Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/2rLgXo8nDIJqeOtT4Pi3BMLMW8g.roa
File: 2rLgXo8nDIJqeOtT4Pi3BMLMW8g.roa (raw, json)
Hash identifier: dkNUwMShx1AGEU21FKJYm0ZkMZzrqVxtrDEOfkugFlM=
Subject key identifier: DA:B2:E0:5E:8F:27:0C:82:6A:78:EB:53:E0:F8:B7:04:C2:CC:5B:C8
Certificate issuer: /CN=cc5911433ba206f450ac9bd065c86c96608401c1
Certificate serial: 018CC5013C50266C7C31F9848F12CFBD036E
Authority key identifier: CC:59:11:43:3B:A2:06:F4:50:AC:9B:D0:65:C8:6C:96:60:84:01:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zFkRQzuiBvRQrJvQZchslmCEAcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/2rLgXo8nDIJqeOtT4Pi3BMLMW8g.roa
Signing time: Mon 01 Jan 2024 12:30:41 +0000
ROA not before: Mon 01 Jan 2024 12:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47716
IP address blocks: 194.0.104.0/22 maxlen: 22
185.164.60.0/22 maxlen: 22
193.186.162.0/24 maxlen: 24
2a0a:c400::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/zFkRQzuiBvRQrJvQZchslmCEAcE.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/zFkRQzuiBvRQrJvQZchslmCEAcE.mft
rsync://rpki.ripe.net/repository/DEFAULT/zFkRQzuiBvRQrJvQZchslmCEAcE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:01:3c:50:26:6c:7c:31:f9:84:8f:12:cf:bd:03:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc5911433ba206f450ac9bd065c86c96608401c1
Validity
Not Before: Jan 1 12:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dab2e05e8f270c826a78eb53e0f8b704c2cc5bc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:12:b3:75:42:a9:4c:26:de:6b:b1:d2:dd:53:
96:00:59:1d:e7:c1:2b:b8:2e:20:ed:42:b9:3e:e5:
ed:a2:2e:dc:19:14:a8:8a:33:a2:1f:8b:e3:df:97:
80:1b:04:58:42:1a:86:3c:99:92:24:aa:16:15:d0:
ac:00:df:1f:83:a0:ce:56:bc:fd:e3:85:ed:47:39:
7b:2c:cc:8d:2c:8e:cb:a7:6d:f3:2d:4c:9f:2e:38:
08:ca:22:6f:99:16:3f:75:6e:cd:ce:a8:ec:8e:1b:
d1:8a:c8:b7:4a:0d:8b:0a:df:5e:8b:77:1a:d7:62:
eb:4f:d2:15:30:64:de:fb:ee:d6:96:ec:02:75:64:
b6:b6:1c:94:2a:db:14:49:a9:f0:64:25:85:93:0a:
e2:55:39:e2:0f:bb:a7:fd:47:44:d7:2e:63:14:a0:
02:3a:6d:7d:e8:ef:0f:2a:ec:84:a1:47:11:6c:8d:
27:40:6e:4d:59:c7:15:79:e9:81:02:45:56:4a:d8:
cf:02:1f:6f:5a:59:0f:8c:df:5c:8f:d7:6a:29:f6:
8b:17:d1:d7:2d:af:38:38:c5:b4:23:8b:24:12:96:
8c:25:3c:55:a1:d1:96:d6:4b:a1:da:15:7f:3d:fb:
b9:ee:09:91:23:75:68:5d:30:d9:76:03:a4:4f:4a:
9f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:B2:E0:5E:8F:27:0C:82:6A:78:EB:53:E0:F8:B7:04:C2:CC:5B:C8
X509v3 Authority Key Identifier:
keyid:CC:59:11:43:3B:A2:06:F4:50:AC:9B:D0:65:C8:6C:96:60:84:01:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zFkRQzuiBvRQrJvQZchslmCEAcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/2rLgXo8nDIJqeOtT4Pi3BMLMW8g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/360fdd-76ae-41f1-98c0-2b275043719f/1/zFkRQzuiBvRQrJvQZchslmCEAcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.164.60.0/22
