Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/fcfd8c-8871-4d6a-b4a5-d65b654c99c5/1/Iafyk10F2bEYOYwmi_70OCnQ7JM.roa
File: Iafyk10F2bEYOYwmi_70OCnQ7JM.roa (raw, json)
Hash identifier: +Fz8lYIF7ai4B7bfelkRCUdR5UY+exRDjth9/DU5yBY=
Subject key identifier: 21:A7:F2:93:5D:05:D9:B1:18:39:8C:26:8B:FE:F4:38:29:D0:EC:93
Certificate issuer: /CN=2e7d6f55a13b001e7401f40eaaaeb82f67bd422e
Certificate serial: 018CC9BB99896357D4BE1AD9790BC22DF646
Authority key identifier: 2E:7D:6F:55:A1:3B:00:1E:74:01:F4:0E:AA:AE:B8:2F:67:BD:42:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ln1vVaE7AB50AfQOqq64L2e9Qi4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/fcfd8c-8871-4d6a-b4a5-d65b654c99c5/1/Iafyk10F2bEYOYwmi_70OCnQ7JM.roa
Signing time: Tue 02 Jan 2024 10:32:44 +0000
ROA not before: Tue 02 Jan 2024 10:32:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 28824
IP address blocks: 46.250.192.0/19 maxlen: 24
213.162.224.0/19 maxlen: 24
185.115.244.0/22 maxlen: 24
2001:4da8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/fcfd8c-8871-4d6a-b4a5-d65b654c99c5/1/Ln1vVaE7AB50AfQOqq64L2e9Qi4.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/fcfd8c-8871-4d6a-b4a5-d65b654c99c5/1/Ln1vVaE7AB50AfQOqq64L2e9Qi4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ln1vVaE7AB50AfQOqq64L2e9Qi4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 07:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:99:89:63:57:d4:be:1a:d9:79:0b:c2:2d:f6:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e7d6f55a13b001e7401f40eaaaeb82f67bd422e
Validity
Not Before: Jan 2 10:32:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=21a7f2935d05d9b118398c268bfef43829d0ec93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:7e:d4:bb:3b:bd:01:1f:2d:74:48:e1:4c:bc:
5f:d5:c9:2d:ba:ad:4e:42:9d:64:4a:70:3c:38:17:
5f:87:5b:90:64:56:ef:eb:ee:45:07:2e:d9:ee:9f:
83:a7:a7:22:42:69:c6:3c:dc:f2:4a:b7:27:ef:ac:
46:92:ed:0d:cc:d0:bd:8c:0f:ba:b7:52:db:d9:58:
bd:3d:63:98:f6:2a:b2:e2:c7:84:1f:99:85:2e:fb:
65:dc:2e:4f:61:05:0d:66:a6:82:9e:2e:34:87:7b:
4a:d6:26:92:19:32:c6:9e:3c:92:ee:b2:9d:09:2d:
1a:6b:9e:96:19:96:78:aa:32:bb:a2:e6:eb:2e:bd:
b7:60:53:b2:d9:37:8f:3c:23:8e:60:bb:cf:27:39:
89:77:e4:19:48:26:f8:7f:a1:66:7b:dc:35:14:74:
ef:76:e4:17:5d:9d:11:94:46:a4:9e:2e:d1:21:67:
77:cf:be:e2:d9:fe:c2:67:70:62:b8:ca:74:03:b2:
53:72:87:38:73:b2:02:53:37:7d:f4:32:a7:be:5a:
bb:33:65:28:04:42:31:c0:44:3a:e4:00:7d:aa:a2:
83:35:4d:b7:b1:57:24:46:5d:c3:da:6a:c6:ec:73:
a2:61:ac:1e:fe:eb:30:92:06:de:3c:68:6c:9c:8d:
be:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:A7:F2:93:5D:05:D9:B1:18:39:8C:26:8B:FE:F4:38:29:D0:EC:93
X509v3 Authority Key Identifier:
keyid:2E:7D:6F:55:A1:3B:00:1E:74:01:F4:0E:AA:AE:B8:2F:67:BD:42:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ln1vVaE7AB50AfQOqq64L2e9Qi4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fcfd8c-8871-4d6a-b4a5-d65b654c99c5/1/Iafyk10F2bEYOYwmi_70OCnQ7JM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/fcfd8c-8871-4d6a-b4a5-d65b654c99c5/1/Ln1vVaE7AB50AfQOqq64L2e9Qi4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.250.192.0/19
