Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/lTYmzmQf42iOL3afx84x47grRZ4.roa
File: lTYmzmQf42iOL3afx84x47grRZ4.roa (raw, json)
Hash identifier: ucoIneSjOY3Ve2WtwsUxRCAbh+Al2b1BYRvWC/6Ejsk=
Subject key identifier: 95:36:26:CE:64:1F:E3:68:8E:2F:76:9F:C7:CE:31:E3:B8:2B:45:9E
Certificate issuer: /CN=1817a5ec18c4f2c44784adc5038356be5ae89429
Certificate serial: 018CC4936D39FB65B804B43E69054123D2E9
Authority key identifier: 18:17:A5:EC:18:C4:F2:C4:47:84:AD:C5:03:83:56:BE:5A:E8:94:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GBel7BjE8sRHhK3FA4NWvlrolCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/lTYmzmQf42iOL3afx84x47grRZ4.roa
Signing time: Mon 01 Jan 2024 10:30:45 +0000
ROA not before: Mon 01 Jan 2024 10:30:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 19905
IP address blocks: 193.0.184.0/24 maxlen: 24
193.0.212.0/24 maxlen: 24
193.0.129.0/24 maxlen: 24
192.251.230.0/24 maxlen: 24
2a0f:7ac0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/GBel7BjE8sRHhK3FA4NWvlrolCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/GBel7BjE8sRHhK3FA4NWvlrolCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/GBel7BjE8sRHhK3FA4NWvlrolCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 07:04:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:6d:39:fb:65:b8:04:b4:3e:69:05:41:23:d2:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1817a5ec18c4f2c44784adc5038356be5ae89429
Validity
Not Before: Jan 1 10:30:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=953626ce641fe3688e2f769fc7ce31e3b82b459e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:74:d2:1d:d8:02:95:0f:ff:40:ef:b2:f7:02:
a8:98:d2:4f:21:f8:8c:ef:ee:bb:64:ab:a3:a6:a4:
b5:16:ca:78:fc:b3:da:1f:6b:17:73:5f:b7:41:40:
81:a2:5d:36:14:fe:e8:9e:fb:74:05:3c:b2:39:33:
a7:ba:b8:63:0f:31:96:91:c5:6a:57:9e:f1:f3:5f:
81:85:80:7b:cf:b6:e9:72:79:7a:fb:5e:08:ef:ef:
1d:1f:60:28:d1:c7:87:0f:35:b8:42:8f:7a:f9:97:
0d:f4:57:7e:69:1e:4c:0d:09:cc:a8:8d:81:b6:ad:
6c:14:7e:da:e8:96:ac:9c:a9:2c:31:cd:dd:db:59:
59:57:94:60:d9:1e:3a:bc:7e:88:a4:c9:fd:07:55:
a9:90:3a:19:66:0b:95:85:21:6e:4c:c0:1c:53:71:
d5:19:cb:75:d4:cf:a0:70:b7:6c:82:d1:57:e6:c2:
57:c9:89:2d:69:f4:fe:7a:d0:fc:b5:60:16:a2:4f:
ec:b1:ca:27:cd:35:0c:61:a1:63:d5:32:dc:eb:77:
f4:9e:93:b6:2c:0d:6d:6f:a6:f3:fe:bb:56:da:8a:
ea:ea:06:e6:b3:b8:6e:fa:be:39:2e:f2:8b:e6:ee:
90:c9:40:f7:c6:f0:f8:b7:e9:5b:8d:02:f0:11:6b:
71:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:36:26:CE:64:1F:E3:68:8E:2F:76:9F:C7:CE:31:E3:B8:2B:45:9E
X509v3 Authority Key Identifier:
keyid:18:17:A5:EC:18:C4:F2:C4:47:84:AD:C5:03:83:56:BE:5A:E8:94:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GBel7BjE8sRHhK3FA4NWvlrolCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/lTYmzmQf42iOL3afx84x47grRZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/773678-e200-46af-86c1-6bd8022d2eae/1/GBel7BjE8sRHhK3FA4NWvlrolCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.251.230.0/24