193.186.162.0/24
194.0.104.0/22
IPv6:
2a0a:c400::/29
Signature Algorithm: sha256WithRSAEncryption
a9:e8:04:13:1e:28:d0:44:52:6a:0d:c9:64:7f:e9:4f:70:28:
ba:56:be:03:65:93:82:a2:44:2b:c0:b4:55:61:ae:d9:2d:da:
b9:52:73:00:3e:40:1e:90:db:f5:85:69:e8:b1:18:63:79:2c:
b1:9d:4d:ed:21:ae:31:4d:9e:d6:b0:fc:bc:6c:b4:52:f7:ab:
ed:87:b7:a4:91:0b:07:ce:3f:a1:17:3d:6e:64:62:21:19:ad:
b2:82:6d:f1:5a:38:ba:bb:37:00:0e:c2:07:80:70:83:a0:82:
c0:75:dd:be:bf:19:36:a7:af:79:72:21:65:9f:32:e1:64:b9:
4c:9e:10:11:3a:09:e0:c1:00:32:79:1a:f3:82:e8:c5:b4:e4:
55:0a:75:5a:34:b2:b4:2d:0f:b8:10:32:eb:cf:dc:94:3f:59:
f0:0a:d7:78:72:50:ee:8e:55:da:c0:f1:04:d9:1e:40:ef:1b:
3f:f1:c5:0b:8d:4e:c3:9e:86:18:c0:f1:da:f9:25:5c:d3:a4:
3a:67:15:e8:cf:b2:d9:93:a9:ef:4b:17:ea:d8:fd:4d:3c:d5:
9f:77:09:7c:5e:8b:b7:a2:f0:6b:8d:e7:31:08:2d:1f:6d:e5:
3e:f2:df:84:ef:47:00:d0:a0:da:29:97:69:b9:6d:c2:1b:81:
ae:c6:3e:5c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAYzFATxQJmx8MfmEjxLPvQNuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjNTkxMTQzM2JhMjA2ZjQ1MGFjOWJkMDY1Yzg2Yzk2NjA4
NDAxYzEwHhcNMjQwMTAxMTIzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWIyZTA1ZThmMjcwYzgyNmE3OGViNTNlMGY4YjcwNGMyY2M1YmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hKzdUKpTCbea7HS3VOWAFkd58Er
uC4g7UK5PuXtoi7cGRSoijOiH4vj35eAGwRYQhqGPJmSJKoWFdCsAN8fg6DOVrz9
44XtRzl7LMyNLI7Lp23zLUyfLjgIyiJvmRY/dW7NzqjsjhvRisi3Sg2LCt9ei3ca
12LrT9IVMGTe++7WluwCdWS2thyUKtsUSanwZCWFkwriVTniD7un/UdE1y5jFKAC
Om196O8PKuyEoUcRbI0nQG5NWccVeemBAkVWStjPAh9vWlkPjN9cj9dqKfaLF9HX
La84OMW0I4skEpaMJTxVodGW1kuh2hV/Pfu57gmRI3VoXTDZdgOkT0qf5QIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNqy4F6PJwyCanjrU+D4twTCzFvIMB8GA1UdIwQY
MBaAFMxZEUM7ogb0UKyb0GXIbJZghAHBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekZrUlF6dWlCdlJRckp2UVpjaHNsbUNFQWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS8zNjBmZGQtNzZhZS00MWYxLTk4YzAt
MmIyNzUwNDM3MTlmLzEvMnJMZ1hvOG5ESUpxZU90VDRQaTNCTUxNVzhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS8zNjBmZGQtNzZhZS00MWYxLTk4YzAtMmIyNzUwNDM3MTlm
LzEvekZrUlF6dWlCdlJRckp2UVpjaHNsbUNFQWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQCuaQ8AwQA
wbqiAwQCwgBoMA0EAgACMAcDBQMqCsQAMA0GCSqGSIb3DQEBCwUAA4IBAQCp6AQT
HijQRFJqDclkf+lPcCi6Vr4DZZOCokQrwLRVYa7ZLdq5UnMAPkAekNv1hWnosRhj
eSyxnU3tIa4xTZ7WsPy8bLRS96vth7ekkQsHzj+hFz1uZGIhGa2ygm3xWji6uzcA
DsIHgHCDoILAdd2+vxk2p695ciFlnzLhZLlMnhAROgngwQAyeRrzgujFtORVCnVa
NLK0LQ+4EDLrz9yUP1nwCtd4clDujlXawPEE2R5A7xs/8cULjU7DnoYYwPHa+SVc
06Q6ZxXoz7LZk6nvSxfq2P1NPNWfdwl8Xou3ovBrjecxCC0fbeU+8t+E70cA0KDa
KZdpuW3CG4Guxj5c
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:05:55 2024 by rpki-client on console-fra.rpki-client.org