Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b0/2f6595-d3d1-43ea-a4a3-ab3b7c3e8215/1/rEX2-eY8Bm7Hk_CiTR7dvOZTxgU.roa
File: rEX2-eY8Bm7Hk_CiTR7dvOZTxgU.roa (raw, json)
Hash identifier: hgTsk5IEAmKEQ81FFF4XZGp/St6qogUUtfQ5wo1s7CM=
Subject key identifier: AC:45:F6:F9:E6:3C:06:6E:C7:93:F0:A2:4D:1E:DD:BC:E6:53:C6:05
Certificate issuer: /CN=33a9c7bdf2b82e343ec42667d6eede4b80610c84
Certificate serial: 018CC3489B16557D59AD41A56E746FA3EA2C
Authority key identifier: 33:A9:C7:BD:F2:B8:2E:34:3E:C4:26:67:D6:EE:DE:4B:80:61:0C:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/M6nHvfK4LjQ-xCZn1u7eS4BhDIQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b0/2f6595-d3d1-43ea-a4a3-ab3b7c3e8215/1/rEX2-eY8Bm7Hk_CiTR7dvOZTxgU.roa
Signing time: Mon 01 Jan 2024 04:29:24 +0000
ROA not before: Mon 01 Jan 2024 04:29:24 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207464
IP address blocks: 147.161.16.0/22 maxlen: 23
109.72.160.0/20 maxlen: 21
62.241.32.0/20 maxlen: 21
185.135.134.0/23 maxlen: 23
185.154.16.0/22 maxlen: 23
85.113.72.0/21 maxlen: 22
185.36.212.0/22 maxlen: 23
2a00:f0a0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b0/2f6595-d3d1-43ea-a4a3-ab3b7c3e8215/1/M6nHvfK4LjQ-xCZn1u7eS4BhDIQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b0/2f6595-d3d1-43ea-a4a3-ab3b7c3e8215/1/M6nHvfK4LjQ-xCZn1u7eS4BhDIQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/M6nHvfK4LjQ-xCZn1u7eS4BhDIQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 13:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:48:9b:16:55:7d:59:ad:41:a5:6e:74:6f:a3:ea:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=33a9c7bdf2b82e343ec42667d6eede4b80610c84
Validity
Not Before: Jan 1 04:29:24 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ac45f6f9e63c066ec793f0a24d1eddbce653c605
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:e2:40:53:32:0e:9a:ee:16:ca:48:13:c0:93:
8c:24:72:7c:0c:2c:d0:74:c7:14:bc:63:6e:1b:b9:
a5:08:3b:dc:2c:05:e9:ac:ed:0f:b2:75:b7:6b:4e:
52:8b:ff:05:af:e3:71:f4:72:f9:00:19:79:53:df:
bf:5c:a1:6d:b1:49:58:e7:12:5a:d0:79:b1:07:32:
0a:c9:12:5c:5a:5e:bb:70:2c:ae:68:ad:3c:95:58:
35:9d:ce:0f:79:7b:d8:57:52:e3:ea:4b:c5:54:48:
ce:df:5f:15:ea:e3:90:fa:44:39:3e:fa:12:49:65:
c1:88:fe:8a:2e:cd:fd:ce:77:50:6f:33:0e:d7:d4:
2e:14:b7:34:5f:54:5d:c0:a3:75:ff:8e:39:bf:84:
9f:2e:b9:a8:74:23:a0:61:4a:a5:b3:78:f9:76:9c:
b0:b4:a7:59:a2:27:ab:78:c1:3c:d7:7f:f8:2a:f1:
4e:62:7b:1f:a7:ef:1c:63:6a:95:d5:9c:bc:07:f6:
9f:a6:03:d9:b8:b7:c5:0a:ef:c2:ba:92:3c:cb:69:
18:d5:34:06:cd:83:e4:c6:a6:de:04:dc:66:0f:5d:
08:88:61:06:6a:e4:dd:94:0d:71:02:f3:53:24:96:
f8:2d:cf:ae:1c:13:12:4c:01:41:97:3e:c7:cc:7c:
16:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:45:F6:F9:E6:3C:06:6E:C7:93:F0:A2:4D:1E:DD:BC:E6:53:C6:05
X509v3 Authority Key Identifier:
