Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/IV2mFCgj0ibxGC-UczhakMfvQvM.roa
File: IV2mFCgj0ibxGC-UczhakMfvQvM.roa (raw, json)
Hash identifier: I/SZu41kK3DXt17Sz0Nu8VuII2/4DoSCiy1Rk5SdbG8=
Subject key identifier: 21:5D:A6:14:28:23:D2:26:F1:18:2F:94:73:38:5A:90:C7:EF:42:F3
Certificate issuer: /CN=ced2d800dc6c33b69fa47291e2f15b335ea3600f
Certificate serial: 018CC348F7AA77BCDBEBE079AB7979D1F548
Authority key identifier: CE:D2:D8:00:DC:6C:33:B6:9F:A4:72:91:E2:F1:5B:33:5E:A3:60:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ztLYANxsM7afpHKR4vFbM16jYA8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/IV2mFCgj0ibxGC-UczhakMfvQvM.roa
Signing time: Mon 01 Jan 2024 04:29:48 +0000
ROA not before: Mon 01 Jan 2024 04:29:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14618
IP address blocks: 51.149.8.0/24 maxlen: 24
51.149.14.0/24 maxlen: 24
51.149.252.0/24 maxlen: 24
51.149.250.0/24 maxlen: 24
51.149.251.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/ztLYANxsM7afpHKR4vFbM16jYA8.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/ztLYANxsM7afpHKR4vFbM16jYA8.mft
rsync://rpki.ripe.net/repository/DEFAULT/ztLYANxsM7afpHKR4vFbM16jYA8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 25 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:f7:aa:77:bc:db:eb:e0:79:ab:79:79:d1:f5:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ced2d800dc6c33b69fa47291e2f15b335ea3600f
Validity
Not Before: Jan 1 04:29:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=215da6142823d226f1182f9473385a90c7ef42f3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:23:a0:ec:98:5f:06:1e:75:c1:e2:2f:f0:af:
b2:b9:72:ac:48:e2:9f:c2:8c:72:77:8d:e8:b1:fd:
70:9b:01:1c:f9:fe:cb:d8:c4:c9:ef:57:cb:8d:78:
23:eb:b8:cd:83:c2:73:a1:52:0e:98:e1:e7:59:24:
90:fe:ce:c5:f4:4c:dc:9e:f1:88:1f:4e:de:0f:36:
9e:c0:5f:17:a9:96:8a:ab:ae:72:40:0e:c0:2a:71:
c2:02:d2:3e:cd:68:a0:a7:af:c6:7c:3a:ae:77:b0:
7f:f2:9e:96:37:bb:45:3a:e1:32:0d:61:14:85:71:
b4:59:d7:fa:1a:d3:9a:fc:43:16:ce:f2:70:b0:c6:
ca:31:8c:1e:e4:41:bf:14:fe:4d:71:cc:d1:31:47:
49:da:f9:42:9d:21:ea:13:78:93:05:76:50:3a:d1:
51:28:36:be:1a:6e:8b:47:c1:dd:33:9f:02:09:9b:
01:65:07:e6:3c:e8:88:8a:40:b6:e8:bf:ee:91:92:
f9:b1:05:e6:2b:8d:ca:6c:df:c7:6b:a7:da:7a:50:
9b:97:c3:d8:9d:f0:af:5e:5a:c7:a0:8b:89:d3:3a:
90:f4:97:fc:31:1c:04:81:fc:9f:83:b9:76:13:1b:
1f:75:7d:bb:2d:e7:d2:14:e5:9a:ac:a8:ed:03:f9:
23:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:5D:A6:14:28:23:D2:26:F1:18:2F:94:73:38:5A:90:C7:EF:42:F3
X509v3 Authority Key Identifier:
keyid:CE:D2:D8:00:DC:6C:33:B6:9F:A4:72:91:E2:F1:5B:33:5E:A3:60:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ztLYANxsM7afpHKR4vFbM16jYA8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/IV2mFCgj0ibxGC-UczhakMfvQvM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/f88857-cc05-4bdb-91e6-ed4f0643bf25/1/ztLYANxsM7afpHKR4vFbM16jYA8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.149.8.0/24
