Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/2cf8da-4b4e-44d1-8b10-08c06b768c2e/1/2RnI5w5LFav4opswaQmTfuPMDbk.roa
File: 2RnI5w5LFav4opswaQmTfuPMDbk.roa (raw, json)
Hash identifier: iBAVhxadqFTotnVUwg8yt/VoKXTmVcmvMmPwz4mhD6o=
Subject key identifier: D9:19:C8:E7:0E:4B:15:AB:F8:A2:9B:30:69:09:93:7E:E3:CC:0D:B9
Certificate issuer: /CN=259e952e448b82ff4578eceb6448e6fbfc6113e0
Certificate serial: 018CC3495E970C1D5699E7CD3EE785F5EA15
Authority key identifier: 25:9E:95:2E:44:8B:82:FF:45:78:EC:EB:64:48:E6:FB:FC:61:13:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JZ6VLkSLgv9FeOzrZEjm-_xhE-A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/2cf8da-4b4e-44d1-8b10-08c06b768c2e/1/2RnI5w5LFav4opswaQmTfuPMDbk.roa
Signing time: Mon 01 Jan 2024 04:30:14 +0000
ROA not before: Mon 01 Jan 2024 04:30:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 54600
IP address blocks: 85.209.40.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/2cf8da-4b4e-44d1-8b10-08c06b768c2e/1/JZ6VLkSLgv9FeOzrZEjm-_xhE-A.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/2cf8da-4b4e-44d1-8b10-08c06b768c2e/1/JZ6VLkSLgv9FeOzrZEjm-_xhE-A.mft
rsync://rpki.ripe.net/repository/DEFAULT/JZ6VLkSLgv9FeOzrZEjm-_xhE-A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 23:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:5e:97:0c:1d:56:99:e7:cd:3e:e7:85:f5:ea:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=259e952e448b82ff4578eceb6448e6fbfc6113e0
Validity
Not Before: Jan 1 04:30:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d919c8e70e4b15abf8a29b306909937ee3cc0db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:e5:1b:4c:33:76:7b:35:b7:6e:67:59:bd:9a:
41:08:ec:ed:d4:65:98:e1:a0:52:67:0a:72:14:ae:
95:e2:eb:a6:4b:2a:9f:6c:b1:c4:56:0e:ad:06:74:
00:c2:04:ac:85:22:f1:f6:80:e4:45:18:1f:fa:84:
0a:92:5b:d0:bd:b7:a1:f5:62:f4:f9:2c:c1:37:11:
24:fc:d9:f6:41:ac:33:2a:67:f4:fc:cd:db:47:e1:
1a:be:d7:4b:56:c1:8a:14:64:b2:39:20:1f:e7:cb:
31:ca:79:0d:4e:61:26:8e:61:86:4c:83:05:ed:c8:
31:2c:22:97:e3:e0:07:ea:83:f1:a2:6d:ea:46:86:
5f:cc:39:26:2f:8b:d1:6f:5d:03:ee:19:f4:f1:84:
da:be:1d:01:ba:60:89:43:29:96:94:b4:be:5a:f9:
64:91:72:23:93:c6:62:98:99:e5:7b:75:34:f5:13:
12:b0:5c:54:cc:c9:89:65:07:7f:49:49:16:1d:a5:
0f:ed:8e:c7:f5:2e:9f:7e:88:a6:fe:db:9f:ec:55:
2c:fb:a2:29:e3:3d:5b:21:e7:30:3a:eb:04:37:68:
80:e3:15:44:71:72:02:47:75:7a:af:c0:4a:ae:51:
29:32:ef:6a:25:f0:d2:dc:be:84:e4:66:f8:7f:95:
98:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:19:C8:E7:0E:4B:15:AB:F8:A2:9B:30:69:09:93:7E:E3:CC:0D:B9
X509v3 Authority Key Identifier:
keyid:25:9E:95:2E:44:8B:82:FF:45:78:EC:EB:64:48:E6:FB:FC:61:13:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JZ6VLkSLgv9FeOzrZEjm-_xhE-A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/2cf8da-4b4e-44d1-8b10-08c06b768c2e/1/2RnI5w5LFav4opswaQmTfuPMDbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/2cf8da-4b4e-44d1-8b10-08c06b768c2e/1/JZ6VLkSLgv9FeOzrZEjm-_xhE-A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.40.0/22
