Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/TeQH5FQ5OUD3EvIeT8L0xbVqnFs.roa
File: TeQH5FQ5OUD3EvIeT8L0xbVqnFs.roa (raw, json)
Hash identifier: P4PIYRHAwUalvP0OqKaCgrZ9KH/4pVEfXmJuQ065VH4=
Subject key identifier: 4D:E4:07:E4:54:39:39:40:F7:12:F2:1E:4F:C2:F4:C5:B5:6A:9C:5B
Certificate issuer: /CN=6a366fdfcaa20e80e8bfc330a4d8b1be7de6a1d0
Certificate serial: 018CC8DEF936989D0AEB6061CDD4D5A8FC69
Authority key identifier: 6A:36:6F:DF:CA:A2:0E:80:E8:BF:C3:30:A4:D8:B1:BE:7D:E6:A1:D0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ajZv38qiDoDov8MwpNixvn3modA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/TeQH5FQ5OUD3EvIeT8L0xbVqnFs.roa
Signing time: Tue 02 Jan 2024 06:31:45 +0000
ROA not before: Tue 02 Jan 2024 06:31:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57479
IP address blocks: 176.124.228.0/24 maxlen: 24
176.124.230.0/24 maxlen: 24
176.124.229.0/24 maxlen: 24
194.60.252.0/24 maxlen: 24
194.60.253.0/24 maxlen: 24
2001:67c:11a0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/ajZv38qiDoDov8MwpNixvn3modA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/ajZv38qiDoDov8MwpNixvn3modA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ajZv38qiDoDov8MwpNixvn3modA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 12:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:f9:36:98:9d:0a:eb:60:61:cd:d4:d5:a8:fc:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6a366fdfcaa20e80e8bfc330a4d8b1be7de6a1d0
Validity
Not Before: Jan 2 06:31:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4de407e454393940f712f21e4fc2f4c5b56a9c5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:9d:fd:2c:22:ef:21:66:f8:27:a4:7b:05:39:
1f:71:2e:df:96:02:c4:f7:32:41:2e:d9:6e:84:2d:
4d:eb:76:97:e4:6a:2a:d7:fb:7b:48:e3:81:7b:57:
b7:33:62:cc:44:ff:b1:50:b8:bc:71:a0:0e:46:e6:
aa:5a:d6:f9:2f:e6:71:c9:2f:1c:cd:9f:e4:d5:8b:
a8:7b:a4:38:b2:9e:c9:85:9f:6b:e6:62:7c:b4:2b:
dc:97:cd:c3:62:80:14:07:46:22:ce:a0:1b:d2:ee:
37:dd:51:51:64:de:9b:c0:49:1d:cb:4a:d2:a8:ff:
77:85:37:3c:c6:e5:e6:4c:61:5a:48:e3:52:bc:b8:
a2:c0:8f:18:aa:f3:21:8b:27:c5:5a:ae:f2:e8:c6:
12:c6:6f:4d:95:ba:cd:4d:a7:47:0b:ae:3e:70:ca:
46:ce:a3:a2:52:97:3a:04:9b:8f:7b:5a:2e:3f:8f:
7e:70:2a:68:e2:63:82:c6:51:24:08:8c:d1:c3:22:
5a:f6:eb:37:82:61:59:b3:94:a8:49:01:8d:80:04:
da:50:7e:a6:ea:8f:c7:5d:b4:1a:4d:12:24:a2:bc:
6e:3d:7c:28:49:d9:d6:04:05:39:9d:57:5e:c0:cb:
26:a3:41:e5:ed:8a:c3:c3:55:fb:27:82:a1:ca:29:
1c:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:E4:07:E4:54:39:39:40:F7:12:F2:1E:4F:C2:F4:C5:B5:6A:9C:5B
X509v3 Authority Key Identifier:
keyid:6A:36:6F:DF:CA:A2:0E:80:E8:BF:C3:30:A4:D8:B1:BE:7D:E6:A1:D0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ajZv38qiDoDov8MwpNixvn3modA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/TeQH5FQ5OUD3EvIeT8L0xbVqnFs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8c4ec4-d637-4d3f-9de8-05559c1f5915/1/ajZv38qiDoDov8MwpNixvn3modA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.124.228.0-176.124.230.255
