Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/24/9f50e1-3ec4-46dc-b4f7-874234ed1e5e/1/2ppTdRNJ6ym0BB6B4rGFecjufqY.roa
File: 2ppTdRNJ6ym0BB6B4rGFecjufqY.roa (raw, json)
Hash identifier: Jc7/JQ3V4A+G/V43ZoSCeXNNq1RJ52tpxqDUfMBiozc=
Subject key identifier: DA:9A:53:75:13:49:EB:29:B4:04:1E:81:E2:B1:85:79:C8:EE:7E:A6
Certificate issuer: /CN=3af1507fda4e704828c7e03caf626456aafc5b1a
Certificate serial: 018CC6B7ABD68ADB97FB7A7EADC143A9ADCB
Authority key identifier: 3A:F1:50:7F:DA:4E:70:48:28:C7:E0:3C:AF:62:64:56:AA:FC:5B:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OvFQf9pOcEgox-A8r2JkVqr8Wxo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/24/9f50e1-3ec4-46dc-b4f7-874234ed1e5e/1/2ppTdRNJ6ym0BB6B4rGFecjufqY.roa
Signing time: Mon 01 Jan 2024 20:29:34 +0000
ROA not before: Mon 01 Jan 2024 20:29:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 199536
IP address blocks: 185.148.100.0/22 maxlen: 22
2a0f:57c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/24/9f50e1-3ec4-46dc-b4f7-874234ed1e5e/1/OvFQf9pOcEgox-A8r2JkVqr8Wxo.crl
rsync://rpki.ripe.net/repository/DEFAULT/24/9f50e1-3ec4-46dc-b4f7-874234ed1e5e/1/OvFQf9pOcEgox-A8r2JkVqr8Wxo.mft
rsync://rpki.ripe.net/repository/DEFAULT/OvFQf9pOcEgox-A8r2JkVqr8Wxo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:ab:d6:8a:db:97:fb:7a:7e:ad:c1:43:a9:ad:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3af1507fda4e704828c7e03caf626456aafc5b1a
Validity
Not Before: Jan 1 20:29:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da9a53751349eb29b4041e81e2b18579c8ee7ea6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:58:86:57:af:60:d2:9c:3c:b6:bb:bd:84:d7:
c8:ce:23:e5:de:30:54:3c:1e:3d:a4:c3:85:bd:14:
14:a6:11:2e:ce:49:4a:62:6c:c0:94:b2:ba:7b:6f:
22:73:c4:3d:a4:e8:68:6f:a5:36:2a:4f:cb:c0:c9:
d3:68:9d:e0:54:60:92:2c:2f:09:53:bb:99:70:8b:
7c:4a:02:32:3a:2f:7b:d5:b7:e6:68:8b:bd:3c:78:
4e:0b:aa:30:d6:6f:0a:9e:f9:9a:3c:b7:72:b8:74:
03:31:bb:d3:0d:f4:6b:d7:fc:6b:c7:17:ef:dd:6a:
f6:5e:97:4a:db:dd:f8:d1:77:3a:40:0f:b2:cd:3a:
ca:92:13:bc:28:9f:75:da:de:04:fa:fe:3d:fe:2a:
e7:cf:54:2d:ae:b3:b9:20:81:f4:29:98:51:3a:37:
ea:bc:09:43:60:15:11:ad:33:d7:28:1e:5e:24:d5:
35:69:36:ec:aa:c4:06:ce:c8:96:07:23:ba:b1:9b:
85:34:53:19:a1:0d:2c:26:59:95:5e:19:6f:39:64:
da:5f:cc:83:43:ca:85:f3:43:e5:1b:cb:a4:91:1b:
a8:8f:a0:26:3b:e3:63:03:a2:b8:07:c0:4d:59:42:
fa:e9:6b:09:e7:4a:25:30:bc:58:8d:17:a7:d0:6f:
56:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:9A:53:75:13:49:EB:29:B4:04:1E:81:E2:B1:85:79:C8:EE:7E:A6
X509v3 Authority Key Identifier:
keyid:3A:F1:50:7F:DA:4E:70:48:28:C7:E0:3C:AF:62:64:56:AA:FC:5B:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OvFQf9pOcEgox-A8r2JkVqr8Wxo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9f50e1-3ec4-46dc-b4f7-874234ed1e5e/1/2ppTdRNJ6ym0BB6B4rGFecjufqY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/24/9f50e1-3ec4-46dc-b4f7-874234ed1e5e/1/OvFQf9pOcEgox-A8r2JkVqr8Wxo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.148.100.0/22
