Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/ThvAxo5XTga7HEJLsMFazBKrX8M.roa
File: ThvAxo5XTga7HEJLsMFazBKrX8M.roa (raw, json)
Hash identifier: muh2wF1Lc9l9/J1LEjk2/lCnoALv5jlAwKAJz40cLq8=
Subject key identifier: 4E:1B:C0:C6:8E:57:4E:06:BB:1C:42:4B:B0:C1:5A:CC:12:AB:5F:C3
Certificate issuer: /CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Certificate serial: 018EE57E1E76730323F9C2688E12434D5EFE
Authority key identifier: 75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/ThvAxo5XTga7HEJLsMFazBKrX8M.roa
Signing time: Tue 16 Apr 2024 06:00:31 +0000
ROA not before: Tue 16 Apr 2024 06:00:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 216157
IP address blocks: 2a10:4104::/32 maxlen: 32
2a10:4b00::/29 maxlen: 29
2a12:c300::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.mft
rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 04:12:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:e5:7e:1e:76:73:03:23:f9:c2:68:8e:12:43:4d:5e:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7508475ff0d8ec960336016e0e04221a98e5ecf2
Validity
Not Before: Apr 16 06:00:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4e1bc0c68e574e06bb1c424bb0c15acc12ab5fc3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:4d:cd:75:72:f7:a0:d9:20:4a:f9:18:35:a5:
11:c8:f7:56:1a:c1:a2:61:0d:3f:f2:15:d3:82:19:
d6:7f:ed:3f:8a:20:7b:53:04:25:cb:61:ad:96:40:
9e:bb:8a:ef:46:46:64:cc:d7:57:92:ca:e6:e4:5b:
35:9d:e2:e6:f5:6f:53:bc:24:46:b3:bf:32:99:3d:
bf:73:30:8e:0c:7d:20:d9:9c:57:ec:14:8c:ef:6c:
ab:9b:8f:22:e3:60:93:b8:7b:0b:2e:57:9b:56:1b:
06:89:17:4d:87:bd:9e:ea:b2:31:ad:b3:9a:77:22:
b5:8f:b3:25:0a:2e:05:2a:a8:24:bc:5a:44:3c:4d:
70:8e:63:e5:64:5e:60:27:59:75:57:c9:ea:5a:9d:
4a:3a:00:f2:0b:24:55:c2:74:32:cf:2f:e3:7a:6d:
79:df:27:f5:27:32:34:78:fb:64:0b:3d:00:e3:16:
53:eb:a5:04:7d:a3:f3:0e:0c:99:83:96:94:c6:75:
b9:d2:1c:ff:db:91:4c:d5:d1:ac:f9:96:4a:f5:78:
4d:e6:91:cb:a0:ca:1e:3e:2c:25:f2:47:be:ef:ca:
fa:81:61:09:15:4d:12:b9:95:73:1c:12:9b:4f:55:
21:60:55:31:67:fd:47:7b:75:d6:6e:51:04:b4:4c:
a0:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:1B:C0:C6:8E:57:4E:06:BB:1C:42:4B:B0:C1:5A:CC:12:AB:5F:C3
X509v3 Authority Key Identifier:
keyid:75:08:47:5F:F0:D8:EC:96:03:36:01:6E:0E:04:22:1A:98:E5:EC:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dQhHX_DY7JYDNgFuDgQiGpjl7PI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/ThvAxo5XTga7HEJLsMFazBKrX8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fe/1fa6a3-8dc5-4c35-a49b-171c367be782/1/dQhHX_DY7JYDNgFuDgQiGpjl7PI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a10:4104::/32
