Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/2tyOtDrZ5tleCPwNz_EAfpWWINk.roa
File: 2tyOtDrZ5tleCPwNz_EAfpWWINk.roa (raw, json)
Hash identifier: AKliEtJatsFUPXPW2FBYGGEmK0UFh4OZe6Htgecm72Y=
Subject key identifier: DA:DC:8E:B4:3A:D9:E6:D9:5E:08:FC:0D:CF:F1:00:7E:95:96:20:D9
Certificate issuer: /CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Certificate serial: 018CC2DAE1657600CE80F60DDC19CF6ACBF4
Authority key identifier: C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/2tyOtDrZ5tleCPwNz_EAfpWWINk.roa
Signing time: Mon 01 Jan 2024 02:29:33 +0000
ROA not before: Mon 01 Jan 2024 02:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34187
IP address blocks: 195.245.118.0/23 maxlen: 23
195.245.118.0/24 maxlen: 24
78.26.128.0/19 maxlen: 19
78.26.128.0/24 maxlen: 24
78.26.128.0/18 maxlen: 18
78.26.192.0/19 maxlen: 19
78.26.192.0/18 maxlen: 18
78.26.224.0/19 maxlen: 19
195.245.119.0/24 maxlen: 24
185.70.110.0/23 maxlen: 23
185.70.108.0/23 maxlen: 23
185.70.108.0/22 maxlen: 22
78.26.160.0/19 maxlen: 19
2a03:1240::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 01:03:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:e1:65:76:00:ce:80:f6:0d:dc:19:cf:6a:cb:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c1bf8f3e609072889e74dd0fb4e27f9bac47b3b0
Validity
Not Before: Jan 1 02:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dadc8eb43ad9e6d95e08fc0dcff1007e959620d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4d:0b:95:a0:03:b2:17:42:db:bd:1e:47:3a:
8f:b1:09:64:96:84:79:68:56:23:30:d6:92:19:21:
dc:13:68:70:c0:f3:da:1a:c6:33:62:29:73:e6:88:
15:fd:95:a6:1a:05:86:14:c9:01:26:c2:5a:ee:61:
86:8e:34:6f:02:db:88:0d:fc:a4:17:c7:77:db:5c:
61:6b:c5:bf:bf:98:d2:42:10:78:aa:00:80:2c:c1:
8a:84:c5:24:6d:ee:15:a7:fd:da:f1:77:b1:3a:ac:
7e:a9:16:e1:91:ce:b4:29:a6:4a:52:b2:c4:a4:5c:
54:6a:fa:88:30:ee:68:a2:93:b6:48:2f:32:4e:18:
87:8b:25:4b:07:58:1d:f6:0a:25:3a:99:b6:9b:ee:
d9:e7:44:9c:85:7c:11:9e:32:c7:d3:41:ba:43:65:
53:2e:07:2f:73:33:de:31:b4:83:2f:7d:ca:82:d6:
03:0c:15:05:bf:fc:68:ff:36:59:68:40:06:28:e2:
d2:34:7e:5e:aa:d0:47:28:93:5a:28:95:e3:2d:49:
a1:e6:e7:32:72:f6:d9:13:16:89:39:26:b7:98:ca:
9e:a4:ef:6c:4c:12:d9:79:96:30:33:02:a0:6e:c8:
62:3d:10:c4:e7:2d:89:29:93:1f:a1:4f:74:16:e9:
50:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:DC:8E:B4:3A:D9:E6:D9:5E:08:FC:0D:CF:F1:00:7E:95:96:20:D9
X509v3 Authority Key Identifier:
keyid:C1:BF:8F:3E:60:90:72:88:9E:74:DD:0F:B4:E2:7F:9B:AC:47:B3:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/wb-PPmCQcoiedN0PtOJ_m6xHs7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/2tyOtDrZ5tleCPwNz_EAfpWWINk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/a1c6c0-e754-479e-851d-0d0da0d10432/1/wb-PPmCQcoiedN0PtOJ_m6xHs7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.26.128.0/17
