Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/2Gwn02oXwH8oQR2zFfAwI330hOc.roa
File: 2Gwn02oXwH8oQR2zFfAwI330hOc.roa (raw, json)
Hash identifier: zO4+mJGBnNlJtttPa2oGHe1kGXI6C/Y7/QpJiPwyXUg=
Subject key identifier: D8:6C:27:D3:6A:17:C0:7F:28:41:1D:B3:15:F0:30:23:7D:F4:84:E7
Certificate issuer: /CN=2af5e4866ba09820124a6e511104fc41fa541995
Certificate serial: 018CC9BCB7E161B6DA9D93D6E6FE827629A0
Authority key identifier: 2A:F5:E4:86:6B:A0:98:20:12:4A:6E:51:11:04:FC:41:FA:54:19:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KvXkhmugmCASSm5REQT8QfpUGZU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/2Gwn02oXwH8oQR2zFfAwI330hOc.roa
Signing time: Tue 02 Jan 2024 10:33:57 +0000
ROA not before: Tue 02 Jan 2024 10:33:57 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24631
IP address blocks: 185.110.238.0/24 maxlen: 24
185.110.237.0/24 maxlen: 24
185.110.239.0/24 maxlen: 24
185.110.236.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/KvXkhmugmCASSm5REQT8QfpUGZU.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/KvXkhmugmCASSm5REQT8QfpUGZU.mft
rsync://rpki.ripe.net/repository/DEFAULT/KvXkhmugmCASSm5REQT8QfpUGZU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bc:b7:e1:61:b6:da:9d:93:d6:e6:fe:82:76:29:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2af5e4866ba09820124a6e511104fc41fa541995
Validity
Not Before: Jan 2 10:33:57 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d86c27d36a17c07f28411db315f030237df484e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a1:93:35:da:b4:fe:fa:a8:f2:61:0d:d3:93:
fb:92:99:5e:d3:d9:a6:26:4c:3a:a9:d9:67:db:17:
ee:44:33:c4:6f:20:c2:95:82:7b:a4:3b:36:0c:19:
05:55:06:dc:24:d8:e3:b4:9a:3b:1d:0f:24:89:cf:
44:80:94:09:4d:08:6f:0b:7a:be:fa:96:0b:2e:61:
62:21:49:e3:b3:6d:ec:22:90:a4:5a:6f:ea:01:71:
d9:ca:72:cc:58:db:35:a5:a6:d8:d0:17:d8:dc:08:
68:5e:18:e4:85:0d:57:fb:61:e9:72:8e:88:93:59:
39:a5:78:16:a8:0b:98:fc:1a:67:33:3c:22:fb:04:
27:de:26:96:88:ec:ac:a1:95:0b:51:05:d9:97:04:
be:c2:e5:ea:66:13:1f:6e:02:0f:c4:94:57:e9:a0:
cb:c8:fc:2c:bb:18:fa:c3:b6:13:2b:4e:5a:3d:e2:
7d:c6:98:36:01:04:82:e7:10:01:43:9c:00:bf:ef:
58:15:3b:ff:f0:ad:12:91:fa:36:3e:b5:a5:cd:28:
99:6b:c2:0b:3c:e7:3e:3b:e9:65:85:b3:23:bc:58:
f9:4b:79:91:e4:db:e5:c7:3c:e8:aa:35:36:63:48:
23:72:e7:1e:62:ab:4d:71:8d:0d:56:9e:5e:0c:30:
33:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:6C:27:D3:6A:17:C0:7F:28:41:1D:B3:15:F0:30:23:7D:F4:84:E7
X509v3 Authority Key Identifier:
keyid:2A:F5:E4:86:6B:A0:98:20:12:4A:6E:51:11:04:FC:41:FA:54:19:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KvXkhmugmCASSm5REQT8QfpUGZU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/2Gwn02oXwH8oQR2zFfAwI330hOc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/252761-019a-4de5-957d-c320e50a3c79/1/KvXkhmugmCASSm5REQT8QfpUGZU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.110.236.0/22
