Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/2TxiObfcwEc_LzzaDiLNSLyYIV4.roa
File: 2TxiObfcwEc_LzzaDiLNSLyYIV4.roa (raw, json)
Hash identifier: j78XmRYtee2Gl/xK3f6Mvbk/RXfCx/oHEVkBy2Z+df8=
Subject key identifier: D9:3C:62:39:B7:DC:C0:47:3F:2F:3C:DA:0E:22:CD:48:BC:98:21:5E
Certificate issuer: /CN=42cde365d7d2b58506e4d4abf0c2ef7cd5e3b462
Certificate serial: 018CC8DFA8CAC10BBE5D0289B97303EE92E6
Authority key identifier: 42:CD:E3:65:D7:D2:B5:85:06:E4:D4:AB:F0:C2:EF:7C:D5:E3:B4:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qs3jZdfStYUG5NSr8MLvfNXjtGI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/2TxiObfcwEc_LzzaDiLNSLyYIV4.roa
Signing time: Tue 02 Jan 2024 06:32:30 +0000
ROA not before: Tue 02 Jan 2024 06:32:30 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30848
IP address blocks: 150.252.224.0/20 maxlen: 24
77.239.128.0/19 maxlen: 24
95.142.176.0/20 maxlen: 24
178.236.160.0/20 maxlen: 24
81.21.16.0/20 maxlen: 24
82.134.192.0/18 maxlen: 24
185.25.72.0/22 maxlen: 24
185.3.108.0/22 maxlen: 24
82.113.192.0/19 maxlen: 24
217.61.160.0/20 maxlen: 24
176.57.112.0/20 maxlen: 24
82.97.224.0/20 maxlen: 24
45.33.224.0/20 maxlen: 24
37.148.224.0/21 maxlen: 24
80.210.96.0/19 maxlen: 24
82.180.32.0/19 maxlen: 24
5.8.96.0/19 maxlen: 24
83.217.176.0/20 maxlen: 24
5.63.168.0/21 maxlen: 24
2a00:7ca0::/32 maxlen: 32
2a02:1630::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/Qs3jZdfStYUG5NSr8MLvfNXjtGI.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/Qs3jZdfStYUG5NSr8MLvfNXjtGI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qs3jZdfStYUG5NSr8MLvfNXjtGI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:a8:ca:c1:0b:be:5d:02:89:b9:73:03:ee:92:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42cde365d7d2b58506e4d4abf0c2ef7cd5e3b462
Validity
Not Before: Jan 2 06:32:30 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d93c6239b7dcc0473f2f3cda0e22cd48bc98215e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:14:63:f2:d4:56:99:cd:4e:70:45:89:5c:0b:
f0:a8:48:b3:93:4c:2f:ab:ff:24:57:03:70:3a:cd:
2c:08:e5:1b:2d:26:77:32:4b:0a:d5:df:bd:2e:24:
76:da:56:0b:9b:e7:65:ab:a5:08:13:db:8e:97:29:
63:4c:49:f3:c0:c9:16:e9:49:4c:86:b8:d8:1c:62:
35:b6:0e:e0:10:b1:d9:c4:7a:5e:17:e8:be:25:1c:
12:0f:5e:87:3e:49:65:31:c5:63:58:ca:ef:b1:19:
e6:68:47:5f:75:18:0b:f2:12:48:11:66:cf:d6:0b:
6a:8b:9e:fc:ab:46:c7:62:c1:5e:6b:89:29:f3:c8:
aa:22:a2:b9:94:7f:42:55:33:bd:e2:1d:31:c3:65:
a1:df:98:13:f3:b4:94:6f:90:1d:dd:e7:26:cc:bf:
7b:99:fc:8f:c5:cb:65:e6:7e:c9:25:ac:e0:85:55:
1e:7f:0b:af:bd:e1:e3:33:ab:46:7a:af:c7:c9:ab:
91:a5:e8:ac:7c:d6:2c:58:16:93:7a:a5:bf:98:96:
f1:5f:b5:a6:b9:ae:c1:b8:33:79:da:61:00:a4:e2:
69:8c:39:a0:cd:0d:b4:17:79:ed:96:e1:16:a2:6a:
72:57:d8:52:0d:aa:1d:a3:da:77:6f:e5:a0:41:01:
e1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:3C:62:39:B7:DC:C0:47:3F:2F:3C:DA:0E:22:CD:48:BC:98:21:5E
X509v3 Authority Key Identifier:
keyid:42:CD:E3:65:D7:D2:B5:85:06:E4:D4:AB:F0:C2:EF:7C:D5:E3:B4:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qs3jZdfStYUG5NSr8MLvfNXjtGI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/2TxiObfcwEc_LzzaDiLNSLyYIV4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/54018c-01e8-417f-856a-02e1bd6050e5/1/Qs3jZdfStYUG5NSr8MLvfNXjtGI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.96.0/19
