Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/_2S0XRMREiedXlj3U3WRu3TYSIk.roa
File: _2S0XRMREiedXlj3U3WRu3TYSIk.roa (raw, json)
Hash identifier: GrGzUYSx3J2z6O4qrykPsZ28kmdOE72IGtP7qFdoUFM=
Subject key identifier: FF:64:B4:5D:13:11:12:27:9D:5E:58:F7:53:75:91:BB:74:D8:48:89
Certificate issuer: /CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Certificate serial: 018CC4254F88B56FE268B26BCEDE899BEAF8
Authority key identifier: 1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/_2S0XRMREiedXlj3U3WRu3TYSIk.roa
Signing time: Mon 01 Jan 2024 08:30:28 +0000
ROA not before: Mon 01 Jan 2024 08:30:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 30971
IP address blocks: 193.46.104.0/21 maxlen: 24
193.46.112.0/20 maxlen: 24
83.136.32.0/21 maxlen: 24
185.102.15.0/24 maxlen: 24
2a02:850::/44 maxlen: 44
2a02:850:10::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 May 2024 16:01:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:25:4f:88:b5:6f:e2:68:b2:6b:ce:de:89:9b:ea:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1c390bff65dcedca813d7a10d7ec328c2f6eac34
Validity
Not Before: Jan 1 08:30:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff64b45d131112279d5e58f7537591bb74d84889
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:8a:a1:8d:c2:74:df:98:4f:cd:c9:0e:81:f5:
03:00:b6:7f:8a:4b:ed:c1:9b:0a:bb:f1:a8:33:3b:
5c:5c:64:23:0a:74:45:f1:3e:0c:33:30:75:92:20:
1a:20:42:27:3a:25:ca:cf:75:63:98:7a:c3:1d:ec:
d6:bc:b1:b0:83:78:28:81:e0:76:d5:14:ba:b9:e9:
3c:4f:9d:f1:82:33:04:eb:5f:43:96:88:b8:fd:50:
46:8f:3b:8c:45:7b:e9:d8:9c:f8:7c:63:ae:bd:5a:
22:d0:45:db:06:f5:5a:52:d1:42:61:fc:ac:78:af:
2c:83:30:a6:89:fc:c9:59:f9:ee:7b:f7:d6:65:50:
07:4f:d4:cc:ab:a8:e4:36:eb:b8:ba:24:ea:30:cd:
9f:5b:f2:0b:91:b8:39:60:4d:53:8f:b7:69:26:9c:
34:d6:49:a1:84:dd:f5:92:85:5d:fc:a5:93:41:c5:
da:3a:59:f0:b3:fa:28:88:02:4e:52:74:bd:f0:df:
12:eb:ef:65:75:a2:8c:4b:f1:fd:e6:9a:c8:3a:39:
78:13:35:28:f0:e4:06:ac:e2:d4:a2:5c:93:8c:6c:
0f:ea:92:b1:4b:fb:07:58:00:5f:7b:4d:3d:eb:4b:
9c:2f:62:b8:7b:3e:38:b6:1d:ab:c4:48:27:90:ec:
16:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:64:B4:5D:13:11:12:27:9D:5E:58:F7:53:75:91:BB:74:D8:48:89
X509v3 Authority Key Identifier:
keyid:1C:39:0B:FF:65:DC:ED:CA:81:3D:7A:10:D7:EC:32:8C:2F:6E:AC:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/_2S0XRMREiedXlj3U3WRu3TYSIk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/26/348104-8a41-4949-8552-a9765edc795c/1/HDkL_2Xc7cqBPXoQ1-wyjC9urDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.136.32.0/21
185.102.15.0/24
