Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/2HcapEz0Gu7D6h7Ws_IBTDSVGvc.roa
File: 2HcapEz0Gu7D6h7Ws_IBTDSVGvc.roa (raw, json)
Hash identifier: B8x5vu6zwkQf+Be6IIzAVTqn+aHQHDow30Jj8rCs/Dw=
Subject key identifier: D8:77:1A:A4:4C:F4:1A:EE:C3:EA:1E:D6:B3:F2:01:4C:34:95:1A:F7
Certificate issuer: /CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Certificate serial: 018CC64B6A103D4227BC5EE599C80D06B55C
Authority key identifier: 34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/2HcapEz0Gu7D6h7Ws_IBTDSVGvc.roa
Signing time: Mon 01 Jan 2024 18:31:20 +0000
ROA not before: Mon 01 Jan 2024 18:31:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 140224
IP address blocks: 193.227.121.0/24 maxlen: 24
45.153.8.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.mft
rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 00:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:4b:6a:10:3d:42:27:bc:5e:e5:99:c8:0d:06:b5:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=347b487848fff63533d87c324ecc51c2c3ea2adb
Validity
Not Before: Jan 1 18:31:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8771aa44cf41aeec3ea1ed6b3f2014c34951af7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:55:5a:c2:56:31:84:82:3b:d8:29:ab:63:f4:
5b:6e:81:e9:a7:55:1b:41:8b:fd:15:94:30:f2:b3:
38:9e:51:e7:6e:10:7b:16:2b:7f:b7:bd:48:90:66:
8d:45:a3:c0:9d:42:10:a9:4d:3e:f1:ae:d1:3d:69:
f0:45:c5:6b:5c:cf:2f:35:ba:4b:b8:f7:da:ef:d1:
0c:9e:69:43:f7:0e:36:4b:17:6e:19:ce:45:72:51:
ac:b7:80:02:ff:78:61:5f:31:10:36:22:11:bf:4a:
c7:60:c6:9c:88:e8:2c:e6:6d:d6:57:a9:81:0b:02:
4d:63:3b:ef:5b:9a:96:2a:e7:ba:fa:66:f5:6a:ef:
f5:09:e3:96:b6:0f:b6:20:50:55:70:e3:9b:f7:d3:
77:43:8b:6d:9e:bd:c9:87:95:c0:c2:81:41:ed:72:
b2:49:19:0c:3a:00:00:78:06:a5:46:c9:c3:e2:a8:
52:a5:24:ae:8a:02:d7:bc:cc:b9:18:73:cf:0e:83:
3b:27:da:b8:9c:8e:d8:32:ad:21:41:3c:2a:cb:58:
ba:b0:89:95:df:74:2f:1d:7b:e6:0f:a7:39:8e:bb:
89:bc:6c:39:4d:1a:be:4a:c8:e7:93:c0:6f:df:d4:
b3:c0:c5:ee:c1:73:69:ba:74:8d:e4:d4:81:e4:7c:
2e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:77:1A:A4:4C:F4:1A:EE:C3:EA:1E:D6:B3:F2:01:4C:34:95:1A:F7
X509v3 Authority Key Identifier:
keyid:34:7B:48:78:48:FF:F6:35:33:D8:7C:32:4E:CC:51:C2:C3:EA:2A:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NHtIeEj_9jUz2HwyTsxRwsPqKts.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/2HcapEz0Gu7D6h7Ws_IBTDSVGvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/bc7122-4d1b-46a7-aecb-230b3b72a175/1/NHtIeEj_9jUz2HwyTsxRwsPqKts.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.8.0/23
