Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/4DECoYtO6z5fJ8AC27jIpvbzEL0.roa
File: 4DECoYtO6z5fJ8AC27jIpvbzEL0.roa (raw, json)
Hash identifier: o9wKIO9GjD7tjpNcN3ACZHae7tZETS2et+jjqmqb6Gg=
Subject key identifier: E0:31:02:A1:8B:4E:EB:3E:5F:27:C0:02:DB:B8:C8:A6:F6:F3:10:BD
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E61942FFBBE8261AEA6541522D66AD643
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/4DECoYtO6z5fJ8AC27jIpvbzEL0.roa
Signing time: Thu 21 Mar 2024 15:14:45 +0000
ROA not before: Thu 21 Mar 2024 15:14:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8551
IP address blocks: 95.100.204.0/22 maxlen: 22
2a02:26f0:8000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 May 2024 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:61:94:2f:fb:be:82:61:ae:a6:54:15:22:d6:6a:d6:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 21 15:14:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=e03102a18b4eeb3e5f27c002dbb8c8a6f6f310bd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:f4:f5:20:1e:6f:07:3b:ac:71:cd:70:9f:22:
50:bf:ae:d4:a7:d0:28:19:5d:e0:30:20:f4:cf:76:
15:dd:89:5f:73:cd:b5:ac:90:9f:5a:59:c1:9b:75:
fb:df:14:30:43:cf:10:37:f1:0f:96:27:1d:53:17:
fd:1f:1e:80:e7:3b:75:f2:30:a0:de:1a:98:6e:80:
e4:51:be:28:80:55:1d:d4:d0:7f:d0:8f:61:44:12:
23:8b:d5:47:ea:42:a6:ca:6b:99:29:4a:3b:72:03:
7e:ac:e7:8f:d3:30:db:a3:39:96:08:f9:08:a5:58:
38:e5:ce:6a:7e:92:70:52:6a:67:b0:f5:22:d3:fb:
48:70:34:f3:f1:82:4f:46:83:4b:3c:0c:19:ce:c5:
75:8c:3a:87:f8:e1:d3:a6:46:b6:d2:b4:97:6c:48:
63:49:06:98:33:28:dc:ff:e7:3e:05:f7:e8:29:e8:
38:86:ae:23:e4:d3:ee:c9:22:f2:a4:f8:7f:91:3a:
4e:42:74:c4:9e:55:7f:51:2b:c5:8c:8a:f8:08:c9:
c7:66:d2:0c:be:1b:4e:2c:f6:ea:73:e3:f9:f6:1e:
b2:db:80:63:ca:9a:2b:21:69:f2:fb:21:eb:e1:33:
5f:e9:72:6c:ff:a0:c0:ef:94:d8:74:a1:85:39:1c:
03:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:31:02:A1:8B:4E:EB:3E:5F:27:C0:02:DB:B8:C8:A6:F6:F3:10:BD
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/4DECoYtO6z5fJ8AC27jIpvbzEL0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.100.204.0/22
IPv6:
2a02:26f0:8000::/48
Signature Algorithm: sha256WithRSAEncryption
7d:94:1f:9b:14:9e:80:a7:0f:47:86:cb:0c:ca:d3:e6:7b:9b:
93:4a:89:e2:d7:a0:a8:66:49:ff:b5:30:a3:ba:7d:b9:65:97:
36:ff:ae:e8:22:51:7f:70:f9:c5:af:40:4d:ad:e9:77:7e:f5:
8a:77:77:3f:19:32:48:c9:96:91:48:9d:07:b7:b1:34:3d:44:
aa:33:89:71:2c:c7:3e:90:9f:6c:77:f6:f6:6a:89:53:49:d1:
49:c0:ae:ae:21:2f:fc:3b:e0:8d:c2:73:86:65:06:64:3d:29:
e8:be:d0:ac:c9:a8:15:72:ee:9f:84:fe:8f:6a:5f:f2:e4:a9:
91:ce:f7:b1:6e:e4:9f:bb:0b:b2:75:86:16:f3:7a:0f:15:29:
ae:16:c5:d9:50:14:70:a2:80:85:53:c7:21:f1:5a:20:b4:66:
8b:23:c6:34:2d:db:9d:94:67:8f:95:b6:2b:b1:a9:a9:08:9f:
fe:28:ee:fb:3e:e3:2b:cc:6e:35:36:61:ff:df:8a:86:25:0f:
52:2e:b4:c7:7a:d7:7a:e0:33:e9:e7:83:73:b1:29:ab:da:f4:
8b:63:52:42:91:a7:a8:15:c2:74:e5:71:1a:81:7b:93:0e:63:
a6:2b:5a:5e:ab:7b:74:1a:ba:27:00:0b:c0:82:85:1f:1b:6e:
b1:fd:53:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY5hlC/7voJhrqZUFSLWatZDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzIxMTUxNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDMxMDJhMThiNGVlYjNlNWYyN2MwMDJkYmI4YzhhNmY2ZjMxMGJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv/T1IB5vBzuscc1wnyJQv67Up9Ao
GV3gMCD0z3YV3Ylfc821rJCfWlnBm3X73xQwQ88QN/EPlicdUxf9Hx6A5zt18jCg
3hqYboDkUb4ogFUd1NB/0I9hRBIji9VH6kKmymuZKUo7cgN+rOeP0zDbozmWCPkI
pVg45c5qfpJwUmpnsPUi0/tIcDTz8YJPRoNLPAwZzsV1jDqH+OHTpka20rSXbEhj
SQaYMyjc/+c+BffoKeg4hq4j5NPuySLypPh/kTpOQnTEnlV/USvFjIr4CMnHZtIM
vhtOLPbqc+P59h6y24BjyporIWny+yHr4TNf6XJs/6DA75TYdKGFORwDuwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFOAxAqGLTus+XyfAAtu4yKb28xC9MB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvNERFQ29ZdE82ejVmSjhBQzI3aklwdmJ6RUwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCX2TMMA8E
AgACMAkDBwAqAibwgAAwDQYJKoZIhvcNAQELBQADggEBAH2UH5sUnoCnD0eGywzK
0+Z7m5NKieLXoKhmSf+1MKO6fblllzb/rugiUX9w+cWvQE2t6Xd+9Yp3dz8ZMkjJ
lpFInQe3sTQ9RKoziXEsxz6Qn2x39vZqiVNJ0UnArq4hL/w74I3Cc4ZlBmQ9Kei+
0KzJqBVy7p+E/o9qX/LkqZHO97Fu5J+7C7J1hhbzeg8VKa4WxdlQFHCigIVTxyHx
WiC0ZosjxjQt252UZ4+VtiuxqakIn/4o7vs+4yvMbjU2Yf/fioYlD1IutMd613rg
M+nng3OxKava9ItjUkKRp6gVwnTlcRqBe5MOY6YrWl6re3QauicAC8CChR8bbrH9
U0E=
-----END CERTIFICATE-----
Generated at Sun May 19 15:06:14 2024 by rpki-client on console-ams.rpki-client.org