Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/4fb057-5dae-4851-ad47-5ad5f33cc99c/1/6l1BC2x74pBL_GbKuWRkMUG7YIM.roa
File: 6l1BC2x74pBL_GbKuWRkMUG7YIM.roa (raw, json)
Hash identifier: 39R46tz3b+vC1kis/ZTGmy+wtGC1KNHKTAq84Lp1kTc=
Subject key identifier: EA:5D:41:0B:6C:7B:E2:90:4B:FC:66:CA:B9:64:64:31:41:BB:60:83
Certificate issuer: /CN=cc5b21353f92cbdbf3b7d2513b9a465ac53b2d39
Certificate serial: 0192563FB5AA78AD29CCDE057C027A498978
Authority key identifier: CC:5B:21:35:3F:92:CB:DB:F3:B7:D2:51:3B:9A:46:5A:C5:3B:2D:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zFshNT-Sy9vzt9JRO5pGWsU7LTk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/4fb057-5dae-4851-ad47-5ad5f33cc99c/1/6l1BC2x74pBL_GbKuWRkMUG7YIM.roa
Signing time: Fri 04 Oct 2024 06:37:48 +0000
ROA not before: Fri 04 Oct 2024 06:37:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3242
IP address blocks: 151.1.0.0/18 maxlen: 18
151.1.0.0/23 maxlen: 23
151.1.7.0/24 maxlen: 24
151.1.24.0/21 maxlen: 21
151.1.32.0/21 maxlen: 21
151.1.40.0/23 maxlen: 23
151.1.42.0/23 maxlen: 23
151.1.44.0/23 maxlen: 23
151.1.46.0/23 maxlen: 23
151.1.48.0/24 maxlen: 24
151.1.49.0/24 maxlen: 24
151.1.50.0/24 maxlen: 24
151.1.62.0/24 maxlen: 24
151.1.66.0/23 maxlen: 23
151.1.68.0/22 maxlen: 22
151.1.72.0/24 maxlen: 24
151.1.74.0/23 maxlen: 23
151.1.76.0/22 maxlen: 22
151.1.80.0/20 maxlen: 20
151.1.84.0/24 maxlen: 24
151.1.96.0/22 maxlen: 22
151.1.100.0/22 maxlen: 22
151.1.101.0/24 maxlen: 24
151.1.104.0/21 maxlen: 21
151.1.104.0/23 maxlen: 23
151.1.106.0/23 maxlen: 23
151.1.112.0/20 maxlen: 20
151.1.128.0/18 maxlen: 18
151.1.192.0/18 maxlen: 18
151.1.192.0/22 maxlen: 22
151.1.192.0/24 maxlen: 24
151.1.194.0/24 maxlen: 24
151.1.195.0/24 maxlen: 24
151.1.196.0/22 maxlen: 22
151.1.200.0/21 maxlen: 21
151.1.203.0/24 maxlen: 24
151.1.208.0/21 maxlen: 21
151.1.212.0/24 maxlen: 24
151.1.216.0/21 maxlen: 21
151.1.224.0/19 maxlen: 19
151.1.227.0/24 maxlen: 24
151.1.232.0/21 maxlen: 21
151.1.244.0/24 maxlen: 24
151.1.247.0/24 maxlen: 24
151.2.0.0/17 maxlen: 17
151.2.36.0/24 maxlen: 24
151.2.102.0/24 maxlen: 24
2a01:65c0::/32 maxlen: 32
2a01:65c0:100::/48 maxlen: 48
2a01:65c0:101::/48 maxlen: 48
2a01:65c0:200::/40 maxlen: 40
2a01:65c0:e00::/48 maxlen: 48
