Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/7wJ1fTDf_a-5nl_Q044YwlK99pU.roa
File: 7wJ1fTDf_a-5nl_Q044YwlK99pU.roa (raw, json)
Hash identifier: AFr3ggnlOk6jYCok7ZqM4+WXv2Q5NwLkqeeXhuzDcIk=
Subject key identifier: EF:02:75:7D:30:DF:FD:AF:B9:9E:5F:D0:D3:8E:18:C2:52:BD:F6:95
Certificate issuer: /CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Certificate serial: 01931A51B159661E6411BE72D6F0CAA41165
Authority key identifier: FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/7wJ1fTDf_a-5nl_Q044YwlK99pU.roa
Signing time: Mon 11 Nov 2024 08:23:01 +0000
ROA not before: Mon 11 Nov 2024 08:23:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25252
IP address blocks: 171.25.128.0/21 maxlen: 21
193.221.28.0/24 maxlen: 24
193.221.36.0/24 maxlen: 24
193.221.37.0/24 maxlen: 24
193.221.47.0/24 maxlen: 24
193.221.52.0/24 maxlen: 24
193.221.53.0/24 maxlen: 24
193.221.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.mft
rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:51:b1:59:66:1e:64:11:be:72:d6:f0:ca:a4:11:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Validity
Not Before: Nov 11 08:23:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ef02757d30dffdafb99e5fd0d38e18c252bdf695
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:f5:e6:ca:d0:e4:b5:7a:57:9b:6b:94:34:32:
e8:50:a1:5c:01:19:8f:73:0c:6c:42:88:a7:b8:87:
19:b8:3a:ba:18:dd:20:64:9d:04:51:87:f2:27:43:
b3:1c:c9:45:0d:78:9d:90:75:9c:a0:b0:84:be:45:
ca:be:d8:a3:c2:f0:5e:5f:d4:a8:06:5c:13:30:0f:
b2:72:c2:18:ba:6c:fa:81:18:6c:1f:92:81:4c:95:
24:dd:92:0a:7a:98:a8:ed:cc:00:77:3c:b1:c3:df:
27:6d:2c:fc:75:12:87:8c:ff:2d:4d:f1:b4:57:9f:
33:bf:7d:13:1b:17:dc:58:50:2c:cd:e0:23:18:3c:
1c:81:85:2a:e3:52:18:7f:f5:66:1f:0f:f5:a8:25:
d0:40:9d:e3:d8:63:79:53:e7:3a:78:80:30:60:e1:
63:5e:b0:ae:be:b0:59:c0:65:ce:14:60:10:0f:a8:
5a:4a:30:a3:67:8f:c6:fb:4d:ed:c8:20:24:9c:15:
11:5a:b2:39:76:3f:bc:d2:1a:a8:06:bf:36:1e:1a:
f6:54:9d:6b:d0:81:65:58:cf:99:61:44:97:b4:cc:
78:72:66:15:e7:d0:5b:cb:9d:77:23:a1:79:b6:ee:
98:b5:3d:01:5d:64:67:fb:49:62:d8:85:97:c7:c0:
42:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:02:75:7D:30:DF:FD:AF:B9:9E:5F:D0:D3:8E:18:C2:52:BD:F6:95
X509v3 Authority Key Identifier:
keyid:FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/7wJ1fTDf_a-5nl_Q044YwlK99pU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.128.0/21
193.221.28.0/24
193.221.36.0/23
193.221.47.0/24
193.221.52.0/23
193.221.59.0/24
