Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/f2lMXWGWTtmQW8ze3NVRQuzAf7Y.roa
File: f2lMXWGWTtmQW8ze3NVRQuzAf7Y.roa (raw, json)
Hash identifier: 9daQUjfg41vFfv/ZJiTwt6QxdttMLYhGCMEMXfvgzJ4=
Subject key identifier: 7F:69:4C:5D:61:96:4E:D9:90:5B:CC:DE:DC:D5:51:42:EC:C0:7F:B6
Certificate issuer: /CN=6ed0392ac7660bd1460fa1d5031d1840d01b9412
Certificate serial: 0191A2857C700F5EB404E0A42530A56B1D24
Authority key identifier: 6E:D0:39:2A:C7:66:0B:D1:46:0F:A1:D5:03:1D:18:40:D0:1B:94:12
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/btA5KsdmC9FGD6HVAx0YQNAblBI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/f2lMXWGWTtmQW8ze3NVRQuzAf7Y.roa
Signing time: Fri 30 Aug 2024 09:02:22 +0000
ROA not before: Fri 30 Aug 2024 09:02:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34240
IP address blocks: 2.59.84.0/22 maxlen: 22
89.238.64.0/18 maxlen: 18
89.238.80.0/24 maxlen: 24
89.238.85.0/24 maxlen: 24
217.11.48.0/20 maxlen: 20
2a00:1828::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/btA5KsdmC9FGD6HVAx0YQNAblBI.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/btA5KsdmC9FGD6HVAx0YQNAblBI.mft
rsync://rpki.ripe.net/repository/DEFAULT/btA5KsdmC9FGD6HVAx0YQNAblBI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 05:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a2:85:7c:70:0f:5e:b4:04:e0:a4:25:30:a5:6b:1d:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed0392ac7660bd1460fa1d5031d1840d01b9412
Validity
Not Before: Aug 30 09:02:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f694c5d61964ed9905bccdedcd55142ecc07fb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:4f:75:aa:76:9d:95:cb:d6:c3:14:ea:4d:0b:
3c:df:d1:c1:8e:a7:ae:df:0d:c8:6e:a7:ef:47:31:
4f:18:bb:ac:30:37:ee:37:fa:92:eb:0c:03:a4:89:
f9:c2:d5:8c:6b:7e:be:b7:49:c2:eb:9f:a7:2c:f3:
13:d7:6c:5f:a3:ee:94:be:86:9a:f1:3a:62:8a:98:
06:cf:1d:81:c6:2f:f9:06:73:05:19:46:fe:98:c9:
59:e8:b5:e2:b6:30:ff:95:65:1e:2c:8c:ba:67:8b:
7a:04:5d:e9:c4:97:63:4f:f3:63:55:9c:cb:a1:ce:
ec:be:a2:ed:44:fc:1b:cc:fe:4e:9e:b2:ab:d8:b1:
3c:80:1f:6b:6f:ed:15:3f:ab:d5:53:13:fc:45:e8:
89:51:92:2d:0e:64:31:2d:59:f8:e9:e8:27:10:3b:
89:5f:f6:8d:37:cc:ce:30:89:25:31:1e:39:32:ec:
68:e8:40:cf:16:6b:76:53:cc:85:45:af:a5:6f:c9:
05:74:0f:d4:ca:d4:bf:50:4a:52:3d:86:72:25:8c:
d2:40:0a:a5:8f:de:5e:12:6c:6c:2c:61:23:81:50:
fc:77:86:4d:d4:e2:3c:ff:4a:4d:69:7e:fd:1a:92:
be:64:3e:15:63:52:32:15:58:0d:e8:9b:f0:3b:be:
c6:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:69:4C:5D:61:96:4E:D9:90:5B:CC:DE:DC:D5:51:42:EC:C0:7F:B6
X509v3 Authority Key Identifier:
keyid:6E:D0:39:2A:C7:66:0B:D1:46:0F:A1:D5:03:1D:18:40:D0:1B:94:12
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/btA5KsdmC9FGD6HVAx0YQNAblBI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/f2lMXWGWTtmQW8ze3NVRQuzAf7Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/78e03c-c9c7-4c85-bfdd-e8baf9ffadf8/1/btA5KsdmC9FGD6HVAx0YQNAblBI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.84.0/22
