Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/149c01-840d-45f6-823f-e2f0e1c26105/1/tyk1W06i-d1FHfI_ivsk0l6qWQg.roa
File: tyk1W06i-d1FHfI_ivsk0l6qWQg.roa (raw, json)
Hash identifier: kXndtcep+tk32XCzwygsBCoadb1shDRH2vmSfiEp8h4=
Subject key identifier: B7:29:35:5B:4E:A2:F9:DD:45:1D:F2:3F:8A:FB:24:D2:5E:AA:59:08
Certificate issuer: /CN=b3a758904c75856e3585a4433ae5ec57fef1a3c7
Certificate serial: 018CC2DB441005CC62E8809E0322361E036E
Authority key identifier: B3:A7:58:90:4C:75:85:6E:35:85:A4:43:3A:E5:EC:57:FE:F1:A3:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s6dYkEx1hW41haRDOuXsV_7xo8c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/149c01-840d-45f6-823f-e2f0e1c26105/1/tyk1W06i-d1FHfI_ivsk0l6qWQg.roa
Signing time: Mon 01 Jan 2024 02:29:58 +0000
ROA not before: Mon 01 Jan 2024 02:29:58 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12662
IP address blocks: 192.162.132.0/22 maxlen: 22
192.162.132.0/23 maxlen: 23
192.162.132.0/24 maxlen: 24
192.162.135.0/24 maxlen: 24
192.162.134.0/24 maxlen: 24
192.162.134.0/23 maxlen: 23
192.162.133.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/149c01-840d-45f6-823f-e2f0e1c26105/1/s6dYkEx1hW41haRDOuXsV_7xo8c.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/149c01-840d-45f6-823f-e2f0e1c26105/1/s6dYkEx1hW41haRDOuXsV_7xo8c.mft
rsync://rpki.ripe.net/repository/DEFAULT/s6dYkEx1hW41haRDOuXsV_7xo8c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:44:10:05:cc:62:e8:80:9e:03:22:36:1e:03:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3a758904c75856e3585a4433ae5ec57fef1a3c7
Validity
Not Before: Jan 1 02:29:58 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b729355b4ea2f9dd451df23f8afb24d25eaa5908
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:3a:45:1e:06:ab:85:6a:8a:82:40:ed:07:0c:
07:e3:5b:af:c7:fd:cb:e5:d5:04:9d:16:90:6d:e9:
9f:db:bb:d6:e1:0d:ef:3c:b6:58:03:7a:fb:ad:d7:
75:d8:c9:b9:19:f8:35:b6:4d:45:85:a2:1c:b9:e0:
80:16:30:e3:9c:31:1e:e5:a1:5f:7e:63:86:d8:c6:
e2:49:a6:81:c9:17:eb:2d:94:ed:86:c4:3e:21:c8:
d4:28:f9:83:e6:41:2a:f8:a4:80:11:5a:42:0f:c2:
31:26:38:7e:04:a9:b9:01:a9:67:e0:a5:d8:2a:0a:
80:6a:e7:61:6f:75:f8:b1:b8:38:5a:c3:11:6b:67:
df:64:0a:55:ce:33:63:f1:95:32:52:35:d9:66:4d:
4a:03:f3:4a:89:f6:f3:33:4b:7c:92:40:f1:0c:91:
bb:c1:54:2e:40:02:c7:08:cb:86:11:3d:31:a0:4f:
47:7c:76:5d:03:3a:46:3d:cb:ce:b7:5c:18:a1:34:
b4:40:45:0c:3a:2b:ef:3f:5b:aa:27:8c:fe:b1:b1:
bb:f2:fe:cb:15:41:50:84:97:c5:c4:b0:54:84:10:
d4:fa:c0:61:06:3c:04:cb:ec:21:c9:05:ae:7c:89:
e5:b5:1f:75:32:84:71:52:f6:68:f7:d1:fd:52:0a:
46:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:29:35:5B:4E:A2:F9:DD:45:1D:F2:3F:8A:FB:24:D2:5E:AA:59:08
X509v3 Authority Key Identifier:
keyid:B3:A7:58:90:4C:75:85:6E:35:85:A4:43:3A:E5:EC:57:FE:F1:A3:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s6dYkEx1hW41haRDOuXsV_7xo8c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/149c01-840d-45f6-823f-e2f0e1c26105/1/tyk1W06i-d1FHfI_ivsk0l6qWQg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/149c01-840d-45f6-823f-e2f0e1c26105/1/s6dYkEx1hW41haRDOuXsV_7xo8c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.132.0/22
Signature Algorithm: sha256WithRSAEncryption
6a:70:9b:55:6e:82:6a:8d:6b:49:1d:e4:6b:d6:91:9c:4f:39:
3f:5d:fd:c2:bb:bd:a9:2e:96:15:bf:ca:b4:6b:23:c5:a3:39:
85:63:cb:95:21:fd:60:d3:f3:de:5b:c4:99:bf:81:2e:58:73:
a5:e9:3f:ec:64:d8:9c:b3:4c:90:ad:c5:55:94:f6:3a:0f:df:
3c:37:04:5d:a9:77:cb:1b:33:76:58:56:a4:e7:ff:3a:a5:51:
90:84:17:3d:05:60:6c:36:3d:eb:32:69:1b:2c:5d:da:e0:93:
0a:b4:92:e3:87:a0:56:ad:9c:e4:a5:d0:c6:b3:bf:b9:e5:2f:
ca:0a:dd:9c:d3:5f:7b:4f:a5:98:d1:2b:15:66:2b:b5:58:2b:
2d:f7:2f:92:a2:3a:a6:b7:6e:16:15:dd:35:f1:01:80:52:4f:
21:67:13:0c:f2:72:72:ce:28:aa:46:6e:53:0a:51:73:e8:6b:
a4:db:1a:18:03:73:21:44:13:ec:24:31:48:81:42:f8:92:7e:
cd:67:53:f6:49:8b:46:e0:79:f2:63:df:42:5a:94:df:c5:5c:
f8:8f:05:13:3a:4d:fc:ca:ac:8e:97:44:2d:a0:b4:16:bc:df:
c1:7d:1e:04:d8:8e:e3:ac:2b:d0:8e:8b:6a:5f:01:cb:a1:67:
9c:63:e6:ac
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzC20QQBcxi6ICeAyI2HgNuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzYTc1ODkwNGM3NTg1NmUzNTg1YTQ0MzNhZTVlYzU3ZmVm
MWEzYzcwHhcNMjQwMTAxMDIyOTU4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzI5MzU1YjRlYTJmOWRkNDUxZGYyM2Y4YWZiMjRkMjVlYWE1OTA4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzpFHgarhWqKgkDtBwwH41uvx/3L
5dUEnRaQbemf27vW4Q3vPLZYA3r7rdd12Mm5Gfg1tk1FhaIcueCAFjDjnDEe5aFf
fmOG2MbiSaaByRfrLZTthsQ+IcjUKPmD5kEq+KSAEVpCD8IxJjh+BKm5Aaln4KXY
KgqAaudhb3X4sbg4WsMRa2ffZApVzjNj8ZUyUjXZZk1KA/NKifbzM0t8kkDxDJG7
wVQuQALHCMuGET0xoE9HfHZdAzpGPcvOt1wYoTS0QEUMOivvP1uqJ4z+sbG78v7L
FUFQhJfFxLBUhBDU+sBhBjwEy+whyQWufInltR91MoRxUvZo99H9UgpGlwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFLcpNVtOovndRR3yP4r7JNJeqlkIMB8GA1UdIwQY
MBaAFLOnWJBMdYVuNYWkQzrl7Ff+8aPHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvczZkWWtFeDFoVzQxaGFSRE91WHNWXzd4bzhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy8xNDljMDEtODQwZC00NWY2LTgyM2Yt
ZTJmMGUxYzI2MTA1LzEvdHlrMVcwNmktZDFGSGZJX2l2c2swbDZxV1FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy8xNDljMDEtODQwZC00NWY2LTgyM2YtZTJmMGUxYzI2MTA1
LzEvczZkWWtFeDFoVzQxaGFSRE91WHNWXzd4bzhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCwKKEMA0G
CSqGSIb3DQEBCwUAA4IBAQBqcJtVboJqjWtJHeRr1pGcTzk/Xf3Cu72pLpYVv8q0
ayPFozmFY8uVIf1g0/PeW8SZv4EuWHOl6T/sZNics0yQrcVVlPY6D988NwRdqXfL
GzN2WFak5/86pVGQhBc9BWBsNj3rMmkbLF3a4JMKtJLjh6BWrZzkpdDGs7+55S/K
Ct2c0197T6WY0SsVZiu1WCst9y+Sojqmt24WFd018QGAUk8hZxMM8nJyziiqRm5T
ClFz6Guk2xoYA3MhRBPsJDFIgUL4kn7NZ1P2SYtG4HnyY99CWpTfxVz4jwUTOk38
yqyOl0QtoLQWvN/BfR4E2I7jrCvQjotqXwHLoWecY+as
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:59:12 2024 by rpki-client on console-ams.rpki-client.org