Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/jM7TX6DJHnljinYU2VUh9nDxRlw.roa
File: jM7TX6DJHnljinYU2VUh9nDxRlw.roa (raw, json)
Hash identifier: mZs/zEbO1bpXcmhI1Uxvp4LHg7QkfOHUMTyQme3vo+8=
Subject key identifier: 8C:CE:D3:5F:A0:C9:1E:79:63:8A:76:14:D9:55:21:F6:70:F1:46:5C
Certificate issuer: /CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Certificate serial: 018F0A3A111BA5ED327D54C76001B0F0F32B
Authority key identifier: FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/jM7TX6DJHnljinYU2VUh9nDxRlw.roa
Signing time: Tue 23 Apr 2024 09:12:08 +0000
ROA not before: Tue 23 Apr 2024 09:12:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3301
IP address blocks: 171.25.128.0/21 maxlen: 21
193.221.28.0/24 maxlen: 24
193.221.36.0/24 maxlen: 24
193.221.37.0/24 maxlen: 24
193.221.38.0/24 maxlen: 24
193.221.47.0/24 maxlen: 24
193.221.52.0/24 maxlen: 24
193.221.53.0/24 maxlen: 24
193.221.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.mft
rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 May 2024 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:0a:3a:11:1b:a5:ed:32:7d:54:c7:60:01:b0:f0:f3:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Validity
Not Before: Apr 23 09:12:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=8cced35fa0c91e79638a7614d95521f670f1465c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:23:f6:69:43:ee:9a:e2:38:bf:3d:d2:92:39:
3e:a2:41:0e:bc:1f:03:e7:b9:3a:e5:56:e1:50:44:
17:28:ff:b9:cf:6e:dd:0f:4b:77:ea:cb:0b:a0:f5:
9a:7a:98:31:8e:67:a1:1a:e2:67:38:d8:52:31:28:
b1:76:ea:06:45:77:41:7b:08:2d:1b:9e:a5:91:06:
dc:f3:78:44:5e:1b:fc:86:a4:89:52:a6:16:bc:af:
03:5f:9f:44:26:a0:9f:8e:aa:9f:9a:d7:cf:e6:ab:
15:ad:e7:4d:09:d5:33:0d:6b:97:a4:43:1c:c8:cb:
b7:cd:cf:33:4e:5f:a7:02:90:30:33:2a:3c:b5:55:
c9:c6:f4:7a:aa:76:90:63:c9:4e:d7:06:66:07:14:
81:72:50:97:7d:35:08:dc:75:43:63:1e:a6:6e:51:
86:f3:70:27:de:d4:31:bd:9e:8a:8d:52:62:da:d1:
19:f4:e7:c9:b9:05:4f:96:d5:5c:cc:ce:02:3c:4d:
27:52:fc:8c:bb:4e:53:b7:7c:4f:bb:2a:8e:b0:06:
98:70:13:a0:3d:ad:ff:59:f7:c5:25:20:3c:09:08:
39:94:d1:66:ff:4a:45:49:d8:7c:64:ff:94:65:ea:
83:dc:a1:ec:6d:a1:7a:78:77:93:65:42:6d:b6:6e:
74:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:CE:D3:5F:A0:C9:1E:79:63:8A:76:14:D9:55:21:F6:70:F1:46:5C
X509v3 Authority Key Identifier:
keyid:FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/jM7TX6DJHnljinYU2VUh9nDxRlw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.128.0/21
193.221.28.0/24
193.221.36.0-193.221.38.255
