Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/P0LtbDaCQW7YxwH54chN34ifvek.roa
File: P0LtbDaCQW7YxwH54chN34ifvek.roa (raw, json)
Hash identifier: RpLJzA101ya8uTlm2BjiUAqzHoySE1grOtqVBqsqCkQ=
Subject key identifier: 3F:42:ED:6C:36:82:41:6E:D8:C7:01:F9:E1:C8:4D:DF:88:9F:BD:E9
Certificate issuer: /CN=dc44e19e2bb4e7023cc1ba10d49b74ede4bf865c
Certificate serial: 01907E75F78F681A7454D71D0985BE58273A
Authority key identifier: DC:44:E1:9E:2B:B4:E7:02:3C:C1:BA:10:D4:9B:74:ED:E4:BF:86:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/P0LtbDaCQW7YxwH54chN34ifvek.roa
Signing time: Thu 04 Jul 2024 15:56:18 +0000
ROA not before: Thu 04 Jul 2024 15:56:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13335
IP address blocks: 25.25.25.0/24 maxlen: 24
25.26.27.0/24 maxlen: 24
25.129.196.0/23 maxlen: 23
25.129.198.0/23 maxlen: 23
2a08:600::/48 maxlen: 48
2a08:600:e0::/47 maxlen: 47
2a08:600:ee::/47 maxlen: 47
2a08:600:ff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/3EThniu05wI8wboQ1Jt07eS_hlw.crl
rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/3EThniu05wI8wboQ1Jt07eS_hlw.mft
rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7e:75:f7:8f:68:1a:74:54:d7:1d:09:85:be:58:27:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc44e19e2bb4e7023cc1ba10d49b74ede4bf865c
Validity
Not Before: Jul 4 15:56:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f42ed6c3682416ed8c701f9e1c84ddf889fbde9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:93:2e:16:b2:19:a4:c7:25:db:38:ca:67:01:
d1:34:33:41:81:c7:02:be:d8:d1:65:e9:cb:cd:1a:
8c:af:a3:54:98:f8:fe:b6:ff:2b:18:88:21:7d:e6:
85:10:02:a0:88:7f:a8:0e:e0:ed:6e:98:af:89:a6:
f7:92:60:20:ed:d7:e1:40:5c:f2:44:95:ce:c0:76:
19:02:2c:91:4a:65:b3:45:49:b8:2e:ce:e9:9c:52:
21:4a:82:36:c1:b0:bc:d3:13:a5:32:d1:88:14:4d:
97:6c:30:8d:a3:06:3a:36:da:04:96:37:ec:cf:e1:
e2:b4:bb:86:00:94:b7:8e:55:72:f3:b6:38:83:76:
7b:f7:29:f5:d4:06:34:a4:0a:f2:99:9b:a1:68:ea:
c7:56:6c:8d:a1:22:d9:1a:3e:18:3a:b2:66:8e:fc:
a8:3d:c8:f2:94:47:11:a9:d1:99:c0:16:a7:ae:49:
45:49:02:52:af:15:e7:ee:66:d1:9b:66:26:33:99:
48:8d:4e:62:1b:53:5c:70:dc:98:b3:dc:0b:19:58:
a3:89:be:a9:60:a7:c0:1a:df:7d:de:56:87:4d:a5:
df:5b:a4:03:4e:a4:9a:e7:bc:67:fe:9c:f8:2d:dc:
3b:29:05:1d:3a:2a:10:d1:3a:3f:5d:ea:dc:d8:e9:
dc:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:42:ED:6C:36:82:41:6E:D8:C7:01:F9:E1:C8:4D:DF:88:9F:BD:E9
X509v3 Authority Key Identifier:
keyid:DC:44:E1:9E:2B:B4:E7:02:3C:C1:BA:10:D4:9B:74:ED:E4:BF:86:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3EThniu05wI8wboQ1Jt07eS_hlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/P0LtbDaCQW7YxwH54chN34ifvek.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/05/46f5b9-6000-4072-89f2-4c82ace72c85/1/3EThniu05wI8wboQ1Jt07eS_hlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
