Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/P2yoMUy8wU2A2FrGf4P4pK7ktrQ.roa
File: P2yoMUy8wU2A2FrGf4P4pK7ktrQ.roa (raw, json)
Hash identifier: btYkZS5vMRZS8CkSkU3GjKN4hQnlTg4jm4B+Km/z6z4=
Subject key identifier: 3F:6C:A8:31:4C:BC:C1:4D:80:D8:5A:C6:7F:83:F8:A4:AE:E4:B6:B4
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 0193457A6723E20EE45E38CFA033CD382C76
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/P2yoMUy8wU2A2FrGf4P4pK7ktrQ.roa
Signing time: Tue 19 Nov 2024 17:31:09 +0000
ROA not before: Tue 19 Nov 2024 17:31:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 394814
IP address blocks: 94.131.80.0/20 maxlen: 24
94.131.182.0/23 maxlen: 24
94.131.184.0/22 maxlen: 22
95.164.144.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:12:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:45:7a:67:23:e2:0e:e4:5e:38:cf:a0:33:cd:38:2c:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Nov 19 17:31:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f6ca8314cbcc14d80d85ac67f83f8a4aee4b6b4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:52:52:79:f2:77:5f:a4:9d:e8:25:57:8f:5b:
b5:90:d1:e3:d0:4a:f3:73:a8:32:c6:2b:4e:8a:44:
ef:1e:4b:78:d7:46:f4:95:06:70:11:a0:51:3c:71:
df:3c:8b:c8:09:8d:8e:ed:1e:de:69:df:1b:4a:80:
6b:36:01:4f:40:e3:0b:98:de:0c:28:c3:49:ca:07:
a0:4f:2d:85:06:3c:4a:cb:b8:30:35:60:d6:58:80:
9c:49:53:1d:97:b9:44:27:96:b5:c7:70:f1:5c:5f:
ef:8e:37:47:6a:34:82:c0:3e:99:d0:02:e4:bb:ce:
07:07:1d:09:d7:05:68:d1:3a:94:06:e5:89:ec:3b:
8c:9c:a1:d5:92:8a:90:4c:d8:d1:ec:ce:5d:49:e0:
ee:96:64:95:20:2b:31:04:62:fe:7e:51:98:ca:25:
d8:10:f7:ee:78:8d:f8:68:7c:9a:ec:2b:f9:c1:dd:
76:fe:fe:4b:ba:c8:c5:b3:05:bd:27:19:49:67:b6:
44:82:c8:87:d7:b6:e5:b8:94:18:c2:73:d0:c0:85:
47:28:ad:8f:4b:8a:90:6e:07:cd:4d:f7:f0:08:f2:
1e:e0:99:5f:92:84:cd:a0:90:9a:28:2e:40:16:a3:
c1:14:e4:39:09:a2:36:70:0d:6e:30:cd:1e:d4:06:
5e:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:6C:A8:31:4C:BC:C1:4D:80:D8:5A:C6:7F:83:F8:A4:AE:E4:B6:B4
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/P2yoMUy8wU2A2FrGf4P4pK7ktrQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.80.0/20
94.131.182.0-94.131.187.255
95.164.144.0/20
Signature Algorithm: sha256WithRSAEncryption
72:15:20:40:82:ca:1a:b7:c3:55:fa:f9:e0:c5:ba:97:d7:68:
cf:3b:f6:ad:a0:08:e4:08:bb:50:2c:b8:f7:2a:a1:ac:3c:3f:
3a:a5:bf:db:fe:f6:63:2e:61:d1:14:09:eb:42:f9:30:db:79:
d3:e9:07:81:b0:ff:5c:36:02:7f:cd:e1:83:4c:c7:cf:5c:da:
52:6e:f3:f2:35:cd:e8:dd:be:78:82:2a:c7:31:6a:14:5a:8f:
c0:e2:ff:b5:21:f1:78:91:a8:38:d5:f7:ca:69:5f:c9:6b:42:
56:55:85:af:da:fe:4e:8a:30:7f:87:49:db:e4:08:2f:09:25:
72:88:d7:85:38:50:ad:cd:25:93:b2:46:e2:70:af:bb:06:0c:
3d:59:f4:ee:49:1b:e3:2c:10:9f:db:29:f7:25:8a:8d:57:19:
96:0d:ca:25:53:b9:88:57:c0:76:b8:fe:32:dd:75:e1:28:17:
05:06:88:8e:5a:e2:16:68:9b:95:c2:53:45:16:a3:6e:07:fc:
a6:8e:d8:f5:8d:9f:99:0f:ff:d4:d7:7c:27:b0:c5:d0:85:7a:
84:63:4e:d6:05:b7:d7:42:e9:ef:4f:06:45:f6:97:d7:11:9c:
73:79:34:da:4b:37:c1:6e:49:35:bd:b9:23:60:27:29:8d:3b:
a0:5f:94:e0
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZNFemcj4g7kXjjPoDPNOCx2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjQxMTE5MTczMTA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjZjYTgzMTRjYmNjMTRkODBkODVhYzY3ZjgzZjhhNGFlZTRiNmI0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmlJSefJ3X6Sd6CVXj1u1kNHj0Erz
c6gyxitOikTvHkt410b0lQZwEaBRPHHfPIvICY2O7R7ead8bSoBrNgFPQOMLmN4M
KMNJygegTy2FBjxKy7gwNWDWWICcSVMdl7lEJ5a1x3DxXF/vjjdHajSCwD6Z0ALk
u84HBx0J1wVo0TqUBuWJ7DuMnKHVkoqQTNjR7M5dSeDulmSVICsxBGL+flGYyiXY
EPfueI34aHya7Cv5wd12/v5LusjFswW9JxlJZ7ZEgsiH17bluJQYwnPQwIVHKK2P
S4qQbgfNTffwCPIe4JlfkoTNoJCaKC5AFqPBFOQ5CaI2cA1uMM0e1AZemwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFD9sqDFMvMFNgNhaxn+D+KSu5La0MB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvUDJ5b01VeTh3VTJBMkZyR2Y0UDRwSzdrdHJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQEXoNQMAwD
BAFeg7YDBAJeg7gDBARfpJAwDQYJKoZIhvcNAQELBQADggEBAHIVIECCyhq3w1X6
+eDFupfXaM879q2gCOQIu1AsuPcqoaw8Pzqlv9v+9mMuYdEUCetC+TDbedPpB4Gw
/1w2An/N4YNMx89c2lJu8/I1zejdvniCKscxahRaj8Di/7Uh8XiRqDjV98ppX8lr
QlZVha/a/k6KMH+HSdvkCC8JJXKI14U4UK3NJZOyRuJwr7sGDD1Z9O5JG+MsEJ/b
Kfclio1XGZYNyiVTuYhXwHa4/jLddeEoFwUGiI5a4hZom5XCU0UWo24H/KaO2PWN
n5kP/9TXfCewxdCFeoRjTtYFt9dC6e9PBkX2l9cRnHN5NNpLN8FuSTW9uSNgJymN
O6BflOA=
-----END CERTIFICATE-----
Generated at Mon Nov 25 18:09:47 2024 by rpki-client on console-fra.rpki-client.org