Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/_2czGd2PPXL0uV72KSX-aUZpT5c.roa
File: _2czGd2PPXL0uV72KSX-aUZpT5c.roa (raw, json)
Hash identifier: pMSr8zUy7xjVUeL713z87of83uOyju2Xfbv+pxuhVEk=
Subject key identifier: FF:67:33:19:DD:8F:3D:72:F4:B9:5E:F6:29:25:FE:69:46:69:4F:97
Certificate issuer: /CN=70fee176f51ce8fd81424ff73a5417341279c0f1
Certificate serial: 01933BDBA2AD93A82CC20C94F54EE64590DC
Authority key identifier: 70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/_2czGd2PPXL0uV72KSX-aUZpT5c.roa
Signing time: Sun 17 Nov 2024 20:41:09 +0000
ROA not before: Sun 17 Nov 2024 20:41:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 174
IP address blocks: 2a05:b100:1000::/36 maxlen: 36
2a05:b100:1000::/46 maxlen: 46
2a05:b100:1004::/46 maxlen: 46
2a05:b100:1008::/46 maxlen: 46
2a05:b100:100c::/46 maxlen: 46
2a05:b100:1010::/46 maxlen: 46
2a05:b100:1014::/46 maxlen: 46
2a05:b100:1018::/46 maxlen: 46
2a05:b100:101c::/46 maxlen: 46
2a05:b100:1020::/46 maxlen: 46
2a05:b100:1024::/46 maxlen: 46
2a05:b100:1028::/46 maxlen: 46
2a05:b100:102c::/46 maxlen: 46
2a05:b100:1030::/46 maxlen: 46
2a05:b100:1034::/46 maxlen: 46
2a05:b100:1038::/46 maxlen: 46
2a05:b100:103c::/46 maxlen: 46
2a05:b100:1200::/41 maxlen: 41
2a05:b100:1280::/41 maxlen: 41
2a05:b100:1300::/41 maxlen: 41
2a05:b100:1380::/41 maxlen: 41
2a05:b100:1400::/41 maxlen: 41
2a05:b100:1480::/41 maxlen: 41
2a05:b100:1500::/41 maxlen: 41
2a05:b100:1580::/41 maxlen: 41
2a05:b100:1600::/41 maxlen: 41
2a05:b100:1680::/41 maxlen: 41
2a05:b100:1700::/41 maxlen: 41
2a05:b100:1780::/41 maxlen: 41
2a05:b100:1800::/39 maxlen: 39
2a05:b100:1a00::/39 maxlen: 39
2a05:b100:1c00::/39 maxlen: 39
2a05:b100:1e00::/39 maxlen: 39
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.mft
rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 14:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:3b:db:a2:ad:93:a8:2c:c2:0c:94:f5:4e:e6:45:90:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70fee176f51ce8fd81424ff73a5417341279c0f1
Validity
Not Before: Nov 17 20:41:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff673319dd8f3d72f4b95ef62925fe6946694f97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:46:44:db:62:22:a7:bc:dc:94:ec:ed:71:55:
6b:8c:bc:e0:ac:ba:8c:29:f7:d7:f0:9c:ff:a3:a4:
40:32:d3:08:98:40:3b:74:e9:5d:89:dc:c4:32:41:
96:1e:85:09:1d:c7:5e:6b:7c:df:0c:ad:60:99:52:
88:cb:e0:87:8b:4f:77:80:68:68:79:c1:97:c6:a3:
8e:d5:7e:63:82:bf:5c:c4:bd:b2:5c:43:42:a5:9d:
37:c4:3f:75:e7:f8:2d:69:ea:fc:d7:57:5b:3b:62:
2d:41:b9:c6:ad:79:cb:56:f9:eb:1b:8c:29:9f:2b:
47:9e:4c:19:9e:86:c8:b1:32:bd:b0:34:ec:cc:a5:
d2:dc:3b:22:e5:ea:79:24:18:4e:bb:6e:39:6d:e0:
10:fe:b0:db:29:42:61:0c:45:26:84:71:b7:e3:be:
ae:4f:86:35:8e:28:a5:c0:30:bd:16:d5:fc:5e:e3:
9c:5f:1a:8b:2b:57:3e:a4:96:32:0d:1e:4c:83:e4:
4c:47:cd:f7:cd:f4:d4:5b:44:5d:88:9d:63:e8:4e:
de:5b:78:bf:38:36:de:a2:0c:ef:b3:ff:3e:bc:9c:
30:3c:0f:66:c3:13:b3:fd:9a:3c:c3:3b:76:f7:17:
e2:de:ba:2a:29:0e:72:75:9e:58:d0:4b:aa:30:61:
3d:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:67:33:19:DD:8F:3D:72:F4:B9:5E:F6:29:25:FE:69:46:69:4F:97
X509v3 Authority Key Identifier:
keyid:70:FE:E1:76:F5:1C:E8:FD:81:42:4F:F7:3A:54:17:34:12:79:C0:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/_2czGd2PPXL0uV72KSX-aUZpT5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/4be222-6482-4db9-9a5f-752e9b8b0756/1/cP7hdvUc6P2BQk_3OlQXNBJ5wPE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:b100:1000::/36
Signature Algorithm: sha256WithRSAEncryption
29:ea:c4:d5:c3:fc:c6:9e:b6:5d:5a:ee:51:89:77:44:0c:e5:
7e:54:30:01:46:f2:57:09:ef:62:e3:4a:89:e9:a3:4b:7e:41:
4a:03:92:b6:c1:1d:b5:c5:02:86:cb:41:5d:08:9f:20:01:be:
dc:1e:b6:54:d1:af:42:2b:22:b4:7b:82:74:61:1f:24:98:9b:
ac:fc:19:03:30:ab:24:51:c5:87:b3:97:fb:7a:48:f0:7f:a4:
7c:d9:54:4e:ef:fd:1b:73:e5:4a:1a:52:cc:eb:c8:fb:a0:77:
ac:47:a5:55:3f:ce:e4:7a:66:56:35:e1:35:fb:6e:ef:6d:e1:
53:b2:47:df:b5:0b:6f:7b:8e:d4:73:5b:ff:1f:9d:ef:eb:c7:
6e:d4:27:06:9f:bb:89:fc:2b:92:ab:e0:c1:88:62:d8:c7:2c:
e2:a6:e7:0a:b2:5b:06:1a:3b:f6:3a:44:93:6c:28:8d:ec:0f:
c1:48:91:6a:17:c1:cd:62:1a:d5:3f:81:7e:4f:66:32:29:32:
b1:a8:6e:29:4c:b2:67:bb:d1:e9:11:0a:ac:a4:d3:5a:d3:15:
e6:ac:20:ed:2e:ac:65:99:11:72:4b:de:b9:08:64:25:61:03:
b5:ac:ca:39:36:1d:a3:cc:80:80:ab:57:fc:41:cb:3e:52:18:
5e:1a:50:6a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZM726Ktk6gswgyU9U7mRZDcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZmVlMTc2ZjUxY2U4ZmQ4MTQyNGZmNzNhNTQxNzM0MTI3
OWMwZjEwHhcNMjQxMTE3MjA0MTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjY3MzMxOWRkOGYzZDcyZjRiOTVlZjYyOTI1ZmU2OTQ2Njk0Zjk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkZE22Iip7zclOztcVVrjLzgrLqM
KffX8Jz/o6RAMtMImEA7dOldidzEMkGWHoUJHcdea3zfDK1gmVKIy+CHi093gGho
ecGXxqOO1X5jgr9cxL2yXENCpZ03xD915/gtaer811dbO2ItQbnGrXnLVvnrG4wp
nytHnkwZnobIsTK9sDTszKXS3Dsi5ep5JBhOu245beAQ/rDbKUJhDEUmhHG3476u
T4Y1jiilwDC9FtX8XuOcXxqLK1c+pJYyDR5Mg+RMR833zfTUW0RdiJ1j6E7eW3i/
ODbeogzvs/8+vJwwPA9mwxOz/Zo8wzt29xfi3roqKQ5ydZ5Y0EuqMGE9oQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFP9nMxndjz1y9Lle9ikl/mlGaU+XMB8GA1UdIwQY
MBaAFHD+4Xb1HOj9gUJP9zpUFzQSecDxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYt
NzUyZTliOGIwNzU2LzEvXzJjekdkMlBQWEwwdVY3MktTWC1hVVpwVDVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS80YmUyMjItNjQ4Mi00ZGI5LTlhNWYtNzUyZTliOGIwNzU2
LzEvY1A3aGR2VWM2UDJCUWtfM09sUVhOQko1d1BFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYEKgWxABAw
DQYJKoZIhvcNAQELBQADggEBACnqxNXD/Maetl1a7lGJd0QM5X5UMAFG8lcJ72Lj
Sonpo0t+QUoDkrbBHbXFAobLQV0InyABvtwetlTRr0IrIrR7gnRhHySYm6z8GQMw
qyRRxYezl/t6SPB/pHzZVE7v/Rtz5UoaUszryPugd6xHpVU/zuR6ZlY14TX7bu9t
4VOyR9+1C297jtRzW/8fne/rx27UJwafu4n8K5Kr4MGIYtjHLOKm5wqyWwYaO/Y6
RJNsKI3sD8FIkWoXwc1iGtU/gX5PZjIpMrGobilMsme70ekRCqyk01rTFeasIO0u
rGWZEXJL3rkIZCVhA7Wsyjk2HaPMgICrV/xByz5SGF4aUGo=
-----END CERTIFICATE-----
Generated at Sun Nov 24 23:23:43 2024 by rpki-client on console-ams.rpki-client.org