Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/503018-9bac-4858-8df8-adca1a57ab0c/1/TWyhQ5MbVppylUgIHVXRHl3TtD0.roa
File: TWyhQ5MbVppylUgIHVXRHl3TtD0.roa (raw, json)
Hash identifier: E8RDmFBsEiF4E2KGDwf2AQLuwkD1oIr2Du7A/e3w4PU=
Subject key identifier: 4D:6C:A1:43:93:1B:56:9A:72:95:48:08:1D:55:D1:1E:5D:D3:B4:3D
Certificate issuer: /CN=b3edf11774f4407addbdf3cfba4c1e7aa0242223
Certificate serial: 0191DACC9EE2B7C487CEFB37AE35E893A78D
Authority key identifier: B3:ED:F1:17:74:F4:40:7A:DD:BD:F3:CF:BA:4C:1E:7A:A0:24:22:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/s-3xF3T0QHrdvfPPukweeqAkIiM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/503018-9bac-4858-8df8-adca1a57ab0c/1/TWyhQ5MbVppylUgIHVXRHl3TtD0.roa
Signing time: Tue 10 Sep 2024 07:18:48 +0000
ROA not before: Tue 10 Sep 2024 07:18:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34300
IP address blocks: 62.173.128.0/19 maxlen: 32
85.93.128.0/19 maxlen: 32
185.31.160.0/22 maxlen: 32
185.113.108.0/22 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/503018-9bac-4858-8df8-adca1a57ab0c/1/s-3xF3T0QHrdvfPPukweeqAkIiM.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/503018-9bac-4858-8df8-adca1a57ab0c/1/s-3xF3T0QHrdvfPPukweeqAkIiM.mft
rsync://rpki.ripe.net/repository/DEFAULT/s-3xF3T0QHrdvfPPukweeqAkIiM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 04:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:da:cc:9e:e2:b7:c4:87:ce:fb:37:ae:35:e8:93:a7:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b3edf11774f4407addbdf3cfba4c1e7aa0242223
Validity
Not Before: Sep 10 07:18:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d6ca143931b569a729548081d55d11e5dd3b43d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:84:c5:56:02:a8:6e:cb:78:42:ed:7b:91:10:
ae:e5:d2:6d:3b:a4:11:15:25:32:cf:a2:66:27:d4:
08:65:ff:cf:2e:be:ae:b9:bf:53:77:ca:3e:79:20:
68:6b:af:90:b1:c6:4f:2e:ba:2a:29:61:6d:f0:bb:
d0:e2:a7:b1:90:ca:2c:8a:26:bb:4a:6c:23:5b:f4:
28:67:56:52:cf:ae:e8:8f:78:27:32:38:d0:27:57:
53:41:f7:20:83:f5:51:ee:8d:43:98:71:c3:49:dd:
b5:5b:99:a5:29:4a:bb:44:29:da:59:ae:8b:63:d1:
23:cc:ac:7f:15:1d:bf:44:f4:51:0c:f6:60:e6:3e:
17:68:42:da:9a:62:7a:55:45:4d:98:47:aa:cc:e8:
45:eb:a9:7a:60:07:2b:ee:6e:38:ef:1c:26:73:1e:
d5:f1:89:c4:70:95:ca:e9:48:b8:78:a3:8d:23:0d:
a3:d0:67:59:96:ad:26:c8:5b:f1:a7:7d:ef:37:29:
be:5f:d9:18:86:90:3e:8c:f9:7d:73:ab:32:4a:1c:
fb:91:6e:2e:87:54:ff:a6:10:87:db:64:89:a1:4c:
9d:f3:7a:1e:95:b2:f9:32:d0:05:e1:8c:72:9c:2d:
ab:7d:fb:ae:16:60:8f:36:12:85:5d:c1:c1:63:1c:
06:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:6C:A1:43:93:1B:56:9A:72:95:48:08:1D:55:D1:1E:5D:D3:B4:3D
X509v3 Authority Key Identifier:
keyid:B3:ED:F1:17:74:F4:40:7A:DD:BD:F3:CF:BA:4C:1E:7A:A0:24:22:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/s-3xF3T0QHrdvfPPukweeqAkIiM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/503018-9bac-4858-8df8-adca1a57ab0c/1/TWyhQ5MbVppylUgIHVXRHl3TtD0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/503018-9bac-4858-8df8-adca1a57ab0c/1/s-3xF3T0QHrdvfPPukweeqAkIiM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.173.128.0/19
85.93.128.0/19
185.31.160.0/22
185.113.108.0/22
Signature Algorithm: sha256WithRSAEncryption
a8:da:4c:63:38:ff:d3:26:53:25:00:96:05:d6:b9:3a:1d:46:
c7:c1:ea:9e:5e:33:32:ae:8a:a6:45:70:cc:d4:f5:8a:29:aa:
1b:75:37:45:bc:54:5b:8b:db:b9:28:0b:3f:38:8b:8c:53:28:
01:9e:a0:18:05:c3:e4:7a:e2:ad:0f:21:a8:90:ae:1d:50:b5:
e2:2b:02:10:08:79:f1:38:fc:fd:1e:1e:16:c0:46:75:f8:ce:
d2:10:50:82:6d:44:1a:aa:a1:1d:8f:08:9b:29:53:52:6b:ce:
48:34:73:45:38:8f:f1:27:c0:a3:fb:5c:e7:7f:10:92:ca:e8:
49:4e:b9:fb:5a:02:b8:2f:df:22:e4:6b:79:55:90:92:00:bd:
11:8e:af:7f:02:f6:86:ec:63:bc:f2:bf:f1:16:bd:f8:2c:7d:
af:63:aa:a8:4c:1b:87:96:54:67:25:10:7d:e2:5a:20:5e:1f:
09:8b:c9:c3:9d:0d:63:47:34:8e:43:f5:c4:e2:22:2c:7e:f2:
c8:32:d0:cf:af:0d:a0:50:f6:51:22:3e:59:10:1a:ba:88:e1:
a7:5e:2d:f9:69:a7:2d:a8:d2:f8:27:81:c1:7a:95:43:c4:c2:
41:d3:5d:38:7c:f2:d0:43:20:e0:b0:4d:7e:df:34:ad:6b:b5:
cf:9f:f8:97
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZHazJ7it8SHzvs3rjXok6eNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIzZWRmMTE3NzRmNDQwN2FkZGJkZjNjZmJhNGMxZTdhYTAy
NDIyMjMwHhcNMjQwOTEwMDcxODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDZjYTE0MzkzMWI1NjlhNzI5NTQ4MDgxZDU1ZDExZTVkZDNiNDNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi4TFVgKobst4Qu17kRCu5dJtO6QR
FSUyz6JmJ9QIZf/PLr6uub9Td8o+eSBoa6+QscZPLroqKWFt8LvQ4qexkMosiia7
SmwjW/QoZ1ZSz67oj3gnMjjQJ1dTQfcgg/VR7o1DmHHDSd21W5mlKUq7RCnaWa6L
Y9EjzKx/FR2/RPRRDPZg5j4XaELammJ6VUVNmEeqzOhF66l6YAcr7m447xwmcx7V
8YnEcJXK6Ui4eKONIw2j0GdZlq0myFvxp33vNym+X9kYhpA+jPl9c6syShz7kW4u
h1T/phCH22SJoUyd83oelbL5MtAF4YxynC2rffuuFmCPNhKFXcHBYxwGCQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE1soUOTG1aacpVICB1V0R5d07Q9MB8GA1UdIwQY
MBaAFLPt8Rd09EB63b3zz7pMHnqgJCIjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcy0zeEYzVDBRSHJkdmZQUHVrd2VlcUFrSWlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy81MDMwMTgtOWJhYy00ODU4LThkZjgt
YWRjYTFhNTdhYjBjLzEvVFd5aFE1TWJWcHB5bFVnSUhWWFJIbDNUdEQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy81MDMwMTgtOWJhYy00ODU4LThkZjgtYWRjYTFhNTdhYjBj
LzEvcy0zeEYzVDBRSHJkdmZQUHVrd2VlcUFrSWlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFPq2AAwQF
VV2AAwQCuR+gAwQCuXFsMA0GCSqGSIb3DQEBCwUAA4IBAQCo2kxjOP/TJlMlAJYF
1rk6HUbHweqeXjMyroqmRXDM1PWKKaobdTdFvFRbi9u5KAs/OIuMUygBnqAYBcPk
euKtDyGokK4dULXiKwIQCHnxOPz9Hh4WwEZ1+M7SEFCCbUQaqqEdjwibKVNSa85I
NHNFOI/xJ8Cj+1znfxCSyuhJTrn7WgK4L98i5Gt5VZCSAL0Rjq9/AvaG7GO88r/x
Fr34LH2vY6qoTBuHllRnJRB94logXh8Ji8nDnQ1jRzSOQ/XE4iIsfvLIMtDPrw2g
UPZRIj5ZEBq6iOGnXi35aactqNL4J4HBepVDxMJB0104fPLQQyDgsE1+3zSta7XP
n/iX
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:19:01 2024 by rpki-client on console-fra.rpki-client.org