Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/lFE3Ndo01UnGh9srZC5e7Y15_3M.roa
File: lFE3Ndo01UnGh9srZC5e7Y15_3M.roa (raw, json)
Hash identifier: O5YcRJMzta+BPot1UptyVb7RDajj8bOFHyDQkClsHyw=
Subject key identifier: 94:51:37:35:DA:34:D5:49:C6:87:DB:2B:64:2E:5E:ED:8D:79:FF:73
Certificate issuer: /CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Certificate serial: 0190D29464FF74964A4303854FD4D599E448
Authority key identifier: 6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/lFE3Ndo01UnGh9srZC5e7Y15_3M.roa
Signing time: Sat 20 Jul 2024 23:57:38 +0000
ROA not before: Sat 20 Jul 2024 23:57:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 152179
IP address blocks: 37.128.250.0/23 maxlen: 24
176.221.16.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.mft
rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:d2:94:64:ff:74:96:4a:43:03:85:4f:d4:d5:99:e4:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f75e4e94b5cb74517b7b01568015da9e6eecdb6
Validity
Not Before: Jul 20 23:57:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=94513735da34d549c687db2b642e5eed8d79ff73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:29:f3:d1:78:00:8e:f7:35:72:1f:7d:7a:3e:
91:d6:c0:b6:55:77:7b:a7:a0:20:90:b1:82:ae:b4:
c1:4b:66:bb:d1:b0:5c:40:cf:fe:9d:36:f5:b0:26:
10:0d:13:c2:91:18:d5:75:b6:d4:20:49:27:61:d4:
f5:86:0b:1e:44:4d:68:a4:d0:96:32:96:ba:ca:e3:
ab:bc:50:6d:09:74:39:e9:2c:0f:95:4d:51:af:45:
4c:31:db:69:72:36:73:5d:8e:02:9b:73:ab:5d:de:
1b:05:41:67:bc:a6:6a:f2:64:be:4d:b5:f1:69:d1:
01:76:c6:7d:25:fb:ee:e5:98:f8:23:67:7b:9e:fc:
5e:1f:25:fb:bb:12:d3:cc:67:5f:21:1b:d2:9f:2b:
47:9c:50:b8:cf:e6:f2:e9:8f:08:84:6a:63:8c:1b:
ec:5b:d7:4b:6f:a8:bc:1e:cc:5c:31:db:39:21:86:
0e:ba:2f:9f:c3:0d:70:ab:49:e3:f9:46:1f:9c:95:
be:0c:4f:d5:43:26:33:55:76:9d:67:07:f8:07:5e:
51:af:99:75:da:d7:b7:24:dc:a8:7c:57:b9:c3:86:
1e:2c:2a:f9:50:0a:81:ee:81:77:52:5f:53:9b:ea:
65:c7:ca:a1:2e:8e:8b:1f:c0:44:a1:9a:fa:0d:c3:
c3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:51:37:35:DA:34:D5:49:C6:87:DB:2B:64:2E:5E:ED:8D:79:FF:73
X509v3 Authority Key Identifier:
keyid:6F:75:E4:E9:4B:5C:B7:45:17:B7:B0:15:68:01:5D:A9:E6:EE:CD:B6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b3Xk6Utct0UXt7AVaAFdqebuzbY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/lFE3Ndo01UnGh9srZC5e7Y15_3M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/57a34f-e33b-4e17-bc32-66457724c2d3/1/b3Xk6Utct0UXt7AVaAFdqebuzbY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.250.0/23
