Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/9d8b82-47ae-4e12-9a4d-782fe7092010/1/2sNpepc9j_s0UJfPGZNgRjgtufE.roa
File: 2sNpepc9j_s0UJfPGZNgRjgtufE.roa (raw, json)
Hash identifier: fIelJ6d1GRXIcOw716qQyA9ns7lG9sZ+Gb0R7Koqb5s=
Subject key identifier: DA:C3:69:7A:97:3D:8F:FB:34:50:97:CF:19:93:60:46:38:2D:B9:F1
Certificate issuer: /CN=abf587571c0c698458c385b15d60c7f08c70b6fe
Certificate serial: 018CC94D9F012B388DCD12DA07D6E55E4673
Authority key identifier: AB:F5:87:57:1C:0C:69:84:58:C3:85:B1:5D:60:C7:F0:8C:70:B6:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/q_WHVxwMaYRYw4WxXWDH8Ixwtv4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/9d8b82-47ae-4e12-9a4d-782fe7092010/1/2sNpepc9j_s0UJfPGZNgRjgtufE.roa
Signing time: Tue 02 Jan 2024 08:32:36 +0000
ROA not before: Tue 02 Jan 2024 08:32:36 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200984
IP address blocks: 2.58.184.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/9d8b82-47ae-4e12-9a4d-782fe7092010/1/q_WHVxwMaYRYw4WxXWDH8Ixwtv4.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/9d8b82-47ae-4e12-9a4d-782fe7092010/1/q_WHVxwMaYRYw4WxXWDH8Ixwtv4.mft
rsync://rpki.ripe.net/repository/DEFAULT/q_WHVxwMaYRYw4WxXWDH8Ixwtv4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 09:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:9f:01:2b:38:8d:cd:12:da:07:d6:e5:5e:46:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=abf587571c0c698458c385b15d60c7f08c70b6fe
Validity
Not Before: Jan 2 08:32:36 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dac3697a973d8ffb345097cf19936046382db9f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:36:b5:c7:c0:56:e9:7a:b2:0e:b7:8e:29:f6:
46:fc:f7:5d:d4:21:f0:c4:ce:7c:6b:61:f1:ac:e6:
33:e1:d0:19:0c:78:ba:c9:4b:68:73:02:20:d6:dc:
93:40:3d:73:42:56:9a:3c:3e:ca:7e:0b:f5:1d:03:
85:59:67:df:61:bb:c7:4a:24:02:bd:7c:bc:d4:40:
b6:96:52:16:c8:95:c4:b7:e0:81:6a:0a:b6:39:b9:
59:77:bd:2d:03:46:b6:17:b7:36:de:00:5d:15:0e:
14:ff:bc:e3:f7:6f:e4:84:e7:fc:0b:e7:5a:34:b2:
24:36:f4:1f:49:36:3f:02:42:dd:64:a4:a5:32:67:
57:de:16:be:48:cd:6d:77:a7:f6:9e:83:73:fe:61:
4f:6c:83:79:29:33:82:ab:44:f9:65:51:5d:00:f8:
02:14:78:42:d2:42:53:41:c9:bf:d2:0e:0e:d1:5a:
73:41:1b:a2:a5:d8:7b:bb:52:4a:c7:04:be:7b:9e:
e1:6c:f5:fc:e7:f4:25:0c:86:eb:1d:09:da:40:da:
a0:f8:61:89:e7:03:78:0b:34:30:2a:92:22:7b:62:
df:97:2e:9b:97:40:98:b4:be:a8:f3:50:95:df:41:
92:1b:ca:d3:e6:91:a4:19:71:ce:ff:b6:d2:f4:fe:
2f:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:C3:69:7A:97:3D:8F:FB:34:50:97:CF:19:93:60:46:38:2D:B9:F1
X509v3 Authority Key Identifier:
keyid:AB:F5:87:57:1C:0C:69:84:58:C3:85:B1:5D:60:C7:F0:8C:70:B6:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/q_WHVxwMaYRYw4WxXWDH8Ixwtv4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/9d8b82-47ae-4e12-9a4d-782fe7092010/1/2sNpepc9j_s0UJfPGZNgRjgtufE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/9d8b82-47ae-4e12-9a4d-782fe7092010/1/q_WHVxwMaYRYw4WxXWDH8Ixwtv4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.184.0/22
Signature Algorithm: sha256WithRSAEncryption
88:bb:50:4b:46:ad:e6:54:2c:6c:42:b3:99:9e:3d:81:06:ec:
28:56:b7:1a:86:2d:40:b8:57:cb:77:20:be:06:df:fe:9c:ec:
4c:0c:5d:17:5e:cb:aa:43:d2:f2:8b:84:bd:c9:c0:6c:4f:e4:
4f:69:c2:44:33:5e:dc:3e:ff:ae:f7:5f:0a:2c:76:f5:ac:fa:
4f:f0:0a:b5:5a:13:3c:39:30:90:33:48:d7:63:fb:71:67:67:
54:2c:7d:ab:e1:d4:57:3b:76:64:f1:08:ad:90:df:47:6b:3c:
35:ea:1c:6b:fd:1d:be:ee:0c:52:c3:ca:f9:65:bb:d2:5e:6a:
32:60:50:b6:3a:e3:9f:63:5b:41:b3:42:71:dd:ea:41:1e:a7:
f2:3b:1d:49:64:92:e1:d8:f4:15:8b:10:12:9e:41:79:98:77:
66:08:08:c6:a8:09:44:25:2e:43:12:95:b3:75:f0:af:13:2a:
84:1b:a8:af:cd:18:0d:7c:98:28:2b:b8:4a:98:b3:4c:ec:5f:
39:aa:94:df:17:54:71:70:69:3f:b0:96:eb:0f:80:00:81:98:
70:a5:85:27:ef:32:cd:f1:3d:95:91:b5:ce:fe:19:9c:b2:94:
01:6f:5f:da:53:48:8f:06:b8:d2:48:0e:a4:25:42:e5:d1:0e:
50:7d:89:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTZ8BKziNzRLaB9blXkZzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiZjU4NzU3MWMwYzY5ODQ1OGMzODViMTVkNjBjN2YwOGM3
MGI2ZmUwHhcNMjQwMTAyMDgzMjM2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWMzNjk3YTk3M2Q4ZmZiMzQ1MDk3Y2YxOTkzNjA0NjM4MmRiOWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ja1x8BW6XqyDreOKfZG/Pdd1CHw
xM58a2HxrOYz4dAZDHi6yUtocwIg1tyTQD1zQlaaPD7Kfgv1HQOFWWffYbvHSiQC
vXy81EC2llIWyJXEt+CBagq2OblZd70tA0a2F7c23gBdFQ4U/7zj92/khOf8C+da
NLIkNvQfSTY/AkLdZKSlMmdX3ha+SM1td6f2noNz/mFPbIN5KTOCq0T5ZVFdAPgC
FHhC0kJTQcm/0g4O0VpzQRuipdh7u1JKxwS+e57hbPX85/QlDIbrHQnaQNqg+GGJ
5wN4CzQwKpIie2Lfly6bl0CYtL6o81CV30GSG8rT5pGkGXHO/7bS9P4vEwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNrDaXqXPY/7NFCXzxmTYEY4LbnxMB8GA1UdIwQY
MBaAFKv1h1ccDGmEWMOFsV1gx/CMcLb+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcV9XSFZ4d01hWVJZdzRXeFhXREg4SXh3dHY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi85ZDhiODItNDdhZS00ZTEyLTlhNGQt
NzgyZmU3MDkyMDEwLzEvMnNOcGVwYzlqX3MwVUpmUEdaTmdSamd0dWZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi85ZDhiODItNDdhZS00ZTEyLTlhNGQtNzgyZmU3MDkyMDEw
LzEvcV9XSFZ4d01hWVJZdzRXeFhXREg4SXh3dHY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCAjq4MA0G
CSqGSIb3DQEBCwUAA4IBAQCIu1BLRq3mVCxsQrOZnj2BBuwoVrcahi1AuFfLdyC+
Bt/+nOxMDF0XXsuqQ9Lyi4S9ycBsT+RPacJEM17cPv+u918KLHb1rPpP8Aq1WhM8
OTCQM0jXY/txZ2dULH2r4dRXO3Zk8QitkN9Hazw16hxr/R2+7gxSw8r5ZbvSXmoy
YFC2OuOfY1tBs0Jx3epBHqfyOx1JZJLh2PQVixASnkF5mHdmCAjGqAlEJS5DEpWz
dfCvEyqEG6ivzRgNfJgoK7hKmLNM7F85qpTfF1RxcGk/sJbrD4AAgZhwpYUn7zLN
8T2VkbXO/hmcspQBb1/aU0iPBrjSSA6kJULl0Q5QfYlX
-----END CERTIFICATE-----
Generated at Sat Nov 23 17:10:05 2024 by rpki-client on console-ams.rpki-client.org