Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/L2WDG0M4vZB1RAwUwcOCu0w0TBM.roa
File: L2WDG0M4vZB1RAwUwcOCu0w0TBM.roa (raw, json)
Hash identifier: tOJ5h8use5oJSvvQIpWOgcEee6RPkP9tLrp6Oc+hRtA=
Subject key identifier: 2F:65:83:1B:43:38:BD:90:75:44:0C:14:C1:C3:82:BB:4C:34:4C:13
Certificate issuer: /CN=44fc887c977393575de6257e75fa99cde2037c6c
Certificate serial: 018CC7934EAFBD8B2240A4CB9BF6B0621A7A
Authority key identifier: 44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/L2WDG0M4vZB1RAwUwcOCu0w0TBM.roa
Signing time: Tue 02 Jan 2024 00:29:29 +0000
ROA not before: Tue 02 Jan 2024 00:29:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208794
IP address blocks: 193.43.139.0/24 maxlen: 24
2a0e:b280::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/RPyIfJdzk1dd5iV-dfqZzeIDfGw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/RPyIfJdzk1dd5iV-dfqZzeIDfGw.mft
rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:4e:af:bd:8b:22:40:a4:cb:9b:f6:b0:62:1a:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44fc887c977393575de6257e75fa99cde2037c6c
Validity
Not Before: Jan 2 00:29:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=2f65831b4338bd9075440c14c1c382bb4c344c13
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:fa:77:71:aa:3a:a7:b4:43:3d:35:c5:bb:10:
eb:53:fb:91:76:8d:f3:10:76:05:17:91:64:ff:e7:
b7:fa:4e:10:d3:55:ed:ed:7e:f3:3b:97:fc:0d:d2:
90:40:16:17:b8:11:12:a2:a2:3b:3b:c0:af:c7:e1:
95:31:d5:9c:6d:57:8f:7c:a9:16:9e:54:3f:97:85:
9b:46:53:6f:de:02:a3:72:6a:46:21:be:0a:eb:a8:
38:b7:f6:03:c4:4a:b6:67:d2:cb:d7:cf:7c:5f:44:
1d:be:fe:66:73:39:25:3e:2d:ee:97:c5:ef:5d:b5:
78:5e:72:3e:3c:de:ec:6c:59:e5:20:98:6f:c6:4c:
17:58:b7:5a:b1:fb:5d:0a:2c:7c:e8:e1:43:4c:df:
67:c7:ff:16:0b:ed:0d:7d:06:4e:b8:a5:90:4f:d5:
ab:20:41:15:6c:f4:a5:e3:16:75:dd:50:3b:c2:ba:
5e:b7:e9:7b:da:bd:24:da:10:03:ab:1d:0b:e7:cf:
99:71:31:5d:ee:59:df:f5:9c:44:cf:c8:7b:57:a8:
bc:31:b6:88:20:6b:98:30:9a:6d:e6:67:36:40:b6:
f8:c0:46:ed:92:d4:71:d1:80:a4:c4:72:0d:6a:cb:
6d:03:02:e3:1b:e8:d8:63:94:54:68:22:7d:3a:2b:
d3:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:65:83:1B:43:38:BD:90:75:44:0C:14:C1:C3:82:BB:4C:34:4C:13
X509v3 Authority Key Identifier:
keyid:44:FC:88:7C:97:73:93:57:5D:E6:25:7E:75:FA:99:CD:E2:03:7C:6C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RPyIfJdzk1dd5iV-dfqZzeIDfGw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/L2WDG0M4vZB1RAwUwcOCu0w0TBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f07c66-473d-435a-b693-c369c1d4c337/1/RPyIfJdzk1dd5iV-dfqZzeIDfGw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.43.139.0/24
