Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/IFD_xFWsmE9C9xldkfaBOpT07r4.roa
File: IFD_xFWsmE9C9xldkfaBOpT07r4.roa (raw, json)
Hash identifier: CcXMHfeY2SnjnDcYI9R1oDzwpKZD/uHDTmj/Ue5j0U8=
Subject key identifier: 20:50:FF:C4:55:AC:98:4F:42:F7:19:5D:91:F6:81:3A:94:F4:EE:BE
Certificate issuer: /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial: 018DB1DA7AE1727107A05D64376D660DA8DA
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/IFD_xFWsmE9C9xldkfaBOpT07r4.roa
Signing time: Fri 16 Feb 2024 12:18:22 +0000
ROA not before: Fri 16 Feb 2024 12:18:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203
IP address blocks: 2a03:5000:1::/48 maxlen: 48
2a03:5000:2::/48 maxlen: 48
2a03:5000:11::/48 maxlen: 48
2a03:5000:12::/48 maxlen: 48
2a03:5000:20::/48 maxlen: 48
2a03:5000:21::/48 maxlen: 48
2a03:5000:22::/48 maxlen: 48
2a03:5000:30::/48 maxlen: 48
2a03:5000:31::/48 maxlen: 48
2a03:5000:32::/48 maxlen: 48
2a03:5000:41::/48 maxlen: 48
2a03:5000:42::/48 maxlen: 48
2a03:5000:51::/48 maxlen: 48
2a03:5000:52::/48 maxlen: 48
2a03:5000:61::/48 maxlen: 48
2a03:5000:62::/48 maxlen: 48
2a03:5000:71::/48 maxlen: 48
2a03:5000:72::/48 maxlen: 48
2a03:5000:81::/48 maxlen: 48
2a03:5000:82::/48 maxlen: 48
2a03:5000:91::/48 maxlen: 48
2a03:5000:92::/48 maxlen: 48
2a03:5000:101::/48 maxlen: 48
2a03:5000:102::/48 maxlen: 48
2a03:5000:111::/48 maxlen: 48
2a03:5000:112::/48 maxlen: 48
2a03:5000:121::/48 maxlen: 48
2a03:5000:122::/48 maxlen: 48
2a03:5000:131::/48 maxlen: 48
2a03:5000:132::/48 maxlen: 48
2a03:5000:141::/48 maxlen: 48
2a03:5000:142::/48 maxlen: 48
2a03:5000:151::/48 maxlen: 48
2a03:5000:152::/48 maxlen: 48
2a03:5000:161::/48 maxlen: 48
2a03:5000:162::/48 maxlen: 48
2a03:5000:171::/48 maxlen: 48
2a03:5000:172::/48 maxlen: 48
2a03:5000:181::/48 maxlen: 48
2a03:5000:182::/48 maxlen: 48
2a03:5000:191::/48 maxlen: 48
2a03:5000:192::/48 maxlen: 48
2a03:5000:201::/48 maxlen: 48
2a03:5000:202::/48 maxlen: 48
2a03:5000:211::/48 maxlen: 48
2a03:5000:212::/48 maxlen: 48
2a03:5000:221::/48 maxlen: 48
2a03:5000:222::/48 maxlen: 48
2a03:5000:231::/48 maxlen: 48
2a03:5000:232::/48 maxlen: 48
2a03:5000:241::/48 maxlen: 48
2a03:5000:242::/48 maxlen: 48
2a03:5000:251::/48 maxlen: 48
2a03:5000:252::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.mft
rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 16:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:b1:da:7a:e1:72:71:07:a0:5d:64:37:6d:66:0d:a8:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Validity
Not Before: Feb 16 12:18:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2050ffc455ac984f42f7195d91f6813a94f4eebe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:98:53:d2:1c:b8:c5:70:c5:6b:43:5b:cd:59:
