Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/ea7121-5414-4484-9185-eec14c971c4d/1/TKUx3ck-jbYSHkfPUbYBK3bIAdY.roa
File: TKUx3ck-jbYSHkfPUbYBK3bIAdY.roa (raw, json)
Hash identifier: t8cP98W+6+ckvmM8oqXe1Ecihg2imP/NY9xFY6BguF8=
Subject key identifier: 4C:A5:31:DD:C9:3E:8D:B6:12:1E:47:CF:51:B6:01:2B:76:C8:01:D6
Certificate issuer: /CN=c91820b50007e41c53dd6029b37954d3572f4c29
Certificate serial: 0190266817A900A0564A1C9C27FC16F37197
Authority key identifier: C9:18:20:B5:00:07:E4:1C:53:DD:60:29:B3:79:54:D3:57:2F:4C:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yRggtQAH5BxT3WAps3lU01cvTCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/ea7121-5414-4484-9185-eec14c971c4d/1/TKUx3ck-jbYSHkfPUbYBK3bIAdY.roa
Signing time: Mon 17 Jun 2024 13:34:34 +0000
ROA not before: Mon 17 Jun 2024 13:34:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48642
IP address blocks: 91.193.148.0/22 maxlen: 22
91.223.170.0/24 maxlen: 24
195.206.226.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/ea7121-5414-4484-9185-eec14c971c4d/1/yRggtQAH5BxT3WAps3lU01cvTCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/ea7121-5414-4484-9185-eec14c971c4d/1/yRggtQAH5BxT3WAps3lU01cvTCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/yRggtQAH5BxT3WAps3lU01cvTCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:26:68:17:a9:00:a0:56:4a:1c:9c:27:fc:16:f3:71:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c91820b50007e41c53dd6029b37954d3572f4c29
Validity
Not Before: Jun 17 13:34:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ca531ddc93e8db6121e47cf51b6012b76c801d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:63:64:2a:67:2e:0b:ec:15:06:3e:74:52:5a:
8a:3d:04:05:ba:2d:49:80:c9:5a:0a:a3:dc:28:49:
50:db:67:57:92:83:37:ff:48:27:63:bb:8b:9c:63:
98:da:27:ae:ca:9d:21:ef:b0:56:6c:e6:ca:4f:b1:
fa:97:0a:50:cd:bd:8f:8a:cd:7c:46:f5:17:48:3e:
bb:5e:0e:25:23:cf:da:b9:b5:11:b1:b0:d9:f8:06:
3a:12:1f:9d:b2:3f:b2:60:1d:b1:a6:b6:be:f9:cd:
2b:5e:a3:61:52:d1:9d:05:f4:0a:09:1c:10:b1:f6:
b6:00:1a:51:15:90:fb:23:a8:9b:20:a9:9b:5f:43:
bd:f1:24:ec:f9:a7:28:6a:bc:f8:48:7f:c0:d1:7f:
8d:66:42:3b:c6:19:5b:4f:95:6b:e7:54:87:fe:d9:
44:26:de:5c:03:cb:44:02:bb:08:cc:e4:b7:28:74:
95:99:88:4c:fd:54:7c:d6:b9:67:cd:14:ac:f9:4b:
30:e7:19:cf:59:43:a2:2b:30:76:61:11:90:b3:1d:
99:e3:e5:fb:08:45:07:fe:77:9b:f8:c7:a8:ce:fa:
5c:35:12:2d:37:b6:fa:8b:04:a5:27:31:fb:23:42:
04:38:80:ed:81:88:48:95:85:da:25:c0:98:f5:ae:
ac:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:A5:31:DD:C9:3E:8D:B6:12:1E:47:CF:51:B6:01:2B:76:C8:01:D6
X509v3 Authority Key Identifier:
keyid:C9:18:20:B5:00:07:E4:1C:53:DD:60:29:B3:79:54:D3:57:2F:4C:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yRggtQAH5BxT3WAps3lU01cvTCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/ea7121-5414-4484-9185-eec14c971c4d/1/TKUx3ck-jbYSHkfPUbYBK3bIAdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/ea7121-5414-4484-9185-eec14c971c4d/1/yRggtQAH5BxT3WAps3lU01cvTCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.193.148.0/22
