Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/2ioC9qLnmCv_izZDaQMBnP1DeWk.roa
File: 2ioC9qLnmCv_izZDaQMBnP1DeWk.roa (raw, json)
Hash identifier: IiQ2i70Zk1GkM6tabpwi5/SwibcbjGsWqgHpstpehjM=
Subject key identifier: DA:2A:02:F6:A2:E7:98:2B:FF:8B:36:43:69:03:01:9C:FD:43:79:69
Certificate issuer: /CN=d81cf1aac21aa5823b019de91aeeec23e3e526db
Certificate serial: 018EFA2D71B734704A6E22967A46DE9520AF
Authority key identifier: D8:1C:F1:AA:C2:1A:A5:82:3B:01:9D:E9:1A:EE:EC:23:E3:E5:26:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2BzxqsIapYI7AZ3pGu7sI-PlJts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/2ioC9qLnmCv_izZDaQMBnP1DeWk.roa
Signing time: Sat 20 Apr 2024 06:24:25 +0000
ROA not before: Sat 20 Apr 2024 06:24:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 204027
IP address blocks: 195.43.60.0/22 maxlen: 22
195.43.60.0/24 maxlen: 24
2001:678:f0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/2BzxqsIapYI7AZ3pGu7sI-PlJts.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/2BzxqsIapYI7AZ3pGu7sI-PlJts.mft
rsync://rpki.ripe.net/repository/DEFAULT/2BzxqsIapYI7AZ3pGu7sI-PlJts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 20:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:fa:2d:71:b7:34:70:4a:6e:22:96:7a:46:de:95:20:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d81cf1aac21aa5823b019de91aeeec23e3e526db
Validity
Not Before: Apr 20 06:24:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da2a02f6a2e7982bff8b36436903019cfd437969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:79:52:c4:17:96:1a:64:75:5f:75:7d:e2:5d:
26:1c:71:10:bf:66:01:37:c5:29:f0:a9:74:22:27:
eb:c9:9e:29:7d:ab:3a:3c:fc:1e:00:fb:23:b5:39:
88:6f:b6:2b:7c:fc:f8:c6:cf:09:d8:ed:a6:24:a8:
31:69:13:53:b3:0e:d3:8d:a7:d1:da:49:8b:7e:ad:
55:c4:ba:10:6f:c4:5e:33:2b:fe:e0:48:1f:15:43:
2a:8c:d0:ef:22:87:87:6a:4d:4b:d3:a0:3a:2f:28:
6c:36:c1:3b:af:e6:ff:0a:92:32:28:f0:62:d8:c3:
ba:84:14:2c:87:96:3d:4e:69:cd:4d:db:3b:3c:e3:
dd:73:27:f0:08:53:9a:78:78:c4:e2:03:5e:da:b4:
ed:bb:09:2d:76:e5:10:e6:98:f2:0d:c8:dc:08:62:
98:eb:1d:30:08:9e:86:1e:46:3f:7d:41:f8:c5:61:
7b:cb:5a:88:06:55:61:eb:f8:0d:48:ce:e2:c2:4d:
67:87:99:4f:a6:17:ce:77:4d:a3:24:f8:a1:6d:27:
c0:72:6e:84:63:e2:c8:81:1a:c0:2c:71:d2:5b:ca:
0b:59:cb:c5:3c:51:55:d9:01:c7:0d:29:30:6b:84:
79:85:9e:fc:e0:36:bc:e1:f4:1a:7c:2a:e3:f4:74:
df:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:2A:02:F6:A2:E7:98:2B:FF:8B:36:43:69:03:01:9C:FD:43:79:69
X509v3 Authority Key Identifier:
keyid:D8:1C:F1:AA:C2:1A:A5:82:3B:01:9D:E9:1A:EE:EC:23:E3:E5:26:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2BzxqsIapYI7AZ3pGu7sI-PlJts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/2ioC9qLnmCv_izZDaQMBnP1DeWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/b8a6a4-f7ea-4afe-b60f-9c0de3652738/1/2BzxqsIapYI7AZ3pGu7sI-PlJts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.43.60.0/22
