Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/Y_jIsQd6UFAqkfBfKo7xZYDZ-M0.roa
File: Y_jIsQd6UFAqkfBfKo7xZYDZ-M0.roa (raw, json)
Hash identifier: y0tqlZw9K0j0aBMhsR43kD/z/SHpOw3OrQcmo3AV9bg=
Subject key identifier: 63:F8:C8:B1:07:7A:50:50:2A:91:F0:5F:2A:8E:F1:65:80:D9:F8:CD
Certificate issuer: /CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Certificate serial: 01931A51B0774F01F8CB604462AC4349763A
Authority key identifier: FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/Y_jIsQd6UFAqkfBfKo7xZYDZ-M0.roa
Signing time: Mon 11 Nov 2024 08:23:01 +0000
ROA not before: Mon 11 Nov 2024 08:23:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3301
IP address blocks: 171.25.128.0/21 maxlen: 21
193.221.28.0/24 maxlen: 24
193.221.36.0/24 maxlen: 24
193.221.37.0/24 maxlen: 24
193.221.47.0/24 maxlen: 24
193.221.52.0/24 maxlen: 24
193.221.53.0/24 maxlen: 24
193.221.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.mft
rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 17:02:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:51:b0:77:4f:01:f8:cb:60:44:62:ac:43:49:76:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Validity
Not Before: Nov 11 08:23:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=63f8c8b1077a50502a91f05f2a8ef16580d9f8cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:c9:74:4d:52:a4:f1:d3:0a:eb:c7:07:c5:3a:
62:97:d9:29:ab:60:a8:cd:df:34:d8:f0:11:be:56:
fb:62:31:0d:7b:17:75:a0:48:10:3a:50:8c:16:15:
10:ba:51:9e:ef:31:b6:42:fe:21:67:5b:20:f0:e3:
5c:e6:11:03:59:79:48:8d:8c:89:ed:41:23:ba:f2:
29:8d:75:c9:49:0b:b0:c0:24:84:14:f1:34:cf:f1:
11:92:44:a4:b9:9f:07:8c:e9:f4:40:f3:19:35:81:
73:d0:22:2f:d6:43:df:1c:5e:db:d7:ae:f7:d8:52:
b2:58:b8:8b:e7:49:96:b4:f0:c6:6b:d6:03:9a:c1:
68:fb:e5:33:d3:c0:e6:f0:d2:e0:c7:6c:fd:12:d8:
b0:67:d6:6d:29:12:09:10:a4:8c:de:cf:29:e6:99:
c2:ef:6f:f4:f6:fe:19:91:8b:c8:a5:61:c7:cf:cb:
db:b5:99:56:08:8b:13:99:44:3f:a8:ae:53:c7:c5:
54:ac:82:5d:f4:24:22:01:7b:27:bc:e7:c6:a0:75:
a0:e4:f3:60:42:a7:89:5d:90:83:8c:90:3a:0c:c7:
21:b2:d9:50:03:f0:2d:7c:b7:25:34:66:8c:2e:72:
c7:44:f6:2c:91:3e:a6:d8:48:1b:db:36:a7:7e:5b:
e9:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:F8:C8:B1:07:7A:50:50:2A:91:F0:5F:2A:8E:F1:65:80:D9:F8:CD
X509v3 Authority Key Identifier:
keyid:FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/Y_jIsQd6UFAqkfBfKo7xZYDZ-M0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.128.0/21
193.221.28.0/24
193.221.36.0/23
193.221.47.0/24
