Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/a58bde-c461-483f-911b-d179881d0618/1/_ptP9NHhc0mdatLVypKARoK3seA.roa
File: _ptP9NHhc0mdatLVypKARoK3seA.roa (raw, json)
Hash identifier: Aq8dsfC+YOEQG1UlR+p7spNWHAiT+pWa4SaMlKVX6V4=
Subject key identifier: FE:9B:4F:F4:D1:E1:73:49:9D:6A:D2:D5:CA:92:80:46:82:B7:B1:E0
Certificate issuer: /CN=bbd932f7064b1fde9a1225f332779fc22e673239
Certificate serial: 018CC3B6E7806DAD1C7BCE61A7858D5DE29B
Authority key identifier: BB:D9:32:F7:06:4B:1F:DE:9A:12:25:F3:32:77:9F:C2:2E:67:32:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u9ky9wZLH96aEiXzMnefwi5nMjk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/a58bde-c461-483f-911b-d179881d0618/1/_ptP9NHhc0mdatLVypKARoK3seA.roa
Signing time: Mon 01 Jan 2024 06:29:53 +0000
ROA not before: Mon 01 Jan 2024 06:29:53 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12605
IP address blocks: 212.33.32.0/19 maxlen: 19
90.146.0.0/17 maxlen: 17
90.146.0.0/16 maxlen: 16
185.196.156.0/22 maxlen: 22
81.10.128.0/17 maxlen: 17
90.146.128.0/17 maxlen: 17
212.241.64.0/18 maxlen: 18
86.56.128.0/17 maxlen: 17
2a00:cf8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/a58bde-c461-483f-911b-d179881d0618/1/u9ky9wZLH96aEiXzMnefwi5nMjk.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/a58bde-c461-483f-911b-d179881d0618/1/u9ky9wZLH96aEiXzMnefwi5nMjk.mft
rsync://rpki.ripe.net/repository/DEFAULT/u9ky9wZLH96aEiXzMnefwi5nMjk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 19:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:e7:80:6d:ad:1c:7b:ce:61:a7:85:8d:5d:e2:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bbd932f7064b1fde9a1225f332779fc22e673239
Validity
Not Before: Jan 1 06:29:53 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fe9b4ff4d1e173499d6ad2d5ca92804682b7b1e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:be:0a:1d:b4:16:ef:54:0f:1d:08:c9:2a:1a:
32:8f:45:0e:7a:f8:a1:34:ae:e5:71:88:78:ba:61:
57:62:8e:54:75:73:b1:43:74:7e:16:ae:54:71:47:
f8:b8:be:81:d9:ef:41:b6:1e:eb:00:93:a3:65:2a:
9d:95:32:a6:03:d4:77:8f:3c:5b:2b:ac:c5:93:1c:
41:bd:ea:8d:9d:57:9e:ca:31:8e:a6:37:51:04:5b:
05:cf:3f:30:14:9b:09:24:12:55:b1:9e:4e:64:1b:
e4:e7:18:e7:54:c3:a6:60:88:d6:05:1a:1f:d8:70:
38:29:16:b9:b8:91:fe:b7:9b:fb:3f:80:07:fb:ce:
7f:13:bb:1e:9e:ef:54:ed:24:b9:a1:d7:7a:2b:f4:
14:95:45:cf:4f:1b:c8:75:fb:14:a7:5d:fa:cd:e5:
cd:9d:38:16:64:03:9b:93:6b:0f:5f:05:16:7c:e2:
24:4a:11:81:3d:2f:ca:a0:de:35:84:71:4e:f3:31:
0c:21:8d:3c:2a:7c:0e:9a:f6:5c:36:82:2a:51:7b:
8b:95:fc:fa:e2:31:75:19:37:97:30:c3:16:a9:87:
03:43:51:d9:02:51:43:41:e0:be:ea:0d:21:98:41:
d4:f2:c3:67:c8:23:74:bf:bc:ab:f6:3b:cb:1f:c4:
98:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:9B:4F:F4:D1:E1:73:49:9D:6A:D2:D5:CA:92:80:46:82:B7:B1:E0
X509v3 Authority Key Identifier:
keyid:BB:D9:32:F7:06:4B:1F:DE:9A:12:25:F3:32:77:9F:C2:2E:67:32:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u9ky9wZLH96aEiXzMnefwi5nMjk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a58bde-c461-483f-911b-d179881d0618/1/_ptP9NHhc0mdatLVypKARoK3seA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/a58bde-c461-483f-911b-d179881d0618/1/u9ky9wZLH96aEiXzMnefwi5nMjk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.10.128.0/17
86.56.128.0/17
90.146.0.0/16
185.196.156.0/22
212.33.32.0/19
212.241.64.0/18
IPv6:
2a00:cf8::/32
Signature Algorithm: sha256WithRSAEncryption
a9:a4:53:ea:81:47:3d:29:b9:c2:d2:f4:66:dd:46:75:c6:09:
0d:17:4c:41:66:ef:17:49:7e:b7:a7:59:f3:ac:d9:81:0a:b7:
76:c3:ac:66:99:69:6a:63:96:7f:cb:95:e5:6f:47:b3:fe:6f:
3e:4e:42:84:5a:7d:91:23:c6:f2:41:6d:da:fa:81:03:fa:c3:
90:6d:c2:65:5a:27:41:92:6a:97:ff:61:96:83:bc:3a:46:c8:
27:50:28:8b:cf:24:e8:b5:90:ef:26:50:cd:ac:c4:dd:13:b8:
ea:7f:f5:c6:81:f1:13:5b:4d:ee:91:67:7a:28:c2:68:ee:5a:
6e:b8:5d:23:6a:99:5e:00:b6:a9:70:78:1d:78:e7:43:ea:66:
71:d8:c3:eb:e5:fe:92:97:81:5a:bc:1c:84:fb:c8:aa:a0:d8:
a1:ae:91:f7:9c:7c:bd:da:93:0b:90:23:d4:ef:0e:b2:ad:a9:
8a:51:4d:8a:5c:cf:2f:22:db:54:11:b4:b6:07:94:68:58:6f:
8e:38:88:a2:c9:ef:9a:5e:f7:9c:fb:f9:e5:b8:7f:66:17:9c:
20:d4:b0:11:32:68:68:07:c0:9c:96:57:ed:43:d1:ca:96:d5:
5f:7f:39:6e:4b:50:b9:64:47:1d:2e:ee:0c:4b:3e:34:2f:43:
c2:6d:ed:1d
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAYzDtueAba0ce85hp4WNXeKbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiZDkzMmY3MDY0YjFmZGU5YTEyMjVmMzMyNzc5ZmMyMmU2
NzMyMzkwHhcNMjQwMTAxMDYyOTUzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTliNGZmNGQxZTE3MzQ5OWQ2YWQyZDVjYTkyODA0NjgyYjdiMWUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj74KHbQW71QPHQjJKhoyj0UOevih
NK7lcYh4umFXYo5UdXOxQ3R+Fq5UcUf4uL6B2e9Bth7rAJOjZSqdlTKmA9R3jzxb
K6zFkxxBveqNnVeeyjGOpjdRBFsFzz8wFJsJJBJVsZ5OZBvk5xjnVMOmYIjWBRof
2HA4KRa5uJH+t5v7P4AH+85/E7senu9U7SS5odd6K/QUlUXPTxvIdfsUp136zeXN
nTgWZAObk2sPXwUWfOIkShGBPS/KoN41hHFO8zEMIY08KnwOmvZcNoIqUXuLlfz6
4jF1GTeXMMMWqYcDQ1HZAlFDQeC+6g0hmEHU8sNnyCN0v7yr9jvLH8SY6QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFP6bT/TR4XNJnWrS1cqSgEaCt7HgMB8GA1UdIwQY
MBaAFLvZMvcGSx/emhIl8zJ3n8IuZzI5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTlreTl3WkxIOTZhRWlYek1uZWZ3aTVuTWprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9hNThiZGUtYzQ2MS00ODNmLTkxMWIt
ZDE3OTg4MWQwNjE4LzEvX3B0UDlOSGhjMG1kYXRMVnlwS0FSb0szc2VBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9hNThiZGUtYzQ2MS00ODNmLTkxMWItZDE3OTg4MWQwNjE4
LzEvdTlreTl3WkxIOTZhRWlYek1uZWZ3aTVuTWprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjApBAIAATAjAwQHUQqAAwQH
VjiAAwMAWpIDBAK5xJwDBAXUISADBAbU8UAwDQQCAAIwBwMFACoADPgwDQYJKoZI
hvcNAQELBQADggEBAKmkU+qBRz0pucLS9GbdRnXGCQ0XTEFm7xdJfrenWfOs2YEK
t3bDrGaZaWpjln/LleVvR7P+bz5OQoRafZEjxvJBbdr6gQP6w5BtwmVaJ0GSapf/
YZaDvDpGyCdQKIvPJOi1kO8mUM2sxN0TuOp/9caB8RNbTe6RZ3oowmjuWm64XSNq
mV4AtqlweB1450PqZnHYw+vl/pKXgVq8HIT7yKqg2KGukfecfL3akwuQI9TvDrKt
qYpRTYpczy8i21QRtLYHlGhYb444iKLJ75pe95z7+eW4f2YXnCDUsBEyaGgHwJyW
V+1D0cqW1V9/OW5LULlkRx0u7gxLPjQvQ8Jt7R0=
-----END CERTIFICATE-----
Generated at Sun Jun 16 02:55:42 2024 by rpki-client on console-fra.rpki-client.org