51.149.14.0/24
51.149.250.0-51.149.252.255
Signature Algorithm: sha256WithRSAEncryption
04:f2:1f:0d:88:a2:32:16:84:4d:4b:1f:be:f9:59:02:9b:a9:
4a:d6:cc:cc:b8:4d:e8:6f:7b:6d:1c:d7:a5:5b:7b:f2:63:cd:
34:da:77:66:9c:bc:57:bc:c3:42:b2:b9:a6:63:70:f0:6e:29:
59:1e:2d:3b:3f:d6:90:fc:03:2f:1f:59:44:71:ff:f1:dd:6f:
eb:ab:63:5a:23:42:b3:f7:90:d8:61:76:c2:74:a2:0d:0c:e1:
9b:d8:d7:74:29:d5:d3:00:e9:d0:45:9e:ed:c4:24:7c:ad:8c:
99:c5:9d:12:03:30:cc:54:7d:50:f6:7d:70:f2:e3:da:0a:4b:
91:b6:56:86:7c:21:4c:0d:9a:5a:3b:01:57:d6:f7:fd:7d:5e:
4d:f0:44:f0:f6:af:f7:8c:90:da:60:d7:64:fb:55:58:13:06:
35:5f:d3:f6:77:bc:0f:ae:df:bc:f4:61:a4:ee:9a:97:b7:5d:
3e:0e:cd:8e:57:62:b9:1b:88:c2:50:73:65:25:b0:31:d3:99:
55:57:54:0b:3b:57:18:73:72:84:97:f9:7c:ce:31:66:c0:09:
a2:2d:89:b8:11:6f:cd:a0:fb:17:d3:7d:e7:f6:4b:16:2c:3e:
51:5d:a6:13:1a:40:dd:77:b8:ac:25:00:04:62:d9:17:63:a3:
00:81:aa:a9
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzDSPeqd7zb6+B5q3l50fVIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlZDJkODAwZGM2YzMzYjY5ZmE0NzI5MWUyZjE1YjMzNWVh
MzYwMGYwHhcNMjQwMTAxMDQyOTQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTVkYTYxNDI4MjNkMjI2ZjExODJmOTQ3MzM4NWE5MGM3ZWY0MmYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApyOg7JhfBh51weIv8K+yuXKsSOKf
woxyd43osf1wmwEc+f7L2MTJ71fLjXgj67jNg8JzoVIOmOHnWSSQ/s7F9EzcnvGI
H07eDzaewF8XqZaKq65yQA7AKnHCAtI+zWigp6/GfDqud7B/8p6WN7tFOuEyDWEU
hXG0Wdf6GtOa/EMWzvJwsMbKMYwe5EG/FP5NcczRMUdJ2vlCnSHqE3iTBXZQOtFR
KDa+Gm6LR8HdM58CCZsBZQfmPOiIikC26L/ukZL5sQXmK43KbN/Ha6faelCbl8PY
nfCvXlrHoIuJ0zqQ9Jf8MRwEgfyfg7l2ExsfdX27LefSFOWarKjtA/kjJwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCFdphQoI9Im8RgvlHM4WpDH70LzMB8GA1UdIwQY
MBaAFM7S2ADcbDO2n6RykeLxWzNeo2APMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenRMWUFOeHNNN2FmcEhLUjR2RmJNMTZqWUE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9mODg4NTctY2MwNS00YmRiLTkxZTYt
ZWQ0ZjA2NDNiZjI1LzEvSVYybUZDZ2owaWJ4R0MtVWN6aGFrTWZ2UXZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9mODg4NTctY2MwNS00YmRiLTkxZTYtZWQ0ZjA2NDNiZjI1
LzEvenRMWUFOeHNNN2FmcEhLUjR2RmJNMTZqWUE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAM5UIAwQA
M5UOMAwDBAEzlfoDBAAzlfwwDQYJKoZIhvcNAQELBQADggEBAATyHw2IojIWhE1L
H775WQKbqUrWzMy4Tehve20c16Vbe/JjzTTad2acvFe8w0KyuaZjcPBuKVkeLTs/
1pD8Ay8fWURx//Hdb+urY1ojQrP3kNhhdsJ0og0M4ZvY13Qp1dMA6dBFnu3EJHyt
jJnFnRIDMMxUfVD2fXDy49oKS5G2VoZ8IUwNmlo7AVfW9/19Xk3wRPD2r/eMkNpg
12T7VVgTBjVf0/Z3vA+u37z0YaTumpe3XT4OzY5XYrkbiMJQc2UlsDHTmVVXVAs7
VxhzcoSX+XzOMWbACaItibgRb82g+xfTfef2SxYsPlFdphMaQN13uKwlAARi2Rdj
owCBqqk=
-----END CERTIFICATE-----
Generated at Sun Nov 24 22:45:07 2024 by rpki-client on console-fra.rpki-client.org