Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/Dr2ZhfbeWtqNuzFnSzSqtrp-UbI.roa
File: Dr2ZhfbeWtqNuzFnSzSqtrp-UbI.roa (raw, json)
Hash identifier: ukmYFGsYz/EGQ+8QpcK+PLWsubzuXQ6RVcMO+M4pJBk=
Subject key identifier: 0E:BD:99:85:F6:DE:5A:DA:8D:BB:31:67:4B:34:AA:B6:BA:7E:51:B2
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 01915003EB12628D9D1D8F9E502C9AD20FD0
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/Dr2ZhfbeWtqNuzFnSzSqtrp-UbI.roa
Signing time: Wed 14 Aug 2024 08:31:59 +0000
ROA not before: Wed 14 Aug 2024 08:31:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 84.46.203.0/24 maxlen: 24
84.46.208.0/24 maxlen: 24
84.46.211.0/24 maxlen: 24
84.46.212.0/24 maxlen: 24
84.46.214.0/24 maxlen: 24
84.46.215.0/24 maxlen: 24
84.46.220.0/24 maxlen: 24
84.46.222.0/24 maxlen: 24
86.38.25.0/24 maxlen: 24
86.38.57.0/24 maxlen: 24
86.38.128.0/24 maxlen: 24
86.38.129.0/24 maxlen: 24
86.38.130.0/24 maxlen: 24
86.38.158.0/24 maxlen: 24
86.38.159.0/24 maxlen: 24
86.38.160.0/24 maxlen: 24
89.117.240.0/24 maxlen: 24
89.117.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:50:03:eb:12:62:8d:9d:1d:8f:9e:50:2c:9a:d2:0f:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Aug 14 08:31:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=0ebd9985f6de5ada8dbb31674b34aab6ba7e51b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cd:54:3d:81:0c:b4:7f:6a:32:dd:48:25:20:
28:93:f9:8a:9e:28:37:87:05:27:9f:e9:7b:38:7f:
75:36:01:98:44:3b:41:4c:cd:f9:04:13:43:2c:f9:
5e:12:84:44:6a:f4:42:77:21:dd:b1:36:df:f5:e1:
58:82:e7:c9:23:e9:e8:5b:34:8e:b1:92:53:96:06:
d0:a9:9f:f3:8a:28:f4:78:32:67:d5:a0:3b:f2:4f:
6f:53:97:85:60:94:2d:d1:94:2f:4c:58:ec:6c:68:
43:c4:d4:64:61:a0:ac:3b:7a:67:21:94:55:4c:3b:
6e:04:3c:12:70:b9:2b:4c:ef:10:9d:01:6d:a4:67:
3a:50:b3:e6:a3:ef:80:8c:e0:e4:6b:2d:8f:76:cf:
3c:de:62:bf:d3:96:ee:65:01:7b:d6:6f:fb:11:fc:
82:1f:07:30:a5:2c:00:bd:fd:78:f4:b8:e9:13:39:
56:7c:90:f3:ee:9b:ad:4e:0e:4e:df:0b:57:9e:22:
82:6e:24:bc:8d:88:46:b6:52:65:4e:af:fc:f4:92:
c9:02:0c:27:da:51:5a:e9:ec:74:63:80:b8:6b:e7:
69:27:c8:a0:a9:79:15:45:7d:85:3b:3c:b1:73:f2:
2f:af:8c:d4:d4:f1:16:02:dd:79:56:98:93:06:61:
3c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:BD:99:85:F6:DE:5A:DA:8D:BB:31:67:4B:34:AA:B6:BA:7E:51:B2
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/Dr2ZhfbeWtqNuzFnSzSqtrp-UbI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.46.203.0/24
84.46.208.0/24
84.46.211.0-84.46.212.255
84.46.214.0/23
