Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/_KEpnSPEdc_Cdlbl5NabIXmCzzc.roa
File: _KEpnSPEdc_Cdlbl5NabIXmCzzc.roa (raw, json)
Hash identifier: 4OMM7vXzOme43UD50i99t97g39LJNJ3MSxLX4Gr+jAA=
Subject key identifier: FC:A1:29:9D:23:C4:75:CF:C2:76:56:E5:E4:D6:9B:21:79:82:CF:37
Certificate issuer: /CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Certificate serial: 018E7F948C2145953E840F1F824B982ACEB2
Authority key identifier: 6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/_KEpnSPEdc_Cdlbl5NabIXmCzzc.roa
Signing time: Wed 27 Mar 2024 11:03:45 +0000
ROA not before: Wed 27 Mar 2024 11:03:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8966
IP address blocks: 2.16.44.0/24 maxlen: 24
2.20.249.0/24 maxlen: 24
2.21.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.mft
rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 12:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:7f:94:8c:21:45:95:3e:84:0f:1f:82:4b:98:2a:ce:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b5fcbbea48937a442babdb3302132c4bc9bd6aa
Validity
Not Before: Mar 27 11:03:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fca1299d23c475cfc27656e5e4d69b217982cf37
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:4a:af:f5:75:5f:10:74:4e:08:d0:17:0a:24:
75:0f:93:15:0e:8a:c1:5d:d0:b1:5e:00:12:4d:e3:
f3:61:36:9f:e8:00:4d:11:0f:dd:10:fa:77:7e:fa:
2c:40:e2:4b:f8:fd:cc:05:9c:38:ef:0e:51:d7:8f:
78:c1:f4:0f:37:f5:6d:68:50:11:55:5e:70:88:e7:
98:e6:2e:1c:52:30:03:08:55:3b:6e:60:f3:cf:ad:
e5:8d:7a:25:0b:d4:81:11:f2:69:90:8a:ea:d7:85:
3b:72:29:b4:94:c9:db:f5:d8:75:6b:f6:b5:11:54:
c3:45:22:b7:81:fc:f7:95:05:8a:a4:8c:17:28:c3:
c2:38:97:83:ec:17:be:96:9a:89:f6:ed:7a:27:ed:
1e:e8:60:b9:cd:ec:9e:1d:97:4e:b1:3d:e0:c2:e3:
f4:4e:98:cc:69:6a:ff:f6:8b:46:61:82:ac:65:ac:
43:c5:f0:85:df:0c:db:f6:2a:a9:45:77:c0:ca:f6:
bc:9a:1e:d3:a1:72:0a:2d:38:43:26:63:36:e7:4f:
27:5a:32:7f:cb:d3:6b:90:9d:f4:04:12:ea:7e:ee:
20:82:64:77:c5:41:83:5a:53:14:4f:ae:f8:27:ff:
9f:85:11:d6:28:6e:8d:9c:ed:da:16:dd:ea:e7:fb:
8e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:A1:29:9D:23:C4:75:CF:C2:76:56:E5:E4:D6:9B:21:79:82:CF:37
X509v3 Authority Key Identifier:
keyid:6B:5F:CB:BE:A4:89:37:A4:42:BA:BD:B3:30:21:32:C4:BC:9B:D6:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1_LvqSJN6RCur2zMCEyxLyb1qo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/_KEpnSPEdc_Cdlbl5NabIXmCzzc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/042188-dfb6-4ad4-91a4-88d1cac9e4f1/1/a1_LvqSJN6RCur2zMCEyxLyb1qo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.16.44.0/24
