Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/Tdy_lk7LvTI_BPhYZ8fi8PhuMKM.roa
File: Tdy_lk7LvTI_BPhYZ8fi8PhuMKM.roa (raw, json)
Hash identifier: piDGXGrjz3XW5R6R5LhtCdwvMzZ9PfzZehj/NfF9x4k=
Subject key identifier: 4D:DC:BF:96:4E:CB:BD:32:3F:04:F8:58:67:C7:E2:F0:F8:6E:30:A3
Certificate issuer: /CN=cbd4719d72d288a73218d8c1a498823333297e25
Certificate serial: 019141685E69C33ED05BB2001DC05C9298CC
Authority key identifier: CB:D4:71:9D:72:D2:88:A7:32:18:D8:C1:A4:98:82:33:33:29:7E:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y9RxnXLSiKcyGNjBpJiCMzMpfiU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/Tdy_lk7LvTI_BPhYZ8fi8PhuMKM.roa
Signing time: Sun 11 Aug 2024 12:27:24 +0000
ROA not before: Sun 11 Aug 2024 12:27:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50597
IP address blocks: 167.160.5.0/24 maxlen: 24
185.98.157.0/24 maxlen: 24
185.181.52.0/23 maxlen: 24
185.181.54.0/24 maxlen: 24
185.181.55.0/24 maxlen: 24
192.161.6.0/24 maxlen: 24
192.161.7.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/y9RxnXLSiKcyGNjBpJiCMzMpfiU.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/y9RxnXLSiKcyGNjBpJiCMzMpfiU.mft
rsync://rpki.ripe.net/repository/DEFAULT/y9RxnXLSiKcyGNjBpJiCMzMpfiU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:41:68:5e:69:c3:3e:d0:5b:b2:00:1d:c0:5c:92:98:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cbd4719d72d288a73218d8c1a498823333297e25
Validity
Not Before: Aug 11 12:27:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ddcbf964ecbbd323f04f85867c7e2f0f86e30a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:38:8c:92:c8:a0:4c:c9:d3:3c:98:14:42:95:
56:7b:43:e1:e1:da:5c:fa:93:77:96:60:a6:2c:65:
4f:d9:95:5a:e4:fb:96:77:c6:fb:6e:ed:b8:7b:12:
70:1a:74:f5:5a:a3:5d:9b:e1:94:c7:4e:55:9c:ba:
ba:48:aa:06:db:df:6d:87:18:ad:1a:23:8e:b6:5e:
58:2d:37:c7:ec:77:11:08:a1:d8:5f:e5:36:8b:02:
d0:fe:6b:b4:7a:f9:a8:ac:d6:69:65:7c:c1:8e:b8:
b9:76:ff:07:f2:52:88:20:b9:74:a6:d5:04:9b:b1:
2a:8d:36:9d:02:1d:db:09:6a:1c:3a:a5:99:96:32:
3b:87:2a:e5:f0:a1:57:07:41:de:7b:22:28:5c:f0:
ee:96:3f:b2:d1:45:b9:98:72:e3:d2:f9:2e:6b:43:
75:3e:9e:74:db:af:2e:2c:24:73:e0:4c:4f:4e:53:
57:54:5c:03:33:e8:1b:89:9e:0b:b4:e8:ab:d6:28:
cd:1f:2d:c2:96:b9:24:0e:1b:77:1a:39:20:0b:df:
d6:86:7c:ad:ae:9a:cb:fd:3a:67:60:32:4b:ed:ea:
1d:92:6b:56:5c:6c:a1:05:a0:f0:12:66:cd:6a:87:
7e:1a:a0:99:e4:c5:a4:1b:41:b4:16:8e:e5:db:a3:
39:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:DC:BF:96:4E:CB:BD:32:3F:04:F8:58:67:C7:E2:F0:F8:6E:30:A3
X509v3 Authority Key Identifier:
keyid:CB:D4:71:9D:72:D2:88:A7:32:18:D8:C1:A4:98:82:33:33:29:7E:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y9RxnXLSiKcyGNjBpJiCMzMpfiU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/Tdy_lk7LvTI_BPhYZ8fi8PhuMKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/dc8c0d-f8c3-406c-b79e-b492d6ff483f/1/y9RxnXLSiKcyGNjBpJiCMzMpfiU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
