Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/2260f2-3ccd-44e5-8428-e82d5ee4e40f/1/I5i_frNfxPheNXn2m3SvNRT0_6E.roa
File: I5i_frNfxPheNXn2m3SvNRT0_6E.roa (raw, json)
Hash identifier: e9W5pvMxw3qcfabGnb74ilStqs6x2FX95Zh+vEBfWxk=
Subject key identifier: 23:98:BF:7E:B3:5F:C4:F8:5E:35:79:F6:9B:74:AF:35:14:F4:FF:A1
Certificate issuer: /CN=a42d0b826644a18387cf8322db7e646af63d986a
Certificate serial: 0191B7E8560D71C053074C94432271871D38
Authority key identifier: A4:2D:0B:82:66:44:A1:83:87:CF:83:22:DB:7E:64:6A:F6:3D:98:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pC0LgmZEoYOHz4Mi235kavY9mGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/2260f2-3ccd-44e5-8428-e82d5ee4e40f/1/I5i_frNfxPheNXn2m3SvNRT0_6E.roa
Signing time: Tue 03 Sep 2024 12:42:22 +0000
ROA not before: Tue 03 Sep 2024 12:42:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42517
IP address blocks: 77.241.224.0/20 maxlen: 20
89.248.128.0/20 maxlen: 20
109.69.224.0/21 maxlen: 21
185.130.240.0/22 maxlen: 22
2a00:1ae8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/2260f2-3ccd-44e5-8428-e82d5ee4e40f/1/pC0LgmZEoYOHz4Mi235kavY9mGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/2260f2-3ccd-44e5-8428-e82d5ee4e40f/1/pC0LgmZEoYOHz4Mi235kavY9mGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/pC0LgmZEoYOHz4Mi235kavY9mGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:b7:e8:56:0d:71:c0:53:07:4c:94:43:22:71:87:1d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a42d0b826644a18387cf8322db7e646af63d986a
Validity
Not Before: Sep 3 12:42:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2398bf7eb35fc4f85e3579f69b74af3514f4ffa1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:fe:b3:26:c1:51:6b:3c:21:e9:f5:aa:56:cc:
1e:b0:56:c6:84:9d:db:ef:9c:cc:69:3c:2e:0c:c0:
74:9b:9b:55:cc:0f:a2:01:81:73:17:7b:51:d8:83:
97:40:f4:00:9b:03:79:58:d7:26:05:ed:1c:32:40:
3a:4d:ca:ef:1e:50:3f:66:46:ec:31:35:79:cf:d0:
a4:46:2a:ea:a6:8b:6d:56:bc:68:ab:19:b8:be:e0:
70:ea:b6:a9:96:33:ae:a4:8f:18:93:dc:f4:21:8c:
b2:33:68:f0:05:e4:67:79:b4:a3:c5:89:0b:51:57:
94:ff:73:03:c3:20:12:24:67:6b:0a:ba:b2:c0:db:
79:20:84:58:a7:11:4e:99:3c:79:41:db:eb:7a:6d:
bb:b8:47:d0:da:79:61:23:d5:b9:f2:b7:1c:a5:80:
37:de:e5:1b:11:c7:b5:e1:e2:b6:cf:18:ac:08:82:
25:c5:3c:a0:a5:31:29:5c:a0:30:c4:ce:55:f8:9c:
f6:c1:cc:e4:c3:0e:65:b0:7c:50:e3:c2:32:f3:5e:
58:78:b0:e8:bc:4f:41:29:87:64:b1:91:63:42:8c:
c9:c8:96:2f:f7:f7:cd:fd:1c:84:a2:ff:09:c9:9b:
47:2e:45:1a:ad:63:bf:44:e2:10:90:8f:ba:2f:5c:
02:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:98:BF:7E:B3:5F:C4:F8:5E:35:79:F6:9B:74:AF:35:14:F4:FF:A1
X509v3 Authority Key Identifier:
keyid:A4:2D:0B:82:66:44:A1:83:87:CF:83:22:DB:7E:64:6A:F6:3D:98:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pC0LgmZEoYOHz4Mi235kavY9mGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2260f2-3ccd-44e5-8428-e82d5ee4e40f/1/I5i_frNfxPheNXn2m3SvNRT0_6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2260f2-3ccd-44e5-8428-e82d5ee4e40f/1/pC0LgmZEoYOHz4Mi235kavY9mGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.241.224.0/20
