Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/1-nG4edNh2e_Ue1pFvswWJApuohA.roa
File: 1-nG4edNh2e_Ue1pFvswWJApuohA.roa (raw, json)
Hash identifier: h8Bsp/6YTU3r7eCtZroHCqv4X+Gi1ghuLIGNnenzTTk=
Subject key identifier: FA:71:B8:79:D3:61:D9:EF:D4:7B:5A:45:BE:CC:16:24:0A:6E:A2:10
Certificate issuer: /CN=4e5ebb9b051ad5ec7a36989fc3fcc94c1cabcc74
Certificate serial: 018E886292021B6B6594FD3E0C0435BC0C02
Authority key identifier: 4E:5E:BB:9B:05:1A:D5:EC:7A:36:98:9F:C3:FC:C9:4C:1C:AB:CC:74
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Tl67mwUa1ex6Npifw_zJTByrzHQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/1-nG4edNh2e_Ue1pFvswWJApuohA.roa
Signing time: Fri 29 Mar 2024 04:05:44 +0000
ROA not before: Fri 29 Mar 2024 04:05:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38972
IP address blocks: 46.254.24.0/22 maxlen: 22
46.254.24.0/24 maxlen: 24
46.254.25.0/24 maxlen: 24
46.254.26.0/24 maxlen: 24
46.254.27.0/24 maxlen: 24
80.251.144.0/21 maxlen: 21
80.251.147.0/24 maxlen: 24
80.251.150.0/24 maxlen: 24
80.251.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/Tl67mwUa1ex6Npifw_zJTByrzHQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/Tl67mwUa1ex6Npifw_zJTByrzHQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Tl67mwUa1ex6Npifw_zJTByrzHQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 14:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:88:62:92:02:1b:6b:65:94:fd:3e:0c:04:35:bc:0c:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e5ebb9b051ad5ec7a36989fc3fcc94c1cabcc74
Validity
Not Before: Mar 29 04:05:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fa71b879d361d9efd47b5a45becc16240a6ea210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a2:4f:f6:c6:1a:d6:e0:dc:09:a5:1a:2c:b0:
f8:7b:19:44:a0:02:1d:3a:aa:28:bd:e3:34:fe:3c:
7e:17:de:c9:bf:dc:3e:79:3b:a1:09:cb:42:34:66:
3c:b9:02:10:65:d8:4d:59:cf:69:47:3f:8d:5f:64:
97:6f:6b:96:0e:57:8f:a2:c3:59:1b:01:6c:ae:35:
a2:a4:23:d2:e6:6a:bb:3d:84:f4:a4:3a:bf:1f:8f:
08:b9:24:9c:b5:96:0d:e3:b0:40:14:1b:5a:03:53:
53:a5:9f:d7:c1:76:09:25:de:41:5a:54:85:da:49:
d6:a6:4f:2b:de:d3:c6:ce:6f:2c:16:c0:24:76:98:
8f:13:7f:1d:79:ec:89:f1:fa:ac:56:0a:64:93:dc:
6d:74:ef:80:36:94:67:1f:e1:ec:54:75:d1:34:21:
7d:92:5c:6d:bf:e3:06:7e:16:f0:1d:c9:7a:4a:26:
13:4b:bb:ea:da:b3:ff:05:48:c5:92:fb:45:89:a5:
78:18:c1:f7:25:50:2c:28:4f:0e:f1:d4:36:e8:3b:
03:e4:54:b8:e0:86:ea:e8:90:cd:23:c1:03:48:28:
d1:13:78:6e:51:55:6e:32:36:ab:b2:31:df:3d:09:
48:a0:c0:3e:4a:ce:fd:5e:25:f3:c0:08:d9:2b:16:
fe:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:71:B8:79:D3:61:D9:EF:D4:7B:5A:45:BE:CC:16:24:0A:6E:A2:10
X509v3 Authority Key Identifier:
keyid:4E:5E:BB:9B:05:1A:D5:EC:7A:36:98:9F:C3:FC:C9:4C:1C:AB:CC:74
