Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c2/c22f61-133c-4d0c-88cf-a155e3f9d529/1/f3vp-XeU3SZ1fw82LHUjTUBjhiQ.roa
File: f3vp-XeU3SZ1fw82LHUjTUBjhiQ.roa (raw, json)
Hash identifier: lh6vTMSQkRtxuGGj91T6sQH+U75qss+pGMNmAwTtS88=
Subject key identifier: 7F:7B:E9:F9:77:94:DD:26:75:7F:0F:36:2C:75:23:4D:40:63:86:24
Certificate issuer: /CN=0010ab7391769b5f2c54e33c8b5a7df9f37a33a8
Certificate serial: 018CC5DC2DA8BE3610373F5290DCAE2F96D7
Authority key identifier: 00:10:AB:73:91:76:9B:5F:2C:54:E3:3C:8B:5A:7D:F9:F3:7A:33:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ABCrc5F2m18sVOM8i1p9-fN6M6g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c2/c22f61-133c-4d0c-88cf-a155e3f9d529/1/f3vp-XeU3SZ1fw82LHUjTUBjhiQ.roa
Signing time: Mon 01 Jan 2024 16:29:50 +0000
ROA not before: Mon 01 Jan 2024 16:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47829
IP address blocks: 2.58.236.0/22 maxlen: 24
193.176.236.0/24 maxlen: 24
2a09:ed40::/29 maxlen: 48
2001:67c:2c8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c2/c22f61-133c-4d0c-88cf-a155e3f9d529/1/ABCrc5F2m18sVOM8i1p9-fN6M6g.crl
rsync://rpki.ripe.net/repository/DEFAULT/c2/c22f61-133c-4d0c-88cf-a155e3f9d529/1/ABCrc5F2m18sVOM8i1p9-fN6M6g.mft
rsync://rpki.ripe.net/repository/DEFAULT/ABCrc5F2m18sVOM8i1p9-fN6M6g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 May 2024 08:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:2d:a8:be:36:10:37:3f:52:90:dc:ae:2f:96:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0010ab7391769b5f2c54e33c8b5a7df9f37a33a8
Validity
Not Before: Jan 1 16:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f7be9f97794dd26757f0f362c75234d40638624
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:f1:63:50:2e:ed:be:70:29:ff:9b:e8:8b:fb:
f2:e8:44:16:75:6c:d0:f4:2a:46:61:94:b7:e8:02:
65:0a:3d:ef:ff:eb:f2:3b:e4:86:00:24:ee:41:1d:
f4:c0:77:57:cf:49:ed:f0:6d:61:eb:ea:67:b7:bf:
b9:a3:90:4e:96:bb:29:5b:3e:c0:65:75:81:ad:42:
8f:e2:24:24:56:3f:c0:b1:fa:a2:15:af:a6:40:97:
42:60:e7:ee:65:91:28:69:dc:bd:21:ca:82:a2:ec:
29:36:47:98:aa:a4:e7:ba:52:19:20:2e:a9:ca:04:
c1:ff:14:52:39:d5:58:13:92:8c:66:d5:49:fb:81:
0b:50:6e:83:3b:34:e0:79:4a:14:74:f1:2e:8e:f4:
64:47:25:f9:3c:6d:c9:f1:f2:da:b4:40:f1:e9:fd:
0c:13:b9:d2:4a:43:43:25:22:f6:3d:90:17:a7:43:
c4:33:e0:bc:e0:2b:69:94:18:6c:76:77:2f:ca:dd:
36:de:a9:ca:5c:1f:a2:95:87:b2:4e:63:b5:e5:4d:
de:23:28:98:2a:a2:39:7f:42:75:e6:cc:43:38:b9:
af:35:44:35:60:e3:4e:7f:bf:54:b4:00:2f:7a:fc:
9b:f4:00:3a:56:40:e5:e4:a2:f1:79:ab:bd:3c:1e:
53:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:7B:E9:F9:77:94:DD:26:75:7F:0F:36:2C:75:23:4D:40:63:86:24
X509v3 Authority Key Identifier:
keyid:00:10:AB:73:91:76:9B:5F:2C:54:E3:3C:8B:5A:7D:F9:F3:7A:33:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ABCrc5F2m18sVOM8i1p9-fN6M6g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/c22f61-133c-4d0c-88cf-a155e3f9d529/1/f3vp-XeU3SZ1fw82LHUjTUBjhiQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c2/c22f61-133c-4d0c-88cf-a155e3f9d529/1/ABCrc5F2m18sVOM8i1p9-fN6M6g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.236.0/22
