Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/cc1d62-ae53-48b7-ac79-641d456283c4/1/tJspN-rqArJvHDalck5RGTca6vI.roa
File: tJspN-rqArJvHDalck5RGTca6vI.roa (raw, json)
Hash identifier: Hm75VhAxDykvE69Xvh7ZB2+emaZmyrzcVVi3WRxuIlg=
Subject key identifier: B4:9B:29:37:EA:EA:02:B2:6F:1C:36:A5:72:4E:51:19:37:1A:EA:F2
Certificate issuer: /CN=a60e42d7cbafc9dd3205d247d662d85afdd9a186
Certificate serial: 018CC26D6DA3C0DCBE703555743362002AB4
Authority key identifier: A6:0E:42:D7:CB:AF:C9:DD:32:05:D2:47:D6:62:D8:5A:FD:D9:A1:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pg5C18uvyd0yBdJH1mLYWv3ZoYY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/cc1d62-ae53-48b7-ac79-641d456283c4/1/tJspN-rqArJvHDalck5RGTca6vI.roa
Signing time: Mon 01 Jan 2024 00:30:00 +0000
ROA not before: Mon 01 Jan 2024 00:30:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 61172
IP address blocks: 194.146.32.0/24 maxlen: 24
194.146.35.0/24 maxlen: 24
194.146.33.0/24 maxlen: 24
194.146.34.0/24 maxlen: 24
2a0f:9545::/32 maxlen: 32
2a0f:9547::/32 maxlen: 32
2a0f:9541::/32 maxlen: 32
2a0f:9546::/32 maxlen: 32
2a0f:9544::/32 maxlen: 32
2a0f:9542::/32 maxlen: 32
2a0f:9540::/32 maxlen: 32
2a0f:9543::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/cc1d62-ae53-48b7-ac79-641d456283c4/1/pg5C18uvyd0yBdJH1mLYWv3ZoYY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/cc1d62-ae53-48b7-ac79-641d456283c4/1/pg5C18uvyd0yBdJH1mLYWv3ZoYY.mft
rsync://rpki.ripe.net/repository/DEFAULT/pg5C18uvyd0yBdJH1mLYWv3ZoYY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 07:03:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:6d:a3:c0:dc:be:70:35:55:74:33:62:00:2a:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a60e42d7cbafc9dd3205d247d662d85afdd9a186
Validity
Not Before: Jan 1 00:30:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b49b2937eaea02b26f1c36a5724e5119371aeaf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:49:9e:5b:e0:0b:fa:a3:8f:02:dd:8d:af:16:
94:2c:d8:ac:e8:cb:f5:7b:33:89:c7:5e:81:d5:1e:
7b:5a:f2:37:a2:5a:0f:a2:9f:47:10:32:a3:32:96:
2a:5a:20:5f:83:5c:88:a7:6d:25:c8:02:62:d4:9b:
64:ba:73:e9:18:e1:9b:53:76:07:89:24:79:84:d8:
2a:16:56:a7:1b:6c:78:3a:05:b6:9a:a7:a7:2a:c0:
e0:2c:64:9b:a3:48:80:62:0e:3f:06:72:52:51:96:
e7:c1:9d:49:03:b8:d6:0d:13:34:07:93:2b:48:e9:
60:fe:bb:24:94:47:a3:92:7b:91:28:62:04:51:56:
58:4f:eb:52:fb:b1:8f:f9:28:a0:e7:7b:d4:38:cf:
6b:ee:65:88:fa:1d:08:1d:34:2f:ba:d4:4c:bd:14:
f3:f7:d1:94:4a:06:a2:b6:06:e1:f3:c3:c7:e4:e1:
37:d3:e6:b9:f2:73:81:eb:29:50:97:b6:90:be:a9:
ed:49:c7:27:89:94:93:4a:3c:30:58:19:72:4d:14:
f7:c4:9d:a3:e8:8f:15:42:5b:7f:cc:d4:6d:ae:e7:
77:05:2e:4b:b7:cd:08:7c:4c:9f:7b:4d:72:f0:8b:
b5:1e:df:9d:94:9d:58:bb:99:93:8c:28:9b:f2:67:
fd:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:9B:29:37:EA:EA:02:B2:6F:1C:36:A5:72:4E:51:19:37:1A:EA:F2
X509v3 Authority Key Identifier:
keyid:A6:0E:42:D7:CB:AF:C9:DD:32:05:D2:47:D6:62:D8:5A:FD:D9:A1:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pg5C18uvyd0yBdJH1mLYWv3ZoYY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/cc1d62-ae53-48b7-ac79-641d456283c4/1/tJspN-rqArJvHDalck5RGTca6vI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/cc1d62-ae53-48b7-ac79-641d456283c4/1/pg5C18uvyd0yBdJH1mLYWv3ZoYY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.146.32.0/22
IPv6:
2a0f:9540::/29
Signature Algorithm: sha256WithRSAEncryption
63:42:b9:cd:63:8b:c5:96:54:55:d6:f7:4a:b2:78:72:e1:0c:
2a:73:cc:25:83:33:d7:28:74:b2:35:40:8c:06:be:dd:e4:f3:
52:37:01:36:27:ae:a5:0a:38:af:b3:9f:67:89:41:b9:46:af:
f6:d0:c3:c8:27:e4:54:5e:f7:d9:f7:b7:47:19:1a:2e:b2:e1:
79:1c:38:70:09:99:4a:8b:83:09:60:23:5c:d5:c2:cb:d4:e7:
72:8c:86:69:c4:3d:ed:ff:ab:44:cb:fe:8e:28:58:b4:c3:d5:
23:56:12:36:59:c8:f1:92:93:04:a8:54:12:4b:92:60:80:5d:
73:8e:12:05:93:f7:0d:fb:82:76:8c:33:05:3b:79:e1:f7:f4:
53:9d:f1:c4:8b:a9:24:4e:1c:32:5d:27:b9:3c:3b:c2:15:9e:
ca:2b:c5:63:b6:f9:3f:be:ed:15:dc:3c:ed:34:79:fe:60:c0:
1c:a2:6b:39:f6:1b:bc:b1:2f:c5:96:80:01:3e:12:b3:95:a9:
35:94:3f:06:85:5b:a7:e2:e1:5e:f6:6f:21:17:71:79:b8:08:
f0:5e:59:77:1e:da:eb:23:ba:b5:79:73:fd:f4:18:9b:f5:7d:
35:8a:1f:15:db:1d:01:5c:82:e0:74:04:4f:2b:68:90:0f:9c:
bd:73:84:a4
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzCbW2jwNy+cDVVdDNiACq0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2MGU0MmQ3Y2JhZmM5ZGQzMjA1ZDI0N2Q2NjJkODVhZmRk
OWExODYwHhcNMjQwMTAxMDAzMDAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDliMjkzN2VhZWEwMmIyNmYxYzM2YTU3MjRlNTExOTM3MWFlYWYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0meW+AL+qOPAt2NrxaULNis6Mv1
ezOJx16B1R57WvI3oloPop9HEDKjMpYqWiBfg1yIp20lyAJi1JtkunPpGOGbU3YH
iSR5hNgqFlanG2x4OgW2mqenKsDgLGSbo0iAYg4/BnJSUZbnwZ1JA7jWDRM0B5Mr
SOlg/rsklEejknuRKGIEUVZYT+tS+7GP+Sig53vUOM9r7mWI+h0IHTQvutRMvRTz
99GUSgaitgbh88PH5OE30+a58nOB6ylQl7aQvqntSccniZSTSjwwWBlyTRT3xJ2j
6I8VQlt/zNRtrud3BS5Lt80IfEyfe01y8Iu1Ht+dlJ1Yu5mTjCib8mf9MQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFLSbKTfq6gKybxw2pXJOURk3GuryMB8GA1UdIwQY
MBaAFKYOQtfLr8ndMgXSR9Zi2Fr92aGGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcGc1QzE4dXZ5ZDB5QmRKSDFtTFlXdjNab1lZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy9jYzFkNjItYWU1My00OGI3LWFjNzkt
NjQxZDQ1NjI4M2M0LzEvdEpzcE4tcnFBckp2SERhbGNrNVJHVGNhNnZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy9jYzFkNjItYWU1My00OGI3LWFjNzktNjQxZDQ1NjI4M2M0
LzEvcGc1QzE4dXZ5ZDB5QmRKSDFtTFlXdjNab1lZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCwpIgMA0E
AgACMAcDBQMqD5VAMA0GCSqGSIb3DQEBCwUAA4IBAQBjQrnNY4vFllRV1vdKsnhy
4Qwqc8wlgzPXKHSyNUCMBr7d5PNSNwE2J66lCjivs59niUG5Rq/20MPIJ+RUXvfZ
97dHGRousuF5HDhwCZlKi4MJYCNc1cLL1OdyjIZpxD3t/6tEy/6OKFi0w9UjVhI2
WcjxkpMEqFQSS5JggF1zjhIFk/cN+4J2jDMFO3nh9/RTnfHEi6kkThwyXSe5PDvC
FZ7KK8Vjtvk/vu0V3DztNHn+YMAcoms59hu8sS/FloABPhKzlak1lD8GhVun4uFe
9m8hF3F5uAjwXll3HtrrI7q1eXP99Bib9X01ih8V2x0BXILgdARPK2iQD5y9c4Sk
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:57:07 2024 by rpki-client on console-ams.rpki-client.org