Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ef/f3d446-ac06-4902-a647-ef1570c72599/1/o-SKI_FzTddSTvRTMG6ZBNNA0Hs.roa
File: o-SKI_FzTddSTvRTMG6ZBNNA0Hs.roa (raw, json)
Hash identifier: EUkAuDeBOGGKNp97AYd/hrWzaC76bfIkqEyp6ak+HLg=
Subject key identifier: A3:E4:8A:23:F1:73:4D:D7:52:4E:F4:53:30:6E:99:04:D3:40:D0:7B
Certificate issuer: /CN=e13e3716139465e6a8cf9f6bd8b5b8f7633af228
Certificate serial: 018CC64AE0287ED8AEDC810F1ACDA832C0E2
Authority key identifier: E1:3E:37:16:13:94:65:E6:A8:CF:9F:6B:D8:B5:B8:F7:63:3A:F2:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4T43FhOUZeaoz59r2LW492M68ig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ef/f3d446-ac06-4902-a647-ef1570c72599/1/o-SKI_FzTddSTvRTMG6ZBNNA0Hs.roa
Signing time: Mon 01 Jan 2024 18:30:44 +0000
ROA not before: Mon 01 Jan 2024 18:30:44 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 51678
IP address blocks: 46.17.136.0/21 maxlen: 24
5.2.24.0/21 maxlen: 24
134.255.184.0/21 maxlen: 24
2a01:b300::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ef/f3d446-ac06-4902-a647-ef1570c72599/1/4T43FhOUZeaoz59r2LW492M68ig.crl
rsync://rpki.ripe.net/repository/DEFAULT/ef/f3d446-ac06-4902-a647-ef1570c72599/1/4T43FhOUZeaoz59r2LW492M68ig.mft
rsync://rpki.ripe.net/repository/DEFAULT/4T43FhOUZeaoz59r2LW492M68ig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:02:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4a:e0:28:7e:d8:ae:dc:81:0f:1a:cd:a8:32:c0:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e13e3716139465e6a8cf9f6bd8b5b8f7633af228
Validity
Not Before: Jan 1 18:30:44 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3e48a23f1734dd7524ef453306e9904d340d07b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:71:2f:d1:82:1b:cc:2c:7b:59:49:9f:78:f3:
57:05:61:22:25:bc:7a:59:5d:21:91:08:fc:ee:71:
c7:7e:25:3f:58:41:2e:ed:7e:97:58:5c:95:08:1d:
ba:79:ad:e1:ef:5e:8e:05:8c:2c:84:41:0a:32:0c:
0b:81:58:d3:7a:22:ed:25:79:dd:76:f9:b3:7c:86:
32:2c:a8:b4:1a:0d:79:45:81:93:b4:2e:54:d8:71:
d4:54:ca:d3:b0:71:a9:f5:30:b0:ac:76:57:93:07:
5a:0f:b7:87:eb:b7:64:68:20:1e:68:8e:ce:ee:01:
e0:25:0a:5e:d2:19:c4:a7:37:08:61:26:bc:20:f3:
df:70:e3:99:6b:68:73:c9:de:49:79:7c:4b:24:1e:
63:56:30:2f:b1:94:bd:21:f3:6f:86:dd:29:44:cf:
c6:55:8f:15:3d:61:31:81:c6:a2:56:3a:9d:22:6b:
d7:27:1c:3c:47:66:11:29:eb:ce:52:48:ed:3d:cc:
42:82:51:a8:21:ef:fc:27:c2:3f:5a:c5:67:d5:ae:
60:34:57:34:d7:8f:51:26:a7:17:15:28:25:b9:dc:
a5:4e:dd:79:43:f0:f7:f0:cc:1e:e1:d5:89:cf:b1:
c2:b1:bd:67:9a:0c:ac:1d:17:a7:bb:d0:5d:9f:41:
fa:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:E4:8A:23:F1:73:4D:D7:52:4E:F4:53:30:6E:99:04:D3:40:D0:7B
X509v3 Authority Key Identifier:
keyid:E1:3E:37:16:13:94:65:E6:A8:CF:9F:6B:D8:B5:B8:F7:63:3A:F2:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4T43FhOUZeaoz59r2LW492M68ig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f3d446-ac06-4902-a647-ef1570c72599/1/o-SKI_FzTddSTvRTMG6ZBNNA0Hs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ef/f3d446-ac06-4902-a647-ef1570c72599/1/4T43FhOUZeaoz59r2LW492M68ig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.24.0/21