5.63.168.0/21
37.148.224.0/21
45.33.224.0/20
77.239.128.0/19
80.210.96.0/19
81.21.16.0/20
82.97.224.0/20
82.113.192.0/19
82.134.192.0/18
82.180.32.0/19
83.217.176.0/20
95.142.176.0/20
150.252.224.0/20
176.57.112.0/20
178.236.160.0/20
185.3.108.0/22
185.25.72.0/22
217.61.160.0/20
IPv6:
2a00:7ca0::/32
2a02:1630::/32
Signature Algorithm: sha256WithRSAEncryption
25:82:95:85:3c:5c:e4:45:59:07:a7:c9:1f:0d:7a:24:ce:2c:
c0:48:17:fa:c0:92:0c:f7:a9:92:dc:c1:d0:d4:46:b2:06:3a:
61:23:70:77:0b:dd:ef:5e:be:f3:5c:94:67:95:f0:33:1a:dd:
6f:e7:80:b1:54:00:ec:14:6a:fb:95:16:2c:e1:d0:ec:00:02:
25:5f:5d:0a:07:8b:83:84:2e:0a:9e:c7:07:95:a2:73:dd:49:
c9:79:3c:07:b9:42:9a:ee:98:e6:ee:de:be:57:cc:00:ad:6b:
b7:fe:64:7f:81:12:c0:8b:17:d1:3c:88:1d:0c:02:2c:d7:b4:
ff:51:be:c9:b9:a3:d6:ee:9b:27:c1:44:a6:b4:62:1c:1d:84:
d7:88:ba:37:c3:eb:bc:4d:75:56:7d:6a:2c:c7:18:d5:55:a2:
72:36:51:0d:ea:a6:5b:bd:f0:9b:96:07:b2:41:bf:c8:94:1a:
ba:f2:56:73:c5:4f:39:c2:23:f6:8f:e9:f3:cc:7a:0c:f9:dd:
4e:1f:b5:b3:7c:b3:0f:54:b5:02:a5:e5:13:3d:d0:39:85:96:
cc:af:20:f3:53:24:4d:11:8e:31:fe:d2:dc:f1:da:f2:de:14:
42:c3:59:39:51:aa:3e:c2:5b:50:24:2f:ed:db:66:76:bc:c1:
42:bc:7f:df
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAYzI36jKwQu+XQKJuXMD7pLmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyY2RlMzY1ZDdkMmI1ODUwNmU0ZDRhYmYwYzJlZjdjZDVl
M2I0NjIwHhcNMjQwMTAyMDYzMjMwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTNjNjIzOWI3ZGNjMDQ3M2YyZjNjZGEwZTIyY2Q0OGJjOTgyMTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnxRj8tRWmc1OcEWJXAvwqEizk0wv
q/8kVwNwOs0sCOUbLSZ3MksK1d+9LiR22lYLm+dlq6UIE9uOlyljTEnzwMkW6UlM
hrjYHGI1tg7gELHZxHpeF+i+JRwSD16HPkllMcVjWMrvsRnmaEdfdRgL8hJIEWbP
1gtqi578q0bHYsFea4kp88iqIqK5lH9CVTO94h0xw2Wh35gT87SUb5Ad3ecmzL97
mfyPxctl5n7JJazghVUefwuvveHjM6tGeq/HyauRpeisfNYsWBaTeqW/mJbxX7Wm
ua7BuDN52mEApOJpjDmgzQ20F3ntluEWompyV9hSDaodo9p3b+WgQQHh4wIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFNk8Yjm33MBHPy882g4izUi8mCFeMB8GA1UdIwQY
MBaAFELN42XX0rWFBuTUq/DC73zV47RiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXMzalpkZlN0WVVHNU5TcjhNTHZmTlhqdEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC81NDAxOGMtMDFlOC00MTdmLTg1NmEt
MDJlMWJkNjA1MGU1LzEvMlR4aU9iZmN3RWNfTHp6YURpTE5TTHlZSVY0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC81NDAxOGMtMDFlOC00MTdmLTg1NmEtMDJlMWJkNjA1MGU1
LzEvUXMzalpkZlN0WVVHNU5TcjhNTHZmTlhqdEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDB4BAIAATByAwQFBQhg
AwQDBT+oAwQDJZTgAwQELSHgAwQFTe+AAwQFUNJgAwQEURUQAwQEUmHgAwQFUnHA
AwQGUobAAwQFUrQgAwQEU9mwAwQEX46wAwQElvzgAwQEsDlwAwQEsuygAwQCuQNs
AwQCuRlIAwQE2T2gMBQEAgACMA4DBQAqAHygAwUAKgIWMDANBgkqhkiG9w0BAQsF
AAOCAQEAJYKVhTxc5EVZB6fJHw16JM4swEgX+sCSDPepktzB0NRGsgY6YSNwdwvd
716+81yUZ5XwMxrdb+eAsVQA7BRq+5UWLOHQ7AACJV9dCgeLg4QuCp7HB5Wic91J
yXk8B7lCmu6Y5u7evlfMAK1rt/5kf4ESwIsX0TyIHQwCLNe0/1G+ybmj1u6bJ8FE
prRiHB2E14i6N8PrvE11Vn1qLMcY1VWicjZRDeqmW73wm5YHskG/yJQauvJWc8VP
OcIj9o/p88x6DPndTh+1s3yzD1S1AqXlEz3QOYWWzK8g81MkTRGOMf7S3PHa8t4U
QsNZOVGqPsJbUCQv7dtmdrzBQrx/3w==
-----END CERTIFICATE-----
Generated at Fri Nov 22 19:50:30 2024 by rpki-client on console-fra.rpki-client.org