IPv6:
2a0f:57c0::/32
Signature Algorithm: sha256WithRSAEncryption
1c:c0:9b:22:c4:89:77:06:f6:58:9a:f7:e3:6e:f4:f8:40:4b:
56:8e:a9:84:24:b6:b6:d0:4e:fa:72:3b:68:be:4a:4d:6b:f7:
8c:59:fd:1c:e9:00:01:95:8f:7f:0b:d8:8f:5e:a0:1f:09:36:
0b:f5:26:22:42:15:3f:b2:31:c2:d9:67:c9:70:96:b0:21:9a:
7f:a4:c6:e4:b0:d1:70:32:b1:a7:bc:f4:4b:d3:dc:cf:c5:8f:
b6:dc:31:c6:81:89:39:a6:81:34:fe:59:4a:c9:80:fb:a4:20:
49:9a:9d:f9:8b:65:54:7e:08:3c:a5:68:a6:21:5c:3e:9d:a6:
31:f3:59:2b:dc:03:77:eb:d9:c3:46:a4:97:97:c9:16:74:a5:
58:4e:eb:46:ae:fd:5f:eb:4e:a3:4b:b8:79:4e:a6:19:a8:c4:
65:cb:fe:99:28:2f:f2:da:ac:27:b1:cb:e4:24:5f:90:67:e9:
10:1c:c7:74:88:22:a6:70:0d:be:09:a3:7d:8d:23:b5:5a:48:
5e:9d:79:2b:36:95:68:15:c9:e3:a4:aa:b8:a6:17:c8:ab:08:
72:43:37:18:d2:24:3e:6d:1e:66:b7:21:83:42:cd:26:c6:36:
23:ed:f5:b9:e5:f9:bc:c0:87:be:b1:5b:89:14:7c:46:7e:42:
b9:50:b6:41
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzGt6vWituX+3p+rcFDqa3LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhZjE1MDdmZGE0ZTcwNDgyOGM3ZTAzY2FmNjI2NDU2YWFm
YzViMWEwHhcNMjQwMTAxMjAyOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTlhNTM3NTEzNDllYjI5YjQwNDFlODFlMmIxODU3OWM4ZWU3ZWE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzFiGV69g0pw8tru9hNfIziPl3jBU
PB49pMOFvRQUphEuzklKYmzAlLK6e28ic8Q9pOhob6U2Kk/LwMnTaJ3gVGCSLC8J
U7uZcIt8SgIyOi971bfmaIu9PHhOC6ow1m8KnvmaPLdyuHQDMbvTDfRr1/xrxxfv
3Wr2XpdK29340Xc6QA+yzTrKkhO8KJ912t4E+v49/irnz1QtrrO5IIH0KZhROjfq
vAlDYBURrTPXKB5eJNU1aTbsqsQGzsiWByO6sZuFNFMZoQ0sJlmVXhlvOWTaX8yD
Q8qF80PlG8ukkRuoj6AmO+NjA6K4B8BNWUL66WsJ50olMLxYjRen0G9WGQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFNqaU3UTSesptAQegeKxhXnI7n6mMB8GA1UdIwQY
MBaAFDrxUH/aTnBIKMfgPK9iZFaq/FsaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3ZGUWY5cE9jRWdveC1BOHIySmtWcXI4V3hvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNC85ZjUwZTEtM2VjNC00NmRjLWI0Zjct
ODc0MjM0ZWQxZTVlLzEvMnBwVGRSTko2eW0wQkI2QjRyR0ZlY2p1ZnFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNC85ZjUwZTEtM2VjNC00NmRjLWI0ZjctODc0MjM0ZWQxZTVl
LzEvT3ZGUWY5cE9jRWdveC1BOHIySmtWcXI4V3hvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuZRkMA0E
AgACMAcDBQAqD1fAMA0GCSqGSIb3DQEBCwUAA4IBAQAcwJsixIl3BvZYmvfjbvT4
QEtWjqmEJLa20E76cjtovkpNa/eMWf0c6QABlY9/C9iPXqAfCTYL9SYiQhU/sjHC
2WfJcJawIZp/pMbksNFwMrGnvPRL09zPxY+23DHGgYk5poE0/llKyYD7pCBJmp35
i2VUfgg8pWimIVw+naYx81kr3AN369nDRqSXl8kWdKVYTutGrv1f606jS7h5TqYZ
qMRly/6ZKC/y2qwnscvkJF+QZ+kQHMd0iCKmcA2+CaN9jSO1WkhenXkrNpVoFcnj
pKq4phfIqwhyQzcY0iQ+bR5mtyGDQs0mxjYj7fW55fm8wIe+sVuJFHxGfkK5ULZB
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:36:28 2024 by rpki-client on console-ams.rpki-client.org