193.221.52.0/23
193.221.59.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:f7:4f:78:30:2e:5a:ac:78:ba:b4:40:01:ad:ea:f9:0b:3a:
7e:51:92:b2:41:ce:9b:0c:1f:f0:2b:37:c2:d1:df:0e:66:01:
9a:15:ac:23:c5:0d:97:7e:fa:7d:16:eb:ae:93:23:a2:98:1d:
b4:f5:19:25:15:ff:f2:8f:06:23:96:d2:3b:5b:de:c7:bd:2e:
89:be:d8:13:f1:cc:e7:94:df:35:45:07:bf:97:26:7c:fa:77:
b9:92:95:9b:36:40:99:80:fb:da:39:c9:52:52:e7:ab:30:0f:
2e:1b:89:06:64:1a:50:58:3a:39:8c:19:95:86:f1:29:b1:32:
96:04:e9:23:7d:d4:4c:a2:78:7c:8c:ba:1b:f6:79:1e:f4:d1:
0a:cc:d7:1e:1d:ed:7e:95:79:fb:90:8b:3e:29:24:d1:92:ac:
3c:96:69:e5:2e:69:ef:16:5b:f8:d8:81:ea:45:24:5e:49:97:
b8:b9:98:a5:e4:fa:5f:4e:9b:ec:88:d9:94:55:8d:f4:57:93:
63:c3:f7:2f:ff:2f:68:66:27:c4:1f:c5:34:e8:75:55:61:af:
4a:95:f6:e8:e3:a3:48:0d:2f:ba:12:51:b3:e8:20:96:47:3a:
39:12:c7:8b:5f:66:78:fa:86:03:24:1d:a9:2d:3b:9d:cc:5f:
0f:67:7e:da
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZMaUbB3TwH4y2BEYqxDSXY6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTRhYjJkNDgxY2YxNjIyYTJjNTIxODNhYjRmNWE5MzBh
NGFlNDEwHhcNMjQxMTExMDgyMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2M2Y4YzhiMTA3N2E1MDUwMmE5MWYwNWYyYThlZjE2NTgwZDlmOGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtsl0TVKk8dMK68cHxTpil9kpq2Co
zd802PARvlb7YjENexd1oEgQOlCMFhUQulGe7zG2Qv4hZ1sg8ONc5hEDWXlIjYyJ
7UEjuvIpjXXJSQuwwCSEFPE0z/ERkkSkuZ8HjOn0QPMZNYFz0CIv1kPfHF7b1673
2FKyWLiL50mWtPDGa9YDmsFo++Uz08Dm8NLgx2z9EtiwZ9ZtKRIJEKSM3s8p5pnC
72/09v4ZkYvIpWHHz8vbtZlWCIsTmUQ/qK5Tx8VUrIJd9CQiAXsnvOfGoHWg5PNg
QqeJXZCDjJA6DMchstlQA/AtfLclNGaMLnLHRPYskT6m2Egb2zanflvpHQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFGP4yLEHelBQKpHwXyqO8WWA2fjNMB8GA1UdIwQY
MBaAFP5Uqy1IHPFiKixSGDq09akwpK5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYt
MWIxMzYyYjliNmEyLzEvWV9qSXNRZDZVRkFxa2ZCZktvN3haWURaLU0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYtMWIxMzYyYjliNmEy
LzEvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQDqxmAAwQA
wd0cAwQBwd0kAwQAwd0vAwQBwd00AwQAwd07MA0GCSqGSIb3DQEBCwUAA4IBAQBr
9094MC5arHi6tEABrer5Czp+UZKyQc6bDB/wKzfC0d8OZgGaFawjxQ2Xfvp9Fuuu
kyOimB209RklFf/yjwYjltI7W97HvS6JvtgT8cznlN81RQe/lyZ8+ne5kpWbNkCZ
gPvaOclSUuerMA8uG4kGZBpQWDo5jBmVhvEpsTKWBOkjfdRMonh8jLob9nke9NEK
zNceHe1+lXn7kIs+KSTRkqw8lmnlLmnvFlv42IHqRSReSZe4uZil5PpfTpvsiNmU
VY30V5Njw/cv/y9oZifEH8U06HVVYa9Klfbo46NIDS+6ElGz6CCWRzo5EseLX2Z4
+oYDJB2pLTudzF8PZ37a
-----END CERTIFICATE-----
Generated at Fri Nov 22 22:31:16 2024 by rpki-client on console-ams.rpki-client.org