Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/TPUqxB-PQUE4AT0KvqGW5eMJ92k.roa
File: TPUqxB-PQUE4AT0KvqGW5eMJ92k.roa (raw, json)
Hash identifier: egBaFc38ulT2dCE4AC8bAmZnEEIEu19/zIW63oqERCc=
Subject key identifier: 4C:F5:2A:C4:1F:8F:41:41:38:01:3D:0A:BE:A1:96:E5:E3:09:F7:69
Certificate issuer: /CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Certificate serial: 018F803594316EAC1C943005CACE4287717D
Authority key identifier: 2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/TPUqxB-PQUE4AT0KvqGW5eMJ92k.roa
Signing time: Thu 16 May 2024 07:02:25 +0000
ROA not before: Thu 16 May 2024 07:02:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8286
IP address blocks: 31.193.96.0/21 maxlen: 21
82.145.64.0/19 maxlen: 19
212.14.0.0/19 maxlen: 19
212.14.32.0/20 maxlen: 20
2001:4c58::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 26 Jun 2024 14:33:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:35:94:31:6e:ac:1c:94:30:05:ca:ce:42:87:71:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac64dc21cb5fd4d0bcb02cc2b43fd751fd91e1e
Validity
Not Before: May 16 07:02:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4cf52ac41f8f414138013d0abea196e5e309f769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:a7:4b:bc:2c:1e:bc:05:0d:33:08:10:ec:67:
c6:2f:87:4b:98:9d:5c:71:df:dc:be:8b:03:17:79:
7e:a9:ed:42:0c:31:e4:00:40:d3:d0:5f:b6:81:ee:
78:52:f3:8f:5e:24:2e:9e:74:c0:e3:74:60:9d:95:
23:16:85:4b:ab:57:a0:a4:78:60:10:22:7a:61:ea:
17:af:cd:0c:a0:ef:8f:7f:65:e2:29:b6:e9:44:a1:
2f:da:1e:6d:e9:14:1e:16:20:7e:a4:8d:eb:c2:75:
6e:fe:f9:a4:38:8b:70:1c:ab:67:fa:66:eb:c1:22:
01:46:4d:3e:4f:e3:23:cd:fe:bd:ff:8e:50:e0:a7:
55:ac:28:37:ef:0c:c5:ce:1e:5a:e1:af:5f:2c:cb:
28:ed:fa:5b:8f:ca:8c:8d:25:05:4b:bd:60:86:8b:
83:05:80:2a:be:86:70:aa:e1:14:6d:00:5f:47:8d:
7f:7f:61:1e:c8:fc:be:45:6f:da:d3:81:69:b4:9a:
63:5c:7c:a3:38:12:bb:0b:5a:ec:77:6d:ca:af:7e:
af:04:f7:41:40:19:52:87:ee:6e:e1:3c:45:ee:65:
d2:a5:3c:6c:16:30:d4:e2:b7:8f:8c:50:db:67:b4:
41:75:f2:4c:9b:46:64:48:47:e6:9d:85:a2:15:d3:
93:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:F5:2A:C4:1F:8F:41:41:38:01:3D:0A:BE:A1:96:E5:E3:09:F7:69
X509v3 Authority Key Identifier:
keyid:2A:C6:4D:C2:1C:B5:FD:4D:0B:CB:02:CC:2B:43:FD:75:1F:D9:1E:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsZNwhy1_U0LywLMK0P9dR_ZHh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/TPUqxB-PQUE4AT0KvqGW5eMJ92k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/de1db4-ec78-4e41-9570-097c3c1c2540/1/KsZNwhy1_U0LywLMK0P9dR_ZHh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.193.96.0/21
