Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/2NDnerg2KkV4P4YRjntZ210DM-w.roa
File: 2NDnerg2KkV4P4YRjntZ210DM-w.roa (raw, json)
Hash identifier: f/H3X8FWRxs5Y8SXriQUuBROl4bRuyY2pxqpcg8CNLA=
Subject key identifier: D8:D0:E7:7A:B8:36:2A:45:78:3F:86:11:8E:7B:59:DB:5D:03:33:EC
Certificate issuer: /CN=3183785916cd98d7c770d685145499a8a0a15722
Certificate serial: 018EEF52D1FBB7203AE40D80666338AA07CA
Authority key identifier: 31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/2NDnerg2KkV4P4YRjntZ210DM-w.roa
Signing time: Thu 18 Apr 2024 03:49:26 +0000
ROA not before: Thu 18 Apr 2024 03:49:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34304
IP address blocks: 80.96.99.0/24 maxlen: 24
81.180.172.0/23 maxlen: 23
81.180.252.0/23 maxlen: 23
85.121.18.0/23 maxlen: 23
194.102.217.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:ef:52:d1:fb:b7:20:3a:e4:0d:80:66:63:38:aa:07:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3183785916cd98d7c770d685145499a8a0a15722
Validity
Not Before: Apr 18 03:49:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8d0e77ab8362a45783f86118e7b59db5d0333ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:bd:42:47:7b:8b:40:0e:59:d2:a4:16:ec:7a:
d5:cf:d5:6a:82:d6:83:48:cb:69:60:96:0c:7e:d2:
f6:3d:4c:b9:fa:ff:24:d9:6c:a7:73:50:d8:d9:3a:
0e:ee:28:76:7b:42:72:c9:9c:45:f8:11:4c:3e:db:
ad:ca:75:f1:4d:91:0e:5b:47:a6:e8:7b:74:ec:b4:
32:0e:ff:58:7a:95:da:48:d9:3a:96:3c:73:72:01:
a6:11:0c:42:fd:61:1f:1d:ad:4f:14:94:43:b0:a1:
8e:25:77:1a:2b:a7:e6:34:b8:8d:37:19:02:4e:a5:
26:cd:ef:c9:ac:dc:76:d9:bd:9f:6a:8f:7a:50:74:
55:76:c3:34:7e:0e:c5:d3:a4:78:63:30:dd:df:18:
62:f1:05:e2:0c:19:47:e3:5b:e6:53:0d:ef:0e:0a:
52:9a:2f:19:48:9b:48:d6:8f:d5:6f:86:d7:fa:f9:
2f:7c:b6:9a:6d:9d:57:5e:d2:6e:98:ac:79:86:70:
f8:b4:9f:23:72:55:5e:18:43:d4:0e:90:ed:c5:94:
5c:25:49:4b:c8:98:a7:c0:a5:31:e3:f5:90:e1:b2:
96:e4:4b:2c:db:e8:8e:ba:02:4b:b3:9f:17:0f:0f:
40:12:b2:b5:a7:b9:c0:15:40:8e:1a:0d:b7:51:4f:
b1:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:D0:E7:7A:B8:36:2A:45:78:3F:86:11:8E:7B:59:DB:5D:03:33:EC
X509v3 Authority Key Identifier:
keyid:31:83:78:59:16:CD:98:D7:C7:70:D6:85:14:54:99:A8:A0:A1:57:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MYN4WRbNmNfHcNaFFFSZqKChVyI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/2NDnerg2KkV4P4YRjntZ210DM-w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7193db-7f85-42bb-b09a-f52c47c225db/1/MYN4WRbNmNfHcNaFFFSZqKChVyI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.96.99.0/24
81.180.172.0/23
81.180.252.0/23
