Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/87aa3d-ca5e-4513-aa9e-e6ee5834c995/1/2zOjSO0CJh3GW9hAKIHlDJnnHHI.roa
File: 2zOjSO0CJh3GW9hAKIHlDJnnHHI.roa (raw, json)
Hash identifier: 4MnNYkcgBCCk/gXV0Yj+ZUjDjAzpOlipkQGbZ2gDmJU=
Subject key identifier: DB:33:A3:48:ED:02:26:1D:C6:5B:D8:40:28:81:E5:0C:99:E7:1C:72
Certificate issuer: /CN=622276db9d9b34cdec2620c7257dc5ad4aeb832d
Certificate serial: 018E2F8BF528C3AC4F3DDDC0E0D204361F66
Authority key identifier: 62:22:76:DB:9D:9B:34:CD:EC:26:20:C7:25:7D:C5:AD:4A:EB:83:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YiJ2252bNM3sJiDHJX3FrUrrgy0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/87aa3d-ca5e-4513-aa9e-e6ee5834c995/1/2zOjSO0CJh3GW9hAKIHlDJnnHHI.roa
Signing time: Mon 11 Mar 2024 22:04:45 +0000
ROA not before: Mon 11 Mar 2024 22:04:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 397735
IP address blocks: 45.142.248.0/24 maxlen: 24
45.142.249.0/24 maxlen: 24
45.142.250.0/24 maxlen: 24
45.142.251.0/24 maxlen: 24
193.53.2.0/24 maxlen: 24
193.53.5.0/24 maxlen: 24
193.53.7.0/24 maxlen: 24
193.53.12.0/24 maxlen: 24
2a0e:dd40::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/87aa3d-ca5e-4513-aa9e-e6ee5834c995/1/YiJ2252bNM3sJiDHJX3FrUrrgy0.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/87aa3d-ca5e-4513-aa9e-e6ee5834c995/1/YiJ2252bNM3sJiDHJX3FrUrrgy0.mft
rsync://rpki.ripe.net/repository/DEFAULT/YiJ2252bNM3sJiDHJX3FrUrrgy0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2f:8b:f5:28:c3:ac:4f:3d:dd:c0:e0:d2:04:36:1f:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=622276db9d9b34cdec2620c7257dc5ad4aeb832d
Validity
Not Before: Mar 11 22:04:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db33a348ed02261dc65bd8402881e50c99e71c72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:7d:95:83:32:99:d3:5a:8d:18:80:e8:83:df:
c3:cb:94:eb:b3:1c:80:96:f1:30:10:68:0c:91:61:
cb:a4:0f:f2:cb:02:76:b1:ef:3d:4f:19:fb:b7:e4:
32:b8:ee:9d:55:d2:c5:c6:41:43:64:6e:44:27:14:
36:e0:6b:aa:5a:f4:52:d7:46:79:9f:08:b1:bf:03:
0b:2c:01:62:28:32:69:09:f4:2a:bb:de:0f:1b:00:
a3:e3:12:d3:83:d6:3c:c8:eb:53:fb:af:06:27:be:
5f:81:36:a2:e9:cf:b0:b0:55:6f:5c:56:3e:c3:a7:
ad:58:02:42:c6:2d:ce:56:c9:c7:78:d3:4a:ea:51:
a8:ce:3b:21:7e:94:73:e4:86:2c:75:b9:33:3d:90:
bd:23:c8:19:bf:08:e9:97:93:22:aa:41:57:aa:63:
6c:04:b6:52:d6:b7:eb:fb:dc:f2:f9:34:c5:9c:c8:
97:fc:41:42:a4:52:40:83:af:19:5f:c4:47:e0:40:
f7:c3:90:fc:dd:37:1b:b4:68:ac:0e:f1:24:6d:3c:
aa:f6:57:1c:88:43:b0:08:7e:6e:9b:c3:00:14:80:
4c:5f:9a:21:f3:39:dc:45:e1:1c:6d:57:42:fd:9e:
0c:d2:ec:a4:fb:ca:d2:7f:a1:84:5d:1e:0f:52:cb:
0c:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:33:A3:48:ED:02:26:1D:C6:5B:D8:40:28:81:E5:0C:99:E7:1C:72
X509v3 Authority Key Identifier:
keyid:62:22:76:DB:9D:9B:34:CD:EC:26:20:C7:25:7D:C5:AD:4A:EB:83:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YiJ2252bNM3sJiDHJX3FrUrrgy0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/87aa3d-ca5e-4513-aa9e-e6ee5834c995/1/2zOjSO0CJh3GW9hAKIHlDJnnHHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/87aa3d-ca5e-4513-aa9e-e6ee5834c995/1/YiJ2252bNM3sJiDHJX3FrUrrgy0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.142.248.0/22
193.53.2.0/24
193.53.5.0/24
193.53.7.0/24
193.53.12.0/24
IPv6:
2a0e:dd40::/32
Signature Algorithm: sha256WithRSAEncryption
36:1a:c4:a0:48:ac:bf:33:ae:f5:cb:9e:d9:89:c5:f4:24:87:
3d:79:9d:69:da:ec:3e:a8:a0:7c:72:91:51:7b:42:30:ed:b3:
01:ed:ba:19:55:0c:9c:7c:d8:5a:da:e5:cc:3c:fc:9f:04:14:
8c:c3:07:b4:4a:ec:5e:47:da:fc:aa:db:94:34:d8:b8:b6:1a:
02:8b:94:95:76:63:5a:b7:9f:52:b7:04:40:06:8d:6d:43:c7:
35:1f:d8:cf:fc:aa:de:70:17:81:84:26:e7:98:93:d2:31:90:
54:a0:eb:9d:bc:c7:74:26:cf:7d:73:db:d2:50:bd:cd:0a:ae:
72:8f:0b:f5:0d:a8:70:d1:1c:7e:75:f5:c3:03:ff:9b:01:98:
94:18:7d:7a:8a:0a:57:a9:c4:a5:1e:31:64:c2:20:91:df:aa:
b9:76:78:5b:24:5e:73:3d:b8:9e:09:38:b3:76:c8:c1:1d:18:
fc:82:a2:df:79:66:2f:fe:cd:f6:96:d7:70:a1:46:3c:60:02:
cc:c1:d0:ea:99:4e:4e:47:f4:fe:9c:10:a4:b5:1a:b8:ea:2c:
90:25:2e:9f:c0:90:08:d2:32:ad:85:3b:e1:3a:ea:60:61:5c:
d0:ee:e5:f4:53:fb:bf:0b:8a:a5:fc:bb:1a:95:b1:c2:44:7e:
8e:de:68:28
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAY4vi/Uow6xPPd3A4NIENh9mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyMjI3NmRiOWQ5YjM0Y2RlYzI2MjBjNzI1N2RjNWFkNGFl
YjgzMmQwHhcNMjQwMzExMjIwNDQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjMzYTM0OGVkMDIyNjFkYzY1YmQ4NDAyODgxZTUwYzk5ZTcxYzcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo32VgzKZ01qNGIDog9/Dy5TrsxyA
lvEwEGgMkWHLpA/yywJ2se89Txn7t+QyuO6dVdLFxkFDZG5EJxQ24GuqWvRS10Z5
nwixvwMLLAFiKDJpCfQqu94PGwCj4xLTg9Y8yOtT+68GJ75fgTai6c+wsFVvXFY+
w6etWAJCxi3OVsnHeNNK6lGozjshfpRz5IYsdbkzPZC9I8gZvwjpl5MiqkFXqmNs
BLZS1rfr+9zy+TTFnMiX/EFCpFJAg68ZX8RH4ED3w5D83TcbtGisDvEkbTyq9lcc
iEOwCH5um8MAFIBMX5oh8zncReEcbVdC/Z4M0uyk+8rSf6GEXR4PUssMMwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFNszo0jtAiYdxlvYQCiB5QyZ5xxyMB8GA1UdIwQY
MBaAFGIidtudmzTN7CYgxyV9xa1K64MtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWlKMjI1MmJOTTNzSmlESEpYM0ZyVXJyZ3kwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC84N2FhM2QtY2E1ZS00NTEzLWFhOWUt
ZTZlZTU4MzRjOTk1LzEvMnpPalNPMENKaDNHVzloQUtJSGxESm5uSEhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC84N2FhM2QtY2E1ZS00NTEzLWFhOWUtZTZlZTU4MzRjOTk1
LzEvWWlKMjI1MmJOTTNzSmlESEpYM0ZyVXJyZ3kwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLY74AwQA
wTUCAwQAwTUFAwQAwTUHAwQAwTUMMA0EAgACMAcDBQAqDt1AMA0GCSqGSIb3DQEB
CwUAA4IBAQA2GsSgSKy/M671y57ZicX0JIc9eZ1p2uw+qKB8cpFRe0Iw7bMB7boZ
VQycfNha2uXMPPyfBBSMwwe0SuxeR9r8qtuUNNi4thoCi5SVdmNat59StwRABo1t
Q8c1H9jP/KrecBeBhCbnmJPSMZBUoOudvMd0Js99c9vSUL3NCq5yjwv1Dahw0Rx+
dfXDA/+bAZiUGH16igpXqcSlHjFkwiCR36q5dnhbJF5zPbieCTizdsjBHRj8gqLf
eWYv/s32ltdwoUY8YALMwdDqmU5OR/T+nBCktRq46iyQJS6fwJAI0jKthTvhOupg
YVzQ7uX0U/u/C4ql/LsalbHCRH6O3mgo
-----END CERTIFICATE-----
Generated at Mon Nov 25 11:21:58 2024 by rpki-client on console-fra.rpki-client.org