Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/t2RpoX4uizUSX8WY3QPR_eY9xjc.roa
File: t2RpoX4uizUSX8WY3QPR_eY9xjc.roa (raw, json)
Hash identifier: 06pg2s3hrgnV+QM0bA67+wBTINo7NAhieGUuKPzZpZg=
Subject key identifier: B7:64:69:A1:7E:2E:8B:35:12:5F:C5:98:DD:03:D1:FD:E6:3D:C6:37
Certificate issuer: /CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Certificate serial: 018DC5C5A42488A5F668421668F7EF9AA1B9
Authority key identifier: 05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/t2RpoX4uizUSX8WY3QPR_eY9xjc.roa
Signing time: Tue 20 Feb 2024 09:08:00 +0000
ROA not before: Tue 20 Feb 2024 09:08:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203936
IP address blocks: 45.144.248.0/22 maxlen: 22
89.40.238.0/24 maxlen: 24
89.43.72.0/24 maxlen: 24
89.43.198.0/24 maxlen: 24
89.44.145.0/24 maxlen: 24
109.205.136.0/22 maxlen: 24
185.237.136.0/22 maxlen: 24
185.237.138.0/24 maxlen: 24
185.249.232.0/24 maxlen: 24
185.253.144.0/22 maxlen: 22
185.253.145.0/24 maxlen: 24
185.253.146.0/24 maxlen: 24
185.253.147.0/24 maxlen: 24
193.39.92.0/22 maxlen: 22
193.39.92.0/24 maxlen: 24
193.39.93.0/24 maxlen: 24
193.39.94.0/24 maxlen: 24
194.15.219.0/24 maxlen: 24
194.15.232.0/24 maxlen: 24
194.15.236.0/24 maxlen: 24
194.26.1.0/24 maxlen: 24
2a03:6280::/29 maxlen: 29
2a0c:1380::/29 maxlen: 29
2a0c:3cc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c5:c5:a4:24:88:a5:f6:68:42:16:68:f7:ef:9a:a1:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=059b86f99e2d6bde14fa8799de71ce41b98020b9
Validity
Not Before: Feb 20 09:08:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b76469a17e2e8b35125fc598dd03d1fde63dc637
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2f:68:05:97:bc:3c:22:e6:16:68:ec:8b:77:
f5:89:e8:77:e4:5b:cb:c6:08:bd:21:a0:f2:ed:79:
e8:13:40:cd:f7:81:3a:29:88:43:c1:16:0f:bd:55:
f0:b7:fc:d6:ff:cb:0e:3f:89:eb:e8:45:78:98:45:
02:bf:84:d2:08:dd:ac:b1:61:45:15:e6:17:2d:7b:
42:48:71:ae:63:66:d8:30:9d:b5:94:66:24:25:cc:
ae:6a:eb:b6:7b:25:8f:f4:aa:ea:e4:2c:fe:ad:2e:
5d:ff:61:f7:5c:01:f5:3a:66:1e:b5:11:50:4d:45:
e3:df:7a:24:d0:8d:66:37:d0:9b:d1:31:28:1a:20:
72:09:a8:83:76:c1:62:98:64:fe:ac:ac:1e:61:9c:
35:f4:d8:34:ea:92:30:e1:87:dc:d6:ef:7f:a6:7e:
48:6d:f4:a1:b3:41:39:f8:c3:cf:ee:6b:84:f6:16:
fd:02:ed:57:80:b0:e6:08:fe:b5:be:7a:44:68:d3:
2d:82:0b:ff:e2:ba:55:cb:a9:24:e4:67:ac:24:d6:
f5:81:aa:44:12:8d:b0:3c:60:bb:b7:f5:d3:3b:3b:
4b:29:f3:17:bb:39:f2:c1:f8:91:9c:f2:3a:fd:e5:
5c:e9:ac:99:80:20:12:08:46:64:8e:14:98:89:19:
db:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:64:69:A1:7E:2E:8B:35:12:5F:C5:98:DD:03:D1:FD:E6:3D:C6:37
X509v3 Authority Key Identifier:
keyid:05:9B:86:F9:9E:2D:6B:DE:14:FA:87:99:DE:71:CE:41:B9:80:20:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZuG-Z4ta94U-oeZ3nHOQbmAILk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/t2RpoX4uizUSX8WY3QPR_eY9xjc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/358416-2752-4159-add6-cc3fb351e336/1/BZuG-Z4ta94U-oeZ3nHOQbmAILk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.248.0/22
