Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/2p7NoC24EW-Zg9OTCKVmMqobdF4.roa
File: 2p7NoC24EW-Zg9OTCKVmMqobdF4.roa (raw, json)
Hash identifier: Vf/tx5ymjh8BcO2vz/6fds07CPbTxyw6YRORy8jqU4I=
Subject key identifier: DA:9E:CD:A0:2D:B8:11:6F:99:83:D3:93:08:A5:66:32:AA:1B:74:5E
Certificate issuer: /CN=c8003c979603f7cea12aca01ebc2057c36fd7f30
Certificate serial: 018CC5005FF0E4418F87D9D86D89A8A1E939
Authority key identifier: C8:00:3C:97:96:03:F7:CE:A1:2A:CA:01:EB:C2:05:7C:36:FD:7F:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yAA8l5YD986hKsoB68IFfDb9fzA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/2p7NoC24EW-Zg9OTCKVmMqobdF4.roa
Signing time: Mon 01 Jan 2024 12:29:45 +0000
ROA not before: Mon 01 Jan 2024 12:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29311
IP address blocks: 213.108.29.0/24 maxlen: 24
185.61.224.0/22 maxlen: 24
62.112.224.0/19 maxlen: 24
2a00:1558::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/yAA8l5YD986hKsoB68IFfDb9fzA.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/yAA8l5YD986hKsoB68IFfDb9fzA.mft
rsync://rpki.ripe.net/repository/DEFAULT/yAA8l5YD986hKsoB68IFfDb9fzA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 25 Jun 2024 00:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:5f:f0:e4:41:8f:87:d9:d8:6d:89:a8:a1:e9:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c8003c979603f7cea12aca01ebc2057c36fd7f30
Validity
Not Before: Jan 1 12:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da9ecda02db8116f9983d39308a56632aa1b745e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6e:45:81:56:39:84:25:a6:a0:de:8a:8e:37:
d5:e1:c0:c8:52:77:20:0a:4a:f2:e1:36:90:a0:0a:
b0:32:f7:d5:f6:ce:ba:24:db:74:ba:8d:b6:19:1a:
10:3c:51:ac:eb:aa:84:a4:f0:f6:f1:27:5b:75:62:
7f:09:fd:4f:d6:05:3a:93:6a:1d:35:1f:39:fb:a7:
78:f6:28:fe:71:75:32:b3:95:8d:ad:c4:9b:56:8a:
ae:30:b4:31:5e:d2:cb:b9:86:1d:39:18:3c:ff:21:
54:b7:44:c8:26:44:dc:bc:cb:51:73:aa:54:45:55:
e3:3b:88:7e:04:80:69:4b:bd:39:ea:60:4e:43:5d:
6a:73:5b:7a:fc:3d:88:e2:46:66:11:bc:27:cf:7b:
5a:ef:b1:cb:8f:4f:67:23:3e:7d:b4:a9:c2:be:32:
0e:89:21:3b:a4:59:84:5a:ba:36:f2:a6:23:61:2a:
a1:29:ab:f6:99:5d:d5:d0:57:1b:37:18:db:8f:ed:
48:f8:67:9d:7a:31:72:66:21:36:0d:2c:7b:fe:b4:
a3:0d:1e:d9:7a:c8:02:54:7d:ed:df:22:51:d3:d3:
92:6f:bf:06:0f:15:2a:83:bf:82:5b:70:47:de:f2:
52:b9:d1:47:8d:d5:5c:1f:8c:17:0f:82:ee:0e:2e:
7a:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:9E:CD:A0:2D:B8:11:6F:99:83:D3:93:08:A5:66:32:AA:1B:74:5E
X509v3 Authority Key Identifier:
keyid:C8:00:3C:97:96:03:F7:CE:A1:2A:CA:01:EB:C2:05:7C:36:FD:7F:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yAA8l5YD986hKsoB68IFfDb9fzA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/2p7NoC24EW-Zg9OTCKVmMqobdF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/03ca01-b959-41a6-8133-07228812d017/1/yAA8l5YD986hKsoB68IFfDb9fzA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.112.224.0/19
