Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/lSFEO2W9gFTc95zN_vkZrrfNj2Q.roa
File: lSFEO2W9gFTc95zN_vkZrrfNj2Q.roa (raw, json)
Hash identifier: c3HkBrFJ1+yIaXrSSWqLWvrp8tspFOb4Z2FyWhvrzDY=
Subject key identifier: 95:21:44:3B:65:BD:80:54:DC:F7:9C:CD:FE:F9:19:AE:B7:CD:8F:64
Certificate issuer: /CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Certificate serial: 018E12D659B7E1904300005656518DD93232
Authority key identifier: AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/lSFEO2W9gFTc95zN_vkZrrfNj2Q.roa
Signing time: Wed 06 Mar 2024 08:17:01 +0000
ROA not before: Wed 06 Mar 2024 08:17:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204137
IP address blocks: 134.19.128.0/21 maxlen: 21
134.19.128.0/23 maxlen: 23
134.19.130.0/23 maxlen: 23
134.19.132.0/23 maxlen: 23
134.19.134.0/23 maxlen: 23
2a05:7400:4000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:12:d6:59:b7:e1:90:43:00:00:56:56:51:8d:d9:32:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae7f747df5f24353154dc4d4bf70d2ddcb53e900
Validity
Not Before: Mar 6 08:17:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9521443b65bd8054dcf79ccdfef919aeb7cd8f64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:d4:d7:4a:ef:76:46:47:47:89:39:4c:d1:f8:
3d:90:a7:2b:7b:e1:db:38:07:b4:ac:da:5a:d1:c5:
59:45:56:b2:10:45:d9:e1:3c:73:c4:00:7c:5d:c6:
ef:8d:30:cf:5e:56:82:dc:60:9f:12:28:33:64:36:
78:a9:0a:7b:6b:c2:05:b4:db:7f:be:2a:8b:db:d0:
6c:92:d4:ea:69:ee:4e:79:fe:84:eb:10:73:75:73:
fb:d7:6c:1c:e4:8b:0a:16:b4:8a:81:ef:19:d8:ce:
18:4a:48:37:c1:ac:f1:2c:75:5b:50:31:6e:3f:f9:
75:01:7f:d8:31:d3:87:f7:45:40:27:eb:50:ee:1a:
ed:cc:2c:cf:0a:13:d1:49:90:80:35:2a:ab:90:fa:
9f:b1:ce:07:b8:75:9c:66:86:e8:c2:ed:e9:75:b8:
ed:6e:42:75:54:b2:ae:71:01:d0:28:37:ff:c3:08:
72:1a:18:bb:9e:d7:21:90:06:88:49:a3:78:8e:ff:
0c:fd:c2:aa:4b:9f:54:3c:22:6c:21:31:bf:85:e1:
e0:3a:97:27:f3:b1:c2:86:ef:05:48:90:c7:b4:68:
ce:17:c6:6e:08:88:64:4a:4a:dc:6f:82:d9:2b:eb:
72:f5:bf:9e:c7:c8:be:0c:d1:8f:57:6e:8f:63:d9:
ff:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:21:44:3B:65:BD:80:54:DC:F7:9C:CD:FE:F9:19:AE:B7:CD:8F:64
X509v3 Authority Key Identifier:
keyid:AE:7F:74:7D:F5:F2:43:53:15:4D:C4:D4:BF:70:D2:DD:CB:53:E9:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rn90ffXyQ1MVTcTUv3DS3ctT6QA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/lSFEO2W9gFTc95zN_vkZrrfNj2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/58af24-c454-44b0-a7ca-c6f1e6ac9ba9/1/rn90ffXyQ1MVTcTUv3DS3ctT6QA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