89.238.64.0/18
217.11.48.0/20
IPv6:
2a00:1828::/32
Signature Algorithm: sha256WithRSAEncryption
56:53:23:67:3d:92:9e:a3:ad:c7:0e:00:37:37:3f:b4:bc:47:
ff:88:72:2b:55:40:66:63:e0:b9:f3:5c:b7:f8:6b:cf:cc:c0:
63:1c:7e:e7:ae:33:ea:23:a2:e2:29:84:e4:93:06:70:e7:e5:
bf:23:15:8a:51:d8:db:ca:0e:ac:7d:db:09:98:2d:34:b6:7e:
23:ed:b9:ba:19:22:14:59:6f:42:b5:cd:1e:43:8b:ca:ef:86:
fd:63:7b:63:b2:b5:c7:01:d1:78:7a:16:c1:bb:44:bb:bc:86:
4e:9a:e5:aa:0a:f5:b5:d7:ab:52:a5:7d:2d:6b:e5:1c:d8:1d:
17:6a:ec:6e:92:5c:e5:15:87:76:23:b3:94:3c:6e:3a:8a:97:
57:ae:fd:0b:ac:fa:75:b8:00:37:24:fb:d3:10:32:d1:45:98:
bc:20:5e:2d:55:a1:bb:3c:13:fa:36:f3:cc:56:9e:7a:11:eb:
03:24:2e:09:a6:e2:e5:19:5f:9b:be:ff:6c:b5:88:69:cc:a4:
1d:9f:9e:e6:2e:0d:de:03:4b:45:49:ce:4f:e3:2f:6f:61:9d:
b3:1f:40:d0:36:7b:7b:38:31:46:0e:eb:8d:1f:35:da:0a:33:
31:fc:5c:f7:b6:52:b8:36:7f:f2:40:0d:57:65:d4:ec:3f:60:
3f:c6:1a:4a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZGihXxwD160BOCkJTClax0kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZlZDAzOTJhYzc2NjBiZDE0NjBmYTFkNTAzMWQxODQwZDAx
Yjk0MTIwHhcNMjQwODMwMDkwMjIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjY5NGM1ZDYxOTY0ZWQ5OTA1YmNjZGVkY2Q1NTE0MmVjYzA3ZmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg091qnadlcvWwxTqTQs839HBjqeu
3w3IbqfvRzFPGLusMDfuN/qS6wwDpIn5wtWMa36+t0nC65+nLPMT12xfo+6Uvoaa
8TpiipgGzx2Bxi/5BnMFGUb+mMlZ6LXitjD/lWUeLIy6Z4t6BF3pxJdjT/NjVZzL
oc7svqLtRPwbzP5OnrKr2LE8gB9rb+0VP6vVUxP8ReiJUZItDmQxLVn46egnEDuJ
X/aNN8zOMIklMR45Muxo6EDPFmt2U8yFRa+lb8kFdA/UytS/UEpSPYZyJYzSQAql
j95eEmxsLGEjgVD8d4ZN1OI8/0pNaX79GpK+ZD4VY1IyFVgN6JvwO77GpwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFH9pTF1hlk7ZkFvM3tzVUULswH+2MB8GA1UdIwQY
MBaAFG7QOSrHZgvRRg+h1QMdGEDQG5QSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYnRBNUtzZG1DOUZHRDZIVkF4MFlRTkFibEJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83OGUwM2MtYzljNy00Yzg1LWJmZGQt
ZThiYWY5ZmZhZGY4LzEvZjJsTVhXR1dUdG1RVzh6ZTNOVlJRdXpBZjdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83OGUwM2MtYzljNy00Yzg1LWJmZGQtZThiYWY5ZmZhZGY4
LzEvYnRBNUtzZG1DOUZHRDZIVkF4MFlRTkFibEJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCAjtUAwQG
We5AAwQE2QswMA0EAgACMAcDBQAqABgoMA0GCSqGSIb3DQEBCwUAA4IBAQBWUyNn
PZKeo63HDgA3Nz+0vEf/iHIrVUBmY+C581y3+GvPzMBjHH7nrjPqI6LiKYTkkwZw
5+W/IxWKUdjbyg6sfdsJmC00tn4j7bm6GSIUWW9Ctc0eQ4vK74b9Y3tjsrXHAdF4
ehbBu0S7vIZOmuWqCvW116tSpX0ta+Uc2B0XauxuklzlFYd2I7OUPG46ipdXrv0L
rPp1uAA3JPvTEDLRRZi8IF4tVaG7PBP6NvPMVp56EesDJC4JpuLlGV+bvv9stYhp
zKQdn57mLg3eA0tFSc5P4y9vYZ2zH0DQNnt7ODFGDuuNHzXaCjMx/Fz3tlK4Nn/y
QA1XZdTsP2A/xhpK
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:53:59 2024 by rpki-client on console-fra.rpki-client.org