176.221.16.0/22
Signature Algorithm: sha256WithRSAEncryption
86:75:4e:b7:7a:5f:44:e9:62:50:61:60:e4:ed:78:65:21:51:
07:4c:fe:c9:6c:c5:6a:dc:ee:e8:ee:5c:24:61:c4:5c:3f:7b:
2c:a8:e9:a6:1f:6e:10:64:ee:40:48:83:7b:63:88:e3:56:72:
a4:45:6f:df:37:12:69:f8:29:1b:3e:c0:80:88:51:70:4c:a9:
f8:0e:fa:69:92:4f:6e:85:aa:ee:76:f8:54:ba:c1:17:12:ab:
f9:d5:35:da:cf:0b:f4:3e:6c:98:9e:2b:d9:cb:98:6c:ff:cd:
b0:d7:dc:1e:27:ea:1a:75:06:0c:4b:60:22:ba:34:4a:b5:77:
be:5a:b7:1c:e8:31:54:0e:be:3f:80:fd:8e:af:63:b9:30:67:
66:73:c7:53:46:cd:3e:10:fd:c0:58:83:b8:76:40:6e:4e:de:
84:fc:ed:5f:72:70:8d:d9:0c:b9:63:e4:56:89:9a:1c:e7:b7:
0c:02:8c:3d:3e:4a:5a:5b:65:f5:32:b0:1f:d1:f9:38:18:33:
bf:9c:09:97:df:21:d7:a9:92:83:c5:75:7c:33:aa:0d:f6:10:
08:45:77:0e:ef:69:db:66:7a:59:32:39:1e:d6:b1:77:40:5c:
03:d4:26:1d:c2:06:59:04:be:a1:df:6b:a7:2e:f9:4b:a9:b9:
af:93:7d:18
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZDSlGT/dJZKQwOFT9TVmeRIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNzVlNGU5NGI1Y2I3NDUxN2I3YjAxNTY4MDE1ZGE5ZTZl
ZWNkYjYwHhcNMjQwNzIwMjM1NzM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDUxMzczNWRhMzRkNTQ5YzY4N2RiMmI2NDJlNWVlZDhkNzlmZjczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyinz0XgAjvc1ch99ej6R1sC2VXd7
p6AgkLGCrrTBS2a70bBcQM/+nTb1sCYQDRPCkRjVdbbUIEknYdT1hgseRE1opNCW
Mpa6yuOrvFBtCXQ56SwPlU1Rr0VMMdtpcjZzXY4Cm3OrXd4bBUFnvKZq8mS+TbXx
adEBdsZ9Jfvu5Zj4I2d7nvxeHyX7uxLTzGdfIRvSnytHnFC4z+by6Y8IhGpjjBvs
W9dLb6i8HsxcMds5IYYOui+fww1wq0nj+UYfnJW+DE/VQyYzVXadZwf4B15Rr5l1
2te3JNyofFe5w4YeLCr5UAqB7oF3Ul9Tm+plx8qhLo6LH8BEoZr6DcPDjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJRRNzXaNNVJxofbK2QuXu2Nef9zMB8GA1UdIwQY
MBaAFG915OlLXLdFF7ewFWgBXanm7s22MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzIt
NjY0NTc3MjRjMmQzLzEvbEZFM05kbzAxVW5HaDlzclpDNWU3WTE1XzNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi81N2EzNGYtZTMzYi00ZTE3LWJjMzItNjY0NTc3MjRjMmQz
LzEvYjNYazZVdGN0MFVYdDdBVmFBRmRxZWJ1emJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBJYD6AwQC
sN0QMA0GCSqGSIb3DQEBCwUAA4IBAQCGdU63el9E6WJQYWDk7XhlIVEHTP7JbMVq
3O7o7lwkYcRcP3ssqOmmH24QZO5ASIN7Y4jjVnKkRW/fNxJp+CkbPsCAiFFwTKn4
Dvppkk9uharudvhUusEXEqv51TXazwv0PmyYnivZy5hs/82w19weJ+oadQYMS2Ai
ujRKtXe+Wrcc6DFUDr4/gP2Or2O5MGdmc8dTRs0+EP3AWIO4dkBuTt6E/O1fcnCN
2Qy5Y+RWiZoc57cMAow9PkpaW2X1MrAf0fk4GDO/nAmX3yHXqZKDxXV8M6oN9hAI
RXcO72nbZnpZMjke1rF3QFwD1CYdwgZZBL6h32unLvlLqbmvk30Y
-----END CERTIFICATE-----
Generated at Mon Nov 25 20:28:20 2024 by rpki-client on console-fra.rpki-client.org