Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/a89801-c721-41bb-b517-b8c666e6d351/1/TSBVqN-q4gFL2xnBzcLoNSaEF14.roa
File: TSBVqN-q4gFL2xnBzcLoNSaEF14.roa (raw, json)
Hash identifier: aN3PElmz6uoj7dhdKoLePOiU/o2fDJBnIhp+cy+lO/M=
Subject key identifier: 4D:20:55:A8:DF:AA:E2:01:4B:DB:19:C1:CD:C2:E8:35:26:84:17:5E
Certificate issuer: /CN=191e27b29f65a24d9f94215715cd3671825a9eae
Certificate serial: 018CC86F63442FECA13E820E439D63EAEE63
Authority key identifier: 19:1E:27:B2:9F:65:A2:4D:9F:94:21:57:15:CD:36:71:82:5A:9E:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GR4nsp9lok2flCFXFc02cYJanq4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/a89801-c721-41bb-b517-b8c666e6d351/1/TSBVqN-q4gFL2xnBzcLoNSaEF14.roa
Signing time: Tue 02 Jan 2024 04:29:52 +0000
ROA not before: Tue 02 Jan 2024 04:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49544
IP address blocks: 185.102.26.0/24 maxlen: 24
185.102.24.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/a89801-c721-41bb-b517-b8c666e6d351/1/GR4nsp9lok2flCFXFc02cYJanq4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/a89801-c721-41bb-b517-b8c666e6d351/1/GR4nsp9lok2flCFXFc02cYJanq4.mft
rsync://rpki.ripe.net/repository/DEFAULT/GR4nsp9lok2flCFXFc02cYJanq4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 07:02:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:63:44:2f:ec:a1:3e:82:0e:43:9d:63:ea:ee:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=191e27b29f65a24d9f94215715cd3671825a9eae
Validity
Not Before: Jan 2 04:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d2055a8dfaae2014bdb19c1cdc2e8352684175e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a4:72:51:ed:d2:42:a1:2e:41:5c:38:2a:e4:
5b:ec:3b:c3:b0:1a:5f:09:e3:5c:50:74:36:a6:78:
5b:69:e9:31:f2:30:88:13:77:ae:2f:dc:94:44:e4:
ee:fc:e8:7f:9b:be:4c:46:f0:a9:b5:45:67:bd:78:
e2:ca:70:2c:77:35:da:3b:a1:c8:73:20:ed:98:f8:
d5:71:f5:81:bc:96:fd:8b:9b:68:39:9b:fd:eb:83:
8e:87:d4:8a:6e:47:dc:44:e2:5c:71:71:f7:0f:91:
4d:96:36:31:79:f2:bf:15:c4:2d:81:ab:1e:a6:63:
b2:ec:eb:8d:94:e0:fb:23:fe:ea:03:39:21:ea:43:
a7:60:7c:93:95:3d:a2:b9:ac:83:8b:ea:21:a3:3e:
f3:4a:24:ff:dc:9f:2c:92:43:ba:77:11:46:13:a3:
ab:2d:3e:10:34:30:06:a3:66:70:34:62:c3:92:15:
e7:9f:02:1e:d3:c1:61:c1:fc:d7:74:21:e6:b5:be:
ff:69:ea:3c:f1:59:f3:51:c8:5c:ad:0d:e1:2a:76:
0f:a3:35:4b:99:74:39:24:f3:b2:ca:42:76:14:a2:
70:64:41:8b:6c:ff:03:58:57:8f:4d:29:e0:7d:c6:
40:66:ac:8d:3e:04:d8:e8:d4:f1:ac:96:35:18:2b:
ba:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:20:55:A8:DF:AA:E2:01:4B:DB:19:C1:CD:C2:E8:35:26:84:17:5E
X509v3 Authority Key Identifier:
keyid:19:1E:27:B2:9F:65:A2:4D:9F:94:21:57:15:CD:36:71:82:5A:9E:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GR4nsp9lok2flCFXFc02cYJanq4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a89801-c721-41bb-b517-b8c666e6d351/1/TSBVqN-q4gFL2xnBzcLoNSaEF14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/a89801-c721-41bb-b517-b8c666e6d351/1/GR4nsp9lok2flCFXFc02cYJanq4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.102.24.0-185.102.26.255
Signature Algorithm: sha256WithRSAEncryption
b4:16:1a:80:33:02:92:7d:7e:c9:c7:78:7f:9d:1c:0f:80:7c:
03:cd:c6:39:05:a8:8d:84:cf:09:af:bf:85:c4:4d:c4:05:e9:
80:8c:73:64:8a:1e:85:1c:a0:fa:0b:7f:86:90:36:e2:1a:18:
cd:a5:bf:35:cb:d4:c9:87:21:cc:21:b9:7a:04:23:8b:57:c8:
bc:d9:e6:6f:84:d4:91:f8:5c:61:2e:6b:4a:40:39:8d:88:02:
2e:cf:4a:36:6a:fc:17:92:81:e6:02:1f:06:49:9c:4f:24:c7:
d5:34:00:59:28:9a:e8:44:7e:26:11:39:fa:6d:25:bb:56:21:
fc:33:56:e1:7e:84:65:37:34:0c:5c:1b:e9:e7:e4:3c:89:e2:
09:1f:ec:7e:bd:8f:07:85:56:77:07:83:ef:13:e6:47:af:d4:
d2:b3:42:51:cf:e0:33:e1:8d:68:46:53:00:18:41:2d:73:76:
e9:f5:5a:8e:30:0c:c1:55:d7:75:1a:67:ec:b5:0e:b6:e3:9e:
f7:c9:f4:25:39:a0:61:f8:29:46:68:95:db:81:94:45:63:01:
fb:94:fe:aa:80:7f:b6:fe:58:58:9b:3c:de:57:42:9d:1c:53:
e6:8b:50:41:8d:f7:51:71:09:f7:db:45:cc:3a:f3:05:0a:f1:
05:fb:d9:4f
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAYzIb2NEL+yhPoIOQ51j6u5jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MWUyN2IyOWY2NWEyNGQ5Zjk0MjE1NzE1Y2QzNjcxODI1
YTllYWUwHhcNMjQwMTAyMDQyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDIwNTVhOGRmYWFlMjAxNGJkYjE5YzFjZGMyZTgzNTI2ODQxNzVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06RyUe3SQqEuQVw4KuRb7DvDsBpf
CeNcUHQ2pnhbaekx8jCIE3euL9yUROTu/Oh/m75MRvCptUVnvXjiynAsdzXaO6HI
cyDtmPjVcfWBvJb9i5toOZv964OOh9SKbkfcROJccXH3D5FNljYxefK/FcQtgase
pmOy7OuNlOD7I/7qAzkh6kOnYHyTlT2iuayDi+ohoz7zSiT/3J8skkO6dxFGE6Or
LT4QNDAGo2ZwNGLDkhXnnwIe08FhwfzXdCHmtb7/aeo88VnzUchcrQ3hKnYPozVL
mXQ5JPOyykJ2FKJwZEGLbP8DWFePTSngfcZAZqyNPgTY6NTxrJY1GCu6eQIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFE0gVajfquIBS9sZwc3C6DUmhBdeMB8GA1UdIwQY
MBaAFBkeJ7KfZaJNn5QhVxXNNnGCWp6uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1I0bnNwOWxvazJmbENGWEZjMDJjWUphbnE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9hODk4MDEtYzcyMS00MWJiLWI1MTct
YjhjNjY2ZTZkMzUxLzEvVFNCVnFOLXE0Z0ZMMnhuQnpjTG9OU2FFRjE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9hODk4MDEtYzcyMS00MWJiLWI1MTctYjhjNjY2ZTZkMzUx
LzEvR1I0bnNwOWxvazJmbENGWEZjMDJjWUphbnE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBAO5ZhgD
BAC5ZhowDQYJKoZIhvcNAQELBQADggEBALQWGoAzApJ9fsnHeH+dHA+AfAPNxjkF
qI2Ezwmvv4XETcQF6YCMc2SKHoUcoPoLf4aQNuIaGM2lvzXL1MmHIcwhuXoEI4tX
yLzZ5m+E1JH4XGEua0pAOY2IAi7PSjZq/BeSgeYCHwZJnE8kx9U0AFkomuhEfiYR
OfptJbtWIfwzVuF+hGU3NAxcG+nn5DyJ4gkf7H69jweFVncHg+8T5kev1NKzQlHP
4DPhjWhGUwAYQS1zdun1Wo4wDMFV13UaZ+y1DrbjnvfJ9CU5oGH4KUZolduBlEVj
AfuU/qqAf7b+WFibPN5XQp0cU+aLUEGN91FxCffbRcw68wUK8QX72U8=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:33:27 2024 by rpki-client on console-fra.rpki-client.org