85.121.18.0/23
194.102.217.0/24
Signature Algorithm: sha256WithRSAEncryption
10:94:09:6e:55:be:c1:a4:3e:8b:73:05:28:f1:8b:84:3f:b2:
65:ed:5d:89:68:ea:5a:5b:b5:0e:42:9e:a9:74:a0:98:cf:e7:
31:b1:6c:23:20:ee:48:eb:76:88:38:6b:e7:3f:91:d6:61:64:
23:b3:4f:8f:7d:50:be:cf:77:d2:ed:24:6b:e2:c5:bf:35:8a:
c9:33:5d:d1:38:e0:b0:06:43:c1:e0:3c:db:e8:d3:6a:8b:65:
25:df:c8:c4:c9:ee:6a:e2:ab:d9:e1:05:03:87:4e:38:65:77:
5a:85:52:d2:e2:57:d9:11:6d:07:a0:e5:45:90:8d:35:00:28:
cd:98:fc:9f:c4:49:b3:e4:d5:23:eb:6a:b8:13:95:b9:98:c7:
56:b0:fe:b3:60:7c:cf:99:67:02:10:c7:71:07:1b:ec:89:62:
60:3d:a0:86:84:e8:b3:f7:bd:6a:2e:20:6c:a0:1a:cc:45:fb:
98:e2:d5:32:25:92:f0:db:53:60:6e:53:9b:01:eb:77:ae:3e:
ba:b0:05:f8:98:81:2a:33:22:74:ea:51:59:3a:a3:21:6f:2c:
b5:68:73:fa:19:8c:b8:f0:62:db:b4:25:dd:e4:bd:d1:33:4e:
36:be:a6:98:5e:a0:06:60:1d:39:e5:ee:47:86:45:32:53:0c:
9c:84:18:91
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7vUtH7tyA65A2AZmM4qgfKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMxODM3ODU5MTZjZDk4ZDdjNzcwZDY4NTE0NTQ5OWE4YTBh
MTU3MjIwHhcNMjQwNDE4MDM0OTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGQwZTc3YWI4MzYyYTQ1NzgzZjg2MTE4ZTdiNTlkYjVkMDMzM2VjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnr1CR3uLQA5Z0qQW7HrVz9VqgtaD
SMtpYJYMftL2PUy5+v8k2Wync1DY2ToO7ih2e0JyyZxF+BFMPtutynXxTZEOW0em
6Ht07LQyDv9YepXaSNk6ljxzcgGmEQxC/WEfHa1PFJRDsKGOJXcaK6fmNLiNNxkC
TqUmze/JrNx22b2fao96UHRVdsM0fg7F06R4YzDd3xhi8QXiDBlH41vmUw3vDgpS
mi8ZSJtI1o/Vb4bX+vkvfLaabZ1XXtJumKx5hnD4tJ8jclVeGEPUDpDtxZRcJUlL
yJinwKUx4/WQ4bKW5Ess2+iOugJLs58XDw9AErK1p7nAFUCOGg23UU+xQQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNjQ53q4NipFeD+GEY57WdtdAzPsMB8GA1UdIwQY
MBaAFDGDeFkWzZjXx3DWhRRUmaigoVciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEt
ZjUyYzQ3YzIyNWRiLzEvMk5EbmVyZzJLa1Y0UDRZUmpudFoyMTBETS13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83MTkzZGItN2Y4NS00MmJiLWIwOWEtZjUyYzQ3YzIyNWRi
LzEvTVlONFdSYk5tTmZIY05hRkZGU1pxS0NoVnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAUGBjAwQB
UbSsAwQBUbT8AwQBVXkSAwQAwmbZMA0GCSqGSIb3DQEBCwUAA4IBAQAQlAluVb7B
pD6LcwUo8YuEP7Jl7V2JaOpaW7UOQp6pdKCYz+cxsWwjIO5I63aIOGvnP5HWYWQj
s0+PfVC+z3fS7SRr4sW/NYrJM13ROOCwBkPB4Dzb6NNqi2Ul38jEye5q4qvZ4QUD
h044ZXdahVLS4lfZEW0HoOVFkI01ACjNmPyfxEmz5NUj62q4E5W5mMdWsP6zYHzP
mWcCEMdxBxvsiWJgPaCGhOiz971qLiBsoBrMRfuY4tUyJZLw21NgblObAet3rj66
sAX4mIEqMyJ06lFZOqMhbyy1aHP6GYy48GLbtCXd5L3RM042vqaYXqAGYB055e5H
hkUyUwychBiR
-----END CERTIFICATE-----
Generated at Mon May 20 17:28:50 2024 by rpki-client on console-fra.rpki-client.org