2a10:4b00::/29
2a12:c300::/29
Signature Algorithm: sha256WithRSAEncryption
c7:ce:7c:9a:76:44:bd:ea:c1:9c:f7:03:27:4f:b1:5e:63:01:
86:1d:4d:c2:7a:5c:4d:24:95:0f:5b:a2:c2:c7:15:6f:a0:64:
17:03:79:f8:2c:6a:bf:d4:29:f4:bc:c9:db:66:b2:ce:f9:d5:
02:79:bd:0d:81:d1:bc:b3:5f:55:7d:44:29:17:05:5c:b1:4a:
59:bc:d9:2c:df:fd:b1:91:28:62:c1:17:f3:8d:21:d3:c2:f4:
1a:2d:74:eb:79:ba:ea:b3:59:7b:60:46:96:6f:a5:70:11:c7:
72:38:a9:ac:38:6e:d3:30:16:ea:c5:c8:b6:bc:67:9f:c2:c0:
4a:38:03:fd:e0:d7:6c:33:a2:93:40:5d:94:c6:4e:07:cc:d1:
43:d2:2c:d6:ab:e7:16:b0:4a:1e:d9:eb:bf:96:e8:8c:19:ef:
c1:48:d8:78:a5:bb:8d:5a:b2:85:df:b4:88:ab:28:f1:cf:65:
d2:29:c7:92:e8:6e:53:9c:60:b5:42:a5:b8:fe:90:40:47:51:
87:bc:32:58:b5:d9:7e:5e:b9:e4:28:dc:b3:5a:2c:bc:49:31:
c5:e1:c0:36:8f:36:03:d9:ed:1e:67:d1:58:ea:c9:10:28:74:
2c:3d:43:d6:e0:31:04:66:50:11:e7:a3:5c:f2:12:1c:8c:23:
51:b0:c0:43
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAY7lfh52cwMj+cJojhJDTV7+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc1MDg0NzVmZjBkOGVjOTYwMzM2MDE2ZTBlMDQyMjFhOThl
NWVjZjIwHhcNMjQwNDE2MDYwMDMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZTFiYzBjNjhlNTc0ZTA2YmIxYzQyNGJiMGMxNWFjYzEyYWI1ZmMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtk3NdXL3oNkgSvkYNaURyPdWGsGi
YQ0/8hXTghnWf+0/iiB7UwQly2GtlkCeu4rvRkZkzNdXksrm5Fs1neLm9W9TvCRG
s78ymT2/czCODH0g2ZxX7BSM72yrm48i42CTuHsLLlebVhsGiRdNh72e6rIxrbOa
dyK1j7MlCi4FKqgkvFpEPE1wjmPlZF5gJ1l1V8nqWp1KOgDyCyRVwnQyzy/jem15
3yf1JzI0ePtkCz0A4xZT66UEfaPzDgyZg5aUxnW50hz/25FM1dGs+ZZK9XhN5pHL
oMoePiwl8ke+78r6gWEJFU0SuZVzHBKbT1UhYFUxZ/1He3XWblEEtEyg+wIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFE4bwMaOV04GuxxCS7DBWswSq1/DMB8GA1UdIwQY
MBaAFHUIR1/w2OyWAzYBbg4EIhqY5ezyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWIt
MTcxYzM2N2JlNzgyLzEvVGh2QXhvNVhUZ2E3SEVKTHNNRmF6QktyWDhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZS8xZmE2YTMtOGRjNS00YzM1LWE0OWItMTcxYzM2N2JlNzgy
LzEvZFFoSFhfRFk3SllETmdGdURnUWlHcGpsN1BJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKhBBBAMF
AyoQSwADBQMqEsMAMA0GCSqGSIb3DQEBCwUAA4IBAQDHznyadkS96sGc9wMnT7Fe
YwGGHU3CelxNJJUPW6LCxxVvoGQXA3n4LGq/1Cn0vMnbZrLO+dUCeb0NgdG8s19V
fUQpFwVcsUpZvNks3/2xkShiwRfzjSHTwvQaLXTrebrqs1l7YEaWb6VwEcdyOKms
OG7TMBbqxci2vGefwsBKOAP94NdsM6KTQF2Uxk4HzNFD0izWq+cWsEoe2eu/luiM
Ge/BSNh4pbuNWrKF37SIqyjxz2XSKceS6G5TnGC1QqW4/pBAR1GHvDJYtdl+Xrnk
KNyzWiy8STHF4cA2jzYD2e0eZ9FY6skQKHQsPUPW4DEEZlAR56Nc8hIcjCNRsMBD
-----END CERTIFICATE-----
Generated at Sat Jun 1 14:09:03 2024 by rpki-client on console-ams.rpki-client.org