167.160.5.0/24
185.98.157.0/24
185.181.52.0/22
192.161.6.0/23
Signature Algorithm: sha256WithRSAEncryption
4b:0c:7f:12:14:28:b9:ae:bb:0c:e9:f9:7b:08:42:fd:eb:3d:
0e:dc:f0:73:2f:12:a2:17:8b:d4:12:71:a5:f3:0e:ff:52:a7:
60:9b:d1:e9:49:05:ea:96:c0:c3:91:5e:5d:9b:4a:f0:90:b4:
4c:50:b1:b8:67:8d:fa:2c:e0:c6:a5:4c:3b:95:da:e1:3e:15:
09:17:f5:5c:b4:b6:39:29:d3:9e:ff:7c:e8:7e:a2:4e:2a:e2:
23:b9:62:92:c1:8c:68:c4:de:7d:c2:38:68:d4:94:af:ef:d3:
09:e8:13:cc:f2:f7:08:77:5c:18:30:a4:27:fb:1e:77:20:19:
bc:cd:45:4e:12:35:16:9a:b5:83:46:f2:3c:0a:94:9b:90:8f:
d8:62:8d:7e:05:8f:de:42:45:45:6d:18:b2:d5:8d:3d:2c:58:
c7:48:f6:b8:57:5f:cd:aa:05:33:28:aa:67:62:a4:74:cb:1f:
fe:06:c9:da:8f:7b:78:aa:c7:af:66:4c:19:08:c0:30:c3:60:
ec:56:18:94:fe:eb:48:df:13:9e:42:bf:ad:bf:b3:99:33:c1:
46:1e:b4:9d:2a:44:a2:13:61:6a:20:a5:22:89:d0:9b:2f:58:
3f:a5:b4:c2:54:3d:fa:6c:b9:66:9d:02:91:7f:e9:93:36:b3:
ee:03:eb:a9
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZFBaF5pwz7QW7IAHcBckpjMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiZDQ3MTlkNzJkMjg4YTczMjE4ZDhjMWE0OTg4MjMzMzMy
OTdlMjUwHhcNMjQwODExMTIyNzI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGRjYmY5NjRlY2JiZDMyM2YwNGY4NTg2N2M3ZTJmMGY4NmUzMGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8ziMksigTMnTPJgUQpVWe0Ph4dpc
+pN3lmCmLGVP2ZVa5PuWd8b7bu24exJwGnT1WqNdm+GUx05VnLq6SKoG299thxit
GiOOtl5YLTfH7HcRCKHYX+U2iwLQ/mu0evmorNZpZXzBjri5dv8H8lKIILl0ptUE
m7EqjTadAh3bCWocOqWZljI7hyrl8KFXB0HeeyIoXPDulj+y0UW5mHLj0vkua0N1
Pp50268uLCRz4ExPTlNXVFwDM+gbiZ4LtOir1ijNHy3ClrkkDht3GjkgC9/Whnyt
rprL/TpnYDJL7eodkmtWXGyhBaDwEmbNaod+GqCZ5MWkG0G0Fo7l26M5yQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE3cv5ZOy70yPwT4WGfH4vD4bjCjMB8GA1UdIwQY
MBaAFMvUcZ1y0oinMhjYwaSYgjMzKX4lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTlSeG5YTFNpS2N5R05qQnBKaUNNek1wZmlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi9kYzhjMGQtZjhjMy00MDZjLWI3OWUt
YjQ5MmQ2ZmY0ODNmLzEvVGR5X2xrN0x2VElfQlBoWVo4Zmk4UGh1TUtNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi9kYzhjMGQtZjhjMy00MDZjLWI3OWUtYjQ5MmQ2ZmY0ODNm
LzEveTlSeG5YTFNpS2N5R05qQnBKaUNNek1wZmlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAp6AFAwQA
uWKdAwQCubU0AwQBwKEGMA0GCSqGSIb3DQEBCwUAA4IBAQBLDH8SFCi5rrsM6fl7
CEL96z0O3PBzLxKiF4vUEnGl8w7/Uqdgm9HpSQXqlsDDkV5dm0rwkLRMULG4Z436
LODGpUw7ldrhPhUJF/VctLY5KdOe/3zofqJOKuIjuWKSwYxoxN59wjho1JSv79MJ
6BPM8vcId1wYMKQn+x53IBm8zUVOEjUWmrWDRvI8CpSbkI/YYo1+BY/eQkVFbRiy
1Y09LFjHSPa4V1/NqgUzKKpnYqR0yx/+Bsnaj3t4qsevZkwZCMAww2DsVhiU/utI
3xOeQr+tv7OZM8FGHrSdKkSiE2FqIKUiidCbL1g/pbTCVD36bLlmnQKRf+mTNrPu
A+up
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:40:15 2024 by rpki-client on console-fra.rpki-client.org