Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/2eCK8sr3j7DjFolUaroLGXID-X8.roa
File: 2eCK8sr3j7DjFolUaroLGXID-X8.roa (raw, json)
Hash identifier: WZpY+KhFQcu7Tvg/tHkGOhcJ8JWuaDrFWNEl3JWPLlw=
Subject key identifier: D9:E0:8A:F2:CA:F7:8F:B0:E3:16:89:54:6A:BA:0B:19:72:03:F9:7F
Certificate issuer: /CN=cd626bbb7b69eec9f6790b03705545b892fa2e8a
Certificate serial: 0192AE5100AAB2B2EEBAFE1DEA46A5B251B8
Authority key identifier: CD:62:6B:BB:7B:69:EE:C9:F6:79:0B:03:70:55:45:B8:92:FA:2E:8A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zWJru3tp7sn2eQsDcFVFuJL6Loo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/2eCK8sr3j7DjFolUaroLGXID-X8.roa
Signing time: Mon 21 Oct 2024 09:03:16 +0000
ROA not before: Mon 21 Oct 2024 09:03:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 48500
IP address blocks: 37.99.224.0/20 maxlen: 20
37.99.240.0/21 maxlen: 21
94.230.64.0/21 maxlen: 21
109.104.224.0/21 maxlen: 21
134.90.224.0/20 maxlen: 20
185.46.100.0/22 maxlen: 22
217.196.128.0/21 maxlen: 21
217.196.140.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/zWJru3tp7sn2eQsDcFVFuJL6Loo.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/zWJru3tp7sn2eQsDcFVFuJL6Loo.mft
rsync://rpki.ripe.net/repository/DEFAULT/zWJru3tp7sn2eQsDcFVFuJL6Loo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 21:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:ae:51:00:aa:b2:b2:ee:ba:fe:1d:ea:46:a5:b2:51:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd626bbb7b69eec9f6790b03705545b892fa2e8a
Validity
Not Before: Oct 21 09:03:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9e08af2caf78fb0e31689546aba0b197203f97f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:3e:f1:6c:29:78:d8:1f:48:c0:4d:ac:8a:c4:
b7:59:3c:10:a1:dc:cb:7e:56:44:34:53:c9:63:21:
1f:b1:5b:8e:22:a7:3e:9e:f7:48:0f:c0:14:24:cd:
e0:c5:00:27:bf:e4:04:28:db:9d:ff:6c:ba:ce:a3:
fa:6d:11:6c:4f:eb:a6:13:c3:0c:52:8b:a7:5e:1d:
1e:07:af:f6:7f:d9:cb:b9:cc:c7:84:a0:60:66:f5:
4f:65:82:38:b9:db:e0:54:8b:72:aa:09:1f:bc:47:
73:21:90:f4:dd:65:cb:50:44:54:a7:35:a3:81:28:
f8:ab:4f:23:a7:7f:33:98:1b:f8:0d:0a:56:45:5b:
5a:bb:1b:db:d1:24:18:70:d3:03:ff:e3:d9:18:90:
8f:5f:c0:ff:f1:e1:b1:7a:d2:a4:01:87:fb:f3:0f:
5a:71:e5:b8:ed:d5:a6:c6:6e:b4:17:e8:69:31:43:
8d:4d:b9:7a:89:4e:c0:4b:f2:f7:c3:a3:38:7d:a5:
c1:2f:10:71:e2:83:97:ac:12:17:af:00:52:3f:a6:
f2:cc:2f:63:fa:4a:3b:ac:a7:9d:49:16:2b:cc:57:
90:86:ae:5f:bb:e7:26:60:b8:20:91:4e:c3:c6:72:
92:ee:ca:cd:a8:9a:24:90:a1:ab:92:9d:e0:e9:9a:
38:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E0:8A:F2:CA:F7:8F:B0:E3:16:89:54:6A:BA:0B:19:72:03:F9:7F
X509v3 Authority Key Identifier:
keyid:CD:62:6B:BB:7B:69:EE:C9:F6:79:0B:03:70:55:45:B8:92:FA:2E:8A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zWJru3tp7sn2eQsDcFVFuJL6Loo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/2eCK8sr3j7DjFolUaroLGXID-X8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/2b37df-8ffe-41e5-ac07-c0f89ad36bca/1/zWJru3tp7sn2eQsDcFVFuJL6Loo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.99.224.0-37.99.247.255
