Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/TqYMt-f7Q9WekwjwvR1pq0YbVmQ.roa
File: TqYMt-f7Q9WekwjwvR1pq0YbVmQ.roa (raw, json)
Hash identifier: Mnj9DsgM8EZ7iO6tWZBQYrPyIDZNWgv4xPCW5seVRj8=
Subject key identifier: 4E:A6:0C:B7:E7:FB:43:D5:9E:93:08:F0:BD:1D:69:AB:46:1B:56:64
Certificate issuer: /CN=c6e1c8c65c86e8d26ddbeb68658a39a7a8e27866
Certificate serial: 0191F4D77EE7E01514E7668698ECA5FFA034
Authority key identifier: C6:E1:C8:C6:5C:86:E8:D2:6D:DB:EB:68:65:8A:39:A7:A8:E2:78:66
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/TqYMt-f7Q9WekwjwvR1pq0YbVmQ.roa
Signing time: Sun 15 Sep 2024 08:40:49 +0000
ROA not before: Sun 15 Sep 2024 08:40:49 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202391
IP address blocks: 46.34.160.0/22 maxlen: 24
89.42.197.0/24 maxlen: 24
89.42.198.0/24 maxlen: 24
89.42.199.0/24 maxlen: 24
89.47.196.0/24 maxlen: 24
89.47.199.0/24 maxlen: 24
89.47.203.0/24 maxlen: 24
92.114.48.0/23 maxlen: 24
92.114.48.0/24 maxlen: 24
92.114.49.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.crl
rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.mft
rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:f4:d7:7e:e7:e0:15:14:e7:66:86:98:ec:a5:ff:a0:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6e1c8c65c86e8d26ddbeb68658a39a7a8e27866
Validity
Not Before: Sep 15 08:40:49 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4ea60cb7e7fb43d59e9308f0bd1d69ab461b5664
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:89:e7:fc:c2:6e:0d:4f:6a:08:a9:74:92:c9:
29:a1:e1:ca:27:01:c4:6d:7a:d7:26:e6:94:3c:5d:
81:44:dc:54:27:a8:fd:c2:20:31:f8:a2:ea:bd:87:
b3:e8:59:db:b7:f5:00:a5:a4:a9:b4:4f:04:e3:5a:
44:11:5c:20:13:5a:cd:cc:01:9a:58:81:d2:b7:b3:
42:62:2f:a3:b4:bd:20:fb:24:09:05:ef:f9:c6:4b:
22:65:1d:d8:a9:41:be:6c:bd:41:be:c0:74:a1:f8:
4e:3b:53:3a:51:32:4e:dc:9b:a8:7c:0d:8f:82:51:
d5:74:01:5c:77:4e:7b:1e:5a:c2:ac:48:70:50:70:
1d:c4:e8:b5:7a:87:7b:7b:97:49:f8:9c:f6:5d:5a:
d5:64:4e:ad:e4:d3:ef:9d:df:6b:aa:03:73:b8:f3:
6f:87:ba:81:6b:4b:40:2f:50:00:89:a7:49:f9:bc:
5f:83:47:b9:7e:d7:1c:41:e6:78:54:2a:bc:b5:45:
ce:9f:83:df:eb:c7:cc:07:33:39:0d:06:f8:39:08:
e6:16:eb:24:40:8e:59:30:9d:b1:d5:00:20:1f:3d:
3e:98:97:91:6f:b9:d2:bd:5e:a3:a1:a5:a5:aa:61:
53:f5:f0:12:38:d4:09:22:b2:2d:73:4f:ed:fe:e7:
15:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:A6:0C:B7:E7:FB:43:D5:9E:93:08:F0:BD:1D:69:AB:46:1B:56:64
X509v3 Authority Key Identifier:
keyid:C6:E1:C8:C6:5C:86:E8:D2:6D:DB:EB:68:65:8A:39:A7:A8:E2:78:66
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xuHIxlyG6NJt2-toZYo5p6jieGY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/TqYMt-f7Q9WekwjwvR1pq0YbVmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ee/a453fe-a664-47a2-8b8a-ce5e01e71c91/1/xuHIxlyG6NJt2-toZYo5p6jieGY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.34.160.0/22
