Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/TXUL4mQRXS1j-KOyUm-PRGTo_ms.roa
File: TXUL4mQRXS1j-KOyUm-PRGTo_ms.roa (raw, json)
Hash identifier: ui5xhob692xkqhoi8BPUWq91/cta5ZFxT56J6DtSzTQ=
Subject key identifier: 4D:75:0B:E2:64:11:5D:2D:63:F8:A3:B2:52:6F:8F:44:64:E8:FE:6B
Certificate issuer: /CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Certificate serial: 019324E5090FED7B187D6DCB99614E178307
Authority key identifier: E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/TXUL4mQRXS1j-KOyUm-PRGTo_ms.roa
Signing time: Wed 13 Nov 2024 09:40:09 +0000
ROA not before: Wed 13 Nov 2024 09:40:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41937
IP address blocks: 5.134.104.0/21 maxlen: 21
91.185.96.0/19 maxlen: 19
91.204.52.0/22 maxlen: 22
178.237.216.0/22 maxlen: 22
178.237.216.0/23 maxlen: 23
178.237.216.0/24 maxlen: 24
178.237.217.0/24 maxlen: 24
178.237.218.0/23 maxlen: 23
178.237.218.0/24 maxlen: 24
178.237.219.0/24 maxlen: 24
178.237.220.0/22 maxlen: 22
178.237.220.0/23 maxlen: 23
178.237.220.0/24 maxlen: 24
178.237.221.0/24 maxlen: 24
178.237.222.0/23 maxlen: 23
178.237.222.0/24 maxlen: 24
178.237.223.0/24 maxlen: 24
2a00:8720::/32 maxlen: 48
2a00:cf00::/32 maxlen: 48
2a01:b800::/32 maxlen: 48
2a02:61a0::/32 maxlen: 48
2a03:fc40::/32 maxlen: 48
2a04:1dc0::/29 maxlen: 48
2a06:63c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 20:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:24:e5:09:0f:ed:7b:18:7d:6d:cb:99:61:4e:17:83:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9b1320fbc24d6f4366cb64fcf5ed2d7b1b6bdf7
Validity
Not Before: Nov 13 09:40:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d750be264115d2d63f8a3b2526f8f4464e8fe6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:c8:3f:9d:cc:46:2e:02:28:e6:09:d1:ca:0e:
97:10:3f:1c:7f:9a:9e:2d:11:e8:8c:21:82:9e:b6:
fe:6e:dc:0a:d5:28:fa:6c:73:18:9c:bf:5d:7a:fe:
32:9f:0a:27:91:1d:41:f8:91:ef:66:d4:82:47:b1:
0a:83:00:f9:0f:e8:6f:8f:7a:6e:d7:6c:e9:8a:3e:
34:b5:d1:28:eb:8c:7a:87:9e:3c:12:b1:3d:78:ce:
c5:16:cf:aa:bc:17:02:48:50:aa:0e:71:71:34:65:
74:8d:63:ab:c9:bc:62:02:b9:91:a3:e8:ef:bd:78:
83:e6:0b:c0:03:2f:1d:d9:51:50:b1:05:cf:2f:eb:
87:6f:c4:76:d3:21:63:70:14:70:2e:a5:06:eb:cd:
d9:0c:59:c2:51:91:5d:62:95:c2:a1:f0:2e:d6:ea:
d9:89:7d:6f:5e:44:63:03:6e:85:fa:eb:6c:0c:a5:
78:09:cf:41:3d:34:14:2d:9d:5c:55:c5:24:10:31:
bb:a1:b5:6c:ca:85:f3:f3:2a:64:45:ac:27:df:39:
7d:ff:49:4b:45:b7:cb:e3:dd:d5:d6:0a:d1:c3:de:
9a:6c:ca:95:33:27:30:3d:92:87:50:9f:e5:df:9d:
2f:9b:e3:ec:5c:5a:d9:3f:92:25:51:9e:6b:46:e9:
e9:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:75:0B:E2:64:11:5D:2D:63:F8:A3:B2:52:6F:8F:44:64:E8:FE:6B
X509v3 Authority Key Identifier:
keyid:E9:B1:32:0F:BC:24:D6:F4:36:6C:B6:4F:CF:5E:D2:D7:B1:B6:BD:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6bEyD7wk1vQ2bLZPz17S17G2vfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/TXUL4mQRXS1j-KOyUm-PRGTo_ms.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/df1cb5-5f48-46a0-a76e-d3e2800bd640/1/6bEyD7wk1vQ2bLZPz17S17G2vfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.134.104.0/21
