Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/d74cb2-f0fc-4f2c-be01-536e1f0c4ff9/1/FLOLmMZGJVl2cedD18yr6O0PPjM.roa
File: FLOLmMZGJVl2cedD18yr6O0PPjM.roa (raw, json)
Hash identifier: KKHBQd3YR9UDiMUs/Y01+musFp2fehELrpb7ttL9CrE=
Subject key identifier: 14:B3:8B:98:C6:46:25:59:76:71:E7:43:D7:CC:AB:E8:ED:0F:3E:33
Certificate issuer: /CN=6cdc694f0c3255d5d5573f1328e53654cfb22c4d
Certificate serial: 018CC56E36B17D91F6CBF3AD90D7582030DA
Authority key identifier: 6C:DC:69:4F:0C:32:55:D5:D5:57:3F:13:28:E5:36:54:CF:B2:2C:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bNxpTwwyVdXVVz8TKOU2VM-yLE0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/d74cb2-f0fc-4f2c-be01-536e1f0c4ff9/1/FLOLmMZGJVl2cedD18yr6O0PPjM.roa
Signing time: Mon 01 Jan 2024 14:29:43 +0000
ROA not before: Mon 01 Jan 2024 14:29:43 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210045
IP address blocks: 217.28.133.0/24 maxlen: 24
2a12:2140::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/d74cb2-f0fc-4f2c-be01-536e1f0c4ff9/1/bNxpTwwyVdXVVz8TKOU2VM-yLE0.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/d74cb2-f0fc-4f2c-be01-536e1f0c4ff9/1/bNxpTwwyVdXVVz8TKOU2VM-yLE0.mft
rsync://rpki.ripe.net/repository/DEFAULT/bNxpTwwyVdXVVz8TKOU2VM-yLE0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 05:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:36:b1:7d:91:f6:cb:f3:ad:90:d7:58:20:30:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6cdc694f0c3255d5d5573f1328e53654cfb22c4d
Validity
Not Before: Jan 1 14:29:43 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=14b38b98c64625597671e743d7ccabe8ed0f3e33
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:74:f4:89:5d:5a:d8:33:e4:2f:da:7f:26:a6:
49:89:a8:b3:ef:6d:f3:62:f8:ee:81:e5:f6:a2:28:
be:2f:c0:be:8a:40:43:81:2a:57:9e:ab:de:08:69:
40:a7:d6:d4:24:99:7a:ef:f7:f8:cf:17:eb:ff:68:
b6:65:a9:82:82:e8:38:dd:ed:78:90:ef:13:d8:fb:
e1:e8:da:80:d8:da:24:33:26:75:f9:c7:4b:28:02:
e3:da:e9:62:33:03:d1:b8:94:3b:2c:68:2c:83:44:
f9:01:54:f0:2f:3a:7f:ef:51:aa:28:04:0b:92:1f:
71:3b:4a:1b:4f:e8:7f:bb:a3:4d:d3:34:40:0f:bc:
f6:a0:6d:3a:c7:6f:35:8a:cc:52:33:0c:90:2d:b1:
3d:7c:fa:1a:31:72:47:af:f0:a5:a0:df:8a:46:17:
33:bb:17:6e:f0:89:53:fe:15:5e:e4:5d:9b:83:64:
a3:54:f7:87:65:d2:5e:20:49:e5:74:40:35:76:de:
1e:03:e5:cb:4f:ff:44:da:7a:49:cb:e0:41:bf:3e:
3c:d6:c0:30:b5:5c:07:79:32:b1:9c:5a:81:3a:91:
db:d0:ae:99:3f:1f:85:df:ca:5b:38:53:b0:7e:82:
50:38:2b:fc:75:bd:05:4b:e3:98:25:9e:44:52:8c:
f4:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B3:8B:98:C6:46:25:59:76:71:E7:43:D7:CC:AB:E8:ED:0F:3E:33
X509v3 Authority Key Identifier:
keyid:6C:DC:69:4F:0C:32:55:D5:D5:57:3F:13:28:E5:36:54:CF:B2:2C:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bNxpTwwyVdXVVz8TKOU2VM-yLE0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/d74cb2-f0fc-4f2c-be01-536e1f0c4ff9/1/FLOLmMZGJVl2cedD18yr6O0PPjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/d74cb2-f0fc-4f2c-be01-536e1f0c4ff9/1/bNxpTwwyVdXVVz8TKOU2VM-yLE0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