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Tl67mwUa1ex6Npifw_zJTByrzHQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/1-nG4edNh2e_Ue1pFvswWJApuohA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/ec1721-75c5-40f5-9345-c2fd0f958d4b/1/Tl67mwUa1ex6Npifw_zJTByrzHQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.254.24.0/22
80.251.144.0/21
80.251.154.0/24
Signature Algorithm: sha256WithRSAEncryption
7a:2e:52:2e:95:20:3c:5a:5d:8a:26:e9:08:9e:a8:db:c5:43:
5c:ce:b6:43:c5:0e:be:6d:0b:1c:6e:f3:20:3b:33:38:42:ce:
cc:d4:0b:c4:bc:d5:f2:e4:21:f5:cd:69:c6:0f:6a:8a:ee:47:
0e:b2:0d:29:54:9a:18:ef:23:13:54:59:04:ef:11:a1:4c:f4:
aa:da:50:3c:12:98:c8:9a:9a:ac:b9:f3:fc:f1:ce:0f:31:15:
1f:52:0c:ce:32:5e:02:da:bc:95:3d:f8:dd:cc:c2:75:94:88:
88:94:c2:4d:2e:af:60:a1:20:21:b3:cf:84:a5:c1:63:58:8a:
8e:d6:74:65:eb:cf:ae:11:cf:c2:28:3c:28:43:fa:67:c2:cd:
90:c6:58:02:18:24:bd:76:af:7d:ba:63:30:b7:cf:22:05:19:
c6:4f:c6:a1:0b:d6:66:f2:87:a4:10:50:8a:ff:f0:8a:f4:6c:
52:64:1e:f8:87:dc:31:2a:e5:71:11:a0:c5:b9:b6:2a:6b:4c:
51:2f:a6:d0:69:14:d0:99:89:d1:27:89:f0:14:49:12:23:7d:
73:e0:be:04:47:01:db:2e:4b:49:e3:36:60:26:b6:24:94:aa:
0f:50:4f:f2:4f:3b:22:59:b6:c8:07:c9:60:31:7a:ce:24:6d:
6f:00:09:ba
-----BEGIN CERTIFICATE-----
MIIFCjCCA/KgAwIBAgISAY6IYpICG2tllP0+DAQ1vAwCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlNWViYjliMDUxYWQ1ZWM3YTM2OTg5ZmMzZmNjOTRjMWNh
YmNjNzQwHhcNMjQwMzI5MDQwNTQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTcxYjg3OWQzNjFkOWVmZDQ3YjVhNDViZWNjMTYyNDBhNmVhMjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKJP9sYa1uDcCaUaLLD4exlEoAId
OqooveM0/jx+F97Jv9w+eTuhCctCNGY8uQIQZdhNWc9pRz+NX2SXb2uWDlePosNZ
GwFsrjWipCPS5mq7PYT0pDq/H48IuSSctZYN47BAFBtaA1NTpZ/XwXYJJd5BWlSF
2knWpk8r3tPGzm8sFsAkdpiPE38deeyJ8fqsVgpkk9xtdO+ANpRnH+HsVHXRNCF9
klxtv+MGfhbwHcl6SiYTS7vq2rP/BUjFkvtFiaV4GMH3JVAsKE8O8dQ26DsD5FS4
4Ibq6JDNI8EDSCjRE3huUVVuMjarsjHfPQlIoMA+Ss79XiXzwAjZKxb+WQIDAQAB
o4ICFjCCAhIwHQYDVR0OBBYEFPpxuHnTYdnv1HtaRb7MFiQKbqIQMB8GA1UdIwQY
MBaAFE5eu5sFGtXsejaYn8P8yUwcq8x0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGw2N213VWExZXg2TnBpZndfekpUQnlyekhRLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9lYzE3MjEtNzVjNS00MGY1LTkzNDUt
YzJmZDBmOTU4ZDRiLzEvMS1uRzRlZE5oMmVfVWUxcEZ2c3dXSkFwdW9oQS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZDIvZWMxNzIxLTc1YzUtNDBmNS05MzQ1LWMyZmQwZjk1OGQ0
Yi8xL1RsNjdtd1VhMWV4Nk5waWZ3X3pKVEJ5cnpIUS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjArBggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAi7+GAME
A1D7kAMEAFD7mjANBgkqhkiG9w0BAQsFAAOCAQEAei5SLpUgPFpdiibpCJ6o28VD
XM62Q8UOvm0LHG7zIDszOELOzNQLxLzV8uQh9c1pxg9qiu5HDrINKVSaGO8jE1RZ
BO8RoUz0qtpQPBKYyJqarLnz/PHODzEVH1IMzjJeAtq8lT343czCdZSIiJTCTS6v
YKEgIbPPhKXBY1iKjtZ0ZevPrhHPwig8KEP6Z8LNkMZYAhgkvXavfbpjMLfPIgUZ
xk/GoQvWZvKHpBBQiv/wivRsUmQe+IfcMSrlcRGgxbm2KmtMUS+m0GkU0JmJ0SeJ
8BRJEiN9c+C+BEcB2y5LSeM2YCa2JJSqD1BP8k87Ilm2yAfJYDF6ziRtbwAJug==
-----END CERTIFICATE-----
Generated at Fri Jun 7 23:44:52 2024 by rpki-client on console-fra.rpki-client.org