Signature Algorithm: sha256WithRSAEncryption
0d:3e:5d:36:ef:b8:ea:87:bd:7c:41:f9:07:30:dc:35:7a:31:
fa:ff:da:8e:15:5b:c6:18:8f:ae:4d:17:cb:23:08:23:66:a1:
05:13:20:4a:1f:2c:a2:77:e5:37:18:00:1f:25:dc:0e:56:41:
44:e1:a6:4f:d9:6b:b4:81:73:fa:fd:d0:09:d2:ef:ec:52:b1:
a9:be:9a:07:c0:d0:26:5e:fd:cb:c8:d8:59:90:45:5c:ef:83:
c2:6b:28:b2:4a:02:bb:4f:95:9f:35:d7:f6:9b:6a:ef:66:fc:
6e:83:59:5f:2e:6d:9d:3f:eb:ca:33:57:a6:ad:96:fc:b8:ca:
38:90:71:d6:88:32:5c:e7:03:f9:58:22:3c:9d:61:97:ce:38:
84:8b:38:e6:21:01:74:0b:68:db:86:cf:51:50:3a:94:33:f6:
19:34:31:df:00:4d:24:1b:38:db:24:34:f1:9f:79:20:2f:8e:
48:d1:ca:2a:02:70:88:b9:c9:3b:97:83:63:64:b8:e3:94:1f:
88:3b:aa:ed:08:1c:e9:29:35:2e:e5:25:7c:c5:00:05:9d:b7:
2c:6a:96:de:8b:4b:f7:3c:9f:28:15:b1:28:44:f8:dc:12:70:
c4:4f:39:ea:de:8a:e8:d8:58:47:85:e8:fe:44:7c:10:23:70:
d5:fa:e8:44
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzDSV6XDB1WmefNPueF9eoVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI1OWU5NTJlNDQ4YjgyZmY0NTc4ZWNlYjY0NDhlNmZiZmM2
MTEzZTAwHhcNMjQwMTAxMDQzMDE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTE5YzhlNzBlNGIxNWFiZjhhMjliMzA2OTA5OTM3ZWUzY2MwZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAheUbTDN2ezW3bmdZvZpBCOzt1GWY
4aBSZwpyFK6V4uumSyqfbLHEVg6tBnQAwgSshSLx9oDkRRgf+oQKklvQvbeh9WL0
+SzBNxEk/Nn2QawzKmf0/M3bR+EavtdLVsGKFGSyOSAf58sxynkNTmEmjmGGTIMF
7cgxLCKX4+AH6oPxom3qRoZfzDkmL4vRb10D7hn08YTavh0BumCJQymWlLS+Wvlk
kXIjk8ZimJnle3U09RMSsFxUzMmJZQd/SUkWHaUP7Y7H9S6ffoim/tuf7FUs+6Ip
4z1bIecwOusEN2iA4xVEcXICR3V6r8BKrlEpMu9qJfDS3L6E5Gb4f5WYYwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNkZyOcOSxWr+KKbMGkJk37jzA25MB8GA1UdIwQY
MBaAFCWelS5Ei4L/RXjs62RI5vv8YRPgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlo2VkxrU0xndjlGZU96clpFam0tX3hoRS1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS8yY2Y4ZGEtNGI0ZS00NGQxLThiMTAt
MDhjMDZiNzY4YzJlLzEvMlJuSTV3NUxGYXY0b3Bzd2FRbVRmdVBNRGJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS8yY2Y4ZGEtNGI0ZS00NGQxLThiMTAtMDhjMDZiNzY4YzJl
LzEvSlo2VkxrU0xndjlGZU96clpFam0tX3hoRS1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCVdEoMA0G
CSqGSIb3DQEBCwUAA4IBAQANPl0277jqh718QfkHMNw1ejH6/9qOFVvGGI+uTRfL
IwgjZqEFEyBKHyyid+U3GAAfJdwOVkFE4aZP2Wu0gXP6/dAJ0u/sUrGpvpoHwNAm
Xv3LyNhZkEVc74PCayiySgK7T5WfNdf2m2rvZvxug1lfLm2dP+vKM1emrZb8uMo4
kHHWiDJc5wP5WCI8nWGXzjiEizjmIQF0C2jbhs9RUDqUM/YZNDHfAE0kGzjbJDTx
n3kgL45I0coqAnCIuck7l4NjZLjjlB+IO6rtCBzpKTUu5SV8xQAFnbcsapbei0v3
PJ8oFbEoRPjcEnDETznq3oro2FhHhej+RHwQI3DV+uhE
-----END CERTIFICATE-----
Generated at Thu May 2 06:17:11 2024 by rpki-client on console-fra.rpki-client.org