Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/tPMiCFIaeO5eEaWuiPEl9jb_-4w.roa
File: tPMiCFIaeO5eEaWuiPEl9jb_-4w.roa (raw, json)
Hash identifier: IQTGMguaC3VBm/QbofJ/Ldrx26xSitHSnQHw4I2OdwU=
Subject key identifier: B4:F3:22:08:52:1A:78:EE:5E:11:A5:AE:88:F1:25:F6:36:FF:FB:8C
Certificate issuer: /CN=025f2a93db10f2dd5f6a55bb2a440f67486cd1a3
Certificate serial: 018CD13348AB07233231EFED1B6A4C0A94A9
Authority key identifier: 02:5F:2A:93:DB:10:F2:DD:5F:6A:55:BB:2A:44:0F:67:48:6C:D1:A3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Al8qk9sQ8t1falW7KkQPZ0hs0aM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/tPMiCFIaeO5eEaWuiPEl9jb_-4w.roa
Signing time: Wed 03 Jan 2024 21:20:48 +0000
ROA not before: Wed 03 Jan 2024 21:20:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49305
IP address blocks: 178.255.217.0/24 maxlen: 24
185.228.251.0/24 maxlen: 24
94.247.136.0/24 maxlen: 24
62.204.50.0/24 maxlen: 24
2a0e:3ec0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/Al8qk9sQ8t1falW7KkQPZ0hs0aM.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/Al8qk9sQ8t1falW7KkQPZ0hs0aM.mft
rsync://rpki.ripe.net/repository/DEFAULT/Al8qk9sQ8t1falW7KkQPZ0hs0aM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:d1:33:48:ab:07:23:32:31:ef:ed:1b:6a:4c:0a:94:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=025f2a93db10f2dd5f6a55bb2a440f67486cd1a3
Validity
Not Before: Jan 3 21:20:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b4f32208521a78ee5e11a5ae88f125f636fffb8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:21:4f:c3:a7:23:c9:6c:e8:06:11:f8:84:dc:
42:d1:fc:f5:25:c0:3a:de:cd:09:c6:22:da:73:3e:
65:c1:51:3e:5b:88:4d:6b:ee:01:c5:50:99:f1:8a:
8e:54:4b:66:40:cf:5f:1a:4a:da:95:88:17:01:a3:
02:9c:c3:38:79:32:69:ec:3e:a0:0d:68:fc:5f:31:
cf:94:ae:80:71:99:50:ff:61:d2:f3:3a:7e:e7:e9:
34:94:b1:82:2c:eb:3e:b2:29:62:cc:ca:97:90:a1:
3d:1d:9a:08:2f:db:87:78:37:34:1c:23:9f:fd:88:
7d:17:ba:95:e0:d6:86:f9:36:3c:1e:96:8c:31:76:
43:3d:64:f5:de:3f:5a:f3:f0:da:73:eb:78:b1:0d:
07:9b:ed:5c:71:40:75:8e:1e:22:2d:f5:5e:63:bc:
45:cd:48:60:31:81:ba:ed:51:36:7a:01:d9:06:3a:
76:f1:ac:af:a6:97:d5:45:e5:3f:c9:43:fa:4d:73:
ff:89:8e:b3:69:5c:5c:41:e0:34:d0:0e:99:dc:97:
fb:f3:cc:72:42:0f:f4:8b:4d:99:e3:c0:eb:ff:ab:
68:11:17:80:d2:36:8b:21:f9:ec:f8:b1:99:80:08:
d7:3f:bb:a3:92:fe:48:51:75:8d:b9:d3:ca:45:db:
ef:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:F3:22:08:52:1A:78:EE:5E:11:A5:AE:88:F1:25:F6:36:FF:FB:8C
X509v3 Authority Key Identifier:
keyid:02:5F:2A:93:DB:10:F2:DD:5F:6A:55:BB:2A:44:0F:67:48:6C:D1:A3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Al8qk9sQ8t1falW7KkQPZ0hs0aM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/tPMiCFIaeO5eEaWuiPEl9jb_-4w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/205d24-009f-486a-976f-2ecda11de153/1/Al8qk9sQ8t1falW7KkQPZ0hs0aM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.204.50.0/24