Signature Algorithm: sha256WithRSAEncryption
9a:96:46:db:a5:ff:41:e2:cf:60:aa:b0:85:ee:76:9b:dd:7f:
bd:cf:5f:bc:45:33:aa:1e:13:48:05:6d:1e:75:9b:d6:98:bb:
f1:7d:65:8a:23:35:52:48:d2:f9:0d:18:5d:b7:9d:15:57:de:
3e:e4:8f:fa:b9:f1:04:3c:6e:b4:40:7a:11:65:cb:b7:e3:42:
62:67:af:c7:eb:68:71:29:df:20:3f:05:0f:10:00:24:35:d4:
91:43:59:32:da:23:3a:f6:6d:da:69:55:45:86:36:2f:b8:ac:
d3:1f:fc:fd:a6:e1:6f:c4:a8:43:69:eb:52:2c:a3:26:ed:e0:
b8:ae:53:d8:71:90:75:c2:4c:23:34:a0:15:a4:b6:66:72:c1:
88:d1:2c:78:96:f7:4d:36:16:58:79:7a:40:a4:34:ce:03:53:
da:7c:08:a7:3c:83:13:fa:a3:51:7f:d7:b3:d5:0b:0d:26:68:
22:68:73:19:08:7b:6c:56:f2:2c:c4:eb:29:39:de:cb:5f:f5:
ca:19:a4:f4:2f:50:52:ad:d2:b3:46:d6:05:9a:e8:44:06:15:
d7:6a:0f:e0:94:8d:56:c4:ef:1c:f4:1c:04:17:fd:29:44:b0:
b7:a1:8f:59:e9:da:bf:19:a4:72:46:ec:bd:a1:56:2b:de:d2:
8a:bd:5c:61
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJvLfhYbbanZPW5v6CdimgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhZjVlNDg2NmJhMDk4MjAxMjRhNmU1MTExMDRmYzQxZmE1
NDE5OTUwHhcNMjQwMTAyMTAzMzU3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODZjMjdkMzZhMTdjMDdmMjg0MTFkYjMxNWYwMzAyMzdkZjQ4NGU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6GTNdq0/vqo8mEN05P7kple09mm
Jkw6qdln2xfuRDPEbyDClYJ7pDs2DBkFVQbcJNjjtJo7HQ8kic9EgJQJTQhvC3q+
+pYLLmFiIUnjs23sIpCkWm/qAXHZynLMWNs1pabY0BfY3AhoXhjkhQ1X+2Hpco6I
k1k5pXgWqAuY/BpnMzwi+wQn3iaWiOysoZULUQXZlwS+wuXqZhMfbgIPxJRX6aDL
yPwsuxj6w7YTK05aPeJ9xpg2AQSC5xABQ5wAv+9YFTv/8K0Skfo2PrWlzSiZa8IL
POc+O+llhbMjvFj5S3mR5NvlxzzoqjU2Y0gjcuceYqtNcY0NVp5eDDAzzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNhsJ9NqF8B/KEEdsxXwMCN99ITnMB8GA1UdIwQY
MBaAFCr15IZroJggEkpuUREE/EH6VBmVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3ZYa2htdWdtQ0FTU201UkVRVDhRZnBVR1pVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8yNTI3NjEtMDE5YS00ZGU1LTk1N2Qt
YzMyMGU1MGEzYzc5LzEvMkd3bjAyb1h3SDhvUVIyekZmQXdJMzMwaE9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8yNTI3NjEtMDE5YS00ZGU1LTk1N2QtYzMyMGU1MGEzYzc5
LzEvS3ZYa2htdWdtQ0FTU201UkVRVDhRZnBVR1pVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuW7sMA0G
CSqGSIb3DQEBCwUAA4IBAQCalkbbpf9B4s9gqrCF7nab3X+9z1+8RTOqHhNIBW0e
dZvWmLvxfWWKIzVSSNL5DRhdt50VV94+5I/6ufEEPG60QHoRZcu340JiZ6/H62hx
Kd8gPwUPEAAkNdSRQ1ky2iM69m3aaVVFhjYvuKzTH/z9puFvxKhDaetSLKMm7eC4
rlPYcZB1wkwjNKAVpLZmcsGI0Sx4lvdNNhZYeXpApDTOA1PafAinPIMT+qNRf9ez
1QsNJmgiaHMZCHtsVvIsxOspOd7LX/XKGaT0L1BSrdKzRtYFmuhEBhXXag/glI1W
xO8c9BwEF/0pRLC3oY9Z6dq/GaRyRuy9oVYr3tKKvVxh
-----END CERTIFICATE-----
Generated at Sat Nov 23 03:13:11 2024 by rpki-client on console-fra.rpki-client.org