Signature Algorithm: sha256WithRSAEncryption
35:e2:60:52:d0:18:ff:e3:7d:5f:16:27:96:fe:9c:d4:b9:27:
24:ec:4c:67:03:df:a2:1c:74:55:3b:f6:b1:89:f7:9f:5e:74:
88:a0:b1:3c:62:db:34:97:7a:e6:f4:e5:71:6d:2d:95:e3:68:
9c:9c:14:de:80:a2:db:a2:c9:d8:a5:a2:15:a2:28:be:a0:a7:
14:c1:1d:76:50:2d:5f:d9:13:61:83:ef:82:a0:13:a3:b0:30:
19:3b:be:6e:aa:8a:fb:01:de:58:ae:d9:8a:85:e9:97:81:a9:
04:ea:b8:e9:b4:c3:23:b4:86:19:94:b0:38:f5:a7:b1:2c:17:
15:cb:25:47:78:ef:d4:df:9c:74:10:fb:b1:d1:aa:4d:b6:e9:
a1:6a:02:c1:56:e5:a4:c3:81:ff:f8:2c:d0:20:b4:1e:52:2d:
6f:ec:87:47:92:15:40:7c:6f:d9:30:db:39:9e:db:49:a1:37:
ae:3a:c3:33:bf:32:e1:6c:b4:50:24:27:60:11:13:d0:66:f9:
56:ed:33:97:79:bb:21:ce:86:3e:5a:2f:12:6c:a8:f6:d5:ef:
79:fb:2a:18:0d:20:5a:0e:82:29:86:ce:e2:73:b0:d0:c4:4a:
9d:95:c5:62:3c:4c:3f:24:38:d8:a9:c0:bc:74:25:d7:42:39:
7b:5b:2e:ea
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZMaUbFZZh5kEb5y1vDKpBFlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTRhYjJkNDgxY2YxNjIyYTJjNTIxODNhYjRmNWE5MzBh
NGFlNDEwHhcNMjQxMTExMDgyMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjAyNzU3ZDMwZGZmZGFmYjk5ZTVmZDBkMzhlMThjMjUyYmRmNjk1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0fXmytDktXpXm2uUNDLoUKFcARmP
cwxsQoinuIcZuDq6GN0gZJ0EUYfyJ0OzHMlFDXidkHWcoLCEvkXKvtijwvBeX9So
BlwTMA+ycsIYumz6gRhsH5KBTJUk3ZIKepio7cwAdzyxw98nbSz8dRKHjP8tTfG0
V58zv30TGxfcWFAszeAjGDwcgYUq41IYf/VmHw/1qCXQQJ3j2GN5U+c6eIAwYOFj
XrCuvrBZwGXOFGAQD6haSjCjZ4/G+03tyCAknBURWrI5dj+80hqoBr82Hhr2VJ1r
0IFlWM+ZYUSXtMx4cmYV59Bby513I6F5tu6YtT0BXWRn+0li2IWXx8BChwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFO8CdX0w3/2vuZ5f0NOOGMJSvfaVMB8GA1UdIwQY
MBaAFP5Uqy1IHPFiKixSGDq09akwpK5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYt
MWIxMzYyYjliNmEyLzEvN3dKMWZURGZfYS01bmxfUTA0NFl3bEs5OXBVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYtMWIxMzYyYjliNmEy
LzEvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDqxmAAwQA
wd0cAwQBwd0kAwQAwd0vAwQBwd00AwQAwd07MA0GCSqGSIb3DQEBCwUAA4IBAQA1
4mBS0Bj/431fFieW/pzUuSck7ExnA9+iHHRVO/axifefXnSIoLE8Yts0l3rm9OVx
bS2V42icnBTegKLbosnYpaIVoii+oKcUwR12UC1f2RNhg++CoBOjsDAZO75uqor7
Ad5YrtmKhemXgakE6rjptMMjtIYZlLA49aexLBcVyyVHeO/U35x0EPux0apNtumh
agLBVuWkw4H/+CzQILQeUi1v7IdHkhVAfG/ZMNs5nttJoTeuOsMzvzLhbLRQJCdg
ERPQZvlW7TOXebshzoY+Wi8SbKj21e95+yoYDSBaDoIphs7ic7DQxEqdlcViPEw/
JDjYqcC8dCXXQjl7Wy7q
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:35:22 2024 by rpki-client on console-fra.rpki-client.org