Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/dbdad2-7c43-4cac-b4a6-facf48586249/1/tUt0tlxJyJYz2G2BVyTY0U4rQjU.roa
File: tUt0tlxJyJYz2G2BVyTY0U4rQjU.roa (raw, json)
Hash identifier: sAWn9/Hm5R3SYHgB43UVG9sVBJvAZ6uuXFriWMger0w=
Subject key identifier: B5:4B:74:B6:5C:49:C8:96:33:D8:6D:81:57:24:D8:D1:4E:2B:42:35
Certificate issuer: /CN=e9d880e887077fad82b74c998010fa9b253e0ea8
Certificate serial: 018CC794F490E74A0B62A50128CEDBD517D8
Authority key identifier: E9:D8:80:E8:87:07:7F:AD:82:B7:4C:99:80:10:FA:9B:25:3E:0E:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6diA6IcHf62Ct0yZgBD6myU-Dqg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/dbdad2-7c43-4cac-b4a6-facf48586249/1/tUt0tlxJyJYz2G2BVyTY0U4rQjU.roa
Signing time: Tue 02 Jan 2024 00:31:16 +0000
ROA not before: Tue 02 Jan 2024 00:31:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12731
IP address blocks: 62.201.160.0/19 maxlen: 24
185.53.220.0/22 maxlen: 24
213.128.128.0/19 maxlen: 24
185.34.67.0/24 maxlen: 24
2001:868::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/dbdad2-7c43-4cac-b4a6-facf48586249/1/6diA6IcHf62Ct0yZgBD6myU-Dqg.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/dbdad2-7c43-4cac-b4a6-facf48586249/1/6diA6IcHf62Ct0yZgBD6myU-Dqg.mft
rsync://rpki.ripe.net/repository/DEFAULT/6diA6IcHf62Ct0yZgBD6myU-Dqg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 31 May 2024 06:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:94:f4:90:e7:4a:0b:62:a5:01:28:ce:db:d5:17:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9d880e887077fad82b74c998010fa9b253e0ea8
Validity
Not Before: Jan 2 00:31:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b54b74b65c49c89633d86d815724d8d14e2b4235
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:e7:e6:86:71:9f:fa:bb:0b:08:b2:a2:62:4b:
b8:11:b0:42:cc:50:88:7a:4f:6f:b9:7f:20:83:bf:
bc:06:ed:e9:a4:7a:c4:1b:43:4f:98:35:7c:60:99:
1b:18:bc:39:25:a8:2a:48:57:05:a9:02:d0:ec:c7:
9d:38:24:15:f2:28:a5:de:b3:df:b7:c4:35:b2:ff:
2d:1c:ab:eb:68:5e:47:80:5b:61:0e:51:5b:3b:9e:
37:71:6f:4e:5f:6f:19:f5:67:13:ad:17:70:2b:ac:
e1:1c:55:ae:d7:af:f1:ce:6d:eb:45:10:fb:e7:fc:
bb:3c:fd:e0:e4:36:53:07:d9:81:20:38:d0:4b:8a:
92:eb:23:c9:da:0a:94:f7:a7:9c:2a:62:e7:c6:18:
b9:5e:d9:82:c1:e4:63:75:a9:fe:d6:d9:7d:ae:e0:
d1:be:a1:76:0e:d1:9a:8d:d6:61:5f:7b:d5:82:1c:
7f:27:f5:0a:3e:51:0e:2a:df:b3:a3:88:b1:5b:05:
c4:e6:53:64:76:0c:f6:24:db:15:f7:d4:69:81:1e:
fb:1e:59:f1:ff:23:66:ea:6e:bf:bd:62:29:81:6f:
4c:f2:74:e9:93:22:92:cf:d9:4a:4d:7e:dd:64:30:
31:f1:96:62:ec:87:6e:94:41:41:a9:32:5d:53:5c:
fa:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:4B:74:B6:5C:49:C8:96:33:D8:6D:81:57:24:D8:D1:4E:2B:42:35
X509v3 Authority Key Identifier:
keyid:E9:D8:80:E8:87:07:7F:AD:82:B7:4C:99:80:10:FA:9B:25:3E:0E:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6diA6IcHf62Ct0yZgBD6myU-Dqg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/dbdad2-7c43-4cac-b4a6-facf48586249/1/tUt0tlxJyJYz2G2BVyTY0U4rQjU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/dbdad2-7c43-4cac-b4a6-facf48586249/1/6diA6IcHf62Ct0yZgBD6myU-Dqg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.201.160.0/19
185.34.67.0/24
185.53.220.0/22
213.128.128.0/19
IPv6:
2001:868::/29
Signature Algorithm: sha256WithRSAEncryption
59:54:4b:0f:0d:97:d5:77:a2:6c:8c:f1:72:9e:6c:e0:c6:62:
66:4b:bd:84:2e:43:42:15:b5:b4:1d:80:fa:e3:f1:d2:94:9d:
f2:f2:b8:72:18:30:0a:d0:01:a4:5f:d3:c8:a2:21:b4:5c:fe:
22:ca:74:25:f0:c8:4a:ab:2b:30:e4:e2:6c:16:22:0c:9c:96:
b5:72:07:16:cc:5c:8c:9d:c2:8c:20:10:f8:54:0e:82:c5:9b:
68:6d:f0:da:bc:f6:da:1f:ba:40:07:55:4b:71:e2:a7:15:57:
ef:bf:bd:d5:f1:62:25:99:2d:9e:4e:3b:af:21:d1:9c:31:0c:
49:d4:25:f0:5a:12:60:f5:99:14:fc:8b:b4:d3:8b:08:59:e0:
ab:66:dc:54:2c:e0:4a:11:44:8b:cc:5d:44:81:64:99:c3:18:
43:05:48:d5:ac:92:5f:e6:6d:db:e5:83:d0:a4:87:16:98:d8:
31:68:11:90:88:5b:07:ed:a6:ac:62:8e:02:2c:76:5a:f4:18:
77:59:83:82:15:dd:f4:08:de:28:d5:41:3a:6a:a9:4f:02:ba:
14:47:41:1e:c7:a3:3b:ca:38:39:98:a7:a4:b5:a8:2f:95:23:
bc:24:2c:2e:74:d5:c2:65:a7:02:9f:b2:ca:ee:4a:c6:93:ed:
b0:c0:55:bb
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzHlPSQ50oLYqUBKM7b1RfYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5ZDg4MGU4ODcwNzdmYWQ4MmI3NGM5OTgwMTBmYTliMjUz
ZTBlYTgwHhcNMjQwMTAyMDAzMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTRiNzRiNjVjNDljODk2MzNkODZkODE1NzI0ZDhkMTRlMmI0MjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoOfmhnGf+rsLCLKiYku4EbBCzFCI
ek9vuX8gg7+8Bu3ppHrEG0NPmDV8YJkbGLw5JagqSFcFqQLQ7MedOCQV8iil3rPf
t8Q1sv8tHKvraF5HgFthDlFbO543cW9OX28Z9WcTrRdwK6zhHFWu16/xzm3rRRD7
5/y7PP3g5DZTB9mBIDjQS4qS6yPJ2gqU96ecKmLnxhi5XtmCweRjdan+1tl9ruDR
vqF2DtGajdZhX3vVghx/J/UKPlEOKt+zo4ixWwXE5lNkdgz2JNsV99RpgR77Hlnx
/yNm6m6/vWIpgW9M8nTpkyKSz9lKTX7dZDAx8ZZi7IdulEFBqTJdU1z6ywIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLVLdLZcSciWM9htgVck2NFOK0I1MB8GA1UdIwQY
MBaAFOnYgOiHB3+tgrdMmYAQ+pslPg6oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNmRpQTZJY0hmNjJDdDB5WmdCRDZteVUtRHFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC9kYmRhZDItN2M0My00Y2FjLWI0YTYt
ZmFjZjQ4NTg2MjQ5LzEvdFV0MHRseEp5Sll6MkcyQlZ5VFkwVTRyUWpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC9kYmRhZDItN2M0My00Y2FjLWI0YTYtZmFjZjQ4NTg2MjQ5
LzEvNmRpQTZJY0hmNjJDdDB5WmdCRDZteVUtRHFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQFPsmgAwQA
uSJDAwQCuTXcAwQF1YCAMA0EAgACMAcDBQMgAQhoMA0GCSqGSIb3DQEBCwUAA4IB
AQBZVEsPDZfVd6JsjPFynmzgxmJmS72ELkNCFbW0HYD64/HSlJ3y8rhyGDAK0AGk
X9PIoiG0XP4iynQl8MhKqysw5OJsFiIMnJa1cgcWzFyMncKMIBD4VA6CxZtobfDa
vPbaH7pAB1VLceKnFVfvv73V8WIlmS2eTjuvIdGcMQxJ1CXwWhJg9ZkU/Iu004sI
WeCrZtxULOBKEUSLzF1EgWSZwxhDBUjVrJJf5m3b5YPQpIcWmNgxaBGQiFsH7aas
Yo4CLHZa9Bh3WYOCFd30CN4o1UE6aqlPAroUR0Eex6M7yjg5mKektagvlSO8JCwu
dNXCZacCn7LK7krGk+2wwFW7
-----END CERTIFICATE-----
Generated at Thu May 30 13:05:43 2024 by rpki-client on console-fra.rpki-client.org