keyid:33:A9:C7:BD:F2:B8:2E:34:3E:C4:26:67:D6:EE:DE:4B:80:61:0C:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/M6nHvfK4LjQ-xCZn1u7eS4BhDIQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/2f6595-d3d1-43ea-a4a3-ab3b7c3e8215/1/rEX2-eY8Bm7Hk_CiTR7dvOZTxgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b0/2f6595-d3d1-43ea-a4a3-ab3b7c3e8215/1/M6nHvfK4LjQ-xCZn1u7eS4BhDIQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.241.32.0/20
85.113.72.0/21
109.72.160.0/20
147.161.16.0/22
185.36.212.0/22
185.135.134.0/23
185.154.16.0/22
IPv6:
2a00:f0a0::/29
Signature Algorithm: sha256WithRSAEncryption
0a:fc:80:49:51:d2:46:30:12:f7:26:21:ca:9d:a4:49:60:14:
64:3e:f2:da:46:30:1e:ff:bb:e7:2e:5d:3d:c1:0c:c8:48:f1:
ab:3f:a4:de:2f:59:4e:0a:fd:b2:20:df:de:de:f3:45:bf:aa:
60:39:18:d6:5e:ca:0d:34:83:3a:1a:8a:8e:0c:71:70:a8:fd:
81:c5:17:91:f3:46:e2:be:d9:c0:19:bd:b6:76:29:82:7d:03:
a3:6e:31:49:f4:f0:d9:c3:5e:13:eb:79:0b:5b:8d:4b:99:20:
f4:28:1a:48:52:89:57:c6:4e:b4:2a:d9:14:62:9f:9e:76:58:
7f:7e:69:26:93:6c:e8:93:fd:2f:c1:55:17:fe:6e:67:76:57:
f6:4d:df:e0:af:94:7e:1a:a1:db:b8:4f:49:0d:a5:75:a9:d1:
7e:98:69:a0:d8:7c:a5:f6:90:b0:1b:92:b0:4c:eb:f8:0f:fd:
25:e9:e9:b7:ca:03:55:b7:cf:1a:52:72:a0:5d:7f:d9:09:df:
ef:b9:b1:8d:9c:47:06:67:0a:3e:78:2e:50:32:92:82:c3:69:
01:09:7a:0e:7d:89:57:20:a6:c5:f1:13:1f:57:f7:ac:87:25:
a8:1c:4c:4c:28:b3:a8:17:3a:34:e7:5a:6f:1d:a9:b0:60:e4:
2f:3e:86:6a
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAYzDSJsWVX1ZrUGlbnRvo+osMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMzYTljN2JkZjJiODJlMzQzZWM0MjY2N2Q2ZWVkZTRiODA2
MTBjODQwHhcNMjQwMTAxMDQyOTI0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzQ1ZjZmOWU2M2MwNjZlYzc5M2YwYTI0ZDFlZGRiY2U2NTNjNjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0+JAUzIOmu4WykgTwJOMJHJ8DCzQ
dMcUvGNuG7mlCDvcLAXprO0PsnW3a05Si/8Fr+Nx9HL5ABl5U9+/XKFtsUlY5xJa
0HmxBzIKyRJcWl67cCyuaK08lVg1nc4PeXvYV1Lj6kvFVEjO318V6uOQ+kQ5PvoS
SWXBiP6KLs39zndQbzMO19QuFLc0X1RdwKN1/445v4SfLrmodCOgYUqls3j5dpyw
tKdZoiereME813/4KvFOYnsfp+8cY2qV1Zy8B/afpgPZuLfFCu/CupI8y2kY1TQG
zYPkxqbeBNxmD10IiGEGauTdlA1xAvNTJJb4Lc+uHBMSTAFBlz7HzHwW0QIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFKxF9vnmPAZux5Pwok0e3bzmU8YFMB8GA1UdIwQY
MBaAFDOpx73yuC40PsQmZ9bu3kuAYQyEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTTZuSHZmSzRMalEteENabjF1N2VTNEJoRElRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMC8yZjY1OTUtZDNkMS00M2VhLWE0YTMt
YWIzYjdjM2U4MjE1LzEvckVYMi1lWThCbTdIa19DaVRSN2R2T1pUeGdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMC8yZjY1OTUtZDNkMS00M2VhLWE0YTMtYWIzYjdjM2U4MjE1
LzEvTTZuSHZmSzRMalEteENabjF1N2VTNEJoRElRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQEPvEgAwQD
VXFIAwQEbUigAwQCk6EQAwQCuSTUAwQBuYeGAwQCuZoQMA0EAgACMAcDBQMqAPCg
MA0GCSqGSIb3DQEBCwUAA4IBAQAK/IBJUdJGMBL3JiHKnaRJYBRkPvLaRjAe/7vn
Ll09wQzISPGrP6TeL1lOCv2yIN/e3vNFv6pgORjWXsoNNIM6GoqODHFwqP2BxReR
80bivtnAGb22dimCfQOjbjFJ9PDZw14T63kLW41LmSD0KBpIUolXxk60KtkUYp+e
dlh/fmkmk2zok/0vwVUX/m5ndlf2Td/gr5R+GqHbuE9JDaV1qdF+mGmg2Hyl9pCw
G5KwTOv4D/0l6em3ygNVt88aUnKgXX/ZCd/vubGNnEcGZwo+eC5QMpKCw2kBCXoO
fYlXIKbF8RMfV/eshyWoHExMKLOoFzo051pvHamwYOQvPoZq
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:55:00 2024 by rpki-client on console-fra.rpki-client.org