193.227.121.0/24
Signature Algorithm: sha256WithRSAEncryption
b0:bd:eb:a7:d8:ba:ee:c9:b9:de:c7:5a:0e:6b:3b:96:43:07:
3b:35:65:9f:1e:b2:8e:e4:ea:37:97:4b:7b:13:f2:1d:82:66:
69:66:87:45:c9:46:1d:58:a6:1f:e0:b8:3f:3a:ae:b0:35:36:
6f:6c:62:63:84:5e:33:4f:29:75:a3:87:61:c3:36:ec:48:01:
6c:33:62:3e:56:71:74:d1:46:43:73:c9:22:d8:63:95:72:dc:
d0:58:cc:22:37:e4:9f:3b:2f:0d:2d:2d:00:0b:bb:2a:d5:cb:
29:45:ed:37:11:49:73:86:6c:ca:25:32:63:22:f7:f0:d0:8a:
bf:36:9a:c0:d8:53:30:19:ff:63:7d:9d:22:df:40:ce:97:c1:
58:48:df:34:da:ee:08:b7:64:84:69:05:1d:39:20:e9:7e:94:
b7:8d:48:b7:ed:08:df:fa:b5:de:49:70:75:d2:43:44:1c:7f:
b5:53:35:f7:33:67:0a:5d:b0:80:66:0e:88:10:8d:63:2f:8e:
0b:d7:05:fd:12:ac:7a:77:91:36:0a:59:9d:78:ed:16:a4:85:
0e:94:92:83:7c:c6:db:db:c5:54:91:16:4b:e6:d0:ac:1d:67:
43:89:39:82:4b:81:4e:c0:f8:0b:33:14:d5:93:84:01:d0:df:
e2:58:6b:97
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGS2oQPUInvF7lmcgNBrVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0N2I0ODc4NDhmZmY2MzUzM2Q4N2MzMjRlY2M1MWMyYzNl
YTJhZGIwHhcNMjQwMTAxMTgzMTIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODc3MWFhNDRjZjQxYWVlYzNlYTFlZDZiM2YyMDE0YzM0OTUxYWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA21VawlYxhII72CmrY/RbboHpp1Ub
QYv9FZQw8rM4nlHnbhB7Fit/t71IkGaNRaPAnUIQqU0+8a7RPWnwRcVrXM8vNbpL
uPfa79EMnmlD9w42SxduGc5FclGst4AC/3hhXzEQNiIRv0rHYMaciOgs5m3WV6mB
CwJNYzvvW5qWKue6+mb1au/1CeOWtg+2IFBVcOOb99N3Q4ttnr3Jh5XAwoFB7XKy
SRkMOgAAeAalRsnD4qhSpSSuigLXvMy5GHPPDoM7J9q4nI7YMq0hQTwqy1i6sImV
33QvHXvmD6c5jruJvGw5TRq+Ssjnk8Bv39SzwMXuwXNpunSN5NSB5HwuCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNh3GqRM9Bruw+oe1rPyAUw0lRr3MB8GA1UdIwQY
MBaAFDR7SHhI//Y1M9h8Mk7MUcLD6irbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2It
MjMwYjNiNzJhMTc1LzEvMkhjYXBFejBHdTdENmg3V3NfSUJURFNWR3ZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9iYzcxMjItNGQxYi00NmE3LWFlY2ItMjMwYjNiNzJhMTc1
LzEvTkh0SWVFal85alV6Mkh3eVRzeFJ3c1BxS3RzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBLZkIAwQA
weN5MA0GCSqGSIb3DQEBCwUAA4IBAQCwveun2Lruybnex1oOazuWQwc7NWWfHrKO
5Oo3l0t7E/IdgmZpZodFyUYdWKYf4Lg/Oq6wNTZvbGJjhF4zTyl1o4dhwzbsSAFs
M2I+VnF00UZDc8ki2GOVctzQWMwiN+SfOy8NLS0AC7sq1cspRe03EUlzhmzKJTJj
Ivfw0Iq/NprA2FMwGf9jfZ0i30DOl8FYSN802u4It2SEaQUdOSDpfpS3jUi37Qjf
+rXeSXB10kNEHH+1UzX3M2cKXbCAZg6IEI1jL44L1wX9Eqx6d5E2ClmdeO0WpIUO
lJKDfMbb28VUkRZL5tCsHWdDiTmCS4FOwPgLMxTVk4QB0N/iWGuX
-----END CERTIFICATE-----
Generated at Mon Nov 25 09:11:00 2024 by rpki-client on console-fra.rpki-client.org