Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/m69-2rrpagWOTgkEBkla-p4uvN8.roa
File: m69-2rrpagWOTgkEBkla-p4uvN8.roa (raw, json)
Hash identifier: TeaQ18dwpV1KZOqhk+yRX99QUrMhvq+uTpmxoQYM8r0=
Subject key identifier: 9B:AF:7E:DA:BA:E9:6A:05:8E:4E:09:04:06:49:5A:FA:9E:2E:BC:DF
Certificate issuer: /CN=d9d649188aaa439d8511f70ebe82ba5e766c85d2
Certificate serial: 018CC56EB56502682E5A60E4F26B3FEBF57C
Authority key identifier: D9:D6:49:18:8A:AA:43:9D:85:11:F7:0E:BE:82:BA:5E:76:6C:85:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2dZJGIqqQ52FEfcOvoK6XnZshdI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/m69-2rrpagWOTgkEBkla-p4uvN8.roa
Signing time: Mon 01 Jan 2024 14:30:16 +0000
ROA not before: Mon 01 Jan 2024 14:30:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 16197
IP address blocks: 185.85.89.0/24 maxlen: 24
185.85.88.0/22 maxlen: 22
185.85.88.0/24 maxlen: 24
185.85.91.0/24 maxlen: 24
185.85.90.0/24 maxlen: 24
80.68.152.0/24 maxlen: 24
2a12:cb80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/2dZJGIqqQ52FEfcOvoK6XnZshdI.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/2dZJGIqqQ52FEfcOvoK6XnZshdI.mft
rsync://rpki.ripe.net/repository/DEFAULT/2dZJGIqqQ52FEfcOvoK6XnZshdI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 10:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6e:b5:65:02:68:2e:5a:60:e4:f2:6b:3f:eb:f5:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9d649188aaa439d8511f70ebe82ba5e766c85d2
Validity
Not Before: Jan 1 14:30:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=9baf7edabae96a058e4e090406495afa9e2ebcdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:6f:44:da:2c:c0:38:39:83:c0:54:24:0b:9b:
b3:fc:4a:da:94:7c:7c:62:fd:1f:d4:c3:af:c0:6c:
49:25:b7:c0:ad:da:3e:ff:0e:5d:be:79:f8:a5:b4:
34:c1:16:35:24:d3:c5:b2:92:23:95:75:77:f7:08:
9d:e6:1e:bb:0e:61:ad:f4:69:1b:d2:5b:78:ce:6a:
b5:1a:bd:73:8f:91:ad:f5:bd:e7:6b:75:ec:5c:35:
47:4c:b5:7b:51:d3:51:21:76:87:7d:38:c3:a7:65:
46:ec:2b:98:da:99:8d:4b:80:48:97:8a:b8:06:6d:
e2:65:e4:c6:2d:b9:64:9e:6d:8e:73:fe:8f:c3:db:
bc:a6:3f:f5:0c:d5:2c:73:d1:c9:07:e8:db:52:ed:
ba:71:5f:9c:37:e2:85:42:dd:e8:d0:64:7a:22:ab:
71:10:4d:f7:79:bf:db:f2:8e:40:44:a3:58:cc:6a:
bf:e2:8b:fc:cf:60:3d:19:51:a6:c7:35:91:2f:59:
1b:1c:ca:b6:54:9a:d6:f9:23:93:4b:bc:1a:3a:cd:
eb:e4:76:11:c0:76:49:2b:7b:3f:b6:39:f0:4f:c7:
20:09:14:1e:4c:ad:60:bc:e7:68:93:a4:96:92:9b:
3e:ac:c4:58:87:c5:c5:d5:ad:d1:ac:e4:34:20:4d:
c6:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:AF:7E:DA:BA:E9:6A:05:8E:4E:09:04:06:49:5A:FA:9E:2E:BC:DF
X509v3 Authority Key Identifier:
keyid:D9:D6:49:18:8A:AA:43:9D:85:11:F7:0E:BE:82:BA:5E:76:6C:85:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2dZJGIqqQ52FEfcOvoK6XnZshdI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/m69-2rrpagWOTgkEBkla-p4uvN8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/974881-4c4e-4d48-8fd3-1cc6a31b14bf/1/2dZJGIqqQ52FEfcOvoK6XnZshdI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.68.152.0/24