2.20.249.0/24
2.21.231.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:ea:f1:17:88:27:4e:c8:0f:53:bc:22:29:05:29:d2:6e:86:
af:56:95:df:1d:a8:a7:36:6b:f8:14:2d:a5:09:37:8f:38:64:
51:4e:5c:09:23:31:5c:26:43:94:e1:89:f9:9d:03:9f:98:d9:
45:a5:39:f6:4f:cf:b7:dd:fb:9d:55:ba:63:e4:77:6d:77:8e:
a3:ee:cd:9e:22:e9:58:4e:a7:78:b1:7c:97:6b:61:d2:08:1d:
53:1d:3d:83:49:1a:71:53:49:04:75:eb:24:a9:9a:27:0a:ed:
ef:0b:49:ee:b8:cd:9a:42:c7:f2:a1:04:5a:75:10:9c:8b:77:
f4:8e:a0:5c:0e:ad:29:9a:26:e7:25:0a:01:3e:72:2f:b5:3e:
71:58:fd:2f:db:bb:7e:f7:2f:bd:26:74:a7:92:f7:44:d5:bf:
9f:c8:97:2d:eb:17:3e:63:0e:b3:95:a2:2d:21:b6:f1:6a:08:
ac:bf:0d:30:ec:fb:5f:54:88:ab:47:7d:53:f0:91:87:70:ca:
09:10:d9:d5:19:01:2c:0b:46:d4:7a:66:d6:22:59:77:ab:33:
20:2b:0b:a9:b8:43:74:e6:ba:ea:3d:16:d4:23:80:94:eb:86:
d0:6a:92:2b:be:90:5b:db:07:ee:58:91:b9:a1:48:32:33:57:
41:fd:cf:f8
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAY5/lIwhRZU+hA8fgkuYKs6yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiNWZjYmJlYTQ4OTM3YTQ0MmJhYmRiMzMwMjEzMmM0YmM5
YmQ2YWEwHhcNMjQwMzI3MTEwMzQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmY2ExMjk5ZDIzYzQ3NWNmYzI3NjU2ZTVlNGQ2OWIyMTc5ODJjZjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4kqv9XVfEHROCNAXCiR1D5MVDorB
XdCxXgASTePzYTaf6ABNEQ/dEPp3fvosQOJL+P3MBZw47w5R1494wfQPN/VtaFAR
VV5wiOeY5i4cUjADCFU7bmDzz63ljXolC9SBEfJpkIrq14U7cim0lMnb9dh1a/a1
EVTDRSK3gfz3lQWKpIwXKMPCOJeD7Be+lpqJ9u16J+0e6GC5zeyeHZdOsT3gwuP0
TpjMaWr/9otGYYKsZaxDxfCF3wzb9iqpRXfAyva8mh7ToXIKLThDJmM2508nWjJ/
y9NrkJ30BBLqfu4ggmR3xUGDWlMUT674J/+fhRHWKG6NnO3aFt3q5/uOLQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFPyhKZ0jxHXPwnZW5eTWmyF5gs83MB8GA1UdIwQY
MBaAFGtfy76kiTekQrq9szAhMsS8m9aqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQt
ODhkMWNhYzllNGYxLzEvX0tFcG5TUEVkY19DZGxibDVOYWJJWG1DenpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC8wNDIxODgtZGZiNi00YWQ0LTkxYTQtODhkMWNhYzllNGYx
LzEvYTFfTHZxU0pONlJDdXIyek1DRXl4THliMXFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAhAsAwQA
AhT5AwQAAhXnMA0GCSqGSIb3DQEBCwUAA4IBAQAO6vEXiCdOyA9TvCIpBSnSboav
VpXfHainNmv4FC2lCTePOGRRTlwJIzFcJkOU4Yn5nQOfmNlFpTn2T8+33fudVbpj
5Hdtd46j7s2eIulYTqd4sXyXa2HSCB1THT2DSRpxU0kEdeskqZonCu3vC0nuuM2a
QsfyoQRadRCci3f0jqBcDq0pmibnJQoBPnIvtT5xWP0v27t+9y+9JnSnkvdE1b+f
yJct6xc+Yw6zlaItIbbxagisvw0w7PtfVIirR31T8JGHcMoJENnVGQEsC0bUembW
Ill3qzMgKwupuEN05rrqPRbUI4CU64bQapIrvpBb2wfuWJG5oUgyM1dB/c/4
-----END CERTIFICATE-----
Generated at Mon Nov 25 16:47:52 2024 by rpki-client on console-ams.rpki-client.org