Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/2JivFqU8vs236Bem9v1wC7OGcKY.roa
File: 2JivFqU8vs236Bem9v1wC7OGcKY.roa (raw, json)
Hash identifier: ExST8fpGQlV7QmyMS5i7EIH+le7R56/sx1u5fNWXmXo=
Subject key identifier: D8:98:AF:16:A5:3C:BE:CD:B7:E8:17:A6:F6:FD:70:0B:B3:86:70:A6
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 018CC649E777C8936D502ECCBD8CE0AEA821
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/2JivFqU8vs236Bem9v1wC7OGcKY.roa
Signing time: Mon 01 Jan 2024 18:29:41 +0000
ROA not before: Mon 01 Jan 2024 18:29:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199898
IP address blocks: 217.79.38.0/24 maxlen: 24
92.247.164.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 05:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:49:e7:77:c8:93:6d:50:2e:cc:bd:8c:e0:ae:a8:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jan 1 18:29:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d898af16a53cbecdb7e817a6f6fd700bb38670a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:2d:7e:00:41:c0:d2:90:fb:d3:4f:e7:4f:2d:
10:72:53:f6:43:1c:bd:a4:9d:ea:d5:a8:19:47:e0:
8b:05:6e:1e:bc:4b:72:3e:b1:bc:59:ed:e4:b3:f1:
ad:5b:a4:80:54:94:5c:1c:c7:8c:3f:4d:8c:af:e6:
e3:75:4b:ae:95:82:30:f5:ee:ec:e8:2a:48:73:e4:
97:d8:0d:48:2e:c9:2c:e9:9e:38:04:01:ad:bf:ab:
2d:4b:e6:0c:53:af:5f:18:f4:34:1a:2a:95:87:25:
01:2a:ec:7a:83:0d:53:42:f9:68:a2:f7:33:f3:24:
c3:f9:09:3b:aa:32:de:3b:6a:d5:f5:4f:2e:32:70:
aa:0c:66:fe:ab:70:ba:63:6c:1a:28:19:e8:95:87:
15:63:5c:c0:dd:40:7d:72:e1:84:d5:b1:ec:ec:5f:
38:4c:1b:5d:a7:4d:df:65:5d:76:63:a2:9c:96:09:
cc:0e:d4:e9:89:71:e3:0c:0f:61:82:6b:ac:41:5d:
a7:fe:af:77:2e:ea:2e:c2:a9:4d:5b:07:a6:88:a9:
09:93:b4:a1:2a:c5:59:c3:46:af:3e:dd:63:72:05:
35:82:ce:3a:33:0d:da:3d:57:e4:32:ba:bd:33:dd:
76:b7:1f:46:a8:42:0e:8f:be:b2:8a:63:f7:e6:ed:
f1:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:98:AF:16:A5:3C:BE:CD:B7:E8:17:A6:F6:FD:70:0B:B3:86:70:A6
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/2JivFqU8vs236Bem9v1wC7OGcKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.247.164.0/22
217.79.38.0/24
Signature Algorithm: sha256WithRSAEncryption
85:53:79:1c:0f:d6:22:65:e4:a3:57:f7:a9:7e:29:fa:a3:15:
2c:cf:75:48:f4:be:80:2d:9c:f8:ad:ed:9a:ef:d5:85:73:d1:
4a:49:e4:98:f0:f8:d9:19:aa:68:bf:ff:21:55:30:aa:a6:b5:
ff:01:e0:27:24:7b:61:5b:ae:37:cb:b1:00:27:fb:fa:c6:5b:
06:96:05:c7:43:2c:f3:0f:93:92:b8:cc:55:18:9e:1f:2a:4a:
53:1c:65:af:20:12:9b:46:84:74:3f:0d:33:fe:64:61:9f:e2:
40:e8:ee:3b:44:20:ed:2f:8e:b7:ce:39:1a:15:d6:1a:f7:88:
0d:80:f1:b3:23:f2:de:0f:06:ca:af:51:61:0e:ff:ea:f9:0c:
c9:ef:75:91:85:b8:04:2c:57:73:3e:d6:68:aa:e3:07:0a:1d:
5a:ce:27:e1:83:5f:f4:07:13:88:7e:1a:3d:78:df:4c:70:da:
3b:8f:88:64:3f:5f:26:63:e0:43:a5:32:96:52:d8:a1:c9:73:
ac:2a:09:b6:b7:d9:49:43:28:82:37:b1:ad:d7:28:00:e9:85:
71:fa:7e:0e:02:2e:22:6a:01:64:0a:30:ba:6d:7c:e1:cb:35:
d5:52:6e:ce:a3:47:c9:4e:ea:c6:f7:05:20:0d:88:38:63:12:
b4:96:98:b7
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGSed3yJNtUC7MvYzgrqghMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjQwMTAxMTgyOTQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODk4YWYxNmE1M2NiZWNkYjdlODE3YTZmNmZkNzAwYmIzODY3MGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAji1+AEHA0pD700/nTy0QclP2Qxy9
pJ3q1agZR+CLBW4evEtyPrG8We3ks/GtW6SAVJRcHMeMP02Mr+bjdUuulYIw9e7s
6CpIc+SX2A1ILsks6Z44BAGtv6stS+YMU69fGPQ0GiqVhyUBKux6gw1TQvloovcz
8yTD+Qk7qjLeO2rV9U8uMnCqDGb+q3C6Y2waKBnolYcVY1zA3UB9cuGE1bHs7F84
TBtdp03fZV12Y6KclgnMDtTpiXHjDA9hgmusQV2n/q93LuouwqlNWwemiKkJk7Sh
KsVZw0avPt1jcgU1gs46Mw3aPVfkMrq9M912tx9GqEIOj76yimP35u3x3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNiYrxalPL7Nt+gXpvb9cAuzhnCmMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvMkppdkZxVTh2czIzNkJlbTl2MXdDN09HY0tZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCXPekAwQA
2U8mMA0GCSqGSIb3DQEBCwUAA4IBAQCFU3kcD9YiZeSjV/epfin6oxUsz3VI9L6A
LZz4re2a79WFc9FKSeSY8PjZGapov/8hVTCqprX/AeAnJHthW643y7EAJ/v6xlsG
lgXHQyzzD5OSuMxVGJ4fKkpTHGWvIBKbRoR0Pw0z/mRhn+JA6O47RCDtL463zjka
FdYa94gNgPGzI/LeDwbKr1FhDv/q+QzJ73WRhbgELFdzPtZoquMHCh1azifhg1/0
BxOIfho9eN9McNo7j4hkP18mY+BDpTKWUtihyXOsKgm2t9lJQyiCN7Gt1ygA6YVx
+n4OAi4iagFkCjC6bXzhyzXVUm7Oo0fJTurG9wUgDYg4YxK0lpi3
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:31:49 2024 by rpki-client on console-ams.rpki-client.org