94.230.64.0/21
109.104.224.0/21
134.90.224.0/20
185.46.100.0/22
217.196.128.0/21
217.196.140.0/23
Signature Algorithm: sha256WithRSAEncryption
9b:47:49:af:97:5a:bf:f2:82:51:a7:94:60:15:13:94:23:19:
b1:85:37:78:5f:93:cf:da:a2:94:ba:b8:ad:ec:06:a9:66:a5:
31:e3:92:a0:d3:cf:35:ff:74:1f:d4:d7:83:55:30:02:80:81:
f3:a5:a8:6c:61:fa:a2:67:28:db:46:ca:b2:91:87:50:cc:01:
88:75:b6:0e:a7:7f:92:a8:fa:63:4d:79:cd:c3:60:76:ab:72:
cc:f8:94:75:35:9c:1c:1d:39:bd:a9:a3:c3:50:cc:d7:2a:64:
e7:8e:c6:d8:03:f6:55:ae:0a:2d:55:9c:47:d6:83:b6:72:02:
7f:45:12:5d:cd:fc:3a:38:9c:be:b8:70:2c:a0:2b:28:d1:2d:
1d:c9:24:b3:37:52:67:87:03:cc:16:6b:4d:0f:ce:f9:99:26:
5a:64:91:b3:a9:49:92:a1:d8:ce:44:4c:26:16:89:ed:5c:1b:
d4:73:da:11:77:c4:2d:69:c1:01:d4:5c:d6:9e:6f:1e:7f:69:
7c:4d:bf:ce:5c:3e:3b:4f:cd:34:f2:67:08:cd:22:e9:99:e9:
0e:ba:59:1d:46:9d:16:9d:5b:5b:ec:b0:01:ad:8e:e9:84:d8:
1b:72:10:cf:90:2d:99:e1:73:34:28:98:10:35:2a:45:54:aa:
96:89:5e:38
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZKuUQCqsrLuuv4d6kalslG4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkNjI2YmJiN2I2OWVlYzlmNjc5MGIwMzcwNTU0NWI4OTJm
YTJlOGEwHhcNMjQxMDIxMDkwMzE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWUwOGFmMmNhZjc4ZmIwZTMxNjg5NTQ2YWJhMGIxOTcyMDNmOTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtT7xbCl42B9IwE2sisS3WTwQodzL
flZENFPJYyEfsVuOIqc+nvdID8AUJM3gxQAnv+QEKNud/2y6zqP6bRFsT+umE8MM
UounXh0eB6/2f9nLuczHhKBgZvVPZYI4udvgVItyqgkfvEdzIZD03WXLUERUpzWj
gSj4q08jp38zmBv4DQpWRVtauxvb0SQYcNMD/+PZGJCPX8D/8eGxetKkAYf78w9a
ceW47dWmxm60F+hpMUONTbl6iU7AS/L3w6M4faXBLxBx4oOXrBIXrwBSP6byzC9j
+ko7rKedSRYrzFeQhq5fu+cmYLggkU7DxnKS7srNqJokkKGrkp3g6Zo4qQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFNngivLK94+w4xaJVGq6CxlyA/l/MB8GA1UdIwQY
MBaAFM1ia7t7ae7J9nkLA3BVRbiS+i6KMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveldKcnUzdHA3c24yZVFzRGNGVkZ1Skw2TG9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8yYjM3ZGYtOGZmZS00MWU1LWFjMDct
YzBmODlhZDM2YmNhLzEvMmVDSzhzcjNqN0RqRm9sVWFyb0xHWElELVg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8yYjM3ZGYtOGZmZS00MWU1LWFjMDctYzBmODlhZDM2YmNh
LzEveldKcnUzdHA3c24yZVFzRGNGVkZ1Skw2TG9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyMAwDBAUlY+AD
BAMlY/ADBANe5kADBANtaOADBASGWuADBAK5LmQDBAPZxIADBAHZxIwwDQYJKoZI
hvcNAQELBQADggEBAJtHSa+XWr/yglGnlGAVE5QjGbGFN3hfk8/aopS6uK3sBqlm
pTHjkqDTzzX/dB/U14NVMAKAgfOlqGxh+qJnKNtGyrKRh1DMAYh1tg6nf5Ko+mNN
ec3DYHarcsz4lHU1nBwdOb2po8NQzNcqZOeOxtgD9lWuCi1VnEfWg7ZyAn9FEl3N
/Do4nL64cCygKyjRLR3JJLM3UmeHA8wWa00PzvmZJlpkkbOpSZKh2M5ETCYWie1c
G9Rz2hF3xC1pwQHUXNaebx5/aXxNv85cPjtPzTTyZwjNIumZ6Q66WR1GnRadW1vs
sAGtjumE2BtyEM+QLZnhczQomBA1KkVUqpaJXjg=
-----END CERTIFICATE-----
Generated at Sat Nov 23 01:59:48 2024 by rpki-client on console-ams.rpki-client.org