185.70.108.0/22
195.245.118.0/23
IPv6:
2a03:1240::/48
Signature Algorithm: sha256WithRSAEncryption
21:15:dd:f7:6f:e2:e7:9a:26:87:bb:fe:20:21:19:04:8d:8d:
44:82:4a:83:c5:60:d0:93:0e:b8:00:d8:78:29:ca:3c:94:11:
9f:ff:18:bc:56:92:62:fd:a9:e1:52:52:95:ab:d1:ec:99:e3:
fa:33:83:10:81:4f:76:8e:9a:01:c5:b4:51:2d:e0:d0:3d:44:
28:e2:91:46:ab:7f:2a:52:36:d1:33:62:c7:ba:9c:5b:71:b8:
39:7c:8c:fd:3c:d9:16:b2:1b:8b:01:b3:4d:95:ff:39:da:5f:
58:93:d7:16:3a:97:fb:9c:94:8a:1a:b8:cd:a1:0f:5d:dc:45:
b0:85:2d:b7:46:1c:9d:c6:1c:1f:8e:11:02:ab:66:f8:c5:7b:
15:13:20:e9:63:9a:9a:c0:b8:51:ab:bd:63:07:f9:37:37:87:
96:7d:70:7e:d1:70:23:e8:44:0e:d7:08:36:78:fa:3b:0a:b3:
30:bc:db:05:4c:8b:13:fe:cb:03:92:f8:cc:46:d7:09:0b:7d:
52:43:b2:45:f0:37:7c:ff:aa:a8:bf:50:de:ad:ba:2f:9a:f9:
a3:11:d2:32:1e:54:d3:87:e3:d8:eb:cc:3c:ab:c4:e2:ed:2e:
74:28:a9:2f:33:e2:69:43:49:e0:52:88:84:47:6f:0c:48:5f:
53:d2:e3:ac
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAYzC2uFldgDOgPYN3BnPasv0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMxYmY4ZjNlNjA5MDcyODg5ZTc0ZGQwZmI0ZTI3ZjliYWM0
N2IzYjAwHhcNMjQwMTAxMDIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWRjOGViNDNhZDllNmQ5NWUwOGZjMGRjZmYxMDA3ZTk1OTYyMGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjk0LlaADshdC270eRzqPsQlkloR5
aFYjMNaSGSHcE2hwwPPaGsYzYilz5ogV/ZWmGgWGFMkBJsJa7mGGjjRvAtuIDfyk
F8d321xha8W/v5jSQhB4qgCALMGKhMUkbe4Vp/3a8XexOqx+qRbhkc60KaZKUrLE
pFxUavqIMO5oopO2SC8yThiHiyVLB1gd9golOpm2m+7Z50SchXwRnjLH00G6Q2VT
LgcvczPeMbSDL33KgtYDDBUFv/xo/zZZaEAGKOLSNH5eqtBHKJNaKJXjLUmh5ucy
cvbZExaJOSa3mMqepO9sTBLZeZYwMwKgbshiPRDE5y2JKZMfoU90FulQ5wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFNrcjrQ62ebZXgj8Dc/xAH6VliDZMB8GA1UdIwQY
MBaAFMG/jz5gkHKInnTdD7Tif5usR7OwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQt
MGQwZGEwZDEwNDMyLzEvMnR5T3REclo1dGxlQ1B3TnpfRUFmcFdXSU5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS9hMWM2YzAtZTc1NC00NzllLTg1MWQtMGQwZGEwZDEwNDMy
LzEvd2ItUFBtQ1Fjb2llZE4wUHRPSl9tNnhIczdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQHThqAAwQC
uUZsAwQBw/V2MA8EAgACMAkDBwAqAxJAAAAwDQYJKoZIhvcNAQELBQADggEBACEV
3fdv4ueaJoe7/iAhGQSNjUSCSoPFYNCTDrgA2HgpyjyUEZ//GLxWkmL9qeFSUpWr
0eyZ4/ozgxCBT3aOmgHFtFEt4NA9RCjikUarfypSNtEzYse6nFtxuDl8jP082Ray
G4sBs02V/znaX1iT1xY6l/uclIoauM2hD13cRbCFLbdGHJ3GHB+OEQKrZvjFexUT
IOljmprAuFGrvWMH+Tc3h5Z9cH7RcCPoRA7XCDZ4+jsKszC82wVMixP+ywOS+MxG
1wkLfVJDskXwN3z/qqi/UN6tui+a+aMR0jIeVNOH49jrzDyrxOLtLnQoqS8z4mlD
SeBSiIRHbwxIX1PS46w=
-----END CERTIFICATE-----
Generated at Sun Jun 2 05:10:08 2024 by rpki-client on console-fra.rpki-client.org