IPv6:
2001:678:f0::/48
Signature Algorithm: sha256WithRSAEncryption
36:ca:5e:24:95:98:8d:53:a4:26:c2:2a:0a:f5:fa:99:ff:cb:
da:9d:0c:09:8c:80:67:22:66:e2:21:a6:23:d0:1f:42:42:c9:
eb:79:f0:c5:be:4e:0c:aa:13:39:f8:63:0a:0c:1e:9b:ed:dd:
07:4f:c1:bc:73:78:9c:a7:53:0e:49:63:91:68:01:fe:3b:3d:
8c:4f:77:ce:be:ad:90:23:2c:ff:78:a4:00:5f:ee:d0:1b:75:
8b:a9:69:c0:6a:56:b6:52:09:bd:4f:bf:7e:ec:c4:57:fd:12:
83:a0:5a:74:4d:d8:95:9c:12:c8:bd:06:83:e7:8c:d4:4a:31:
b2:bd:da:d6:2b:fa:c1:44:39:43:d7:33:14:15:02:45:7b:59:
54:3c:3f:a8:85:4a:dc:9e:99:3a:39:3f:fd:51:1c:c7:37:75:
1d:bf:5c:0f:6f:78:b0:ff:de:46:26:42:2c:26:aa:b3:80:b1:
21:17:79:8b:7b:94:82:c5:75:ab:3a:50:25:9d:46:9c:49:9a:
df:02:a6:a0:f7:0a:bb:7f:54:02:90:33:c8:5d:0b:6f:1f:d3:
08:cf:e9:9f:d6:6a:d8:37:98:71:bd:4d:18:dd:2a:ec:92:70:
f4:2f:0a:d6:c9:3a:b0:70:3b:37:1d:4a:90:73:f3:17:91:f5:
53:36:22:03
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAY76LXG3NHBKbiKWekbelSCvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MWNmMWFhYzIxYWE1ODIzYjAxOWRlOTFhZWVlYzIzZTNl
NTI2ZGIwHhcNMjQwNDIwMDYyNDI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTJhMDJmNmEyZTc5ODJiZmY4YjM2NDM2OTAzMDE5Y2ZkNDM3OTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3lSxBeWGmR1X3V94l0mHHEQv2YB
N8Up8Kl0IifryZ4pfas6PPweAPsjtTmIb7YrfPz4xs8J2O2mJKgxaRNTsw7TjafR
2kmLfq1VxLoQb8ReMyv+4EgfFUMqjNDvIoeHak1L06A6LyhsNsE7r+b/CpIyKPBi
2MO6hBQsh5Y9TmnNTds7POPdcyfwCFOaeHjE4gNe2rTtuwktduUQ5pjyDcjcCGKY
6x0wCJ6GHkY/fUH4xWF7y1qIBlVh6/gNSM7iwk1nh5lPphfOd02jJPihbSfAcm6E
Y+LIgRrALHHSW8oLWcvFPFFV2QHHDSkwa4R5hZ784Da84fQafCrj9HTflQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNoqAvai55gr/4s2Q2kDAZz9Q3lpMB8GA1UdIwQY
MBaAFNgc8arCGqWCOwGd6Rru7CPj5SbbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkJ6eHFzSWFwWUk3QVozcEd1N3NJLVBsSnRzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi9iOGE2YTQtZjdlYS00YWZlLWI2MGYt
OWMwZGUzNjUyNzM4LzEvMmlvQzlxTG5tQ3ZfaXpaRGFRTUJuUDFEZVdrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi9iOGE2YTQtZjdlYS00YWZlLWI2MGYtOWMwZGUzNjUyNzM4
LzEvMkJ6eHFzSWFwWUk3QVozcEd1N3NJLVBsSnRzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQCwys8MA8E
AgACMAkDBwAgAQZ4APAwDQYJKoZIhvcNAQELBQADggEBADbKXiSVmI1TpCbCKgr1
+pn/y9qdDAmMgGciZuIhpiPQH0JCyet58MW+TgyqEzn4YwoMHpvt3QdPwbxzeJyn
Uw5JY5FoAf47PYxPd86+rZAjLP94pABf7tAbdYupacBqVrZSCb1Pv37sxFf9EoOg
WnRN2JWcEsi9BoPnjNRKMbK92tYr+sFEOUPXMxQVAkV7WVQ8P6iFStyemTo5P/1R
HMc3dR2/XA9veLD/3kYmQiwmqrOAsSEXeYt7lILFdas6UCWdRpxJmt8CpqD3Crt/
VAKQM8hdC28f0wjP6Z/Watg3mHG9TRjdKuyScPQvCtbJOrBwOzcdSpBz8xeR9VM2
IgM=
-----END CERTIFICATE-----
Generated at Sun May 19 03:39:00 2024 by rpki-client on console-ams.rpki-client.org