Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/M42k860Eg2vXYek4cWts948nGRw.roa
File: M42k860Eg2vXYek4cWts948nGRw.roa (raw, json)
Hash identifier: baXYDoWUcZ2WJmo2pZwblTuX7jJJr8y1/U21VwWnKhU=
Subject key identifier: 33:8D:A4:F3:AD:04:83:6B:D7:61:E9:38:71:6B:6C:F7:8F:27:19:1C
Certificate issuer: /CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Certificate serial: 0190A2D609667A6D3A21F088F3B60EAF188B
Authority key identifier: B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/M42k860Eg2vXYek4cWts948nGRw.roa
Signing time: Thu 11 Jul 2024 17:27:34 +0000
ROA not before: Thu 11 Jul 2024 17:27:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200462
IP address blocks: 2.58.52.0/23 maxlen: 32
5.180.192.0/23 maxlen: 24
5.180.195.0/24 maxlen: 24
45.86.124.0/23 maxlen: 24
94.247.43.0/24 maxlen: 32
2a00:f826:8::/48 maxlen: 48
2a07:6fc0:10::/44 maxlen: 48
2a09:e1c0::/32 maxlen: 128
2a0c:8900::/29 maxlen: 128
2a0e:de80::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.mft
rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 13:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:a2:d6:09:66:7a:6d:3a:21:f0:88:f3:b6:0e:af:18:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4253c4f233ce9847699ae68ecbf5d7514b0fadb
Validity
Not Before: Jul 11 17:27:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=338da4f3ad04836bd761e938716b6cf78f27191c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:0e:ee:3b:aa:5e:a4:3f:ae:49:af:8a:f6:c3:
8f:50:48:c5:ec:cb:55:de:8b:99:a6:47:19:19:2c:
33:84:6f:60:10:6a:6d:26:66:ff:76:bf:f5:48:b2:
c1:5a:59:10:01:a4:a9:b2:9d:c9:87:10:f2:0c:cb:
98:d5:2a:3f:35:1e:2b:02:73:e4:22:c3:da:7c:fe:
ae:ad:0f:07:30:b6:43:34:2e:89:45:01:52:94:00:
fe:2d:41:c1:12:4e:41:fd:f8:2d:d9:25:0c:7a:43:
a5:5a:42:82:51:d9:f9:47:36:9f:da:94:ab:59:91:
db:c4:58:87:49:6e:8a:bc:2d:81:a6:a5:6b:54:44:
70:c0:f4:42:a0:b1:e2:6c:af:14:d4:47:b4:db:03:
7e:7a:c8:63:df:ac:0f:6c:38:0d:be:76:81:8b:70:
17:55:12:48:7c:5c:4d:50:85:1c:ba:6e:d8:c7:b6:
f7:58:2b:86:8d:06:a1:9b:60:a3:5e:b4:1a:25:8c:
45:d6:b1:fc:72:5d:df:38:8f:ce:a3:f7:ab:d5:a1:
bd:57:d8:30:33:45:26:ed:22:db:d2:5a:f0:98:70:
81:5b:8f:03:53:5e:19:bc:e8:2a:0f:b3:f9:b3:bb:
cc:e3:1e:3f:cb:4a:37:3b:1f:c2:d4:99:af:05:29:
8d:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:8D:A4:F3:AD:04:83:6B:D7:61:E9:38:71:6B:6C:F7:8F:27:19:1C
X509v3 Authority Key Identifier:
keyid:B4:25:3C:4F:23:3C:E9:84:76:99:AE:68:EC:BF:5D:75:14:B0:FA:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tCU8TyM86YR2ma5o7L9ddRSw-ts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/M42k860Eg2vXYek4cWts948nGRw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/41d6e1-5cad-40db-9773-58b38f5ac80b/1/tCU8TyM86YR2ma5o7L9ddRSw-ts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.52.0/23