89.248.128.0/20
109.69.224.0/21
185.130.240.0/22
IPv6:
2a00:1ae8::/32
Signature Algorithm: sha256WithRSAEncryption
6c:7b:d3:52:40:5a:ec:7c:80:28:83:2c:50:da:d0:4f:de:15:
51:a9:2b:81:7b:51:6b:b7:40:a6:7e:77:e4:e5:87:3c:11:e3:
1d:29:7b:7a:3e:b5:f1:e8:c2:39:9d:7f:30:62:46:c5:8b:30:
ae:0c:81:93:58:8b:5b:8f:71:04:14:6c:b7:e7:e4:4d:89:00:
fc:59:c8:e0:24:de:f8:1f:b4:9b:97:e0:df:e8:9f:23:24:6d:
d6:96:6f:da:af:8b:a1:e1:bb:74:9c:3b:f7:7f:51:a7:b5:d5:
2a:a7:69:f9:1d:14:f2:f5:24:4d:ac:c0:ac:d6:37:dc:6f:92:
15:8d:fb:00:8c:95:a8:46:96:60:df:48:1d:cb:6a:3b:17:e0:
1d:6b:9a:19:41:01:fa:66:c9:b8:25:5d:37:ea:45:51:d9:d5:
33:be:61:c0:22:44:5e:85:0a:30:dc:68:4d:60:49:3c:83:08:
35:cf:52:14:54:c0:52:64:22:bf:e6:2d:bc:aa:dc:d5:63:4e:
c9:cb:a0:86:31:e0:cf:0c:6b:51:9c:3d:43:42:88:27:97:fd:
25:3e:3e:b7:ff:e7:39:47:48:28:ac:ae:1f:36:2c:ca:83:fd:
7c:89:be:8d:57:8e:88:e1:51:40:8e:2f:1a:ea:09:bb:00:8b:
9e:84:07:66
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZG36FYNccBTB0yUQyJxhx04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MmQwYjgyNjY0NGExODM4N2NmODMyMmRiN2U2NDZhZjYz
ZDk4NmEwHhcNMjQwOTAzMTI0MjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzk4YmY3ZWIzNWZjNGY4NWUzNTc5ZjY5Yjc0YWYzNTE0ZjRmZmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtv6zJsFRazwh6fWqVswesFbGhJ3b
75zMaTwuDMB0m5tVzA+iAYFzF3tR2IOXQPQAmwN5WNcmBe0cMkA6TcrvHlA/Zkbs
MTV5z9CkRirqpottVrxoqxm4vuBw6rapljOupI8Yk9z0IYyyM2jwBeRnebSjxYkL
UVeU/3MDwyASJGdrCrqywNt5IIRYpxFOmTx5Qdvrem27uEfQ2nlhI9W58rccpYA3
3uUbEce14eK2zxisCIIlxTygpTEpXKAwxM5V+Jz2wczkww5lsHxQ48Iy815YeLDo
vE9BKYdksZFjQozJyJYv9/fN/RyEov8JyZtHLkUarWO/ROIQkI+6L1wC/wIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCOYv36zX8T4XjV59pt0rzUU9P+hMB8GA1UdIwQY
MBaAFKQtC4JmRKGDh8+DItt+ZGr2PZhqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEMwTGdtWkVvWU9IejRNaTIzNWthdlk5bUdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yMjYwZjItM2NjZC00NGU1LTg0Mjgt
ZTgyZDVlZTRlNDBmLzEvSTVpX2ZyTmZ4UGhlTlhuMm0zU3ZOUlQwXzZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yMjYwZjItM2NjZC00NGU1LTg0MjgtZTgyZDVlZTRlNDBm
LzEvcEMwTGdtWkVvWU9IejRNaTIzNWthdlk5bUdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQETfHgAwQE
WfiAAwQDbUXgAwQCuYLwMA0EAgACMAcDBQAqABroMA0GCSqGSIb3DQEBCwUAA4IB
AQBse9NSQFrsfIAogyxQ2tBP3hVRqSuBe1Frt0Cmfnfk5Yc8EeMdKXt6PrXx6MI5
nX8wYkbFizCuDIGTWItbj3EEFGy35+RNiQD8WcjgJN74H7Sbl+Df6J8jJG3Wlm/a
r4uh4bt0nDv3f1GntdUqp2n5HRTy9SRNrMCs1jfcb5IVjfsAjJWoRpZg30gdy2o7
F+Ada5oZQQH6Zsm4JV036kVR2dUzvmHAIkRehQow3GhNYEk8gwg1z1IUVMBSZCK/
5i28qtzVY07Jy6CGMeDPDGtRnD1DQognl/0lPj63/+c5R0gorK4fNizKg/18ib6N
V46I4VFAji8a6gm7AIuehAdm
-----END CERTIFICATE-----
Generated at Sat Nov 23 04:46:13 2024 by rpki-client on console-ams.rpki-client.org