91.185.96.0/19
91.204.52.0/22
178.237.216.0/21
IPv6:
2a00:8720::/32
2a00:cf00::/32
2a01:b800::/32
2a02:61a0::/32
2a03:fc40::/32
2a04:1dc0::/29
2a06:63c0::/29
Signature Algorithm: sha256WithRSAEncryption
0e:cd:10:ef:e2:7c:85:41:63:f6:1b:b8:86:5d:d1:a4:db:18:
d4:d1:b2:1c:5b:4a:6c:a2:83:e0:61:5f:ea:8a:71:06:5d:4f:
f9:c1:b0:fd:59:ca:49:5e:73:cf:82:4c:4a:58:bc:1e:57:57:
20:40:b3:fb:36:b3:37:f5:71:56:04:5c:e2:f2:e6:79:ec:fb:
bd:fc:d8:77:7b:09:6c:a7:c1:20:b9:97:cd:8d:dd:05:12:17:
24:ac:be:69:55:36:b2:8f:d7:8d:ee:2f:dd:ce:46:e0:25:71:
44:29:ac:94:c2:07:3c:40:1c:10:e9:71:65:14:2c:52:e2:a8:
b3:53:6e:49:85:50:12:00:e3:20:5b:b9:c0:13:25:bb:2b:d3:
e4:1c:7f:2b:30:ae:56:2e:88:99:c1:07:c7:01:eb:8d:0e:8c:
fc:58:21:ca:16:d9:ed:b8:be:59:ef:c8:3a:85:23:d5:82:7f:
06:eb:74:1c:a4:8b:eb:b6:b2:c1:6c:0d:6c:b9:b2:86:35:c4:
fa:18:4b:c3:02:a5:99:95:d5:96:f2:c7:31:00:f2:95:2a:3e:
53:d4:4b:60:f9:93:27:dc:85:d7:a6:5d:c6:87:52:6b:67:55:
b9:de:37:e2:75:c8:09:20:5b:ff:35:cc:30:bc:05:19:83:dd:
2e:22:80:e7
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZMk5QkP7XsYfW3LmWFOF4MHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5YjEzMjBmYmMyNGQ2ZjQzNjZjYjY0ZmNmNWVkMmQ3YjFi
NmJkZjcwHhcNMjQxMTEzMDk0MDA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDc1MGJlMjY0MTE1ZDJkNjNmOGEzYjI1MjZmOGY0NDY0ZThmZTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8g/ncxGLgIo5gnRyg6XED8cf5qe
LRHojCGCnrb+btwK1Sj6bHMYnL9dev4ynwonkR1B+JHvZtSCR7EKgwD5D+hvj3pu
12zpij40tdEo64x6h548ErE9eM7FFs+qvBcCSFCqDnFxNGV0jWOrybxiArmRo+jv
vXiD5gvAAy8d2VFQsQXPL+uHb8R20yFjcBRwLqUG683ZDFnCUZFdYpXCofAu1urZ
iX1vXkRjA26F+utsDKV4Cc9BPTQULZ1cVcUkEDG7obVsyoXz8ypkRawn3zl9/0lL
RbfL493V1grRw96abMqVMycwPZKHUJ/l350vm+PsXFrZP5IlUZ5rRunpbQIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFE11C+JkEV0tY/ijslJvj0Rk6P5rMB8GA1UdIwQY
MBaAFOmxMg+8JNb0Nmy2T89e0textr33MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUt
ZDNlMjgwMGJkNjQwLzEvVFhVTDRtUVJYUzFqLUtPeVVtLVBSR1RvX21zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC9kZjFjYjUtNWY0OC00NmEwLWE3NmUtZDNlMjgwMGJkNjQw
LzEvNmJFeUQ3d2sxdlEyYkxaUHoxN1MxN0cydmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTAeBAIAATAYAwQDBYZoAwQF
W7lgAwQCW8w0AwQDsu3YMDcEAgACMDEDBQAqAIcgAwUAKgDPAAMFACoBuAADBQAq
AmGgAwUAKgP8QAMFAyoEHcADBQMqBmPAMA0GCSqGSIb3DQEBCwUAA4IBAQAOzRDv
4nyFQWP2G7iGXdGk2xjU0bIcW0psooPgYV/qinEGXU/5wbD9WcpJXnPPgkxKWLwe
V1cgQLP7NrM39XFWBFzi8uZ57Pu9/Nh3ewlsp8EguZfNjd0FEhckrL5pVTayj9eN
7i/dzkbgJXFEKayUwgc8QBwQ6XFlFCxS4qizU25JhVASAOMgW7nAEyW7K9PkHH8r
MK5WLoiZwQfHAeuNDoz8WCHKFtntuL5Z78g6hSPVgn8G63QcpIvrtrLBbA1subKG
NcT6GEvDAqWZldWW8scxAPKVKj5T1Etg+ZMn3IXXpl3Gh1JrZ1W53jfidcgJIFv/
NcwwvAUZg90uIoDn
-----END CERTIFICATE-----
Generated at Sat Nov 23 02:24:41 2024 by rpki-client on console-ams.rpki-client.org