Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/40746e-74c0-47ca-a23c-9fef0114a2e5/1/iFAQtylr3ZRvM5JOhViQDahNSl8.roa
File: iFAQtylr3ZRvM5JOhViQDahNSl8.roa (raw, json)
Hash identifier: ziaVf39GfMHlG6F56FK5ey4SYxeBfLmJtFc4nGwT8Lo=
Subject key identifier: 88:50:10:B7:29:6B:DD:94:6F:33:92:4E:85:58:90:0D:A8:4D:4A:5F
Certificate issuer: /CN=ce6e1a2208fa3f1b9f3d38fff1f8e2c34d911f36
Certificate serial: 019424B37D7038C7A21C656D20491E2A5FB2
Authority key identifier: CE:6E:1A:22:08:FA:3F:1B:9F:3D:38:FF:F1:F8:E2:C3:4D:91:1F:36
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zm4aIgj6PxufPTj_8fjiw02RHzY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/40746e-74c0-47ca-a23c-9fef0114a2e5/1/iFAQtylr3ZRvM5JOhViQDahNSl8.roa
Signing time: Thu 02 Jan 2025 01:48:50 +0000
ROA not before: Thu 02 Jan 2025 01:48:50 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203210
IP address blocks: 193.43.100.0/24 maxlen: 24
193.43.110.0/24 maxlen: 24
193.43.126.0/24 maxlen: 24
193.43.136.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/40746e-74c0-47ca-a23c-9fef0114a2e5/1/zm4aIgj6PxufPTj_8fjiw02RHzY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/40746e-74c0-47ca-a23c-9fef0114a2e5/1/zm4aIgj6PxufPTj_8fjiw02RHzY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zm4aIgj6PxufPTj_8fjiw02RHzY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 20 Feb 2025 19:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:24:b3:7d:70:38:c7:a2:1c:65:6d:20:49:1e:2a:5f:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce6e1a2208fa3f1b9f3d38fff1f8e2c34d911f36
Validity
Not Before: Jan 2 01:48:50 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=885010b7296bdd946f33924e8558900da84d4a5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:57:46:0a:83:25:f6:92:5c:a2:80:5e:bf:8b:
fb:33:e0:35:32:33:64:c5:ef:93:aa:63:8d:e6:fd:
6a:67:d3:cd:65:a8:5d:6b:80:9f:af:e6:b4:61:8b:
21:1a:f7:04:9f:dd:26:ad:24:42:70:b3:8e:09:2b:
e4:cf:54:42:47:d8:af:4e:9d:6f:f0:0f:f9:d5:3a:
f2:b2:44:88:01:2f:b4:25:a9:a3:7a:45:0b:af:e8:
a3:ab:ca:dd:f5:c2:5c:71:3b:b6:6a:09:06:14:65:
42:fd:12:0b:9b:c2:3b:83:c9:2d:8f:a4:77:01:f0:
82:65:06:48:79:78:c0:18:97:ec:e4:4e:97:0e:48:
d5:f5:b7:89:a7:a0:18:48:0f:08:e7:ee:e2:8a:b2:
3e:e4:b0:df:4f:7f:81:6a:47:e1:c4:b8:64:fd:5b:
ca:c4:51:12:04:3a:de:ab:47:21:52:b2:65:e6:9c:
47:73:9f:7e:00:53:f1:73:c6:19:98:39:e4:99:d0:
0c:ea:5e:2c:0f:39:35:3a:00:e9:70:c3:37:3c:49:
2d:99:c7:0a:d5:dc:79:ef:c1:24:18:10:45:77:16:
14:b7:53:d9:50:d8:34:f6:63:27:bb:72:a4:84:aa:
88:21:27:fe:95:3c:6f:ab:fa:70:6c:02:aa:83:26:
8e:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:50:10:B7:29:6B:DD:94:6F:33:92:4E:85:58:90:0D:A8:4D:4A:5F
X509v3 Authority Key Identifier:
keyid:CE:6E:1A:22:08:FA:3F:1B:9F:3D:38:FF:F1:F8:E2:C3:4D:91:1F:36