82.145.64.0/19
212.14.0.0-212.14.47.255
IPv6:
2001:4c58::/30
Signature Algorithm: sha256WithRSAEncryption
77:d8:ae:05:16:cc:67:5f:f8:64:fc:2a:6d:76:e8:25:21:8f:
86:42:fc:87:9d:11:a0:f2:da:ae:53:5c:a8:81:4e:af:0c:20:
0e:23:73:96:96:c6:38:6c:ea:0f:d5:5b:0d:71:c4:cd:dd:a2:
5e:c9:23:5d:41:cb:bc:84:66:6d:26:6d:05:29:f7:7c:b1:58:
17:36:b8:6a:d1:c1:c1:c0:fd:55:be:f2:84:8c:df:d4:50:eb:
30:91:b4:38:ae:a0:61:2e:81:53:8d:62:a4:5e:01:69:1d:d0:
95:96:aa:43:ee:1f:52:14:7b:3d:27:d8:b7:45:ec:cb:21:a8:
f0:0a:f4:fc:04:e8:d9:05:43:e5:02:4f:c9:8e:b4:07:6e:3f:
2b:1e:30:b1:ea:cb:9e:c1:ea:e9:66:48:9a:8b:4a:30:b1:ee:
15:c3:7d:1b:de:37:be:f4:da:30:39:79:41:d8:9a:8d:24:2e:
04:40:d4:5a:dd:36:de:0c:2e:e4:7d:c5:71:da:c3:fc:4e:9d:
05:d5:33:bb:90:72:2c:51:41:c7:dd:c0:ab:4a:c6:5a:11:a2:
4a:ca:6c:2b:33:91:4a:5d:90:2d:82:53:35:e8:ec:00:4b:2f:
3a:25:e9:e6:8f:cd:77:86:f0:1a:63:20:e0:d3:94:b0:7f:d8:
83:01:50:dd
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY+ANZQxbqwclDAFys5Ch3F9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzY0ZGMyMWNiNWZkNGQwYmNiMDJjYzJiNDNmZDc1MWZk
OTFlMWUwHhcNMjQwNTE2MDcwMjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Y2Y1MmFjNDFmOGY0MTQxMzgwMTNkMGFiZWExOTZlNWUzMDlmNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArKdLvCwevAUNMwgQ7GfGL4dLmJ1c
cd/cvosDF3l+qe1CDDHkAEDT0F+2ge54UvOPXiQunnTA43RgnZUjFoVLq1egpHhg
ECJ6YeoXr80MoO+Pf2XiKbbpRKEv2h5t6RQeFiB+pI3rwnVu/vmkOItwHKtn+mbr
wSIBRk0+T+Mjzf69/45Q4KdVrCg37wzFzh5a4a9fLMso7fpbj8qMjSUFS71ghouD
BYAqvoZwquEUbQBfR41/f2EeyPy+RW/a04FptJpjXHyjOBK7C1rsd23Kr36vBPdB
QBlSh+5u4TxF7mXSpTxsFjDU4rePjFDbZ7RBdfJMm0ZkSEfmnYWiFdOTjQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFEz1KsQfj0FBOAE9Cr6hluXjCfdpMB8GA1UdIwQY
MBaAFCrGTcIctf1NC8sCzCtD/XUf2R4eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAt
MDk3YzNjMWMyNTQwLzEvVFBVcXhCLVBRVUU0QVQwS3ZxR1c1ZU1KOTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS9kZTFkYjQtZWM3OC00ZTQxLTk1NzAtMDk3YzNjMWMyNTQw
LzEvS3NaTndoeTFfVTBMeXdMTUswUDlkUl9aSGg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAfBAIAATAZAwQDH8FgAwQF
UpFAMAsDAwHUDgMEBNQOIDANBAIAAjAHAwUCIAFMWDANBgkqhkiG9w0BAQsFAAOC
AQEAd9iuBRbMZ1/4ZPwqbXboJSGPhkL8h50RoPLarlNcqIFOrwwgDiNzlpbGOGzq
D9VbDXHEzd2iXskjXUHLvIRmbSZtBSn3fLFYFza4atHBwcD9Vb7yhIzf1FDrMJG0
OK6gYS6BU41ipF4BaR3QlZaqQ+4fUhR7PSfYt0XsyyGo8Ar0/ATo2QVD5QJPyY60
B24/Kx4wserLnsHq6WZImotKMLHuFcN9G943vvTaMDl5QdiajSQuBEDUWt023gwu
5H3FcdrD/E6dBdUzu5ByLFFBx93Aq0rGWhGiSspsKzORSl2QLYJTNejsAEsvOiXp
5o/Nd4bwGmMg4NOUsH/YgwFQ3Q==
-----END CERTIFICATE-----
Generated at Wed Jun 26 01:11:01 2024 by rpki-client on console-fra.rpki-client.org