Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/2XUx7v4JYwgHK0UdgSarUv2Puak.roa
File: 2XUx7v4JYwgHK0UdgSarUv2Puak.roa (raw, json)
Hash identifier: hF7NzBVgWe57gAZyGM+/CATebm12iduh8XWV4X1q0Pc=
Subject key identifier: D9:75:31:EE:FE:09:63:08:07:2B:45:1D:81:26:AB:52:FD:8F:B9:A9
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 018D7A905402016F4563690B924AA33B1B65
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/2XUx7v4JYwgHK0UdgSarUv2Puak.roa
Signing time: Mon 05 Feb 2024 18:38:15 +0000
ROA not before: Mon 05 Feb 2024 18:38:15 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3257
IP address blocks: 94.131.24.0/22 maxlen: 24
94.131.48.0/20 maxlen: 24
94.131.64.0/20 maxlen: 24
95.164.44.0/22 maxlen: 22
95.164.70.0/24 maxlen: 24
95.164.77.0/24 maxlen: 24
95.164.78.0/23 maxlen: 24
95.164.128.0/20 maxlen: 24
95.164.168.0/23 maxlen: 24
95.164.192.0/22 maxlen: 24
95.164.196.0/22 maxlen: 24
95.164.200.0/21 maxlen: 21
95.164.240.0/21 maxlen: 21
95.164.252.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 05 May 2024 05:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:7a:90:54:02:01:6f:45:63:69:0b:92:4a:a3:3b:1b:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Feb 5 18:38:15 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d97531eefe096308072b451d8126ab52fd8fb9a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:60:36:57:fb:f0:e1:b9:f8:66:d5:19:d2:59:
1e:0f:fe:25:e9:01:c2:77:e3:f4:2b:af:23:b1:52:
78:63:87:9c:a9:cc:81:51:e0:50:93:d9:fc:3a:83:
04:c8:5c:aa:e5:be:32:eb:a7:90:d3:39:c1:13:c9:
b3:94:88:01:03:17:11:bf:3d:fd:71:0e:53:4e:9d:
9a:99:2e:90:fd:a2:5b:d8:36:d2:33:27:cf:95:02:
db:d0:90:8f:40:ec:fa:95:bc:7a:ae:1c:07:4b:5e:
57:db:2c:1e:29:e7:07:29:d2:9f:0a:77:ab:29:e1:
ef:b8:16:b0:6f:7d:8d:72:90:5a:4f:87:28:78:de:
6c:0c:9d:a2:4f:b6:34:4f:f3:9c:ed:d5:13:3b:64:
62:56:b9:ee:70:e5:04:be:47:45:4a:ab:4d:f1:bd:
4e:3c:fd:0c:49:7c:ae:fe:7b:fd:9d:ec:c8:07:b5:
c2:65:ab:32:cb:91:56:12:ca:79:cf:dc:84:ad:8d:
7d:9c:d8:ab:e8:42:16:ac:56:1a:84:34:dc:ed:7a:
d1:83:8b:48:44:bf:d3:ca:51:ea:97:b1:7c:d7:9f:
e6:cb:96:dd:06:09:ff:1f:83:8b:80:da:0d:b7:8f:
76:70:c0:66:29:d7:5c:9a:07:b0:2a:9b:79:b2:06:
51:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:75:31:EE:FE:09:63:08:07:2B:45:1D:81:26:AB:52:FD:8F:B9:A9
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/2XUx7v4JYwgHK0UdgSarUv2Puak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.24.0/22
94.131.48.0-94.131.79.255