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zm4aIgj6PxufPTj_8fjiw02RHzY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/40746e-74c0-47ca-a23c-9fef0114a2e5/1/iFAQtylr3ZRvM5JOhViQDahNSl8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/40746e-74c0-47ca-a23c-9fef0114a2e5/1/zm4aIgj6PxufPTj_8fjiw02RHzY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.100.0/24
193.43.110.0/24
193.43.126.0/24
193.43.136.0/24
Signature Algorithm: sha256WithRSAEncryption
2b:00:3d:6e:cd:70:fa:b4:65:60:ff:11:c9:17:9b:12:f1:b3:
c4:d7:4d:43:a1:9d:64:12:c7:bd:d8:82:dc:21:c4:bd:79:91:
e3:a7:40:e1:47:e8:f7:38:25:cc:79:8b:37:3b:7f:97:33:6a:
5a:1c:03:48:92:39:b1:d1:c8:6d:81:ec:32:8e:c8:88:e7:6c:
c2:61:98:0e:32:62:36:d4:5f:c1:43:72:2b:4e:0d:3c:12:d4:
cf:39:95:1c:cc:e7:98:ea:45:3d:0d:7d:63:22:33:91:10:a5:
cc:f5:c3:b8:97:1d:53:d0:67:fa:65:0f:bf:12:3e:6b:4a:76:
2c:41:ed:ae:0f:c1:06:d0:17:fa:34:e6:f4:79:3d:4c:22:7f:
c8:ca:07:4d:59:2c:26:bb:10:c6:6f:b7:03:34:d7:35:6a:17:
ad:0f:68:dd:ec:92:b8:16:c4:fc:55:18:f2:d0:bd:2f:6f:a3:
b7:8d:8c:e3:6f:34:d1:05:64:b2:3d:66:c0:74:42:ca:cd:85:
36:d3:bc:be:74:5c:4c:f1:e2:6a:4d:78:f2:99:11:c4:c8:0c:
df:22:93:82:74:5f:fb:f3:b2:40:f0:ff:c5:3c:46:32:e8:c2:
d7:6a:0b:d5:9b:d2:af:79:b2:5c:70:d2:d1:84:bd:df:eb:d8:
c0:d6:41:d0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZQks31wOMeiHGVtIEkeKl+yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlNmUxYTIyMDhmYTNmMWI5ZjNkMzhmZmYxZjhlMmMzNGQ5
MTFmMzYwHhcNMjUwMTAyMDE0ODUwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODUwMTBiNzI5NmJkZDk0NmYzMzkyNGU4NTU4OTAwZGE4NGQ0YTVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqVdGCoMl9pJcooBev4v7M+A1MjNk
xe+TqmON5v1qZ9PNZahda4Cfr+a0YYshGvcEn90mrSRCcLOOCSvkz1RCR9ivTp1v
8A/51TryskSIAS+0JamjekULr+ijq8rd9cJccTu2agkGFGVC/RILm8I7g8ktj6R3
AfCCZQZIeXjAGJfs5E6XDkjV9beJp6AYSA8I5+7iirI+5LDfT3+BakfhxLhk/VvK
xFESBDreq0chUrJl5pxHc59+AFPxc8YZmDnkmdAM6l4sDzk1OgDpcMM3PEktmccK
1dx578EkGBBFdxYUt1PZUNg09mMnu3KkhKqIISf+lTxvq/pwbAKqgyaOvwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIhQELcpa92UbzOSToVYkA2oTUpfMB8GA1UdIwQY
MBaAFM5uGiII+j8bnz04//H44sNNkR82MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem00YUlnajZQeHVmUFRqXzhmaml3MDJSSHpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80MDc0NmUtNzRjMC00N2NhLWEyM2Mt
OWZlZjAxMTRhMmU1LzEvaUZBUXR5bHIzWlJ2TTVKT2hWaVFEYWhOU2w4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80MDc0NmUtNzRjMC00N2NhLWEyM2MtOWZlZjAxMTRhMmU1
LzEvem00YUlnajZQeHVmUFRqXzhmaml3MDJSSHpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAwStkAwQA
wStuAwQAwSt+AwQAwSuIMA0GCSqGSIb3DQEBCwUAA4IBAQArAD1uzXD6tGVg/xHJ
F5sS8bPE101DoZ1kEse92ILcIcS9eZHjp0DhR+j3OCXMeYs3O3+XM2paHANIkjmx
0chtgewyjsiI52zCYZgOMmI21F/BQ3IrTg08EtTPOZUczOeY6kU9DX1jIjOREKXM
9cO4lx1T0Gf6ZQ+/Ej5rSnYsQe2uD8EG0Bf6NOb0eT1MIn/IygdNWSwmuxDGb7cD
NNc1ahetD2jd7JK4FsT8VRjy0L0vb6O3jYzjbzTRBWSyPWbAdELKzYU207y+dFxM
8eJqTXjymRHEyAzfIpOCdF/787JA8P/FPEYy6MLXagvVm9KvebJccNLRhL3f69jA
1kHQ
-----END CERTIFICATE-----
Generated at Thu Feb 20 02:50:21 2025 by rpki-client