9d:90:51:98:75:cc:f2:f4:b6:3e:b2:ca:4f:5f:03:
f6:0c:70:ac:70:5a:47:b9:d2:f0:81:57:93:10:ac:
ac:45:8f:4d:bd:9e:fb:30:1f:0a:4b:68:33:2f:94:
e6:04:af:fd:1e:20:a7:70:dd:3c:1a:d5:56:12:21:
4e:db:29:c2:13:fd:b5:88:dd:f4:ca:4b:ce:b0:89:
b1:03:ff:1f:b2:3c:3e:12:57:4a:4d:c9:57:fd:7a:
69:01:b2:f9:7e:0d:bc:59:e0:90:77:8f:18:ef:a3:
07:d8:a1:89:dd:f3:c7:bc:4f:0b:1a:38:73:07:6e:
b5:47:6e:80:37:d7:b8:11:d5:9f:4a:4a:a2:f3:7c:
7c:98:e3:79:2d:e4:50:0e:a9:0c:ec:5e:fa:32:27:
b4:e4:4a:ab:22:20:bb:ff:41:50:af:d9:49:1d:ea:
c3:74:6c:61:1f:51:6e:43:0a:8c:ab:1a:a3:fa:94:
11:b6:95:ca:91:41:41:97:8c:f3:03:99:aa:f8:c0:
47:b2:da:19:75:56:99:53:ca:b6:0c:ce:f2:60:90:
2c:76:22:33:47:71:f3:81:44:66:ba:17:e4:c5:b9:
5d:e9:66:73:c3:0f:cc:85:9b:50:11:81:21:f9:66:
90:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:50:FF:C4:55:AC:98:4F:42:F7:19:5D:91:F6:81:3A:94:F4:EE:BE
X509v3 Authority Key Identifier:
keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/IFD_xFWsmE9C9xldkfaBOpT07r4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a03:5000:1::-2a03:5000:2:ffff:ffff:ffff:ffff:ffff
2a03:5000:11::-2a03:5000:12:ffff:ffff:ffff:ffff:ffff
2a03:5000:20::-2a03:5000:22:ffff:ffff:ffff:ffff:ffff
2a03:5000:30::-2a03:5000:32:ffff:ffff:ffff:ffff:ffff
2a03:5000:41::-2a03:5000:42:ffff:ffff:ffff:ffff:ffff
2a03:5000:51::-2a03:5000:52:ffff:ffff:ffff:ffff:ffff
2a03:5000:61::-2a03:5000:62:ffff:ffff:ffff:ffff:ffff
2a03:5000:71::-2a03:5000:72:ffff:ffff:ffff:ffff:ffff
2a03:5000:81::-2a03:5000:82:ffff:ffff:ffff:ffff:ffff
2a03:5000:91::-2a03:5000:92:ffff:ffff:ffff:ffff:ffff
2a03:5000:101::-2a03:5000:102:ffff:ffff:ffff:ffff:ffff
2a03:5000:111::-2a03:5000:112:ffff:ffff:ffff:ffff:ffff
2a03:5000:121::-2a03:5000:122:ffff:ffff:ffff:ffff:ffff
2a03:5000:131::-2a03:5000:132:ffff:ffff:ffff:ffff:ffff
2a03:5000:141::-2a03:5000:142:ffff:ffff:ffff:ffff:ffff
2a03:5000:151::-2a03:5000:152:ffff:ffff:ffff:ffff:ffff
2a03:5000:161::-2a03:5000:162:ffff:ffff:ffff:ffff:ffff
2a03:5000:171::-2a03:5000:172:ffff:ffff:ffff:ffff:ffff
2a03:5000:181::-2a03:5000:182:ffff:ffff:ffff:ffff:ffff
2a03:5000:191::-2a03:5000:192:ffff:ffff:ffff:ffff:ffff
2a03:5000:201::-2a03:5000:202:ffff:ffff:ffff:ffff:ffff
2a03:5000:211::-2a03:5000:212:ffff:ffff:ffff:ffff:ffff
2a03:5000:221::-2a03:5000:222:ffff:ffff:ffff:ffff:ffff
2a03:5000:231::-2a03:5000:232:ffff:ffff:ffff:ffff:ffff
2a03:5000:241::-2a03:5000:242:ffff:ffff:ffff:ffff:ffff
2a03:5000:251::-2a03:5000:252:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
64:72:94:af:95:eb:b1:75:5d:1a:de:5d:75:24:9f:83:47:b4:
73:4d:ea:7e:8f:99:58:bf:e8:65:ea:c3:e1:94:c2:7e:b9:6b:
40:68:b6:fc:de:c2:eb:91:35:d7:28:1d:e7:9d:58:5f:44:80:
2b:86:55:29:39:e5:54:e8:07:b5:5f:f6:8b:2e:99:11:52:6f:
15:1c:f6:e4:f4:cc:49:02:5c:3f:d1:6e:7d:ca:2d:e6:af:a1:
66:d9:99:24:6f:8a:9c:e1:df:1b:ef:48:ec:cd:97:15:3e:99:
f4:7a:b7:c5:27:3f:ab:85:97:6f:f1:9c:c3:71:c0:98:60:54:
76:41:72:4a:5e:13:e3:b2:4a:bb:30:83:3c:66:33:9c:9c:46:
0d:73:1f:d3:44:45:34:e5:35:71:ca:98:0e:fa:a6:95:56:19:
9d:99:1d:25:55:8f:50:ef:6f:55:a0:cb:3a:ed:db:6f:c1:1d:
a6:1e:eb:1c:53:55:0b:9d:ab:af:e8:55:0c:8c:87:f1:5b:c5:
b0:e3:b7:5a:bd:2a:a9:36:c4:63:7f:d6:46:cf:5f:09:ba:4f:
27:43:88:17:2c:0f:24:05:50:91:aa:22:46:1d:22:68:80:d6:
d0:9b:ab:8a:1a:fb:58:ff:58:37:9d:11:3f:5a:34:94:52:63:
8e:ef:81:0b
-----BEGIN CERTIFICATE-----
MIIHCTCCBfGgAwIBAgISAY2x2nrhcnEHoF1kN21mDajaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjQwMjE2MTIxODIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDUwZmZjNDU1YWM5ODRmNDJmNzE5NWQ5MWY2ODEzYTk0ZjRlZWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo5hT0hy4xXDFa0NbzVmdkFGYdczy
9LY+sspPXwP2DHCscFpHudLwgVeTEKysRY9NvZ77MB8KS2gzL5TmBK/9HiCncN08
GtVWEiFO2ynCE/21iN30ykvOsImxA/8fsjw+EldKTclX/XppAbL5fg28WeCQd48Y
76MH2KGJ3fPHvE8LGjhzB261R26AN9e4EdWfSkqi83x8mON5LeRQDqkM7F76Mie0
5EqrIiC7/0FQr9lJHerDdGxhH1FuQwqMqxqj+pQRtpXKkUFBl4zzA5mq+MBHstoZ
dVaZU8q2DM7yYJAsdiIzR3HzgURmuhfkxbld6WZzww/MhZtQEYEh+WaQmQIDAQAB
o4IEFTCCBBEwHQYDVR0OBBYEFCBQ/8RVrJhPQvcZXZH2gTqU9O6+MB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEvSUZEX3hGV3NtRTlDOXhsZGtmYUJPcFQwN3I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICKQYIKwYBBQUHAQcBAf8EggIYMIICFDCCAhAEAgACMIIC
CDASAwcAKgNQAAABAwcAKgNQAAACMBIDBwAqA1AAABEDBwAqA1AAABIwEgMHBSoD
UAAAIAMHACoDUAAAIjASAwcEKgNQAAAwAwcAKgNQAAAyMBIDBwAqA1AAAEEDBwAq
A1AAAEIwEgMHACoDUAAAUQMHACoDUAAAUjASAwcAKgNQAABhAwcAKgNQAABiMBID
BwAqA1AAAHEDBwAqA1AAAHIwEgMHACoDUAAAgQMHACoDUAAAgjASAwcAKgNQAACR
AwcAKgNQAACSMBIDBwAqA1AAAQEDBwAqA1AAAQIwEgMHACoDUAABEQMHACoDUAAB
EjASAwcAKgNQAAEhAwcAKgNQAAEiMBIDBwAqA1AAATEDBwAqA1AAATIwEgMHACoD
UAABQQMHACoDUAABQjASAwcAKgNQAAFRAwcAKgNQAAFSMBIDBwAqA1AAAWEDBwAq
A1AAAWIwEgMHACoDUAABcQMHACoDUAABcjASAwcAKgNQAAGBAwcAKgNQAAGCMBID
BwAqA1AAAZEDBwAqA1AAAZIwEgMHACoDUAACAQMHACoDUAACAjASAwcAKgNQAAIR
AwcAKgNQAAISMBIDBwAqA1AAAiEDBwAqA1AAAiIwEgMHACoDUAACMQMHACoDUAAC
MjASAwcAKgNQAAJBAwcAKgNQAAJCMBIDBwAqA1AAAlEDBwAqA1AAAlIwDQYJKoZI
hvcNAQELBQADggEBAGRylK+V67F1XRreXXUkn4NHtHNN6n6PmVi/6GXqw+GUwn65
a0BotvzewuuRNdcoHeedWF9EgCuGVSk55VToB7Vf9osumRFSbxUc9uT0zEkCXD/R
bn3KLeavoWbZmSRvipzh3xvvSOzNlxU+mfR6t8UnP6uFl2/xnMNxwJhgVHZBckpe
E+OySrswgzxmM5ycRg1zH9NERTTlNXHKmA76ppVWGZ2ZHSVVj1Dvb1Wgyzrt22/B
HaYe6xxTVQudq6/oVQyMh/FbxbDjt1q9Kqk2xGN/1kbPXwm6TydDiBcsDyQFUJGq
IkYdImiA1tCbq4oa+1j/WDedET9aNJRSY47vgQs=
-----END CERTIFICATE-----
Generated at Sat Jun 1 21:13:49 2024 by rpki-client on console-fra.rpki-client.org