94.247.136.0/24
178.255.217.0/24
185.228.251.0/24
IPv6:
2a0e:3ec0::/29
Signature Algorithm: sha256WithRSAEncryption
3e:33:52:eb:a2:bc:2e:ec:6d:44:93:e1:0b:8a:b4:87:cd:54:
c3:d8:51:38:55:29:46:d4:47:1b:31:f4:61:6f:e2:c1:d1:20:
b6:42:0a:0d:4f:c3:d3:96:5f:38:ac:57:62:0e:19:30:a6:1f:
9f:62:77:d5:20:fd:13:20:1e:78:54:b4:c9:37:44:05:2a:23:
14:67:76:18:a4:44:40:ac:dd:82:90:28:37:3f:fc:8b:49:6a:
51:4e:fa:57:f7:0e:8e:26:94:b9:18:75:9a:25:f6:bf:d2:59:
62:3a:3a:db:ef:9a:94:b5:7a:07:f5:a0:ce:89:10:41:af:aa:
38:cf:4e:08:1a:0c:02:24:c9:8e:35:e4:ed:f8:af:75:21:2d:
a6:fe:c1:c4:25:79:a8:ab:f5:52:97:7f:ad:31:e8:4b:86:c5:
14:3e:96:92:e6:2c:62:e8:4e:ee:3a:9d:64:ad:a0:0c:af:bf:
48:6f:bd:7c:36:eb:d6:c6:0e:5b:cf:c4:9c:46:c8:0d:77:92:
0a:2d:85:46:d9:a1:f2:46:77:a4:69:6b:8d:c9:a3:ec:00:99:
72:89:5b:cc:1c:9e:3a:58:b8:bb:eb:4f:90:39:c4:97:5e:63:
bb:a2:35:9b:ec:c2:04:36:9e:f3:12:b3:3f:39:1d:a7:02:74:
3a:4f:b7:35
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzRM0irByMyMe/tG2pMCpSpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNWYyYTkzZGIxMGYyZGQ1ZjZhNTViYjJhNDQwZjY3NDg2
Y2QxYTMwHhcNMjQwMTAzMjEyMDQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGYzMjIwODUyMWE3OGVlNWUxMWE1YWU4OGYxMjVmNjM2ZmZmYjhjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSFPw6cjyWzoBhH4hNxC0fz1JcA6
3s0JxiLacz5lwVE+W4hNa+4BxVCZ8YqOVEtmQM9fGkralYgXAaMCnMM4eTJp7D6g
DWj8XzHPlK6AcZlQ/2HS8zp+5+k0lLGCLOs+silizMqXkKE9HZoIL9uHeDc0HCOf
/Yh9F7qV4NaG+TY8HpaMMXZDPWT13j9a8/Dac+t4sQ0Hm+1ccUB1jh4iLfVeY7xF
zUhgMYG67VE2egHZBjp28ayvppfVReU/yUP6TXP/iY6zaVxcQeA00A6Z3Jf788xy
Qg/0i02Z48Dr/6toEReA0jaLIfns+LGZgAjXP7ujkv5IUXWNudPKRdvv6QIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFLTzIghSGnjuXhGlrojxJfY2//uMMB8GA1UdIwQY
MBaAFAJfKpPbEPLdX2pVuypED2dIbNGjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWw4cWs5c1E4dDFmYWxXN0trUVBaMGhzMGFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yMDVkMjQtMDA5Zi00ODZhLTk3NmYt
MmVjZGExMWRlMTUzLzEvdFBNaUNGSWFlTzVlRWFXdWlQRWw5amJfLTR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yMDVkMjQtMDA5Zi00ODZhLTk3NmYtMmVjZGExMWRlMTUz
LzEvQWw4cWs5c1E4dDFmYWxXN0trUVBaMGhzMGFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAPswyAwQA
XveIAwQAsv/ZAwQAueT7MA0EAgACMAcDBQMqDj7AMA0GCSqGSIb3DQEBCwUAA4IB
AQA+M1Lrorwu7G1Ek+ELirSHzVTD2FE4VSlG1EcbMfRhb+LB0SC2QgoNT8PTll84
rFdiDhkwph+fYnfVIP0TIB54VLTJN0QFKiMUZ3YYpERArN2CkCg3P/yLSWpRTvpX
9w6OJpS5GHWaJfa/0lliOjrb75qUtXoH9aDOiRBBr6o4z04IGgwCJMmONeTt+K91
IS2m/sHEJXmoq/VSl3+tMehLhsUUPpaS5ixi6E7uOp1kraAMr79Ib718NuvWxg5b
z8ScRsgNd5IKLYVG2aHyRnekaWuNyaPsAJlyiVvMHJ46WLi760+QOcSXXmO7ojWb
7MIENp7zErM/OR2nAnQ6T7c1
-----END CERTIFICATE-----
Generated at Wed Nov 27 02:36:12 2024 by rpki-client on console-ams.rpki-client.org