Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/8d3895-65c2-4b8e-a547-8ad74cc6a6b9/1/TplTMpDAC2emue4seUSdBY6SUzY.roa
File: TplTMpDAC2emue4seUSdBY6SUzY.roa (raw, json)
Hash identifier: fZYG8cRXE6g/j0aY4zwMMm38xRWvZYXkOHRG4GEAVDM=
Subject key identifier: 4E:99:53:32:90:C0:0B:67:A6:B9:EE:2C:79:44:9D:05:8E:92:53:36
Certificate issuer: /CN=5dab456a051d4a93788bef4fac0d07bdc0c9f0cf
Certificate serial: 018CC500CFA0E17BDD28F7F468318283FC18
Authority key identifier: 5D:AB:45:6A:05:1D:4A:93:78:8B:EF:4F:AC:0D:07:BD:C0:C9:F0:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XatFagUdSpN4i-9PrA0HvcDJ8M8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/8d3895-65c2-4b8e-a547-8ad74cc6a6b9/1/TplTMpDAC2emue4seUSdBY6SUzY.roa
Signing time: Mon 01 Jan 2024 12:30:13 +0000
ROA not before: Mon 01 Jan 2024 12:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 60502
IP address blocks: 185.221.226.0/23 maxlen: 23
185.221.224.0/22 maxlen: 22
185.221.224.0/23 maxlen: 23
2a0c:5003::/32 maxlen: 32
2a0c:5000::/30 maxlen: 30
2a0c:5000:3072::/48 maxlen: 48
2a0c:5000:3082::/48 maxlen: 48
2a0c:5000::/32 maxlen: 32
2a0c:5000::/48 maxlen: 48
2a0c:5000:3084::/48 maxlen: 48
2a0c:5001::/32 maxlen: 32
2a0c:5000:225::/48 maxlen: 48
2a0c:5000:3083::/48 maxlen: 48
2a0c:5000:3073::/48 maxlen: 48
2a0c:5002::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/8d3895-65c2-4b8e-a547-8ad74cc6a6b9/1/XatFagUdSpN4i-9PrA0HvcDJ8M8.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/8d3895-65c2-4b8e-a547-8ad74cc6a6b9/1/XatFagUdSpN4i-9PrA0HvcDJ8M8.mft
rsync://rpki.ripe.net/repository/DEFAULT/XatFagUdSpN4i-9PrA0HvcDJ8M8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:cf:a0:e1:7b:dd:28:f7:f4:68:31:82:83:fc:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5dab456a051d4a93788bef4fac0d07bdc0c9f0cf
Validity
Not Before: Jan 1 12:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e99533290c00b67a6b9ee2c79449d058e925336
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:15:29:82:f9:ad:56:ec:fb:8b:8b:32:95:ff:
87:50:57:7d:2a:73:88:a2:24:ad:ed:d6:c3:25:21:
13:72:69:d4:06:25:91:15:b7:54:47:5c:e6:74:4d:
32:03:84:88:7b:ef:2b:de:07:f2:8d:63:c7:2b:17:
5a:e5:07:4f:e1:60:11:b2:c4:fe:2d:e6:de:68:ad:
19:c0:f9:d8:ab:d6:a9:5b:8e:68:07:0a:d0:93:84:
68:7c:79:a5:9b:fd:09:78:0f:cf:fa:39:a1:15:00:
e8:db:20:07:b5:f3:d9:04:1e:ba:ee:59:41:d6:e0:
19:63:e0:2e:27:e3:34:4b:d0:80:34:22:49:e9:6f:
f3:e3:0b:c9:6c:9e:ae:4e:f8:12:d7:7f:c8:ba:27:
3a:38:af:78:bd:d7:16:88:d8:d5:32:3a:ed:c1:cf:
9f:ba:a4:45:8c:54:a7:03:9a:82:58:74:7f:3d:19:
f9:6d:51:42:8b:8c:63:55:95:90:c3:c6:61:24:7e:
ae:49:90:a8:c8:cc:1c:fa:49:81:1f:6b:48:64:89:
83:51:15:18:9f:01:d4:f9:a0:4b:fe:08:c3:6b:e8:
e9:a5:11:9b:a3:4c:9a:0c:5c:63:9e:3b:3c:2a:ca:
42:3d:a1:cb:6a:47:8f:14:d7:43:cf:a4:7a:d7:2c:
26:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:99:53:32:90:C0:0B:67:A6:B9:EE:2C:79:44:9D:05:8E:92:53:36
X509v3 Authority Key Identifier:
