Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/TXIJImgfuEhoZuyJsfxFyGjuJiI.roa
File: TXIJImgfuEhoZuyJsfxFyGjuJiI.roa (raw, json)
Hash identifier: bOn3JD9ygvdz+82lEctQVt25UmDm6owgokJwNEgiN30=
Subject key identifier: 4D:72:09:22:68:1F:B8:48:68:66:EC:89:B1:FC:45:C8:68:EE:26:22
Certificate issuer: /CN=808c3a6c5cbff0739e438d05744405b16197b15b
Certificate serial: 018CC3B6D86100F503B2B878313207FF1DD9
Authority key identifier: 80:8C:3A:6C:5C:BF:F0:73:9E:43:8D:05:74:44:05:B1:61:97:B1:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gIw6bFy_8HOeQ40FdEQFsWGXsVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/TXIJImgfuEhoZuyJsfxFyGjuJiI.roa
Signing time: Mon 01 Jan 2024 06:29:49 +0000
ROA not before: Mon 01 Jan 2024 06:29:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41435
IP address blocks: 213.109.80.0/20 maxlen: 20
91.193.32.0/22 maxlen: 22
194.9.36.0/23 maxlen: 23
176.104.0.0/18 maxlen: 18
79.110.128.0/20 maxlen: 20
79.110.128.0/22 maxlen: 22
79.110.132.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/gIw6bFy_8HOeQ40FdEQFsWGXsVs.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/gIw6bFy_8HOeQ40FdEQFsWGXsVs.mft
rsync://rpki.ripe.net/repository/DEFAULT/gIw6bFy_8HOeQ40FdEQFsWGXsVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:d8:61:00:f5:03:b2:b8:78:31:32:07:ff:1d:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=808c3a6c5cbff0739e438d05744405b16197b15b
Validity
Not Before: Jan 1 06:29:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d720922681fb8486866ec89b1fc45c868ee2622
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3a:ec:22:14:7b:5a:43:9e:aa:49:1c:3e:10:
bf:55:c3:96:ea:18:29:b7:1f:19:03:83:29:c6:96:
03:dc:00:bd:95:d9:e7:19:61:76:f4:26:95:fe:22:
b9:fb:46:91:ae:9b:ae:13:02:54:81:fc:ef:d1:f8:
50:92:49:33:43:9f:31:80:9f:77:4e:01:e3:95:68:
99:d1:8e:eb:2a:d3:8b:1e:ae:41:09:61:39:05:aa:
9b:b1:66:0c:42:11:fa:39:07:72:4c:5c:bb:44:f8:
1d:00:9f:5d:95:b7:a7:f2:65:1b:e2:f5:6a:ef:b8:
c6:c0:46:65:d2:f6:fc:c4:d7:33:f8:a7:11:0e:e2:
01:09:1d:95:df:93:14:37:4b:d1:2c:17:00:ea:22:
8e:8b:75:39:a5:93:f9:72:30:ef:36:eb:0d:7e:01:
8d:eb:cc:e0:f8:5f:72:db:bc:3d:38:f7:fc:4e:e4:
40:d3:b4:39:49:dd:0d:4f:b0:a1:bb:42:88:6a:70:
d7:e8:86:a1:de:a1:7f:40:3c:05:bb:6c:51:11:55:
95:34:af:e6:c7:2e:d2:3b:b1:af:ae:dc:85:80:c0:
b0:b3:cc:e1:aa:36:26:0b:af:33:b7:6f:4d:80:21:
47:b1:96:27:ef:70:e1:d2:e3:68:73:bc:f1:45:da:
a6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:72:09:22:68:1F:B8:48:68:66:EC:89:B1:FC:45:C8:68:EE:26:22
X509v3 Authority Key Identifier:
keyid:80:8C:3A:6C:5C:BF:F0:73:9E:43:8D:05:74:44:05:B1:61:97:B1:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gIw6bFy_8HOeQ40FdEQFsWGXsVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/TXIJImgfuEhoZuyJsfxFyGjuJiI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/698e4e-0a39-416b-affe-61819c480cbe/1/gIw6bFy_8HOeQ40FdEQFsWGXsVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.110.128.0/20
