Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/l6hg9aOeT31cN2ehs21gqKe3LTQ.roa
File: l6hg9aOeT31cN2ehs21gqKe3LTQ.roa (raw, json)
Hash identifier: vs+bqrTpvGTrO4h3iizB+Z0rZaOLIeK5S/zf0+e+dhs=
Subject key identifier: 97:A8:60:F5:A3:9E:4F:7D:5C:37:67:A1:B3:6D:60:A8:A7:B7:2D:34
Certificate issuer: /CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Certificate serial: 01930BF144E480FFBBC674F21156399B208E
Authority key identifier: FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/l6hg9aOeT31cN2ehs21gqKe3LTQ.roa
Signing time: Fri 08 Nov 2024 13:23:01 +0000
ROA not before: Fri 08 Nov 2024 13:23:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 25717
IP address blocks: 171.25.138.0/24 maxlen: 24
171.25.139.0/24 maxlen: 24
171.25.140.0/24 maxlen: 24
171.25.141.0/24 maxlen: 24
171.25.142.0/24 maxlen: 24
171.25.143.0/24 maxlen: 24
193.221.16.0/24 maxlen: 24
193.221.17.0/24 maxlen: 24
193.221.18.0/24 maxlen: 24
193.221.19.0/24 maxlen: 24
193.221.20.0/24 maxlen: 24
193.221.21.0/24 maxlen: 24
193.221.22.0/24 maxlen: 24
193.221.23.0/24 maxlen: 24
193.221.32.0/24 maxlen: 24
193.221.33.0/24 maxlen: 24
193.221.34.0/24 maxlen: 24
193.221.35.0/24 maxlen: 24
193.221.38.0/24 maxlen: 24
193.221.54.0/23 maxlen: 23
193.221.56.0/24 maxlen: 24
193.221.57.0/24 maxlen: 24
193.221.68.0/24 maxlen: 24
193.221.69.0/24 maxlen: 24
193.221.70.0/23 maxlen: 23
193.221.72.0/24 maxlen: 24
193.221.74.0/24 maxlen: 24
193.221.75.0/24 maxlen: 24
193.221.76.0/24 maxlen: 24
193.221.77.0/24 maxlen: 24
193.221.78.0/24 maxlen: 24
193.221.79.0/24 maxlen: 24
193.221.80.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.mft
rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 00:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:0b:f1:44:e4:80:ff:bb:c6:74:f2:11:56:39:9b:20:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fe54ab2d481cf1622a2c52183ab4f5a930a4ae41
Validity
Not Before: Nov 8 13:23:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=97a860f5a39e4f7d5c3767a1b36d60a8a7b72d34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:aa:54:b3:31:1b:af:f6:18:4d:37:ce:fa:ee:
d1:bb:7b:b4:3b:3a:71:1b:9c:a1:d8:f8:9b:41:91:
3d:86:21:a5:f0:ca:9b:fc:31:1a:74:64:23:2f:89:
2a:5d:26:50:98:b4:e5:cf:77:9c:43:b2:63:35:45:
ee:d0:d0:5e:d4:be:78:10:01:98:72:1b:2b:37:3c:
90:db:bf:07:50:f5:15:aa:f7:f5:5d:e7:17:8d:51:
95:08:83:e7:c0:8d:98:d5:bb:e7:1b:ae:ed:76:27:
ca:ff:e9:fd:06:df:e3:ad:20:a5:8d:7a:23:96:76:
07:69:c0:9a:bf:68:06:84:dd:fb:f3:6b:c2:13:79:
7f:d4:b0:c7:e3:8d:7a:5d:ed:bf:83:f2:98:ad:9e:
ba:c8:a6:18:93:88:cf:e1:31:e2:5f:ca:8e:12:77:
b2:5e:7f:e1:d5:6f:ef:08:e8:49:7b:76:24:81:9b:
6a:13:65:a2:3f:d7:b1:0d:69:ae:72:a1:07:bc:22:
2e:44:e5:1d:7e:89:22:b7:81:1e:56:88:1f:37:b0:
5d:12:d2:c5:50:fe:eb:d8:0e:89:fd:c1:b1:ea:1e:
ed:a9:00:0c:cd:7f:ad:07:c6:17:72:fd:fb:8a:cb:
8b:bf:86:c9:b2:6c:42:02:f4:00:ab:c4:c4:8d:90:
6c:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:A8:60:F5:A3:9E:4F:7D:5C:37:67:A1:B3:6D:60:A8:A7:B7:2D:34
X509v3 Authority Key Identifier:
keyid:FE:54:AB:2D:48:1C:F1:62:2A:2C:52:18:3A:B4:F5:A9:30:A4:AE:41