5.180.192.0/23
5.180.195.0/24
45.86.124.0/23
94.247.43.0/24
IPv6:
2a00:f826:8::/48
2a07:6fc0:10::/44
2a09:e1c0::/32
2a0c:8900::/29
2a0e:de80::/29
Signature Algorithm: sha256WithRSAEncryption
3d:9c:a1:04:78:f6:07:6d:18:ab:4e:1e:58:3c:80:9b:08:f1:
7f:e8:4f:d3:27:23:b1:46:60:7d:0e:3f:02:f3:25:a2:d3:a3:
67:86:12:f8:24:3e:43:c2:d3:fc:e5:1d:c4:41:52:9a:9f:e0:
11:83:07:0d:ee:03:7a:49:fb:c4:d6:66:03:b9:eb:63:73:c7:
f6:65:9d:b6:c0:a1:ee:59:89:95:4b:7f:ed:78:8f:7e:51:6e:
6c:a4:4c:25:ef:b0:b4:5a:e5:ac:6c:f6:de:e7:b4:32:b9:f0:
43:1c:82:97:52:6d:d1:1a:e3:10:a4:89:8c:ed:2c:2e:2c:98:
cf:0d:b9:9e:46:0c:14:35:37:8f:49:04:9d:b8:bb:40:34:6e:
a5:49:06:7d:b1:d8:90:aa:5b:26:31:7a:d9:ae:3e:3b:91:17:
3e:58:38:bb:4b:26:66:a0:ba:9c:19:ca:38:b3:02:ec:76:90:
0f:08:ca:03:b5:fd:cf:3e:37:f4:03:e5:4c:bd:35:ec:ef:32:
bf:c3:f7:f2:dc:2e:23:c3:db:b0:7d:68:9d:df:d3:5c:f0:79:
de:6a:e8:52:41:36:ce:59:49:e6:75:3c:c1:50:bf:a3:74:5f:
c5:ae:da:a0:a1:78:a9:c6:cf:1a:93:7a:9a:18:65:1c:43:b4:
f1:03:98:21
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZCi1glmem06IfCI87YOrxiLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MjUzYzRmMjMzY2U5ODQ3Njk5YWU2OGVjYmY1ZDc1MTRi
MGZhZGIwHhcNMjQwNzExMTcyNzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzhkYTRmM2FkMDQ4MzZiZDc2MWU5Mzg3MTZiNmNmNzhmMjcxOTFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAig7uO6pepD+uSa+K9sOPUEjF7MtV
3ouZpkcZGSwzhG9gEGptJmb/dr/1SLLBWlkQAaSpsp3JhxDyDMuY1So/NR4rAnPk
IsPafP6urQ8HMLZDNC6JRQFSlAD+LUHBEk5B/fgt2SUMekOlWkKCUdn5Rzaf2pSr
WZHbxFiHSW6KvC2BpqVrVERwwPRCoLHibK8U1Ee02wN+eshj36wPbDgNvnaBi3AX
VRJIfFxNUIUcum7Yx7b3WCuGjQahm2CjXrQaJYxF1rH8cl3fOI/Oo/er1aG9V9gw
M0Um7SLb0lrwmHCBW48DU14ZvOgqD7P5s7vM4x4/y0o3Ox/C1JmvBSmNcQIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFDONpPOtBINr12HpOHFrbPePJxkcMB8GA1UdIwQY
MBaAFLQlPE8jPOmEdpmuaOy/XXUUsPrbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMt
NThiMzhmNWFjODBiLzEvTTQyazg2MEVnMnZYWWVrNGNXdHM5NDhuR1J3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80MWQ2ZTEtNWNhZC00MGRiLTk3NzMtNThiMzhmNWFjODBi
LzEvdENVOFR5TTg2WVIybWE1bzdMOWRkUlN3LXRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTAkBAIAATAeAwQBAjo0AwQB
BbTAAwQABbTDAwQBLVZ8AwQAXvcrMC0EAgACMCcDBwAqAPgmAAgDBwQqB2/AABAD
BQAqCeHAAwUDKgyJAAMFAyoO3oAwDQYJKoZIhvcNAQELBQADggEBAD2coQR49gdt
GKtOHlg8gJsI8X/oT9MnI7FGYH0OPwLzJaLTo2eGEvgkPkPC0/zlHcRBUpqf4BGD
Bw3uA3pJ+8TWZgO562Nzx/ZlnbbAoe5ZiZVLf+14j35RbmykTCXvsLRa5axs9t7n
tDK58EMcgpdSbdEa4xCkiYztLC4smM8NuZ5GDBQ1N49JBJ24u0A0bqVJBn2x2JCq
WyYxetmuPjuRFz5YOLtLJmagupwZyjizAux2kA8IygO1/c8+N/QD5Uy9NezvMr/D
9/LcLiPD27B9aJ3f01zwed5q6FJBNs5ZSeZ1PMFQv6N0X8Wu2qCheKnGzxqTepoY
ZRxDtPEDmCE=
-----END CERTIFICATE-----
Generated at Mon Nov 25 22:44:51 2024 by rpki-client on console-fra.rpki-client.org