91.223.170.0/24
195.206.226.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:c3:ca:59:d6:79:2e:da:ac:50:79:1b:b5:1b:02:e1:4e:e4:
4c:75:e5:11:ab:28:49:bc:f0:bc:2c:0b:fc:46:69:6c:79:53:
bf:88:19:f7:76:2c:4a:55:18:e3:94:f9:bc:e1:7a:8f:97:d6:
d7:5f:ce:9d:74:6c:24:33:5b:18:4a:b5:34:52:2e:cd:2b:b8:
d3:26:35:23:32:0c:98:30:a9:01:f6:f9:da:93:2e:2e:a6:5e:
7c:68:b1:85:38:90:2f:c5:8f:91:99:2a:5c:58:24:5c:00:0e:
d0:03:33:fb:89:62:20:b1:9b:a2:94:b8:6f:c4:fa:96:d8:d7:
b2:a1:43:2f:67:3d:1e:62:11:4e:2c:c6:b1:1b:61:0f:4c:a7:
63:2d:15:e3:58:74:b4:0a:ca:2e:86:57:73:67:ed:4b:79:1c:
0d:18:d0:1a:93:d8:3e:59:dc:39:91:ae:c8:eb:7b:ef:f1:48:
db:be:bd:f4:40:ce:62:31:9e:53:be:d9:b9:ef:0f:15:c5:46:
b3:70:77:16:52:7d:fb:cc:19:27:77:a4:49:94:91:75:45:27:
0c:da:ea:12:2a:ab:77:8b:fb:0d:04:95:17:6c:af:f2:84:b2:
3a:f0:3e:a3:fb:06:26:51:92:54:93:e6:e5:6b:a0:a5:ac:1c:
51:8a:c8:5c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZAmaBepAKBWShycJ/wW83GXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MTgyMGI1MDAwN2U0MWM1M2RkNjAyOWIzNzk1NGQzNTcy
ZjRjMjkwHhcNMjQwNjE3MTMzNDM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2E1MzFkZGM5M2U4ZGI2MTIxZTQ3Y2Y1MWI2MDEyYjc2YzgwMWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumNkKmcuC+wVBj50UlqKPQQFui1J
gMlaCqPcKElQ22dXkoM3/0gnY7uLnGOY2ieuyp0h77BWbObKT7H6lwpQzb2Pis18
RvUXSD67Xg4lI8/aubURsbDZ+AY6Eh+dsj+yYB2xpra++c0rXqNhUtGdBfQKCRwQ
sfa2ABpRFZD7I6ibIKmbX0O98STs+acoarz4SH/A0X+NZkI7xhlbT5Vr51SH/tlE
Jt5cA8tEArsIzOS3KHSVmYhM/VR81rlnzRSs+Usw5xnPWUOiKzB2YRGQsx2Z4+X7
CEUH/neb+MeozvpcNRItN7b6iwSlJzH7I0IEOIDtgYhIlYXaJcCY9a6s2wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEylMd3JPo22Eh5Hz1G2ASt2yAHWMB8GA1UdIwQY
MBaAFMkYILUAB+QcU91gKbN5VNNXL0wpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVJnZ3RRQUg1QnhUM1dBcHMzbFUwMWN2VENrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9lYTcxMjEtNTQxNC00NDg0LTkxODUt
ZWVjMTRjOTcxYzRkLzEvVEtVeDNjay1qYllTSGtmUFViWUJLM2JJQWRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9lYTcxMjEtNTQxNC00NDg0LTkxODUtZWVjMTRjOTcxYzRk
LzEveVJnZ3RRQUg1QnhUM1dBcHMzbFUwMWN2VENrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW8GUAwQA
W9+qAwQBw87iMA0GCSqGSIb3DQEBCwUAA4IBAQAcw8pZ1nku2qxQeRu1GwLhTuRM
deURqyhJvPC8LAv8RmlseVO/iBn3dixKVRjjlPm84XqPl9bXX86ddGwkM1sYSrU0
Ui7NK7jTJjUjMgyYMKkB9vnaky4upl58aLGFOJAvxY+RmSpcWCRcAA7QAzP7iWIg
sZuilLhvxPqW2NeyoUMvZz0eYhFOLMaxG2EPTKdjLRXjWHS0CsouhldzZ+1LeRwN
GNAak9g+Wdw5ka7I63vv8Ujbvr30QM5iMZ5Tvtm57w8VxUazcHcWUn37zBknd6RJ
lJF1RScM2uoSKqt3i/sNBJUXbK/yhLI68D6j+wYmUZJUk+bla6ClrBxRishc
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:37:28 2024 by rpki-client on console-ams.rpki-client.org