89.42.197.0-89.42.199.255
89.47.196.0/24
89.47.199.0/24
89.47.203.0/24
92.114.48.0/23
Signature Algorithm: sha256WithRSAEncryption
54:d8:ef:32:10:54:dd:04:a7:26:57:39:88:d9:29:53:a1:c8:
70:84:b3:7f:77:8c:6a:62:4d:0b:27:6e:d4:cb:d8:ae:66:9b:
f9:4d:91:40:ca:c5:94:f4:86:fc:b1:a0:59:0c:8a:f6:46:98:
77:a5:49:11:d7:fe:32:db:e5:fd:23:9d:c0:f3:96:b2:79:29:
e8:50:86:55:a7:b2:43:ed:8e:20:98:22:00:a2:fc:e3:c8:24:
32:7a:bc:21:53:41:2c:c6:11:cb:4a:b3:ac:2b:81:a3:0c:d9:
01:50:23:6d:b0:db:b8:be:f9:56:3a:40:e7:3f:c7:4d:85:6f:
69:ea:47:92:64:22:e9:25:9a:ac:1c:b0:0c:4d:48:7d:eb:b5:
07:b2:8b:29:d9:cb:03:76:0f:ee:29:17:df:07:48:25:02:4a:
eb:64:85:f6:76:bd:42:32:88:b2:a8:58:cc:8d:da:a1:89:3d:
8e:92:44:86:a6:ad:b4:8b:f1:27:d7:64:96:55:d8:ff:6c:dd:
4f:50:bf:84:66:cd:21:3e:40:6b:7e:0d:74:c6:c1:4a:cf:b0:
e2:e1:51:54:37:55:c1:a3:aa:1a:58:3d:f4:08:6f:ac:9b:30:
b2:c3:ed:78:34:2f:af:a4:5c:fe:bd:c8:f3:69:30:1f:69:01:
35:f5:1e:8a
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZH0137n4BUU52aGmOyl/6A0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2ZTFjOGM2NWM4NmU4ZDI2ZGRiZWI2ODY1OGEzOWE3YThl
Mjc4NjYwHhcNMjQwOTE1MDg0MDQ5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWE2MGNiN2U3ZmI0M2Q1OWU5MzA4ZjBiZDFkNjlhYjQ2MWI1NjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Ynn/MJuDU9qCKl0kskpoeHKJwHE
bXrXJuaUPF2BRNxUJ6j9wiAx+KLqvYez6Fnbt/UApaSptE8E41pEEVwgE1rNzAGa
WIHSt7NCYi+jtL0g+yQJBe/5xksiZR3YqUG+bL1BvsB0ofhOO1M6UTJO3JuofA2P
glHVdAFcd057HlrCrEhwUHAdxOi1eod7e5dJ+Jz2XVrVZE6t5NPvnd9rqgNzuPNv
h7qBa0tAL1AAiadJ+bxfg0e5ftccQeZ4VCq8tUXOn4Pf68fMBzM5DQb4OQjmFusk
QI5ZMJ2x1QAgHz0+mJeRb7nSvV6joaWlqmFT9fASONQJIrItc0/t/ucVAwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFE6mDLfn+0PVnpMI8L0daatGG1ZkMB8GA1UdIwQY
MBaAFMbhyMZchujSbdvraGWKOaeo4nhmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHVISXhseUc2Tkp0Mi10b1pZbzVwNmppZUdZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZS9hNDUzZmUtYTY2NC00N2EyLThiOGEt
Y2U1ZTAxZTcxYzkxLzEvVHFZTXQtZjdROVdla3dqd3ZSMXBxMFliVm1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZS9hNDUzZmUtYTY2NC00N2EyLThiOGEtY2U1ZTAxZTcxYzkx
LzEveHVISXhseUc2Tkp0Mi10b1pZbzVwNmppZUdZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQCLiKgMAwD
BABZKsUDBANZKsADBABZL8QDBABZL8cDBABZL8sDBAFccjAwDQYJKoZIhvcNAQEL
BQADggEBAFTY7zIQVN0EpyZXOYjZKVOhyHCEs393jGpiTQsnbtTL2K5mm/lNkUDK
xZT0hvyxoFkMivZGmHelSRHX/jLb5f0jncDzlrJ5KehQhlWnskPtjiCYIgCi/OPI
JDJ6vCFTQSzGEctKs6wrgaMM2QFQI22w27i++VY6QOc/x02Fb2nqR5JkIuklmqwc
sAxNSH3rtQeyiynZywN2D+4pF98HSCUCSutkhfZ2vUIyiLKoWMyN2qGJPY6SRIam
rbSL8SfXZJZV2P9s3U9Qv4RmzSE+QGt+DXTGwUrPsOLhUVQ3VcGjqhpYPfQIb6yb
MLLD7Xg0L6+kXP69yPNpMB9pATX1Hoo=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:29:58 2024 by rpki-client on console-ams.rpki-client.org