46.17.136.0/21
134.255.184.0/21
IPv6:
2a01:b300::/29
Signature Algorithm: sha256WithRSAEncryption
3f:38:90:8a:20:ca:e0:98:92:17:83:08:67:ee:84:a7:71:11:
2e:5d:7c:67:21:d2:a8:db:89:0b:be:9f:e7:b3:fa:5b:76:08:
60:d4:8d:e5:73:eb:e0:48:ce:a0:64:ff:4d:dd:7d:6f:b5:a1:
b4:01:70:f6:04:25:e2:e9:cb:56:b8:dc:7a:5d:61:7b:af:14:
3c:46:b5:4a:d9:39:b0:fa:83:1d:38:8a:b3:bb:cb:21:0f:05:
ac:6a:41:5d:f7:86:ed:4e:0d:98:cb:71:d0:f1:4f:46:72:69:
e8:21:3b:a1:86:f5:35:64:3f:e8:fe:0d:db:c8:6c:f1:65:52:
8a:40:96:2b:43:3a:fa:17:56:2a:7c:89:f1:47:11:44:1b:2f:
dc:8d:39:48:47:f1:3c:93:66:26:6b:55:be:59:9b:f8:4a:27:
f4:c7:ab:06:32:cb:22:b7:e8:db:05:05:f1:db:83:8a:be:48:
5b:c2:7c:34:62:37:46:5e:48:4c:75:13:10:e1:73:7b:0d:ba:
68:ed:1f:8f:af:23:a0:83:ab:96:40:07:d9:a1:5f:b1:f3:45:
39:44:a3:b9:c7:3f:00:db:8a:8a:53:b3:14:0a:40:38:61:4d:
ac:ea:2a:49:8e:31:e3:1c:08:5c:9b:2d:7e:ad:ad:00:ef:e0:
ca:5b:6c:90
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzGSuAoftiu3IEPGs2oMsDiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUxM2UzNzE2MTM5NDY1ZTZhOGNmOWY2YmQ4YjViOGY3NjMz
YWYyMjgwHhcNMjQwMTAxMTgzMDQ0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2U0OGEyM2YxNzM0ZGQ3NTI0ZWY0NTMzMDZlOTkwNGQzNDBkMDdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnEv0YIbzCx7WUmfePNXBWEiJbx6
WV0hkQj87nHHfiU/WEEu7X6XWFyVCB26ea3h716OBYwshEEKMgwLgVjTeiLtJXnd
dvmzfIYyLKi0Gg15RYGTtC5U2HHUVMrTsHGp9TCwrHZXkwdaD7eH67dkaCAeaI7O
7gHgJQpe0hnEpzcIYSa8IPPfcOOZa2hzyd5JeXxLJB5jVjAvsZS9IfNvht0pRM/G
VY8VPWExgcaiVjqdImvXJxw8R2YRKevOUkjtPcxCglGoIe/8J8I/WsVn1a5gNFc0
149RJqcXFSgludylTt15Q/D38Mwe4dWJz7HCsb1nmgysHRenu9Bdn0H6WwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFKPkiiPxc03XUk70UzBumQTTQNB7MB8GA1UdIwQY
MBaAFOE+NxYTlGXmqM+fa9i1uPdjOvIoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNFQ0M0ZoT1VaZWFvejU5cjJMVzQ5Mk02OGlnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZi9mM2Q0NDYtYWMwNi00OTAyLWE2NDct
ZWYxNTcwYzcyNTk5LzEvby1TS0lfRnpUZGRTVHZSVE1HNlpCTk5BMEhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZi9mM2Q0NDYtYWMwNi00OTAyLWE2NDctZWYxNTcwYzcyNTk5
LzEvNFQ0M0ZoT1VaZWFvejU5cjJMVzQ5Mk02OGlnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDBQIYAwQD
LhGIAwQDhv+4MA0EAgACMAcDBQMqAbMAMA0GCSqGSIb3DQEBCwUAA4IBAQA/OJCK
IMrgmJIXgwhn7oSncREuXXxnIdKo24kLvp/ns/pbdghg1I3lc+vgSM6gZP9N3X1v
taG0AXD2BCXi6ctWuNx6XWF7rxQ8RrVK2Tmw+oMdOIqzu8shDwWsakFd94btTg2Y
y3HQ8U9GcmnoITuhhvU1ZD/o/g3byGzxZVKKQJYrQzr6F1YqfInxRxFEGy/cjTlI
R/E8k2Yma1W+WZv4Sif0x6sGMssit+jbBQXx24OKvkhbwnw0YjdGXkhMdRMQ4XN7
Dbpo7R+PryOgg6uWQAfZoV+x80U5RKO5xz8A24qKU7MUCkA4YU2s6ipJjjHjHAhc
my1+ra0A7+DKW2yQ
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:17:55 2024 by rpki-client on console-fra.rpki-client.org