217.28.133.0/24
IPv6:
2a12:2140::/29
Signature Algorithm: sha256WithRSAEncryption
7d:1b:36:47:0e:2b:25:4d:49:5e:b1:73:5c:74:ea:68:db:99:
c8:af:76:60:c7:4d:d3:34:d5:c0:87:54:3e:15:5b:a2:9c:6c:
c7:84:6a:2a:70:73:e6:b5:27:57:1a:82:91:5b:f1:11:8b:59:
41:55:43:b6:0c:13:69:51:ba:83:f2:a5:23:51:39:ea:35:38:
80:4a:82:5f:94:ea:69:8a:80:4d:2f:ae:84:83:ef:c7:9e:80:
8e:5a:38:78:7b:2e:bd:6b:eb:c5:7a:3b:7d:5e:04:7d:79:d5:
cf:a0:41:c3:33:c2:2a:cd:41:86:a9:73:04:c5:cc:2d:1f:cd:
4c:fc:da:12:f9:41:d6:ce:32:86:7e:ab:d8:8d:42:9f:34:32:
3e:c5:3a:66:6b:27:99:0c:88:1b:ba:6a:34:50:c9:34:48:3e:
7c:bd:6b:2c:d1:75:d1:df:00:d0:2d:b9:17:8b:15:5a:ea:49:
cb:2f:5e:69:65:20:c0:79:52:bf:3d:85:20:31:e6:35:51:c0:
d7:aa:76:21:19:ac:83:31:95:c2:5c:fa:6d:08:b6:0e:a2:91:
09:c7:6a:dd:9e:40:22:89:11:da:a3:a0:ef:71:1d:a5:0f:dd:
ae:e6:3e:be:c4:12:a9:35:66:0f:81:5a:23:5a:e2:26:48:5d:
6c:40:71:a8
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzFbjaxfZH2y/OtkNdYIDDaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjZGM2OTRmMGMzMjU1ZDVkNTU3M2YxMzI4ZTUzNjU0Y2Zi
MjJjNGQwHhcNMjQwMTAxMTQyOTQzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGIzOGI5OGM2NDYyNTU5NzY3MWU3NDNkN2NjYWJlOGVkMGYzZTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq3T0iV1a2DPkL9p/JqZJiaiz723z
YvjugeX2oii+L8C+ikBDgSpXnqveCGlAp9bUJJl67/f4zxfr/2i2ZamCgug43e14
kO8T2Pvh6NqA2NokMyZ1+cdLKALj2uliMwPRuJQ7LGgsg0T5AVTwLzp/71GqKAQL
kh9xO0obT+h/u6NN0zRAD7z2oG06x281isxSMwyQLbE9fPoaMXJHr/CloN+KRhcz
uxdu8IlT/hVe5F2bg2SjVPeHZdJeIEnldEA1dt4eA+XLT/9E2npJy+BBvz481sAw
tVwHeTKxnFqBOpHb0K6ZPx+F38pbOFOwfoJQOCv8db0FS+OYJZ5EUoz0MQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFBSzi5jGRiVZdnHnQ9fMq+jtDz4zMB8GA1UdIwQY
MBaAFGzcaU8MMlXV1Vc/EyjlNlTPsixNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYk54cFR3d3lWZFhWVno4VEtPVTJWTS15TEUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9kNzRjYjItZjBmYy00ZjJjLWJlMDEt
NTM2ZTFmMGM0ZmY5LzEvRkxPTG1NWkdKVmwyY2VkRDE4eXI2TzBQUGpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9kNzRjYjItZjBmYy00ZjJjLWJlMDEtNTM2ZTFmMGM0ZmY5
LzEvYk54cFR3d3lWZFhWVno4VEtPVTJWTS15TEUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQA2RyFMA0E
AgACMAcDBQMqEiFAMA0GCSqGSIb3DQEBCwUAA4IBAQB9GzZHDislTUlesXNcdOpo
25nIr3Zgx03TNNXAh1Q+FVuinGzHhGoqcHPmtSdXGoKRW/ERi1lBVUO2DBNpUbqD
8qUjUTnqNTiASoJflOppioBNL66Eg+/HnoCOWjh4ey69a+vFejt9XgR9edXPoEHD
M8IqzUGGqXMExcwtH81M/NoS+UHWzjKGfqvYjUKfNDI+xTpmayeZDIgbumo0UMk0
SD58vWss0XXR3wDQLbkXixVa6knLL15pZSDAeVK/PYUgMeY1UcDXqnYhGayDMZXC
XPptCLYOopEJx2rdnkAiiRHao6DvcR2lD92u5j6+xBKpNWYPgVojWuImSF1sQHGo
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:06:19 2024 by rpki-client on console-ams.rpki-client.org