134.19.128.0/21
IPv6:
2a05:7400:4000::/34
Signature Algorithm: sha256WithRSAEncryption
33:ac:06:62:85:a0:29:a3:d7:3e:b3:5e:77:bd:eb:c2:be:37:
f0:96:ef:0f:ba:ba:4f:08:69:eb:a3:75:0d:9e:c6:17:da:0d:
8e:d8:2b:4f:a1:b6:64:47:81:94:39:54:a0:85:5b:68:95:a1:
c8:47:de:0a:08:ac:6f:74:a2:f2:b6:75:b9:67:fc:25:c7:06:
71:1c:af:dc:2d:bb:68:1d:98:8d:5d:15:48:1f:5d:64:b1:a8:
f2:55:d2:7d:7d:98:c7:aa:60:57:1c:5e:b8:33:aa:0a:11:b0:
46:32:f4:4b:7e:36:e5:98:67:35:c6:7e:0e:70:f5:67:a3:7c:
d3:71:7f:f9:4d:74:01:1d:3a:01:bb:78:38:9e:99:37:e1:96:
ef:df:11:12:9c:5e:89:3c:d1:22:a3:73:44:2c:e8:b0:fd:68:
b0:ec:c3:fb:2c:eb:22:39:28:f6:2c:d6:f2:43:d9:e7:04:68:
75:ed:67:6f:51:8c:b3:c9:e2:e0:02:d1:a1:a6:72:64:c2:f6:
f5:72:50:96:4d:66:f0:d8:19:02:9c:05:48:9f:eb:17:56:57:
7b:64:ad:1f:f2:a9:86:bc:a7:27:6c:c5:2a:88:73:70:88:5b:
84:8b:8e:7c:00:6b:d4:14:28:c4:5d:e6:a3:37:8c:8d:6a:4b:
2b:49:a8:06
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAY4S1lm34ZBDAABWVlGN2TIyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlN2Y3NDdkZjVmMjQzNTMxNTRkYzRkNGJmNzBkMmRkY2I1
M2U5MDAwHhcNMjQwMzA2MDgxNzAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTIxNDQzYjY1YmQ4MDU0ZGNmNzljY2RmZWY5MTlhZWI3Y2Q4ZjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq9TXSu92RkdHiTlM0fg9kKcre+Hb
OAe0rNpa0cVZRVayEEXZ4TxzxAB8XcbvjTDPXlaC3GCfEigzZDZ4qQp7a8IFtNt/
viqL29BsktTqae5Oef6E6xBzdXP712wc5IsKFrSKge8Z2M4YSkg3wazxLHVbUDFu
P/l1AX/YMdOH90VAJ+tQ7hrtzCzPChPRSZCANSqrkPqfsc4HuHWcZobowu3pdbjt
bkJ1VLKucQHQKDf/wwhyGhi7ntchkAaISaN4jv8M/cKqS59UPCJsITG/heHgOpcn
87HChu8FSJDHtGjOF8ZuCIhkSkrcb4LZK+ty9b+ex8i+DNGPV26PY9n/UQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFJUhRDtlvYBU3Peczf75Ga63zY9kMB8GA1UdIwQY
MBaAFK5/dH318kNTFU3E1L9w0t3LU+kAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2Et
YzZmMWU2YWM5YmE5LzEvbFNGRU8yVzlnRlRjOTV6Tl92a1pycmZOajJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi81OGFmMjQtYzQ1NC00NGIwLWE3Y2EtYzZmMWU2YWM5YmE5
LzEvcm45MGZmWHlRMU1WVGNUVXYzRFMzY3RUNlFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjAMBAIAATAGAwQDhhOAMA4E
AgACMAgDBgYqBXQAQDANBgkqhkiG9w0BAQsFAAOCAQEAM6wGYoWgKaPXPrNed73r
wr438JbvD7q6Twhp66N1DZ7GF9oNjtgrT6G2ZEeBlDlUoIVbaJWhyEfeCgisb3Si
8rZ1uWf8JccGcRyv3C27aB2YjV0VSB9dZLGo8lXSfX2Yx6pgVxxeuDOqChGwRjL0
S3425ZhnNcZ+DnD1Z6N803F/+U10AR06Abt4OJ6ZN+GW798REpxeiTzRIqNzRCzo
sP1osOzD+yzrIjko9izW8kPZ5wRode1nb1GMs8ni4ALRoaZyZML29XJQlk1m8NgZ
ApwFSJ/rF1ZXe2StH/KphrynJ2zFKohzcIhbhIuOfABr1BQoxF3mozeMjWpLK0mo
Bg==
-----END CERTIFICATE-----
Generated at Sat Jun 1 13:52:13 2024 by rpki-client on console-fra.rpki-client.org