185.85.88.0/22
IPv6:
2a12:cb80::/29
Signature Algorithm: sha256WithRSAEncryption
a4:26:99:44:f6:c7:5b:12:ad:b0:57:f6:09:bf:49:d4:13:95:
06:74:b4:a2:28:d7:01:03:cf:9d:e1:ae:8a:54:a2:56:b5:cd:
40:37:2c:d7:9b:19:6a:a0:c1:dc:c3:df:76:e7:f2:73:90:ac:
6c:c4:27:91:9a:d7:d2:e8:93:b7:11:af:27:b3:45:9d:1c:4f:
ef:ac:59:63:a7:6e:f0:6c:c4:dd:cb:49:47:a7:68:d0:76:65:
1d:a5:16:3b:ae:00:ae:78:3f:7d:14:a7:67:b2:1d:63:eb:c4:
75:eb:59:dc:ca:a2:ef:bb:1c:8e:a7:d6:33:94:87:4c:2d:7e:
fa:10:d3:81:3a:c1:c2:6d:6b:ea:cd:25:47:f5:a2:e4:01:a1:
47:27:9c:36:cf:44:21:1d:c5:26:7c:22:46:a3:87:a6:0e:e0:
55:2e:01:66:58:6f:66:e9:ec:f6:d8:c0:39:0d:9b:a1:be:85:
72:fc:c3:6d:53:97:af:e9:47:04:1f:41:9b:1a:64:b6:21:cb:
4f:39:67:6d:45:f8:33:75:71:04:e1:28:36:4a:74:05:1a:8d:
b9:b7:12:35:a7:b1:1a:48:c4:6a:8a:ca:13:83:65:a3:c1:ef:
72:fe:37:7a:0c:47:3d:83:ad:4a:6f:63:03:af:9c:37:6c:c8:
42:84:ef:74
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzFbrVlAmguWmDk8ms/6/V8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZDY0OTE4OGFhYTQzOWQ4NTExZjcwZWJlODJiYTVlNzY2
Yzg1ZDIwHhcNMjQwMTAxMTQzMDE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmFmN2VkYWJhZTk2YTA1OGU0ZTA5MDQwNjQ5NWFmYTllMmViY2RmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiW9E2izAODmDwFQkC5uz/EralHx8
Yv0f1MOvwGxJJbfArdo+/w5dvnn4pbQ0wRY1JNPFspIjlXV39wid5h67DmGt9Gkb
0lt4zmq1Gr1zj5Gt9b3na3XsXDVHTLV7UdNRIXaHfTjDp2VG7CuY2pmNS4BIl4q4
Bm3iZeTGLblknm2Oc/6Pw9u8pj/1DNUsc9HJB+jbUu26cV+cN+KFQt3o0GR6Iqtx
EE33eb/b8o5ARKNYzGq/4ov8z2A9GVGmxzWRL1kbHMq2VJrW+SOTS7waOs3r5HYR
wHZJK3s/tjnwT8cgCRQeTK1gvOdok6SWkps+rMRYh8XF1a3RrOQ0IE3GGwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJuvftq66WoFjk4JBAZJWvqeLrzfMB8GA1UdIwQY
MBaAFNnWSRiKqkOdhRH3Dr6Cul52bIXSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmRaSkdJcXFRNTJGRWZjT3ZvSzZYblpzaGRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Yi85NzQ4ODEtNGM0ZS00ZDQ4LThmZDMt
MWNjNmEzMWIxNGJmLzEvbTY5LTJycnBhZ1dPVGdrRUJrbGEtcDR1dk44LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Yi85NzQ4ODEtNGM0ZS00ZDQ4LThmZDMtMWNjNmEzMWIxNGJm
LzEvMmRaSkdJcXFRNTJGRWZjT3ZvSzZYblpzaGRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAUESYAwQC
uVVYMA0EAgACMAcDBQMqEsuAMA0GCSqGSIb3DQEBCwUAA4IBAQCkJplE9sdbEq2w
V/YJv0nUE5UGdLSiKNcBA8+d4a6KVKJWtc1ANyzXmxlqoMHcw9925/JzkKxsxCeR
mtfS6JO3Ea8ns0WdHE/vrFljp27wbMTdy0lHp2jQdmUdpRY7rgCueD99FKdnsh1j
68R161ncyqLvuxyOp9YzlIdMLX76ENOBOsHCbWvqzSVH9aLkAaFHJ5w2z0QhHcUm
fCJGo4emDuBVLgFmWG9m6ez22MA5DZuhvoVy/MNtU5ev6UcEH0GbGmS2IctPOWdt
RfgzdXEE4Sg2SnQFGo25txI1p7EaSMRqisoTg2Wjwe9y/jd6DEc9g61Kb2MDr5w3
bMhChO90
-----END CERTIFICATE-----
Generated at Tue Nov 26 17:39:09 2024 by rpki-client on console-ams.rpki-client.org