2a01:65c0:e01::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/4fb057-5dae-4851-ad47-5ad5f33cc99c/1/zFshNT-Sy9vzt9JRO5pGWsU7LTk.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/4fb057-5dae-4851-ad47-5ad5f33cc99c/1/zFshNT-Sy9vzt9JRO5pGWsU7LTk.mft
rsync://rpki.ripe.net/repository/DEFAULT/zFshNT-Sy9vzt9JRO5pGWsU7LTk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:56:3f:b5:aa:78:ad:29:cc:de:05:7c:02:7a:49:89:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc5b21353f92cbdbf3b7d2513b9a465ac53b2d39
Validity
Not Before: Oct 4 06:37:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ea5d410b6c7be2904bfc66cab964643141bb6083
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:92:6b:d0:d9:3b:96:e1:cb:9c:28:e8:44:c7:
fd:78:7a:db:66:11:40:f5:61:e5:56:e1:80:93:f1:
07:00:2f:cc:e0:0e:49:5e:83:11:57:c1:02:97:b1:
f0:d7:a1:d2:23:00:57:01:8e:8f:1c:97:12:4c:76:
84:41:a2:6b:b6:0c:4d:d6:08:56:41:42:4e:0b:48:
16:5e:79:13:07:0d:6a:b0:45:55:7b:a0:5a:0a:c0:
0a:5c:24:4e:f7:2d:2c:b0:50:ae:08:f2:16:c5:ef:
b6:59:f7:09:42:c7:18:94:00:25:9b:c0:ae:e6:6c:
10:aa:d4:e8:73:fa:67:04:f7:54:d4:20:a2:ed:dc:
f2:02:8f:d0:5d:34:1d:78:73:09:aa:92:95:a5:fd:
70:57:37:d2:3c:d3:1d:8d:4d:aa:3b:f8:ce:16:3a:
1c:59:c4:57:20:c8:97:9d:ec:10:ca:16:98:51:54:
88:7a:fe:96:9d:03:c5:43:ab:6b:45:75:d6:8b:e4:
dd:58:46:12:04:4c:1d:8d:6a:53:43:65:1b:80:32:
0c:80:c8:29:d1:84:fc:16:4c:b4:50:6e:93:42:29:
d0:a9:4f:7d:d2:7f:a9:84:44:cb:a7:a0:6c:e0:5c:
c7:6a:68:2c:39:00:72:5d:44:29:00:58:28:3c:0b:
94:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:5D:41:0B:6C:7B:E2:90:4B:FC:66:CA:B9:64:64:31:41:BB:60:83
X509v3 Authority Key Identifier:
keyid:CC:5B:21:35:3F:92:CB:DB:F3:B7:D2:51:3B:9A:46:5A:C5:3B:2D:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zFshNT-Sy9vzt9JRO5pGWsU7LTk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4fb057-5dae-4851-ad47-5ad5f33cc99c/1/6l1BC2x74pBL_GbKuWRkMUG7YIM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/4fb057-5dae-4851-ad47-5ad5f33cc99c/1/zFshNT-Sy9vzt9JRO5pGWsU7LTk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.1.0.0/18
151.1.66.0-151.1.72.255
151.1.74.0-151.2.127.255
IPv6:
2a01:65c0::/32
Signature Algorithm: sha256WithRSAEncryption
2a:41:98:c3:06:d5:4c:7b:5c:5f:78:31:07:14:3b:fc:2d:78:
dc:ef:75:6e:b0:1d:d1:3a:89:64:99:21:4d:0b:73:61:e6:a2:
6c:c5:57:7b:3f:0b:41:df:94:01:8b:74:aa:74:1e:ef:6e:a8:
d0:e2:e5:3c:b8:65:67:d2:35:14:f7:49:d2:2a:76:31:b8:3b:
b2:a9:0b:ef:6c:84:83:68:34:7e:e2:fa:57:22:5c:36:0a:eb:
c3:06:ad:d4:c4:ae:41:4e:c0:78:e8:6f:9a:e1:22:f4:04:62:
57:6e:21:01:71:a8:65:2b:58:cf:da:4c:60:5a:8b:86:f0:b8:
50:8f:d4:7d:e0:d7:2c:b9:b4:a2:6c:22:40:3e:98:03:b2:09:
33:86:72:36:59:4b:be:c1:4d:c5:b2:6d:91:4b:78:3b:ac:64:
34:08:8e:2c:ea:c4:15:c5:3a:4d:7a:b4:3c:27:a9:cd:f4:e2:
2a:03:e9:5b:6d:13:79:52:be:88:3a:d0:5f:f4:86:aa:fc:d6:
50:6d:25:a0:79:db:31:6b:d4:fc:e9:38:72:1e:6a:0c:bc:f1:
cd:57:a6:83:b5:e3:45:82:db:85:a1:0b:18:4d:da:4e:bd:d4:
50:84:ec:97:95:e9:88:e2:db:7b:cf:6a:eb:97:00:f3:02:d8:
60:b3:95:bf
-----BEGIN CERTIFICATE-----
MIIFKDCCBBCgAwIBAgISAZJWP7WqeK0pzN4FfAJ6SYl4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNWIyMTM1M2Y5MmNiZGJmM2I3ZDI1MTNiOWE0NjVhYzUz
YjJkMzkwHhcNMjQxMDA0MDYzNzQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTVkNDEwYjZjN2JlMjkwNGJmYzY2Y2FiOTY0NjQzMTQxYmI2MDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpJr0Nk7luHLnCjoRMf9eHrbZhFA
9WHlVuGAk/EHAC/M4A5JXoMRV8ECl7Hw16HSIwBXAY6PHJcSTHaEQaJrtgxN1ghW
QUJOC0gWXnkTBw1qsEVVe6BaCsAKXCRO9y0ssFCuCPIWxe+2WfcJQscYlAAlm8Cu
5mwQqtToc/pnBPdU1CCi7dzyAo/QXTQdeHMJqpKVpf1wVzfSPNMdjU2qO/jOFjoc
WcRXIMiXnewQyhaYUVSIev6WnQPFQ6trRXXWi+TdWEYSBEwdjWpTQ2UbgDIMgMgp
0YT8Fky0UG6TQinQqU990n+phETLp6Bs4FzHamgsOQByXUQpAFgoPAuUpwIDAQAB
o4ICNDCCAjAwHQYDVR0OBBYEFOpdQQtse+KQS/xmyrlkZDFBu2CDMB8GA1UdIwQY
MBaAFMxbITU/ksvb87fSUTuaRlrFOy05MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekZzaE5ULVN5OXZ6dDlKUk81cEdXc1U3TFRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80ZmIwNTctNWRhZS00ODUxLWFkNDct
NWFkNWYzM2NjOTljLzEvNmwxQkMyeDc0cEJMX0diS3VXUmtNVUc3WUlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80ZmIwNTctNWRhZS00ODUxLWFkNDctNWFkNWYzM2NjOTlj
LzEvekZzaE5ULVN5OXZ6dDlKUk81cEdXc1U3TFRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEoGCCsGAQUFBwEHAQH/BDswOTAoBAIAATAiAwQGlwEAMAwD
BAGXAUIDBACXAUgwDAMEAZcBSgMEB5cCADANBAIAAjAHAwUAKgFlwDANBgkqhkiG
9w0BAQsFAAOCAQEAKkGYwwbVTHtcX3gxBxQ7/C143O91brAd0TqJZJkhTQtzYeai
bMVXez8LQd+UAYt0qnQe726o0OLlPLhlZ9I1FPdJ0ip2Mbg7sqkL72yEg2g0fuL6
VyJcNgrrwwat1MSuQU7AeOhvmuEi9ARiV24hAXGoZStYz9pMYFqLhvC4UI/UfeDX
LLm0omwiQD6YA7IJM4ZyNllLvsFNxbJtkUt4O6xkNAiOLOrEFcU6TXq0PCepzfTi
KgPpW20TeVK+iDrQX/SGqvzWUG0loHnbMWvU/Ok4ch5qDLzxzVemg7XjRYLbhaEL
GE3aTr3UUITsl5XpiOLbe89q65cA8wLYYLOVvw==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:29:53 2024 by rpki-client on console-ams.rpki-client.org