IPv6:
2a0e:b280::/29
Signature Algorithm: sha256WithRSAEncryption
78:f2:aa:cc:bf:52:7a:11:70:79:80:8e:54:62:5e:84:1c:39:
8f:f5:5e:4c:9f:3e:46:2d:17:d3:fc:40:af:72:55:a1:50:0a:
f2:54:36:ad:0f:56:82:10:a7:65:57:46:be:de:af:63:cc:97:
a9:3a:b3:af:fd:c6:d9:97:63:df:0c:75:db:a3:db:a7:6f:42:
6e:51:5b:cb:df:c5:09:09:19:28:59:b0:7f:51:0a:aa:b9:ab:
c9:04:de:77:00:92:a8:b8:39:8a:a7:6d:17:87:36:09:1e:2b:
89:b2:57:94:97:09:38:01:18:c6:78:9b:51:7e:ae:37:94:24:
28:67:8d:83:1c:67:e6:44:c9:53:c8:fc:65:e6:5c:53:4f:ee:
96:c6:88:a4:99:95:e9:63:51:91:67:f6:34:56:29:3c:72:5d:
4d:6a:c6:6c:3e:51:99:b7:df:a7:51:0e:c7:f9:51:e5:62:12:
34:0d:8c:f0:ef:c9:4d:d1:60:90:32:04:d9:ea:02:81:3e:8e:
6e:df:8c:86:04:d5:4a:60:32:2c:d2:23:a2:7e:4f:17:63:59:
5f:c9:4e:10:05:08:29:87:41:07:19:61:82:c3:6d:d4:e5:d5:
9a:61:9e:06:fe:10:9d:3b:d0:cd:4b:13:42:e2:f0:61:8e:83:
3f:8a:76:48
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzHk06vvYsiQKTLm/awYhp6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZmM4ODdjOTc3MzkzNTc1ZGU2MjU3ZTc1ZmE5OWNkZTIw
MzdjNmMwHhcNMjQwMTAyMDAyOTI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjY1ODMxYjQzMzhiZDkwNzU0NDBjMTRjMWMzODJiYjRjMzQ0YzEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkfp3cao6p7RDPTXFuxDrU/uRdo3z
EHYFF5Fk/+e3+k4Q01Xt7X7zO5f8DdKQQBYXuBESoqI7O8Cvx+GVMdWcbVePfKkW
nlQ/l4WbRlNv3gKjcmpGIb4K66g4t/YDxEq2Z9LL1898X0Qdvv5mczklPi3ul8Xv
XbV4XnI+PN7sbFnlIJhvxkwXWLdasftdCix86OFDTN9nx/8WC+0NfQZOuKWQT9Wr
IEEVbPSl4xZ13VA7wrpet+l72r0k2hADqx0L58+ZcTFd7lnf9ZxEz8h7V6i8MbaI
IGuYMJpt5mc2QLb4wEbtktRx0YCkxHINasttAwLjG+jYY5RUaCJ9OivTHQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFC9lgxtDOL2QdUQMFMHDgrtMNEwTMB8GA1UdIwQY
MBaAFET8iHyXc5NXXeYlfnX6mc3iA3xsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMt
YzM2OWMxZDRjMzM3LzEvTDJXREcwTTR2WkIxUkF3VXdjT0N1MHcwVEJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMDdjNjYtNDczZC00MzVhLWI2OTMtYzM2OWMxZDRjMzM3
LzEvUlB5SWZKZHprMWRkNWlWLWRmcVp6ZUlEZkd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAwSuLMA0E
AgACMAcDBQMqDrKAMA0GCSqGSIb3DQEBCwUAA4IBAQB48qrMv1J6EXB5gI5UYl6E
HDmP9V5Mnz5GLRfT/ECvclWhUAryVDatD1aCEKdlV0a+3q9jzJepOrOv/cbZl2Pf
DHXbo9unb0JuUVvL38UJCRkoWbB/UQqquavJBN53AJKouDmKp20XhzYJHiuJsleU
lwk4ARjGeJtRfq43lCQoZ42DHGfmRMlTyPxl5lxTT+6WxoikmZXpY1GRZ/Y0Vik8
cl1NasZsPlGZt9+nUQ7H+VHlYhI0DYzw78lN0WCQMgTZ6gKBPo5u34yGBNVKYDIs
0iOifk8XY1lfyU4QBQgph0EHGWGCw23U5dWaYZ4G/hCdO9DNSxNC4vBhjoM/inZI
-----END CERTIFICATE-----
Generated at Tue Nov 26 00:58:14 2024 by rpki-client on console-fra.rpki-client.org