91.193.32.0/22
176.104.0.0/18
194.9.36.0/23
213.109.80.0/20
Signature Algorithm: sha256WithRSAEncryption
44:79:36:fa:8b:cd:be:60:3f:2f:8f:00:96:52:91:4f:c6:d3:
e9:cf:9d:9a:10:55:16:e6:31:f8:d5:a0:be:ae:41:32:f3:d7:
3f:3e:25:72:58:8d:54:a1:c9:09:92:22:63:ad:db:38:a0:79:
b2:35:88:ab:82:ac:50:2f:2e:9a:a0:a5:d6:6e:12:25:13:3d:
0f:4f:49:57:9e:93:85:ab:86:30:32:05:ae:a9:94:f2:26:44:
44:39:db:15:6e:6b:5d:90:29:49:8f:68:b1:d8:4c:f2:92:d1:
e5:b5:be:1f:2f:67:b2:b5:ad:f9:58:4a:35:c6:e2:60:49:17:
80:6d:f7:d2:51:36:0c:ea:58:c2:a5:c2:35:15:2a:56:db:09:
53:b8:a1:94:df:90:31:39:78:e6:24:06:fa:6d:09:d9:c7:27:
db:6a:6a:57:0a:d0:3c:95:fa:78:e2:9b:0b:e5:dc:7f:46:31:
7e:8a:0a:8a:98:57:bb:8b:63:16:ba:30:92:09:8a:b1:8d:eb:
60:dd:b3:c6:ac:3d:c0:57:2f:49:08:5f:66:4e:15:fa:0c:37:
0d:95:00:ec:8c:08:cd:1d:b5:93:88:37:48:c3:3a:c9:77:b3:
17:c1:a9:80:e5:8d:10:be:83:7a:9d:b2:ba:d8:07:62:09:8a:
99:b6:39:f5
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzDtthhAPUDsrh4MTIH/x3ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgwOGMzYTZjNWNiZmYwNzM5ZTQzOGQwNTc0NDQwNWIxNjE5
N2IxNWIwHhcNMjQwMTAxMDYyOTQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDcyMDkyMjY4MWZiODQ4Njg2NmVjODliMWZjNDVjODY4ZWUyNjIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDrsIhR7WkOeqkkcPhC/VcOW6hgp
tx8ZA4MpxpYD3AC9ldnnGWF29CaV/iK5+0aRrpuuEwJUgfzv0fhQkkkzQ58xgJ93
TgHjlWiZ0Y7rKtOLHq5BCWE5BaqbsWYMQhH6OQdyTFy7RPgdAJ9dlben8mUb4vVq
77jGwEZl0vb8xNcz+KcRDuIBCR2V35MUN0vRLBcA6iKOi3U5pZP5cjDvNusNfgGN
68zg+F9y27w9OPf8TuRA07Q5Sd0NT7Chu0KIanDX6Iah3qF/QDwFu2xREVWVNK/m
xy7SO7GvrtyFgMCws8zhqjYmC68zt29NgCFHsZYn73Dh0uNoc7zxRdqmqQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFE1yCSJoH7hIaGbsibH8Rcho7iYiMB8GA1UdIwQY
MBaAFICMOmxcv/BznkONBXREBbFhl7FbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ0l3NmJGeV84SE9lUTQwRmRFUUZzV0dYc1ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC82OThlNGUtMGEzOS00MTZiLWFmZmUt
NjE4MTljNDgwY2JlLzEvVFhJSkltZ2Z1RWhvWnV5SnNmeEZ5R2p1SmlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC82OThlNGUtMGEzOS00MTZiLWFmZmUtNjE4MTljNDgwY2Jl
LzEvZ0l3NmJGeV84SE9lUTQwRmRFUUZzV0dYc1ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQET26AAwQC
W8EgAwQGsGgAAwQBwgkkAwQE1W1QMA0GCSqGSIb3DQEBCwUAA4IBAQBEeTb6i82+
YD8vjwCWUpFPxtPpz52aEFUW5jH41aC+rkEy89c/PiVyWI1UockJkiJjrds4oHmy
NYirgqxQLy6aoKXWbhIlEz0PT0lXnpOFq4YwMgWuqZTyJkREOdsVbmtdkClJj2ix
2EzyktHltb4fL2eyta35WEo1xuJgSReAbffSUTYM6ljCpcI1FSpW2wlTuKGU35Ax
OXjmJAb6bQnZxyfbampXCtA8lfp44psL5dx/RjF+igqKmFe7i2MWujCSCYqxjetg
3bPGrD3AVy9JCF9mThX6DDcNlQDsjAjNHbWTiDdIwzrJd7MXwamA5Y0QvoN6nbK6
2AdiCYqZtjn1
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:28:11 2024 by rpki-client on console-ams.rpki-client.org