193.46.104.0-193.46.127.255
IPv6:
2a02:850::/43
Signature Algorithm: sha256WithRSAEncryption
4d:ca:bb:2a:3a:a8:5d:71:9e:e4:b4:ed:d8:f8:b2:a4:9b:19:
28:d9:c3:86:89:b5:c7:d5:6d:55:44:fa:ba:2e:76:5e:96:6e:
cc:4c:a6:3d:9e:76:c6:f0:35:12:18:62:82:59:50:83:17:84:
f7:93:05:9e:c5:9d:3f:f7:d9:9d:f7:02:d6:b2:d2:2a:e2:f7:
e1:62:06:d4:b0:14:34:59:d7:03:0a:93:3a:60:42:7d:b5:22:
c1:66:d2:dc:95:42:e3:2b:83:a6:e6:3b:14:18:9d:a3:64:bb:
a4:86:7d:14:95:e9:13:d3:2f:0e:2f:dc:88:a0:16:5a:26:0f:
47:2e:d0:c7:bb:9c:19:46:b4:99:70:7a:9c:5d:de:af:c0:21:
ee:66:8c:87:93:54:d8:e3:59:d1:58:5e:84:8f:63:da:69:cf:
88:da:09:76:94:3d:92:1c:91:02:4f:95:42:09:a4:4a:37:62:
87:e9:50:82:6e:79:fb:83:34:d2:00:fb:28:aa:e3:a1:6d:40:
33:b1:72:d3:8f:2c:b1:18:1e:48:b9:26:ec:0c:fb:ba:28:85:
76:e0:5f:62:12:0b:dd:a7:84:af:1b:7a:6f:a0:3e:05:56:ec:
12:a8:7c:db:ae:4e:11:66:21:52:b1:1f:58:bd:7b:27:cb:1c:
c4:0d:38:68
-----BEGIN CERTIFICATE-----
MIIFIjCCBAqgAwIBAgISAYzEJU+ItW/iaLJrzt6Jm+r4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFjMzkwYmZmNjVkY2VkY2E4MTNkN2ExMGQ3ZWMzMjhjMmY2
ZWFjMzQwHhcNMjQwMTAxMDgzMDI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjY0YjQ1ZDEzMTExMjI3OWQ1ZTU4Zjc1Mzc1OTFiYjc0ZDg0ODg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnIqhjcJ035hPzckOgfUDALZ/ikvt
wZsKu/GoMztcXGQjCnRF8T4MMzB1kiAaIEInOiXKz3VjmHrDHezWvLGwg3gogeB2
1RS6uek8T53xgjME619Dloi4/VBGjzuMRXvp2Jz4fGOuvVoi0EXbBvVaUtFCYfys
eK8sgzCmifzJWfnue/fWZVAHT9TMq6jkNuu4uiTqMM2fW/ILkbg5YE1Tj7dpJpw0
1kmhhN31koVd/KWTQcXaOlnws/ooiAJOUnS98N8S6+9ldaKMS/H95prIOjl4EzUo
8OQGrOLUolyTjGwP6pKxS/sHWABfe00960ucL2K4ez44th2rxEgnkOwW3QIDAQAB
o4ICLjCCAiowHQYDVR0OBBYEFP9ktF0TERInnV5Y91N1kbt02EiJMB8GA1UdIwQY
MBaAFBw5C/9l3O3KgT16ENfsMowvbqw0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTIt
YTk3NjVlZGM3OTVjLzEvXzJTMFhSTVJFaWVkWGxqM1UzV1J1M1RZU0lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNi8zNDgxMDQtOGE0MS00OTQ5LTg1NTItYTk3NjVlZGM3OTVj
LzEvSERrTF8yWGM3Y3FCUFhvUTEtd3lqQzl1ckRRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEQGCCsGAQUFBwEHAQH/BDUwMzAgBAIAATAaAwQDU4ggAwQA
uWYPMAwDBAPBLmgDBAfBLgAwDwQCAAIwCQMHBSoCCFAAADANBgkqhkiG9w0BAQsF
AAOCAQEATcq7KjqoXXGe5LTt2PiypJsZKNnDhom1x9VtVUT6ui52XpZuzEymPZ52
xvA1EhhigllQgxeE95MFnsWdP/fZnfcC1rLSKuL34WIG1LAUNFnXAwqTOmBCfbUi
wWbS3JVC4yuDpuY7FBido2S7pIZ9FJXpE9MvDi/ciKAWWiYPRy7Qx7ucGUa0mXB6
nF3er8Ah7maMh5NU2ONZ0VhehI9j2mnPiNoJdpQ9khyRAk+VQgmkSjdih+lQgm55
+4M00gD7KKrjoW1AM7Fy048ssRgeSLkm7Az7uiiFduBfYhIL3aeErxt6b6A+BVbs
Eqh8265OEWYhUrEfWL17J8scxA04aA==
-----END CERTIFICATE-----
Generated at Fri May 17 18:23:58 2024 by rpki-client on console-fra.rpki-client.org