keyid:5D:AB:45:6A:05:1D:4A:93:78:8B:EF:4F:AC:0D:07:BD:C0:C9:F0:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XatFagUdSpN4i-9PrA0HvcDJ8M8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/8d3895-65c2-4b8e-a547-8ad74cc6a6b9/1/TplTMpDAC2emue4seUSdBY6SUzY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/8d3895-65c2-4b8e-a547-8ad74cc6a6b9/1/XatFagUdSpN4i-9PrA0HvcDJ8M8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.221.224.0/22
IPv6:
2a0c:5000::/30
Signature Algorithm: sha256WithRSAEncryption
8d:63:21:6c:67:cf:1b:de:25:1c:a9:05:ae:7b:89:4d:92:6c:
4f:45:e6:60:d8:d0:3f:ca:17:dc:2f:6d:39:10:01:b0:08:47:
6e:67:1b:94:3e:96:56:96:16:f0:bd:55:7b:cb:f9:03:ec:20:
1c:5d:57:b9:1b:fb:10:09:ec:ec:2b:f0:8a:29:25:de:c6:7f:
d7:cf:e7:c4:da:94:cb:fd:3f:06:47:2b:6d:7c:c7:8f:13:35:
01:fa:0e:0b:e6:49:f5:ed:5b:78:15:f2:c2:8a:c3:9c:ba:44:
f5:71:e9:c5:e7:fa:ff:7f:dd:d9:d4:f7:9d:45:c6:57:1e:09:
83:3a:1e:49:03:4c:d5:b3:21:0c:6e:f4:92:2d:19:46:1e:9e:
ff:1e:52:96:71:fd:c8:42:7d:23:03:61:12:eb:ec:98:02:8f:
b9:2f:6b:fd:ba:84:b8:a1:22:3c:a2:8c:d4:d3:b8:27:64:5b:
e0:c4:21:4c:6b:6e:d7:85:83:37:4d:f5:6d:63:43:37:7f:f9:
52:68:31:4d:0b:3b:5d:3b:af:e6:0f:f1:9b:53:c0:f7:1e:28:
79:ca:00:c1:b5:d7:c1:5a:19:d9:8f:1b:7b:16:23:d3:b4:f6:
be:58:06:ee:47:3d:25:c4:51:d8:b9:b2:7a:29:ed:61:25:d7:
e6:bc:e6:f3
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFAM+g4XvdKPf0aDGCg/wYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVkYWI0NTZhMDUxZDRhOTM3ODhiZWY0ZmFjMGQwN2JkYzBj
OWYwY2YwHhcNMjQwMTAxMTIzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTk5NTMzMjkwYzAwYjY3YTZiOWVlMmM3OTQ0OWQwNThlOTI1MzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhUpgvmtVuz7i4sylf+HUFd9KnOI
oiSt7dbDJSETcmnUBiWRFbdUR1zmdE0yA4SIe+8r3gfyjWPHKxda5QdP4WARssT+
LebeaK0ZwPnYq9apW45oBwrQk4RofHmlm/0JeA/P+jmhFQDo2yAHtfPZBB667llB
1uAZY+AuJ+M0S9CANCJJ6W/z4wvJbJ6uTvgS13/Iuic6OK94vdcWiNjVMjrtwc+f
uqRFjFSnA5qCWHR/PRn5bVFCi4xjVZWQw8ZhJH6uSZCoyMwc+kmBH2tIZImDURUY
nwHU+aBL/gjDa+jppRGbo0yaDFxjnjs8KspCPaHLakePFNdDz6R61ywmFQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE6ZUzKQwAtnprnuLHlEnQWOklM2MB8GA1UdIwQY
MBaAFF2rRWoFHUqTeIvvT6wNB73AyfDPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWGF0RmFnVWRTcE40aS05UHJBMEh2Y0RKOE04LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi84ZDM4OTUtNjVjMi00YjhlLWE1NDct
OGFkNzRjYzZhNmI5LzEvVHBsVE1wREFDMmVtdWU0c2VVU2RCWTZTVXpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi84ZDM4OTUtNjVjMi00YjhlLWE1NDctOGFkNzRjYzZhNmI5
LzEvWGF0RmFnVWRTcE40aS05UHJBMEh2Y0RKOE04LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCud3gMA0E
AgACMAcDBQIqDFAAMA0GCSqGSIb3DQEBCwUAA4IBAQCNYyFsZ88b3iUcqQWue4lN
kmxPReZg2NA/yhfcL205EAGwCEduZxuUPpZWlhbwvVV7y/kD7CAcXVe5G/sQCezs
K/CKKSXexn/Xz+fE2pTL/T8GRyttfMePEzUB+g4L5kn17Vt4FfLCisOcukT1cenF
5/r/f93Z1PedRcZXHgmDOh5JA0zVsyEMbvSSLRlGHp7/HlKWcf3IQn0jA2ES6+yY
Ao+5L2v9uoS4oSI8oozU07gnZFvgxCFMa27XhYM3TfVtY0M3f/lSaDFNCztdO6/m
D/GbU8D3Hih5ygDBtdfBWhnZjxt7FiPTtPa+WAbuRz0lxFHYubJ6Ke1hJdfmvObz
-----END CERTIFICATE-----
Generated at Sat Nov 23 11:00:50 2024 by rpki-client on console-ams.rpki-client.org