193.221.47.0/24
193.221.52.0/23
193.221.59.0/24
Signature Algorithm: sha256WithRSAEncryption
68:11:44:7e:9d:db:88:4d:94:1c:a7:82:f9:f6:6e:c2:72:25:
ab:70:59:66:fa:5e:5c:da:15:ed:d3:a4:f8:81:25:23:be:35:
49:99:30:b6:44:61:55:be:1f:03:e8:3e:94:44:b3:27:e2:f6:
0d:9f:9d:6e:a6:61:29:ba:de:f5:bc:f0:95:52:20:62:06:f4:
c6:b2:6c:07:f7:dd:ea:1f:4b:e0:5c:87:6f:7a:40:1b:64:68:
96:f0:2a:ce:fc:86:b8:39:9e:19:f2:15:2f:ea:76:05:57:84:
43:88:dd:88:2e:0c:b0:d9:a9:7d:38:35:78:26:c6:35:0c:94:
57:46:cc:2b:e1:ba:d7:42:e8:cc:ba:5c:82:e3:44:2b:2d:01:
ad:db:21:c6:31:2e:20:26:dc:8f:1c:76:5c:b9:f0:8b:b2:51:
2e:ed:f1:b3:67:2c:76:ca:9b:39:57:1e:75:0f:01:3a:b6:52:
85:63:fd:ab:8d:b3:5c:ad:25:6e:7c:54:cc:64:6f:6f:8a:56:
1b:d3:36:20:8a:04:d3:59:9f:bc:bc:54:63:d2:d4:bf:5c:53:
ec:8e:28:4a:7a:83:d5:9a:1c:b5:08:fb:8c:13:d6:a2:70:e5:
de:bb:7b:11:ea:01:a4:f3:38:26:30:c9:43:08:cd:34:fc:7c:
03:30:ea:ef
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAY8KOhEbpe0yfVTHYAGw8PMrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTRhYjJkNDgxY2YxNjIyYTJjNTIxODNhYjRmNWE5MzBh
NGFlNDEwHhcNMjQwNDIzMDkxMjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4Y2NlZDM1ZmEwYzkxZTc5NjM4YTc2MTRkOTU1MjFmNjcwZjE0NjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjiP2aUPumuI4vz3Skjk+okEOvB8D
57k65VbhUEQXKP+5z27dD0t36ssLoPWaepgxjmehGuJnONhSMSixduoGRXdBewgt
G56lkQbc83hEXhv8hqSJUqYWvK8DX59EJqCfjqqfmtfP5qsVredNCdUzDWuXpEMc
yMu3zc8zTl+nApAwMyo8tVXJxvR6qnaQY8lO1wZmBxSBclCXfTUI3HVDYx6mblGG
83An3tQxvZ6KjVJi2tEZ9OfJuQVPltVczM4CPE0nUvyMu05Tt3xPuyqOsAaYcBOg
Pa3/WffFJSA8CQg5lNFm/0pFSdh8ZP+UZeqD3KHsbaF6eHeTZUJttm50cwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFIzO01+gyR55Y4p2FNlVIfZw8UZcMB8GA1UdIwQY
MBaAFP5Uqy1IHPFiKixSGDq09akwpK5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYt
MWIxMzYyYjliNmEyLzEvak03VFg2REpIbmxqaW5ZVTJWVWg5bkR4Umx3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYtMWIxMzYyYjliNmEy
LzEvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsAwQDqxmAAwQA
wd0cMAwDBALB3SQDBADB3SYDBADB3S8DBAHB3TQDBADB3TswDQYJKoZIhvcNAQEL
BQADggEBAGgRRH6d24hNlByngvn2bsJyJatwWWb6XlzaFe3TpPiBJSO+NUmZMLZE
YVW+HwPoPpREsyfi9g2fnW6mYSm63vW88JVSIGIG9MaybAf33eofS+Bch296QBtk
aJbwKs78hrg5nhnyFS/qdgVXhEOI3YguDLDZqX04NXgmxjUMlFdGzCvhutdC6My6
XILjRCstAa3bIcYxLiAm3I8cdly58IuyUS7t8bNnLHbKmzlXHnUPATq2UoVj/auN
s1ytJW58VMxkb2+KVhvTNiCKBNNZn7y8VGPS1L9cU+yOKEp6g9WaHLUI+4wT1qJw
5d67exHqAaTzOCYwyUMIzTT8fAMw6u8=
-----END CERTIFICATE-----
Generated at Wed May 29 07:59:58 2024 by rpki-client on console-ams.rpki-client.org