Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/TiPyXAx4RwaA-DrZI6AQ9gjy6OQ.roa
File: TiPyXAx4RwaA-DrZI6AQ9gjy6OQ.roa (raw, json)
Hash identifier: 85mjnm15MhhPOW0euQ2FOi5kBgNz94TsrmV/zDwXT8c=
Subject key identifier: 4E:23:F2:5C:0C:78:47:06:80:F8:3A:D9:23:A0:10:F6:08:F2:E8:E4
Certificate issuer: /CN=fc35877cc038bffdb97bb3d6ea216ab52b3a0582
Certificate serial: 01916EA6AC6CB13054BE07BB023DD1847E95
Authority key identifier: FC:35:87:7C:C0:38:BF:FD:B9:7B:B3:D6:EA:21:6A:B5:2B:3A:05:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_DWHfMA4v_25e7PW6iFqtSs6BYI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/TiPyXAx4RwaA-DrZI6AQ9gjy6OQ.roa
Signing time: Tue 20 Aug 2024 07:18:22 +0000
ROA not before: Tue 20 Aug 2024 07:18:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199927
IP address blocks: 45.11.12.0/22 maxlen: 22
185.42.56.0/22 maxlen: 22
2a04:8e40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/_DWHfMA4v_25e7PW6iFqtSs6BYI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/_DWHfMA4v_25e7PW6iFqtSs6BYI.mft
rsync://rpki.ripe.net/repository/DEFAULT/_DWHfMA4v_25e7PW6iFqtSs6BYI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:6e:a6:ac:6c:b1:30:54:be:07:bb:02:3d:d1:84:7e:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc35877cc038bffdb97bb3d6ea216ab52b3a0582
Validity
Not Before: Aug 20 07:18:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e23f25c0c78470680f83ad923a010f608f2e8e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7b:a6:e1:a0:e3:8e:e6:65:09:5e:a7:d3:cf:
33:25:58:d7:b5:4d:20:6e:ee:5b:64:41:08:8f:8c:
f0:5d:50:07:1d:b2:bc:67:da:4a:e8:fd:a1:58:08:
e3:80:da:d1:89:cc:09:cf:4b:49:be:09:ae:aa:b0:
c4:6c:c8:a8:73:5b:57:3b:6e:b9:62:d0:d2:32:df:
96:a4:c7:35:1e:ce:c0:24:21:44:e2:21:e6:9b:96:
54:13:ab:18:f9:47:c5:1c:3b:6c:53:f5:83:36:16:
c1:d4:53:24:1e:dc:96:a4:ce:e5:c1:c3:3f:53:60:
3a:fe:1f:94:39:3a:6b:31:3d:94:1f:ba:50:fd:09:
24:48:d3:36:7e:83:ab:b7:2e:e2:a5:63:e8:65:90:
ce:2a:cc:1d:b8:2b:16:1e:60:b9:4f:bd:2f:a2:ac:
d7:19:ea:b3:c2:39:50:98:8f:3c:dd:56:bf:96:2b:
40:cf:6e:48:51:97:32:e2:1d:25:b1:05:2c:1d:f0:
f8:70:09:6e:f0:4d:ae:19:3d:40:75:34:85:af:8b:
be:ed:f3:34:ef:a5:fb:b9:6c:d0:de:17:9e:4b:c8:
08:56:3d:e4:8e:96:22:72:ad:5a:c8:78:bf:e4:e3:
65:cd:17:2b:d9:e7:98:85:88:5e:22:35:71:80:de:
0a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:23:F2:5C:0C:78:47:06:80:F8:3A:D9:23:A0:10:F6:08:F2:E8:E4
X509v3 Authority Key Identifier:
keyid:FC:35:87:7C:C0:38:BF:FD:B9:7B:B3:D6:EA:21:6A:B5:2B:3A:05:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_DWHfMA4v_25e7PW6iFqtSs6BYI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/TiPyXAx4RwaA-DrZI6AQ9gjy6OQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/e8072a-6017-4ed5-bee3-8e65b347f218/1/_DWHfMA4v_25e7PW6iFqtSs6BYI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.12.0/22