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_lSrLUgc8WIqLFIYOrT1qTCkrkE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/l6hg9aOeT31cN2ehs21gqKe3LTQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/4d5e4a-8a16-4537-be1f-1b1362b9b6a2/1/_lSrLUgc8WIqLFIYOrT1qTCkrkE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
171.25.138.0-171.25.143.255
193.221.16.0/21
193.221.32.0/22
193.221.38.0/24
193.221.54.0-193.221.57.255
193.221.68.0-193.221.72.255
193.221.74.0-193.221.80.255
Signature Algorithm: sha256WithRSAEncryption
57:6b:5a:75:11:44:a1:0c:0b:18:b7:f9:46:90:ed:13:37:d7:
22:17:b3:fd:a4:95:9a:9e:35:b8:d9:b9:28:cd:2f:fb:d1:9e:
8e:bb:c9:fd:6c:d8:41:e6:64:d7:bc:4b:75:c3:70:ba:5e:d5:
5f:ca:62:26:7c:d0:2b:98:ea:9d:f9:ce:cf:e0:17:83:a0:41:
3b:57:34:9d:89:4a:79:27:39:41:99:c6:e9:bb:c6:ca:fe:74:
88:ac:06:de:c5:b2:c0:f4:fc:8b:e5:57:d0:43:15:a2:46:94:
64:64:a7:8f:dd:a5:cd:0d:ea:57:fe:66:b2:6f:0e:b4:4d:83:
3b:29:e7:f5:af:4e:be:b8:84:1b:e1:4c:fe:b0:0d:e1:a2:ce:
a1:64:ae:48:62:4b:ae:88:11:08:21:5e:e9:c9:a6:47:30:49:
a3:c0:3a:08:9b:f4:6f:c9:b6:11:c9:ee:71:e6:f7:9e:28:36:
1c:d8:41:1b:38:d0:5c:5f:f2:d8:6c:75:15:aa:c6:93:cd:f8:
01:4c:77:96:52:c6:94:8c:a1:3d:90:d6:89:f4:1d:d4:ce:ca:
5f:97:1e:a8:bf:55:4a:4e:c5:fc:50:e0:d5:75:ba:91:33:b6:
25:e2:bf:6d:99:96:82:b0:98:78:1a:57:3c:67:b1:ee:19:a0:
0d:06:bf:a7
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZML8UTkgP+7xnTyEVY5myCOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlNTRhYjJkNDgxY2YxNjIyYTJjNTIxODNhYjRmNWE5MzBh
NGFlNDEwHhcNMjQxMTA4MTMyMzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2E4NjBmNWEzOWU0ZjdkNWMzNzY3YTFiMzZkNjBhOGE3YjcyZDM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqpUszEbr/YYTTfO+u7Ru3u0Ozpx
G5yh2PibQZE9hiGl8Mqb/DEadGQjL4kqXSZQmLTlz3ecQ7JjNUXu0NBe1L54EAGY
chsrNzyQ278HUPUVqvf1XecXjVGVCIPnwI2Y1bvnG67tdifK/+n9Bt/jrSCljXoj
lnYHacCav2gGhN3782vCE3l/1LDH4416Xe2/g/KYrZ66yKYYk4jP4THiX8qOEney
Xn/h1W/vCOhJe3YkgZtqE2WiP9exDWmucqEHvCIuROUdfokit4EeVogfN7BdEtLF
UP7r2A6J/cGx6h7tqQAMzX+tB8YXcv37isuLv4bJsmxCAvQAq8TEjZBsWQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFJeoYPWjnk99XDdnobNtYKinty00MB8GA1UdIwQY
MBaAFP5Uqy1IHPFiKixSGDq09akwpK5BMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYt
MWIxMzYyYjliNmEyLzEvbDZoZzlhT2VUMzFjTjJlaHMyMWdxS2UzTFRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC80ZDVlNGEtOGExNi00NTM3LWJlMWYtMWIxMzYyYjliNmEy
LzEvX2xTckxVZ2M4V0lxTEZJWU9yVDFxVENrcmtFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKMAwDBAGrGYoD
BASrGYADBAPB3RADBALB3SADBADB3SYwDAMEAcHdNgMEAcHdODAMAwQCwd1EAwQA
wd1IMAwDBAHB3UoDBADB3VAwDQYJKoZIhvcNAQELBQADggEBAFdrWnURRKEMCxi3
+UaQ7RM31yIXs/2klZqeNbjZuSjNL/vRno67yf1s2EHmZNe8S3XDcLpe1V/KYiZ8
0CuY6p35zs/gF4OgQTtXNJ2JSnknOUGZxum7xsr+dIisBt7FssD0/IvlV9BDFaJG
lGRkp4/dpc0N6lf+ZrJvDrRNgzsp5/WvTr64hBvhTP6wDeGizqFkrkhiS66IEQgh
XunJpkcwSaPAOgib9G/JthHJ7nHm954oNhzYQRs40Fxf8thsdRWqxpPN+AFMd5ZS
xpSMoT2Q1on0HdTOyl+XHqi/VUpOxfxQ4NV1upEztiXiv22ZloKwmHgaVzxnse4Z
oA0Gv6c=
-----END CERTIFICATE-----
Generated at Sat Nov 23 07:35:22 2024 by rpki-client on console-fra.rpki-client.org