89.40.238.0/24
89.43.72.0/24
89.43.198.0/24
89.44.145.0/24
109.205.136.0/22
185.237.136.0/22
185.249.232.0/24
185.253.144.0/22
193.39.92.0/22
194.15.219.0/24
194.15.232.0/24
194.15.236.0/24
194.26.1.0/24
IPv6:
2a03:6280::/29
2a0c:1380::/29
2a0c:3cc0::/32
Signature Algorithm: sha256WithRSAEncryption
c3:fd:b3:9f:f1:ce:50:a5:c6:55:bb:1f:ca:22:3d:74:2b:36:
23:f6:d3:e3:70:db:47:94:48:7d:bc:62:f8:32:5e:6a:b7:44:
82:f5:3d:fa:e3:6c:30:ee:e2:5d:31:9d:bc:ef:cd:08:73:8d:
42:3f:0c:3e:11:d9:e1:b7:93:6b:47:f0:10:64:50:59:d6:47:
fa:2a:4c:81:ee:cd:c9:74:42:55:b3:f7:25:3b:e2:1d:5b:05:
dc:19:e0:fe:d0:8c:26:fe:cc:00:cb:ec:40:4b:81:b9:f1:1b:
68:16:51:a7:b7:22:f2:01:a1:a0:5d:56:e4:d3:85:50:47:3b:
37:10:63:a8:d1:f5:fc:3f:57:71:03:87:17:7b:90:c6:c1:5e:
0b:40:32:32:dd:aa:ab:56:e5:8d:f9:b2:ce:65:68:de:d6:08:
9a:32:af:e9:5b:76:fd:67:c0:c6:fc:e2:bb:9a:27:a9:ac:14:
45:ae:96:43:51:89:4f:05:97:ed:f8:d6:11:34:f6:3f:b9:d8:
32:5c:68:ca:b2:7f:8d:02:cd:72:2e:d0:33:ff:70:13:00:77:
fd:32:a1:07:67:a7:9a:53:3a:0e:11:d0:a2:bf:c5:40:ca:1b:
ce:58:a0:9b:34:1e:01:cd:e0:53:97:05:9f:c7:88:c7:d6:68:
07:f6:f3:6b
-----BEGIN CERTIFICATE-----
MIIFaTCCBFGgAwIBAgISAY3FxaQkiKX2aEIWaPfvmqG5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OWI4NmY5OWUyZDZiZGUxNGZhODc5OWRlNzFjZTQxYjk4
MDIwYjkwHhcNMjQwMjIwMDkwODAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNzY0NjlhMTdlMmU4YjM1MTI1ZmM1OThkZDAzZDFmZGU2M2RjNjM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlC9oBZe8PCLmFmjsi3f1ieh35FvL
xgi9IaDy7XnoE0DN94E6KYhDwRYPvVXwt/zW/8sOP4nr6EV4mEUCv4TSCN2ssWFF
FeYXLXtCSHGuY2bYMJ21lGYkJcyuauu2eyWP9Krq5Cz+rS5d/2H3XAH1OmYetRFQ
TUXj33ok0I1mN9Cb0TEoGiByCaiDdsFimGT+rKweYZw19Ng06pIw4Yfc1u9/pn5I
bfShs0E5+MPP7muE9hb9Au1XgLDmCP61vnpEaNMtggv/4rpVy6kk5GesJNb1gapE
Eo2wPGC7t/XTOztLKfMXuznywfiRnPI6/eVc6ayZgCASCEZkjhSYiRnb5wIDAQAB
o4ICdTCCAnEwHQYDVR0OBBYEFLdkaaF+Los1El/FmN0D0f3mPcY3MB8GA1UdIwQY
MBaAFAWbhvmeLWveFPqHmd5xzkG5gCC5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYt
Y2MzZmIzNTFlMzM2LzEvdDJScG9YNHVpelVTWDhXWTNRUFJfZVk5eGpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8zNTg0MTYtMjc1Mi00MTU5LWFkZDYtY2MzZmIzNTFlMzM2
LzEvQlp1Ry1aNHRhOTRVLW9lWjNuSE9RYm1BSUxrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGKBggrBgEFBQcBBwEB/wR7MHkwWgQCAAEwVAMEAi2Q+AME
AFko7gMEAFkrSAMEAFkrxgMEAFkskQMEAm3NiAMEArntiAMEALn56AMEArn9kAME
AsEnXAMEAMIP2wMEAMIP6AMEAMIP7AMEAMIaATAbBAIAAjAVAwUDKgNigAMFAyoM
E4ADBQAqDDzAMA0GCSqGSIb3DQEBCwUAA4IBAQDD/bOf8c5QpcZVux/KIj10KzYj
9tPjcNtHlEh9vGL4Ml5qt0SC9T3642ww7uJdMZ28780Ic41CPww+Ednht5NrR/AQ
ZFBZ1kf6KkyB7s3JdEJVs/clO+IdWwXcGeD+0Iwm/swAy+xAS4G58RtoFlGntyLy
AaGgXVbk04VQRzs3EGOo0fX8P1dxA4cXe5DGwV4LQDIy3aqrVuWN+bLOZWje1gia
Mq/pW3b9Z8DG/OK7mieprBRFrpZDUYlPBZft+NYRNPY/udgyXGjKsn+NAs1yLtAz
/3ATAHf9MqEHZ6eaUzoOEdCiv8VAyhvOWKCbNB4BzeBTlwWfx4jH1mgH9vNr
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:02:55 2024 by rpki-client on console-ams.rpki-client.org