Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/TRkbNoFPMKrlFBv0XPl_dTiiDqs.roa
File: TRkbNoFPMKrlFBv0XPl_dTiiDqs.roa (raw, json)
Hash identifier: sN4OaUreP4qcnVGXDC4a6oECSu1hKQK+PYH8AjckPMw=
Subject key identifier: 4D:19:1B:36:81:4F:30:AA:E5:14:1B:F4:5C:F9:7F:75:38:A2:0E:AB
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 019198955FBA4372D74F563E05985EA29A33
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/TRkbNoFPMKrlFBv0XPl_dTiiDqs.roa
Signing time: Wed 28 Aug 2024 10:43:31 +0000
ROA not before: Wed 28 Aug 2024 10:43:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35389
IP address blocks: 87.236.40.0/21 maxlen: 21
93.90.240.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:98:95:5f:ba:43:72:d7:4f:56:3e:05:98:5e:a2:9a:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Aug 28 10:43:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d191b36814f30aae5141bf45cf97f7538a20eab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:31:cf:f9:40:4e:49:1e:69:de:c6:5c:7d:65:
86:df:a7:b5:3d:91:46:04:88:f0:19:dc:a2:6e:e3:
a6:81:94:f2:15:71:fd:24:0b:3e:94:19:85:3e:d0:
ed:b2:5c:bf:82:61:c4:fe:54:81:07:84:9b:00:f1:
20:f0:7d:be:0f:b4:a7:9d:36:a3:bd:8b:6e:95:b5:
ac:68:27:86:69:ea:d9:95:be:21:0c:0c:2d:5f:a1:
c8:be:91:8b:0d:11:db:1f:12:27:66:d1:a0:10:f1:
47:3b:06:34:26:d3:f4:0b:09:f1:84:34:ef:8f:c8:
14:1e:79:49:b8:95:37:ec:01:e9:df:6c:ac:85:4c:
37:7c:c4:60:2f:5c:03:13:48:8f:25:3d:86:dc:82:
44:83:15:79:a6:3b:48:ad:1d:f9:ee:2b:6e:7a:28:
9a:38:c2:b8:31:ed:80:86:0d:94:a4:a4:60:f3:44:
e5:95:91:bf:f2:9a:7e:80:3a:ab:ad:1d:23:90:0a:
13:35:bb:fd:cc:fe:53:4b:67:5f:64:7e:d5:25:94:
ee:a0:72:52:2e:2f:35:42:71:39:65:9e:dd:f9:8f:
42:2c:ec:22:31:24:f7:39:64:c8:b5:7f:a3:52:21:
a4:2f:c9:2d:18:83:72:dd:4d:16:d4:f4:d7:3c:09:
72:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:19:1B:36:81:4F:30:AA:E5:14:1B:F4:5C:F9:7F:75:38:A2:0E:AB
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/TRkbNoFPMKrlFBv0XPl_dTiiDqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.236.40.0/21
93.90.240.0/20
Signature Algorithm: sha256WithRSAEncryption
00:59:07:65:18:1d:b7:e3:38:fa:c8:90:91:a2:b8:ff:d4:c3:
77:81:10:c5:64:9f:69:cb:ea:cd:b0:6b:41:3f:bb:f2:a4:28:
8a:f5:b0:54:bc:a4:76:24:0d:93:6a:25:95:08:ad:98:20:6c:
2a:f6:c5:58:66:da:d4:12:0d:b8:a2:45:9c:86:1e:45:2d:3b:
16:c2:11:a7:f4:03:ee:1e:6b:b1:ea:36:55:cd:7e:a4:f0:2f:
4a:39:35:a7:7e:b2:82:1f:ec:e8:d6:df:0b:92:4a:68:94:eb:
db:db:d6:05:29:80:0d:3b:e5:e6:47:14:f8:78:03:c7:99:2b:
a6:ba:32:d4:c6:5c:76:fd:ef:2d:2a:8a:31:2c:85:5c:16:e3:
5d:02:d7:d6:17:0d:ab:80:3d:5a:9c:e6:df:71:91:1f:87:41:
79:2e:af:8a:e0:81:ca:8c:19:7f:f8:91:1d:ad:50:e1:4f:25:
03:69:b9:39:d4:40:b7:6a:08:ce:25:61:2e:7f:4b:36:0d:80:
da:49:07:cf:2d:2e:e2:43:79:24:55:a6:7b:f6:86:e4:82:82:
34:a4:52:0d:15:48:3c:d6:fb:19:d2:7d:80:bc:6d:83:10:cb:
93:8a:8c:e5:d7:1b:6a:2b:30:2d:5a:78:01:46:eb:01:39:1b:
4b:51:77:9d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZGYlV+6Q3LXT1Y+BZheopozMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjQwODI4MTA0MzMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDE5MWIzNjgxNGYzMGFhZTUxNDFiZjQ1Y2Y5N2Y3NTM4YTIwZWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjDHP+UBOSR5p3sZcfWWG36e1PZFG
BIjwGdyibuOmgZTyFXH9JAs+lBmFPtDtsly/gmHE/lSBB4SbAPEg8H2+D7SnnTaj
vYtulbWsaCeGaerZlb4hDAwtX6HIvpGLDRHbHxInZtGgEPFHOwY0JtP0CwnxhDTv
j8gUHnlJuJU37AHp32yshUw3fMRgL1wDE0iPJT2G3IJEgxV5pjtIrR357itueiia
OMK4Me2Ahg2UpKRg80TllZG/8pp+gDqrrR0jkAoTNbv9zP5TS2dfZH7VJZTuoHJS
Li81QnE5ZZ7d+Y9CLOwiMST3OWTItX+jUiGkL8ktGINy3U0W1PTXPAlyHwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFE0ZGzaBTzCq5RQb9Fz5f3U4og6rMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvVFJrYk5vRlBNS3JsRkJ2MFhQbF9kVGlpRHFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQDV+woAwQE
XVrwMA0GCSqGSIb3DQEBCwUAA4IBAQAAWQdlGB234zj6yJCRorj/1MN3gRDFZJ9p
y+rNsGtBP7vypCiK9bBUvKR2JA2TaiWVCK2YIGwq9sVYZtrUEg24okWchh5FLTsW
whGn9APuHmux6jZVzX6k8C9KOTWnfrKCH+zo1t8LkkpolOvb29YFKYANO+XmRxT4
eAPHmSumujLUxlx2/e8tKooxLIVcFuNdAtfWFw2rgD1anObfcZEfh0F5Lq+K4IHK
jBl/+JEdrVDhTyUDabk51EC3agjOJWEuf0s2DYDaSQfPLS7iQ3kkVaZ79obkgoI0
pFINFUg81vsZ0n2AvG2DEMuTiozl1xtqKzAtWngBRusBORtLUXed
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:43:26 2024 by rpki-client on console-fra.rpki-client.org