95.164.44.0/22
95.164.70.0/24
95.164.77.0-95.164.79.255
95.164.128.0/20
95.164.168.0/23
95.164.192.0/20
95.164.240.0/21
95.164.252.0/22
Signature Algorithm: sha256WithRSAEncryption
70:00:73:c3:d0:3e:f1:93:6f:53:f7:e3:e6:f7:85:78:6f:fe:
8d:a5:83:d3:5b:37:3b:94:4b:5a:2a:0b:12:e6:5b:8f:f4:3a:
e6:6f:09:e8:9d:2b:af:af:dd:fa:47:cc:c7:a6:c9:fb:1d:5b:
ff:c9:a9:0b:41:c5:38:2d:bd:ef:6c:76:ef:13:5f:92:3d:1b:
a5:c4:59:c9:67:55:ae:3f:36:d0:80:fd:63:85:c2:a9:c4:de:
a0:f1:c9:84:28:76:0b:27:d2:49:e4:ed:a5:c0:6d:d5:03:8b:
48:4b:68:96:4c:aa:31:2e:8c:b0:9f:64:80:64:18:17:51:a0:
2b:bf:cb:58:ba:3b:43:3c:1f:42:69:c3:b5:ae:65:12:e4:21:
21:f0:c0:99:6f:cd:7b:14:96:5a:b5:df:fc:06:0b:bf:c5:2d:
62:16:06:8a:e0:e0:c7:0c:86:b2:3a:16:48:07:6b:b1:78:9c:
36:14:f2:62:10:ee:7d:43:9a:03:12:0f:ee:85:23:d3:bd:be:
99:f7:c5:e3:4b:f6:af:2c:b6:03:7e:c5:32:06:89:1b:49:9e:
ad:8b:40:59:b2:84:15:4a:b2:e9:9d:a5:7a:10:a1:9c:67:37:
0a:dc:a6:53:0a:cd:ba:de:9e:c1:9e:cf:27:7f:46:d3:80:8b:
15:eb:3f:00
-----BEGIN CERTIFICATE-----
MIIFQzCCBCugAwIBAgISAY16kFQCAW9FY2kLkkqjOxtlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQwMjA1MTgzODE1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTc1MzFlZWZlMDk2MzA4MDcyYjQ1MWQ4MTI2YWI1MmZkOGZiOWE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomA2V/vw4bn4ZtUZ0lkeD/4l6QHC
d+P0K68jsVJ4Y4ecqcyBUeBQk9n8OoMEyFyq5b4y66eQ0znBE8mzlIgBAxcRvz39
cQ5TTp2amS6Q/aJb2DbSMyfPlQLb0JCPQOz6lbx6rhwHS15X2yweKecHKdKfCner
KeHvuBawb32NcpBaT4coeN5sDJ2iT7Y0T/Oc7dUTO2RiVrnucOUEvkdFSqtN8b1O
PP0MSXyu/nv9nezIB7XCZasyy5FWEsp5z9yErY19nNir6EIWrFYahDTc7XrRg4tI
RL/TylHql7F815/my5bdBgn/H4OLgNoNt492cMBmKddcmgewKpt5sgZR7wIDAQAB
o4ICTzCCAkswHQYDVR0OBBYEFNl1Me7+CWMIBytFHYEmq1L9j7mpMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvMlhVeDd2NEpZd2dISzBVZGdTYXJVdjJQdWFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGUGCCsGAQUFBwEHAQH/BFYwVDBSBAIAATBMAwQCXoMYMAwD
BARegzADBAReg0ADBAJfpCwDBABfpEYwDAMEAF+kTQMEBF+kQAMEBF+kgAMEAV+k
qAMEBF+kwAMEA1+k8AMEAl+k/DANBgkqhkiG9w0BAQsFAAOCAQEAcABzw9A+8ZNv
U/fj5veFeG/+jaWD01s3O5RLWioLEuZbj/Q65m8J6J0rr6/d+kfMx6bJ+x1b/8mp
C0HFOC2972x27xNfkj0bpcRZyWdVrj820ID9Y4XCqcTeoPHJhCh2CyfSSeTtpcBt
1QOLSEtolkyqMS6MsJ9kgGQYF1GgK7/LWLo7QzwfQmnDta5lEuQhIfDAmW/NexSW
WrXf/AYLv8UtYhYGiuDgxwyGsjoWSAdrsXicNhTyYhDufUOaAxIP7oUj072+mffF
40v2ryy2A37FMgaJG0merYtAWbKEFUqy6Z2lehChnGc3CtymUwrNut6ewZ7PJ39G
04CLFes/AA==
-----END CERTIFICATE-----
Generated at Sat May 4 11:22:12 2024 by rpki-client on console-ams.rpki-client.org