84.46.220.0/24
84.46.222.0/24
86.38.25.0/24
86.38.57.0/24
86.38.128.0-86.38.130.255
86.38.158.0-86.38.160.255
89.117.240.0/24
89.117.242.0/24
Signature Algorithm: sha256WithRSAEncryption
62:a0:27:7d:2e:47:47:fd:93:67:df:a6:d3:88:95:17:c0:3b:
b8:ac:f0:3a:b4:24:9a:7a:21:d9:6f:19:eb:8d:56:08:18:01:
0e:e6:45:21:6f:5a:21:20:c7:d0:fe:c0:e9:d6:92:15:53:a8:
b1:bb:e9:f5:1b:da:47:69:80:86:ee:95:36:fe:d2:13:f0:19:
ba:6f:d8:df:18:3f:3f:56:6f:b7:c1:77:e4:30:1e:6d:28:c3:
70:58:7e:85:94:5a:44:64:ec:82:f4:53:25:8b:8b:39:22:c0:
c2:b3:bc:af:18:d8:8f:d5:76:2f:e0:6f:5f:55:79:20:bd:76:
f2:29:e0:f4:91:58:b3:8f:b4:a2:26:28:5d:f0:07:bd:fa:67:
46:ec:89:60:77:12:d6:17:db:7e:9c:9d:c0:ad:42:5c:f1:07:
a1:95:e7:bd:7e:4d:83:5b:71:7d:9f:64:15:61:12:c7:9a:bf:
c2:6d:67:81:7d:c4:4e:91:ea:4b:71:eb:1e:b8:21:46:d0:cd:
d3:5b:e9:25:fb:75:3b:ac:7a:99:7a:d5:68:0d:f5:68:9e:57:
df:73:3b:64:78:c2:9b:2f:dc:1c:e0:5d:b4:14:37:de:00:56:
79:2e:47:ae:a8:b4:74:a2:cf:0f:6b:21:48:ef:6c:54:41:93:
22:5a:9e:7b
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZFQA+sSYo2dHY+eUCya0g/QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjQwODE0MDgzMTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWJkOTk4NWY2ZGU1YWRhOGRiYjMxNjc0YjM0YWFiNmJhN2U1MWIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuc1UPYEMtH9qMt1IJSAok/mKnig3
hwUnn+l7OH91NgGYRDtBTM35BBNDLPleEoREavRCdyHdsTbf9eFYgufJI+noWzSO
sZJTlgbQqZ/ziij0eDJn1aA78k9vU5eFYJQt0ZQvTFjsbGhDxNRkYaCsO3pnIZRV
TDtuBDwScLkrTO8QnQFtpGc6ULPmo++AjODkay2Pds883mK/05buZQF71m/7EfyC
HwcwpSwAvf149LjpEzlWfJDz7putTg5O3wtXniKCbiS8jYhGtlJlTq/89JLJAgwn
2lFa6ex0Y4C4a+dpJ8igqXkVRX2FOzyxc/Ivr4zU1PEWAt15VpiTBmE8fwIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFA69mYX23lrajbsxZ0s0qra6flGyMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvRHIyWmhmYmVXdHFOdXpGblN6U3F0cnAtVWJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQAVC7LAwQA
VC7QMAwDBABULtMDBABULtQDBAFULtYDBABULtwDBABULt4DBABWJhkDBABWJjkw
DAMEB1YmgAMEAFYmgjAMAwQBViaeAwQAViagAwQAWXXwAwQAWXXyMA0GCSqGSIb3
DQEBCwUAA4IBAQBioCd9LkdH/ZNn36bTiJUXwDu4rPA6tCSaeiHZbxnrjVYIGAEO
5kUhb1ohIMfQ/sDp1pIVU6ixu+n1G9pHaYCG7pU2/tIT8Bm6b9jfGD8/Vm+3wXfk
MB5tKMNwWH6FlFpEZOyC9FMli4s5IsDCs7yvGNiP1XYv4G9fVXkgvXbyKeD0kViz
j7SiJihd8Ae9+mdG7IlgdxLWF9t+nJ3ArUJc8Qehlee9fk2DW3F9n2QVYRLHmr/C
bWeBfcROkepLceseuCFG0M3TW+kl+3U7rHqZetVoDfVonlffcztkeMKbL9wc4F20
FDfeAFZ5LkeuqLR0os8PayFI72xUQZMiWp57
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:34:59 2024 by rpki-client on console-fra.rpki-client.org