185.115.244.0/22
213.162.224.0/19
IPv6:
2001:4da8::/32
Signature Algorithm: sha256WithRSAEncryption
92:1c:73:d5:e9:c6:77:f1:ac:0a:2c:4f:bc:36:84:47:75:86:
5e:5d:dc:14:13:f1:9b:00:13:14:9a:d3:c5:ee:56:c0:03:89:
ad:53:88:aa:95:b8:98:ef:2e:6f:11:91:ce:a9:e1:a5:30:47:
4c:f0:6b:90:96:eb:b5:16:22:d0:cc:7c:89:0e:d8:a3:47:7c:
7a:10:5f:f8:c8:77:b8:80:05:34:ac:25:45:e4:cf:8d:ef:83:
8e:bd:83:40:a2:3a:49:79:83:9a:af:17:27:30:f2:89:60:9f:
99:ef:89:75:06:72:72:33:7b:2c:22:33:62:bf:31:99:4f:07:
fc:0d:30:64:3e:ab:66:02:67:7f:90:93:e7:f6:f4:fd:03:a7:
a3:41:92:31:ab:50:ec:4d:1e:8c:84:17:5d:e2:51:df:c7:8b:
d8:f3:3e:ad:72:f2:e5:f2:56:e1:ec:f2:d1:7c:cd:f9:71:6b:
ce:d5:f4:16:2a:c6:cd:50:25:ac:b2:c1:52:7e:7e:0c:5e:2b:
e3:09:54:59:dd:72:86:6a:09:28:d2:72:f1:12:c2:52:05:4d:
70:a7:79:1c:69:c8:d1:3b:0b:cb:7d:6b:13:e8:8c:41:b4:b3:
f5:f6:35:d4:25:f6:1f:c8:e7:3f:12:54:af:ba:e9:9f:8c:52:
a5:ce:c7:0a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzJu5mJY1fUvhrZeQvCLfZGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlN2Q2ZjU1YTEzYjAwMWU3NDAxZjQwZWFhYWViODJmNjdi
ZDQyMmUwHhcNMjQwMTAyMTAzMjQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWE3ZjI5MzVkMDVkOWIxMTgzOThjMjY4YmZlZjQzODI5ZDBlYzkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw37Uuzu9AR8tdEjhTLxf1cktuq1O
Qp1kSnA8OBdfh1uQZFbv6+5FBy7Z7p+Dp6ciQmnGPNzySrcn76xGku0NzNC9jA+6
t1Lb2Vi9PWOY9iqy4seEH5mFLvtl3C5PYQUNZqaCni40h3tK1iaSGTLGnjyS7rKd
CS0aa56WGZZ4qjK7oubrLr23YFOy2TePPCOOYLvPJzmJd+QZSCb4f6Fme9w1FHTv
duQXXZ0RlEakni7RIWd3z77i2f7CZ3BiuMp0A7JTcoc4c7ICUzd99DKnvlq7M2Uo
BEIxwEQ65AB9qqKDNU23sVckRl3D2mrG7HOiYawe/uswkgbePGhsnI2+YQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFCGn8pNdBdmxGDmMJov+9Dgp0OyTMB8GA1UdIwQY
MBaAFC59b1WhOwAedAH0DqquuC9nvUIuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG4xdlZhRTdBQjUwQWZRT3FxNjRMMmU5UWk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS9mY2ZkOGMtODg3MS00ZDZhLWI0YTUt
ZDY1YjY1NGM5OWM1LzEvSWFmeWsxMEYyYkVZT1l3bWlfNzBPQ25RN0pNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS9mY2ZkOGMtODg3MS00ZDZhLWI0YTUtZDY1YjY1NGM5OWM1
LzEvTG4xdlZhRTdBQjUwQWZRT3FxNjRMMmU5UWk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFLvrAAwQC
uXP0AwQF1aLgMA0EAgACMAcDBQAgAU2oMA0GCSqGSIb3DQEBCwUAA4IBAQCSHHPV
6cZ38awKLE+8NoRHdYZeXdwUE/GbABMUmtPF7lbAA4mtU4iqlbiY7y5vEZHOqeGl
MEdM8GuQluu1FiLQzHyJDtijR3x6EF/4yHe4gAU0rCVF5M+N74OOvYNAojpJeYOa
rxcnMPKJYJ+Z74l1BnJyM3ssIjNivzGZTwf8DTBkPqtmAmd/kJPn9vT9A6ejQZIx
q1DsTR6MhBdd4lHfx4vY8z6tcvLl8lbh7PLRfM35cWvO1fQWKsbNUCWsssFSfn4M
XivjCVRZ3XKGagko0nLxEsJSBU1wp3kcacjROwvLfWsT6IxBtLP19jXUJfYfyOc/
ElSvuumfjFKlzscK
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:55:29 2024 by rpki-client on console-ams.rpki-client.org