193.176.236.0/24
IPv6:
2001:67c:2c8::/48
2a09:ed40::/29
Signature Algorithm: sha256WithRSAEncryption
41:53:b7:20:d7:f0:cf:fe:14:e4:d3:65:ae:cd:b1:e3:c3:f6:
55:b0:be:05:12:78:c8:7b:01:b0:24:90:56:89:ea:65:25:77:
9a:70:66:41:b7:1b:bd:0a:2b:7d:db:ef:4f:f7:e9:93:a2:74:
a4:5f:b3:6d:15:65:32:4d:97:f6:f6:cd:8d:d3:63:b0:bf:95:
a0:90:4c:ad:cd:e6:19:d3:a3:dd:fa:93:52:6f:9b:b1:51:44:
94:26:3c:2f:76:1d:ca:79:f0:cc:5a:a9:37:7e:7d:a0:46:6a:
04:75:f2:03:63:77:bd:d9:36:69:47:d0:29:dc:57:1c:c0:01:
59:12:4d:53:47:b2:cd:bb:ee:54:47:b8:1f:50:f5:a4:f9:a9:
12:27:e2:9a:fa:b7:25:da:2e:a1:c0:13:a0:1c:eb:b1:bf:bd:
cc:e5:95:ac:a3:3d:bb:7f:69:17:ab:7f:d9:90:2f:13:94:b3:
3b:ba:ac:fd:9f:e5:ce:88:6a:bd:ff:60:d0:21:c0:9b:fa:f9:
37:09:1f:28:5e:ff:40:37:6b:f1:c6:d6:a6:db:b0:72:3e:6f:
62:c2:e9:f0:54:16:48:22:9f:73:e6:57:38:93:3c:85:bb:ab:
85:0b:b4:16:ca:0a:4e:39:34:69:83:c9:91:5b:14:be:e4:38:
7f:76:50:13
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAYzF3C2ovjYQNz9SkNyuL5bXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwMTBhYjczOTE3NjliNWYyYzU0ZTMzYzhiNWE3ZGY5ZjM3
YTMzYTgwHhcNMjQwMTAxMTYyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjdiZTlmOTc3OTRkZDI2NzU3ZjBmMzYyYzc1MjM0ZDQwNjM4NjI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7/FjUC7tvnAp/5voi/vy6EQWdWzQ
9CpGYZS36AJlCj3v/+vyO+SGACTuQR30wHdXz0nt8G1h6+pnt7+5o5BOlrspWz7A
ZXWBrUKP4iQkVj/AsfqiFa+mQJdCYOfuZZEoady9IcqCouwpNkeYqqTnulIZIC6p
ygTB/xRSOdVYE5KMZtVJ+4ELUG6DOzTgeUoUdPEujvRkRyX5PG3J8fLatEDx6f0M
E7nSSkNDJSL2PZAXp0PEM+C84CtplBhsdncvyt023qnKXB+ilYeyTmO15U3eIyiY
KqI5f0J15sxDOLmvNUQ1YONOf79UtAAvevyb9AA6VkDl5KLxeau9PB5ToQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFH976fl3lN0mdX8PNix1I01AY4YkMB8GA1UdIwQY
MBaAFAAQq3ORdptfLFTjPItaffnzejOoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUJDcmM1RjJtMThzVk9NOGkxcDktZk42TTZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMi9jMjJmNjEtMTMzYy00ZDBjLTg4Y2Yt
YTE1NWUzZjlkNTI5LzEvZjN2cC1YZVUzU1oxZnc4MkxIVWpUVUJqaGlRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMi9jMjJmNjEtMTMzYy00ZDBjLTg4Y2YtYTE1NWUzZjlkNTI5
LzEvQUJDcmM1RjJtMThzVk9NOGkxcDktZk42TTZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDASBAIAATAMAwQCAjrsAwQA
wbDsMBYEAgACMBADBwAgAQZ8AsgDBQMqCe1AMA0GCSqGSIb3DQEBCwUAA4IBAQBB
U7cg1/DP/hTk02WuzbHjw/ZVsL4FEnjIewGwJJBWieplJXeacGZBtxu9Cit92+9P
9+mTonSkX7NtFWUyTZf29s2N02Owv5WgkEytzeYZ06Pd+pNSb5uxUUSUJjwvdh3K
efDMWqk3fn2gRmoEdfIDY3e92TZpR9Ap3FccwAFZEk1TR7LNu+5UR7gfUPWk+akS
J+Ka+rcl2i6hwBOgHOuxv73M5ZWsoz27f2kXq3/ZkC8TlLM7uqz9n+XOiGq9/2DQ
IcCb+vk3CR8oXv9AN2vxxtam27ByPm9iwunwVBZIIp9z5lc4kzyFu6uFC7QWygpO
OTRpg8mRWxS+5Dh/dlAT
-----END CERTIFICATE-----
Generated at Sat May 11 16:33:15 2024 by rpki-client on console-ams.rpki-client.org