193.0.129.0/24
193.0.184.0/24
193.0.212.0/24
IPv6:
2a0f:7ac0::/29
Signature Algorithm: sha256WithRSAEncryption
31:f2:19:d2:3e:ef:5c:b1:0d:d4:ad:70:47:75:1b:96:95:72:
b6:0d:0e:8a:5d:1b:da:4a:7e:96:5b:b2:3f:6e:83:26:ad:14:
20:af:0b:cf:ea:9d:74:cd:b6:9f:ca:d9:cf:d2:f4:25:b2:31:
d1:e2:a3:07:e5:b7:88:95:fb:ae:78:a6:7f:d7:a3:9f:96:15:
0a:75:ed:db:43:62:e9:de:0a:89:12:8f:de:1f:ee:0b:03:f4:
52:7f:3b:2a:92:d0:40:8a:73:e4:d8:37:be:fe:48:31:36:fe:
70:a2:e9:a2:90:98:e1:db:dd:b0:dd:53:0e:3b:ed:c2:a1:32:
fc:12:df:a8:3b:94:0c:32:61:0f:05:45:39:4a:f8:25:6c:8a:
8a:12:78:4d:ab:fa:f6:6e:60:c4:0d:14:d1:05:d4:c0:91:ad:
86:ea:a5:99:93:54:ad:2b:91:c8:8e:70:35:c7:0a:d2:e4:9b:
de:11:37:75:9a:2f:7f:42:74:45:58:9b:1e:e2:4e:ac:b9:9f:
92:32:ab:ce:03:59:67:5a:7a:76:e3:9b:10:e9:7e:62:5b:bb:
ff:6f:c1:df:e3:9e:77:89:bf:cb:f9:5d:95:f4:80:d8:2e:b1:
fe:36:bc:ce:a3:33:e9:2b:78:cc:ff:e6:b3:2b:32:01:4d:38:
af:29:46:f3
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzEk205+2W4BLQ+aQVBI9LpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4MTdhNWVjMThjNGYyYzQ0Nzg0YWRjNTAzODM1NmJlNWFl
ODk0MjkwHhcNMjQwMTAxMTAzMDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTM2MjZjZTY0MWZlMzY4OGUyZjc2OWZjN2NlMzFlM2I4MmI0NTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApXTSHdgClQ//QO+y9wKomNJPIfiM
7+67ZKujpqS1Fsp4/LPaH2sXc1+3QUCBol02FP7onvt0BTyyOTOnurhjDzGWkcVq
V57x81+BhYB7z7bpcnl6+14I7+8dH2Ao0ceHDzW4Qo96+ZcN9Fd+aR5MDQnMqI2B
tq1sFH7a6JasnKksMc3d21lZV5Rg2R46vH6IpMn9B1WpkDoZZguVhSFuTMAcU3HV
Gct11M+gcLdsgtFX5sJXyYktafT+etD8tWAWok/ssconzTUMYaFj1TLc63f0npO2
LA1tb6bz/rtW2orq6gbms7hu+r45LvKL5u6QyUD3xvD4t+lbjQLwEWtxAwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFJU2Js5kH+Noji92n8fOMeO4K0WeMB8GA1UdIwQY
MBaAFBgXpewYxPLER4StxQODVr5a6JQpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0JlbDdCakU4c1JIaEszRkE0Tld2bHJvbENrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC83NzM2NzgtZTIwMC00NmFmLTg2YzEt
NmJkODAyMmQyZWFlLzEvbFRZbXptUWY0MmlPTDNhZng4NHg0N2dyUlo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC83NzM2NzgtZTIwMC00NmFmLTg2YzEtNmJkODAyMmQyZWFl
LzEvR0JlbDdCakU4c1JIaEszRkE0Tld2bHJvbENrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAwPvmAwQA
wQCBAwQAwQC4AwQAwQDUMA0EAgACMAcDBQMqD3rAMA0GCSqGSIb3DQEBCwUAA4IB
AQAx8hnSPu9csQ3UrXBHdRuWlXK2DQ6KXRvaSn6WW7I/boMmrRQgrwvP6p10zbaf
ytnP0vQlsjHR4qMH5beIlfuueKZ/16OflhUKde3bQ2Lp3gqJEo/eH+4LA/RSfzsq
ktBAinPk2De+/kgxNv5woumikJjh292w3VMOO+3CoTL8Et+oO5QMMmEPBUU5Svgl
bIqKEnhNq/r2bmDEDRTRBdTAka2G6qWZk1StK5HIjnA1xwrS5JveETd1mi9/QnRF
WJse4k6suZ+SMqvOA1lnWnp245sQ6X5iW7v/b8Hf4553ib/L+V2V9IDYLrH+NrzO
ozPpK3jM/+azKzIBTTivKUbz
-----END CERTIFICATE-----
Generated at Thu May 2 16:05:39 2024 by rpki-client on console-ams.rpki-client.org