25.25.25.0/24
25.26.27.0/24
25.129.196.0/22
IPv6:
2a08:600::/48
2a08:600:e0::/47
2a08:600:ee::/47
2a08:600:ff::/48
Signature Algorithm: sha256WithRSAEncryption
88:5d:40:48:4d:cd:05:3b:c2:7f:6b:5c:5d:31:79:68:bf:64:
20:27:b3:af:b0:e6:ed:0f:dc:c1:27:b6:54:55:6b:7e:6b:fd:
97:6f:57:f0:14:2e:1b:61:a4:05:d9:0b:8a:ba:3a:1b:83:b5:
fd:7f:da:25:21:73:29:40:e0:09:df:05:86:a0:7f:bd:e6:d5:
72:f0:19:fc:ef:87:3c:ed:b8:0e:48:5d:87:ff:07:99:bf:d1:
a4:fa:ba:4c:38:5d:1e:5c:c9:ca:81:f8:9f:c6:4b:2b:5b:09:
65:56:7d:65:8f:52:13:75:c2:4a:fc:8b:61:08:4a:f2:6e:73:
9b:5b:76:db:07:06:c0:a2:d7:a7:1a:af:71:e6:90:4c:b6:69:
05:15:fa:09:5d:4e:85:21:b3:23:d7:96:e5:3e:22:3f:05:23:
6b:b4:0d:6e:97:2f:08:18:9d:bf:69:08:41:74:f9:83:39:55:
62:b0:5b:e6:83:cf:a3:94:e6:57:88:6d:35:3d:69:5f:16:5c:
96:fe:7d:0d:1e:c1:c8:d6:2d:a7:17:7b:fd:a9:16:ac:17:e0:
5c:68:76:3a:2f:ba:68:6e:37:74:9f:b6:bc:9d:80:65:74:f6:
92:29:33:a5:96:0d:65:1f:01:ab:50:78:dd:f9:b9:ba:52:0d:
4c:e6:df:47
-----BEGIN CERTIFICATE-----
MIIFNTCCBB2gAwIBAgISAZB+dfePaBp0VNcdCYW+WCc6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjNDRlMTllMmJiNGU3MDIzY2MxYmExMGQ0OWI3NGVkZTRi
Zjg2NWMwHhcNMjQwNzA0MTU1NjE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjQyZWQ2YzM2ODI0MTZlZDhjNzAxZjllMWM4NGRkZjg4OWZiZGU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpMuFrIZpMcl2zjKZwHRNDNBgccC
vtjRZenLzRqMr6NUmPj+tv8rGIghfeaFEAKgiH+oDuDtbpiviab3kmAg7dfhQFzy
RJXOwHYZAiyRSmWzRUm4Ls7pnFIhSoI2wbC80xOlMtGIFE2XbDCNowY6NtoEljfs
z+HitLuGAJS3jlVy87Y4g3Z79yn11AY0pArymZuhaOrHVmyNoSLZGj4YOrJmjvyo
PcjylEcRqdGZwBanrklFSQJSrxXn7mbRm2YmM5lIjU5iG1NccNyYs9wLGVijib6p
YKfAGt993laHTaXfW6QDTqSa57xn/pz4Ldw7KQUdOioQ0To/Xerc2OncHQIDAQAB
o4ICQTCCAj0wHQYDVR0OBBYEFD9C7Ww2gkFu2McB+eHITd+In73pMB8GA1UdIwQY
MBaAFNxE4Z4rtOcCPMG6ENSbdO3kv4ZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0VUaG5pdTA1d0k4d2JvUTFKdDA3ZVNfaGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNS80NmY1YjktNjAwMC00MDcyLTg5ZjIt
NGM4MmFjZTcyYzg1LzEvUDBMdGJEYUNRVzdZeHdINTRjaE4zNGlmdmVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNS80NmY1YjktNjAwMC00MDcyLTg5ZjItNGM4MmFjZTcyYzg1
LzEvM0VUaG5pdTA1d0k4d2JvUTFKdDA3ZVNfaGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFcGCCsGAQUFBwEHAQH/BEgwRjAYBAIAATASAwQAGRkZAwQA
GRobAwQCGYHEMCoEAgACMCQDBwAqCAYAAAADBwEqCAYAAOADBwEqCAYAAO4DBwAq
CAYAAP8wDQYJKoZIhvcNAQELBQADggEBAIhdQEhNzQU7wn9rXF0xeWi/ZCAns6+w
5u0P3MEntlRVa35r/ZdvV/AULhthpAXZC4q6OhuDtf1/2iUhcylA4AnfBYagf73m
1XLwGfzvhzztuA5IXYf/B5m/0aT6ukw4XR5cycqB+J/GSytbCWVWfWWPUhN1wkr8
i2EISvJuc5tbdtsHBsCi16car3HmkEy2aQUV+gldToUhsyPXluU+Ij8FI2u0DW6X
LwgYnb9pCEF0+YM5VWKwW+aDz6OU5leIbTU9aV8WXJb+fQ0ewcjWLacXe/2pFqwX
4FxodjovumhuN3SftrydgGV09pIpM6WWDWUfAatQeN35ubpSDUzm30c=
-----END CERTIFICATE-----
Generated at Fri Nov 22 16:06:12 2024 by rpki-client on console-fra.rpki-client.org