194.60.252.0/23
IPv6:
2001:67c:11a0::/48
Signature Algorithm: sha256WithRSAEncryption
3d:73:e3:fc:7f:8c:1c:d4:38:5e:6d:e1:b7:2b:9c:1c:2b:fb:
59:30:4d:ab:1b:9d:e7:41:78:3c:da:38:0a:80:5c:58:9f:47:
76:27:80:bc:54:dc:0b:1d:8f:c5:13:21:44:85:ed:0f:ca:10:
76:c9:ab:0a:ec:c1:70:30:59:9b:6e:18:6f:20:8c:b5:83:5a:
32:c9:30:1c:be:29:e8:9d:b5:58:79:99:df:8c:78:c0:30:64:
0c:40:47:50:17:fc:e0:05:fe:f8:67:20:8f:f8:89:4b:5b:c1:
0a:2e:02:d2:5e:3d:da:44:af:54:34:cf:b4:3a:f4:29:cd:ff:
67:54:10:44:03:d1:db:f2:4e:a6:db:96:28:f0:27:07:c2:c6:
74:53:c5:7d:8f:39:65:9f:47:b9:58:50:5a:8f:6f:89:6d:e1:
22:7d:46:90:ca:1a:d2:a3:9b:85:9a:b0:9b:e9:a0:01:ac:33:
58:c6:0d:3c:c2:dd:2f:9d:49:6b:70:f4:2c:c6:d4:7c:15:e1:
91:d1:39:c1:8f:2e:71:7d:db:0e:cc:98:5f:b8:77:93:86:aa:
1e:dc:bc:da:9a:a9:e5:79:28:3b:b0:9e:f5:bb:e3:d8:f3:2f:
39:cd:8c:2e:bf:8a:d4:97:1d:ce:69:6f:94:8a:83:bb:ea:5d:
02:86:d5:07
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAYzI3vk2mJ0K62BhzdTVqPxpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZhMzY2ZmRmY2FhMjBlODBlOGJmYzMzMGE0ZDhiMWJlN2Rl
NmExZDAwHhcNMjQwMTAyMDYzMTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGU0MDdlNDU0MzkzOTQwZjcxMmYyMWU0ZmMyZjRjNWI1NmE5YzViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApZ39LCLvIWb4J6R7BTkfcS7flgLE
9zJBLtluhC1N63aX5Goq1/t7SOOBe1e3M2LMRP+xULi8caAORuaqWtb5L+ZxyS8c
zZ/k1Yuoe6Q4sp7JhZ9r5mJ8tCvcl83DYoAUB0YizqAb0u433VFRZN6bwEkdy0rS
qP93hTc8xuXmTGFaSONSvLiiwI8YqvMhiyfFWq7y6MYSxm9NlbrNTadHC64+cMpG
zqOiUpc6BJuPe1ouP49+cCpo4mOCxlEkCIzRwyJa9us3gmFZs5SoSQGNgATaUH6m
6o/HXbQaTRIkorxuPXwoSdnWBAU5nVdewMsmo0Hl7YrDw1X7J4KhyikclwIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFE3kB+RUOTlA9xLyHk/C9MW1apxbMB8GA1UdIwQY
MBaAFGo2b9/Kog6A6L/DMKTYsb595qHQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYWpadjM4cWlEb0RvdjhNd3BOaXh2bjNtb2RBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84YzRlYzQtZDYzNy00ZDNmLTlkZTgt
MDU1NTljMWY1OTE1LzEvVGVRSDVGUTVPVUQzRXZJZVQ4TDB4YlZxbkZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84YzRlYzQtZDYzNy00ZDNmLTlkZTgtMDU1NTljMWY1OTE1
LzEvYWpadjM4cWlEb0RvdjhNd3BOaXh2bjNtb2RBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAaBAIAATAUMAwDBAKwfOQD
BACwfOYDBAHCPPwwDwQCAAIwCQMHACABBnwRoDANBgkqhkiG9w0BAQsFAAOCAQEA
PXPj/H+MHNQ4Xm3htyucHCv7WTBNqxud50F4PNo4CoBcWJ9HdieAvFTcCx2PxRMh
RIXtD8oQdsmrCuzBcDBZm24YbyCMtYNaMskwHL4p6J21WHmZ34x4wDBkDEBHUBf8
4AX++Gcgj/iJS1vBCi4C0l492kSvVDTPtDr0Kc3/Z1QQRAPR2/JOptuWKPAnB8LG
dFPFfY85ZZ9HuVhQWo9viW3hIn1GkMoa0qObhZqwm+mgAawzWMYNPMLdL51Ja3D0
LMbUfBXhkdE5wY8ucX3bDsyYX7h3k4aqHty82pqp5XkoO7Ce9bvj2PMvOc2MLr+K
1JcdzmlvlIqDu+pdAobVBw==
-----END CERTIFICATE-----
Generated at Sat Nov 23 20:56:50 2024 by rpki-client on console-ams.rpki-client.org