185.42.56.0/22
IPv6:
2a04:8e40::/29
Signature Algorithm: sha256WithRSAEncryption
0d:cf:fb:b3:4d:81:60:3e:df:f6:0a:f2:3f:04:f4:d8:59:4b:
41:ae:84:93:98:1c:43:05:b9:4e:52:92:5a:b3:b4:b6:30:70:
af:09:d2:db:aa:13:c8:62:58:4a:59:ae:23:6d:03:f4:bd:1f:
9a:99:19:6c:33:43:32:5b:19:96:67:96:57:b4:f1:9d:b2:76:
74:d6:0b:bd:08:eb:1d:5f:45:f4:31:52:d7:e5:0e:e4:79:f9:
cd:8c:a1:60:0d:01:5c:ba:64:af:37:20:74:4f:2f:91:77:28:
f6:83:3d:a1:d6:2e:24:34:f1:92:5d:80:28:5c:a2:01:46:8b:
55:6e:24:d3:a9:f4:a3:a9:90:b6:cf:4a:dd:d2:91:5d:c8:24:
4b:1d:24:2e:e8:8d:00:73:d5:6e:08:72:b4:be:47:75:80:03:
25:b9:79:6d:15:5c:c8:8d:e7:db:aa:42:f5:19:6a:80:2c:a0:
4f:2a:19:d6:eb:0e:28:6c:23:1f:e2:87:a2:71:e9:1b:55:17:
12:e1:87:1a:0d:c2:07:f4:14:3d:15:43:12:c2:6a:58:e3:38:
17:d3:81:20:59:48:2a:59:14:84:c3:35:c8:85:5f:0e:6e:3a:
b9:ae:36:cd:31:cf:3c:95:a5:02:20:7b:07:57:a1:1f:2a:c0:
66:de:5c:a1
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZFupqxssTBUvge7Aj3RhH6VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjMzU4NzdjYzAzOGJmZmRiOTdiYjNkNmVhMjE2YWI1MmIz
YTA1ODIwHhcNMjQwODIwMDcxODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTIzZjI1YzBjNzg0NzA2ODBmODNhZDkyM2EwMTBmNjA4ZjJlOGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnum4aDjjuZlCV6n088zJVjXtU0g
bu5bZEEIj4zwXVAHHbK8Z9pK6P2hWAjjgNrRicwJz0tJvgmuqrDEbMioc1tXO265
YtDSMt+WpMc1Hs7AJCFE4iHmm5ZUE6sY+UfFHDtsU/WDNhbB1FMkHtyWpM7lwcM/
U2A6/h+UOTprMT2UH7pQ/QkkSNM2foOrty7ipWPoZZDOKswduCsWHmC5T70voqzX
GeqzwjlQmI883Va/litAz25IUZcy4h0lsQUsHfD4cAlu8E2uGT1AdTSFr4u+7fM0
76X7uWzQ3heeS8gIVj3kjpYicq1ayHi/5ONlzRcr2eeYhYheIjVxgN4KcQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE4j8lwMeEcGgPg62SOgEPYI8ujkMB8GA1UdIwQY
MBaAFPw1h3zAOL/9uXuz1uoharUrOgWCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0RXSGZNQTR2XzI1ZTdQVzZpRnF0U3M2QllJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lODA3MmEtNjAxNy00ZWQ1LWJlZTMt
OGU2NWIzNDdmMjE4LzEvVGlQeVhBeDRSd2FBLURyWkk2QVE5Z2p5Nk9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lODA3MmEtNjAxNy00ZWQ1LWJlZTMtOGU2NWIzNDdmMjE4
LzEvX0RXSGZNQTR2XzI1ZTdQVzZpRnF0U3M2QllJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCLQsMAwQC
uSo4MA0EAgACMAcDBQMqBI5AMA0GCSqGSIb3DQEBCwUAA4IBAQANz/uzTYFgPt/2
CvI/BPTYWUtBroSTmBxDBblOUpJas7S2MHCvCdLbqhPIYlhKWa4jbQP0vR+amRls
M0MyWxmWZ5ZXtPGdsnZ01gu9COsdX0X0MVLX5Q7kefnNjKFgDQFcumSvNyB0Ty+R
dyj2gz2h1i4kNPGSXYAoXKIBRotVbiTTqfSjqZC2z0rd0pFdyCRLHSQu6I0Ac9Vu
CHK0vkd1gAMluXltFVzIjefbqkL1GWqALKBPKhnW6w4obCMf4oeicekbVRcS4Yca
DcIH9BQ9FUMSwmpY4zgX04EgWUgqWRSEwzXIhV8Objq5rjbNMc88laUCIHsHV6Ef
KsBm3lyh
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:05:05 2024 by rpki-client on console-fra.rpki-client.org