 +0000
ROA not before: Fri 22 Nov 2024 19:28:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 215568
IP address blocks: 2a01:f440::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/da/1e4a64-7aa0-4c94-9bb0-deb7b9189169/1/Re_-mMJMPW1gh8jR0_kBuMzUAIg.crl
rsync://rpki.ripe.net/repository/DEFAULT/da/1e4a64-7aa0-4c94-9bb0-deb7b9189169/1/Re_-mMJMPW1gh8jR0_kBuMzUAIg.mft
rsync://rpki.ripe.net/repository/DEFAULT/Re_-mMJMPW1gh8jR0_kBuMzUAIg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:55:58:98:cd:37:df:40:41:bd:7f:9e:83:77:fe:39:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=45effe98c24c3d6d6087c8d1d3f901b8ccd40088
Validity
Not Before: Nov 22 19:28:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4c25ead0f4b715d031e9d2675223ced6a0e0a4c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:2b:a1:cc:b6:9f:cb:6d:3e:60:f6:6c:57:ce:
4f:6a:6d:1a:bc:17:c5:38:8e:f8:e5:ad:bb:27:0b:
ba:0d:cb:58:9e:67:34:cc:c8:c0:83:b3:2c:f1:16:
81:3c:f1:da:e8:e7:a0:29:80:c9:3a:20:89:9b:23:
28:c5:0f:3a:f8:11:9d:3f:c6:7f:4c:ca:4c:35:21:
68:82:5f:65:30:75:96:da:6e:dc:65:e0:04:be:78:
c1:1c:cc:62:6c:47:e3:c1:f7:43:4f:af:9a:50:55:
ea:23:17:8e:00:2e:f5:e4:45:5b:3a:da:a4:32:b1:
a3:29:b6:8b:e2:41:bc:d1:95:a9:37:56:97:07:3b:
dc:06:98:48:fa:fb:35:e3:86:ec:38:d0:5e:74:72:
32:50:9a:92:2c:a5:3a:0b:82:e3:62:03:18:fc:5c:
6c:fa:e3:fa:aa:28:52:7d:f1:27:42:95:77:af:14:
ed:e3:a1:62:1a:e4:f2:c4:a2:92:db:5a:52:a1:e5:
6c:cc:2f:c1:80:a7:5c:45:a6:e4:a5:8a:00:da:d4:
46:ca:63:db:53:35:75:46:56:ca:dd:3f:eb:0a:69:
be:8d:7c:49:d4:85:20:cf:1f:21:92:93:4c:34:82:
de:30:be:92:71:eb:c5:65:31:0f:e9:9b:9d:4b:30:
50:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:25:EA:D0:F4:B7:15:D0:31:E9:D2:67:52:23:CE:D6:A0:E0:A4:C6
X509v3 Authority Key Identifier:
keyid:45:EF:FE:98:C2:4C:3D:6D:60:87:C8:D1:D3:F9:01:B8:CC:D4:00:88
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Re_-mMJMPW1gh8jR0_kBuMzUAIg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/da/1e4a64-7aa0-4c94-9bb0-deb7b9189169/1/TCXq0PS3FdAx6dJnUiPO1qDgpMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/da/1e4a64-7aa0-4c94-9bb0-deb7b9189169/1/Re_-mMJMPW1gh8jR0_kBuMzUAIg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:f440::/29
Signature Algorithm: sha256WithRSAEncryption
86:43:c3:9a:58:14:02:ce:9c:41:26:a7:a4:fd:87:e4:52:58:
d1:9a:ed:e2:95:5d:0c:a9:98:89:88:ed:80:bd:47:55:e4:bc:
59:aa:b6:4f:0d:01:7c:53:be:e5:12:98:e7:76:b6:1e:e6:47:
ba:1d:4f:01:e9:94:68:ef:0c:d1:b9:97:1a:93:c7:7d:a8:f4:
e0:a1:f5:5d:f6:88:60:cd:33:28:a0:03:39:9f:ae:fe:ff:e3:
ab:5c:2a:60:05:47:3d:52:8c:6d:45:d3:d1:21:d9:a2:04:8f:
a3:aa:05:1f:89:e6:e6:f6:0f:49:26:d1:f0:01:b6:a1:8c:82:
8e:9b:ec:71:6e:b0:48:22:d1:78:54:bf:af:27:38:58:b2:1e:
ab:f7:28:49:19:5e:81:ba:f5:26:87:31:53:ea:50:7b:1f:a9:
6e:70:3d:40:19:ee:77:cb:2b:26:44:6f:9f:d7:a7:b6:12:9c:
50:bb:d5:2f:35:b9:53:4d:6d:6e:ed:28:4c:c5:99:ad:9e:e5:
ee:9a:42:6c:2a:b1:4a:0a:d4:81:5d:3d:ac:96:9b:63:cb:d6:
f0:dc:3f:5f:32:bd:c1:2a:0f:97:0d:4f:84:eb:b0:d8:f3:0b:
3a:79:c5:16:46:be:87:8c:c5:fa:77:8b:d4:97:c6:dc:4d:5b:
6f:be:ce:41
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZNVWJjNN99AQb1/noN3/jnEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1ZWZmZTk4YzI0YzNkNmQ2MDg3YzhkMWQzZjkwMWI4Y2Nk
NDAwODgwHhcNMjQxMTIyMTkyODA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzI1ZWFkMGY0YjcxNWQwMzFlOWQyNjc1MjIzY2VkNmEwZTBhNGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0yuhzLafy20+YPZsV85Pam0avBfF
OI745a27Jwu6DctYnmc0zMjAg7Ms8RaBPPHa6OegKYDJOiCJmyMoxQ86+BGdP8Z/
TMpMNSFogl9lMHWW2m7cZeAEvnjBHMxibEfjwfdDT6+aUFXqIxeOAC715EVbOtqk
MrGjKbaL4kG80ZWpN1aXBzvcBphI+vs144bsONBedHIyUJqSLKU6C4LjYgMY/Fxs
+uP6qihSffEnQpV3rxTt46FiGuTyxKKS21pSoeVszC/BgKdcRabkpYoA2tRGymPb
UzV1RlbK3T/rCmm+jXxJ1IUgzx8hkpNMNILeML6ScevFZTEP6ZudSzBQFwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFEwl6tD0txXQMenSZ1Ijztag4KTGMB8GA1UdIwQY
MBaAFEXv/pjCTD1tYIfI0dP5AbjM1ACIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUmVfLW1NSk1QVzFnaDhqUjBfa0J1TXpVQUlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYS8xZTRhNjQtN2FhMC00Yzk0LTliYjAt
ZGViN2I5MTg5MTY5LzEvVENYcTBQUzNGZEF4NmRKblVpUE8xcURncE1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYS8xZTRhNjQtN2FhMC00Yzk0LTliYjAtZGViN2I5MTg5MTY5
LzEvUmVfLW1NSk1QVzFnaDhqUjBfa0J1TXpVQUlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgH0QDAN
BgkqhkiG9w0BAQsFAAOCAQEAhkPDmlgUAs6cQSanpP2H5FJY0Zrt4pVdDKmYiYjt
gL1HVeS8Waq2Tw0BfFO+5RKY53a2HuZHuh1PAemUaO8M0bmXGpPHfaj04KH1XfaI
YM0zKKADOZ+u/v/jq1wqYAVHPVKMbUXT0SHZogSPo6oFH4nm5vYPSSbR8AG2oYyC
jpvscW6wSCLReFS/ryc4WLIeq/coSRlegbr1JocxU+pQex+pbnA9QBnud8srJkRv
n9enthKcULvVLzW5U01tbu0oTMWZrZ7l7ppCbCqxSgrUgV09rJabY8vW8Nw/XzK9
wSoPlw1PhOuw2PMLOnnFFka+h4zF+neL1JfG3E1bb77OQQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 05:14:17 2024 by rpki-client on console-fra.rpki-client.org