185.61.224.0/22
213.108.29.0/24
IPv6:
2a00:1558::/32
Signature Algorithm: sha256WithRSAEncryption
6b:cc:18:2d:ad:bc:dc:ca:55:5f:61:1f:1d:15:a6:40:76:0e:
b1:0f:3d:5a:24:0c:ec:a7:d8:7c:ab:3c:12:c0:33:76:da:5f:
a6:5c:a6:ed:49:06:89:0b:db:ae:99:37:7b:1d:22:56:0e:45:
19:d6:d2:a2:8e:a9:02:c5:6b:67:52:29:c9:ec:18:0f:da:22:
b6:89:e0:62:51:ca:8a:c6:9a:c6:63:0d:90:b3:f9:94:43:f1:
85:43:22:20:03:f1:a7:63:dc:71:db:1d:15:93:71:b5:5f:5f:
0c:d9:9d:a4:42:57:6c:4c:06:5c:c2:a2:11:29:32:60:13:52:
01:da:da:b2:e6:ce:dc:71:58:26:99:53:2d:26:fe:45:98:a8:
2d:2d:b8:1b:13:14:46:ed:7b:5f:c2:b4:8e:00:93:77:ee:48:
19:13:59:45:32:91:98:1c:1b:23:af:5d:96:13:21:cc:61:2c:
f5:e6:64:70:fa:9b:dd:63:26:98:b3:83:7a:94:ef:f7:00:ab:
5e:60:e6:10:13:a4:d9:88:ed:ed:b0:1e:74:81:a6:59:ec:d7:
e1:67:5b:13:cb:e8:00:d6:df:33:a3:b5:26:64:47:2c:bb:5d:
e6:24:1b:f9:75:c1:a5:ba:ed:8d:aa:d5:5e:fe:d8:76:f0:a1:
fa:bf:71:87
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFAF/w5EGPh9nYbYmooek5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM4MDAzYzk3OTYwM2Y3Y2VhMTJhY2EwMWViYzIwNTdjMzZm
ZDdmMzAwHhcNMjQwMTAxMTIyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTllY2RhMDJkYjgxMTZmOTk4M2QzOTMwOGE1NjYzMmFhMWI3NDVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqm5FgVY5hCWmoN6KjjfV4cDIUncg
Ckry4TaQoAqwMvfV9s66JNt0uo22GRoQPFGs66qEpPD28SdbdWJ/Cf1P1gU6k2od
NR85+6d49ij+cXUys5WNrcSbVoquMLQxXtLLuYYdORg8/yFUt0TIJkTcvMtRc6pU
RVXjO4h+BIBpS7056mBOQ11qc1t6/D2I4kZmEbwnz3ta77HLj09nIz59tKnCvjIO
iSE7pFmEWro28qYjYSqhKav2mV3V0FcbNxjbj+1I+GedejFyZiE2DSx7/rSjDR7Z
esgCVH3t3yJR09OSb78GDxUqg7+CW3BH3vJSudFHjdVcH4wXD4LuDi56JQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNqezaAtuBFvmYPTkwilZjKqG3ReMB8GA1UdIwQY
MBaAFMgAPJeWA/fOoSrKAevCBXw2/X8wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveUFBOGw1WUQ5ODZoS3NvQjY4SUZmRGI5ZnpBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8wM2NhMDEtYjk1OS00MWE2LTgxMzMt
MDcyMjg4MTJkMDE3LzEvMnA3Tm9DMjRFVy1aZzlPVENLVm1NcW9iZEY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8wM2NhMDEtYjk1OS00MWE2LTgxMzMtMDcyMjg4MTJkMDE3
LzEveUFBOGw1WUQ5ODZoS3NvQjY4SUZmRGI5ZnpBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQFPnDgAwQC
uT3gAwQA1WwdMA0EAgACMAcDBQAqABVYMA0GCSqGSIb3DQEBCwUAA4IBAQBrzBgt
rbzcylVfYR8dFaZAdg6xDz1aJAzsp9h8qzwSwDN22l+mXKbtSQaJC9uumTd7HSJW
DkUZ1tKijqkCxWtnUinJ7BgP2iK2ieBiUcqKxprGYw2Qs/mUQ/GFQyIgA/GnY9xx
2x0Vk3G1X18M2Z2kQldsTAZcwqIRKTJgE1IB2tqy5s7ccVgmmVMtJv5FmKgtLbgb
ExRG7XtfwrSOAJN37kgZE1lFMpGYHBsjr12WEyHMYSz15mRw+pvdYyaYs4N6lO/3
AKteYOYQE6TZiO3tsB50gaZZ7NfhZ1sTy+gA1t8zo7UmZEcsu13mJBv5dcGluu2N
qtVe/th28KH6v3GH
-----END CERTIFICATE-----
Generated at Mon Jun 24 09:46:45 2024 by rpki-client on console-fra.rpki-client.org