Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/2pAru1Er-omNMzjpXxXX5QCu9dw.roa
File: 2pAru1Er-omNMzjpXxXX5QCu9dw.roa (raw, json)
Hash identifier: jzotIQOGmOcfuIo5BOobmbaMoQA+VeTDZv3ZUSQumFI=
Subject key identifier: DA:90:2B:BB:51:2B:FA:89:8D:33:38:E9:5F:15:D7:E5:00:AE:F5:DC
Certificate issuer: /CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Certificate serial: 018CC6B8A0E4AA530692654A0EFAA78F79A1
Authority key identifier: 04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/2pAru1Er-omNMzjpXxXX5QCu9dw.roa
Signing time: Mon 01 Jan 2024 20:30:37 +0000
ROA not before: Mon 01 Jan 2024 20:30:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6672
IP address blocks: 37.202.8.0/21 maxlen: 21
212.113.96.0/19 maxlen: 24
2a02:9d8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.mft
rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 23:23:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:a0:e4:aa:53:06:92:65:4a:0e:fa:a7:8f:79:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=04cbe5b4623dab42f15a905002db7ce62e854f29
Validity
Not Before: Jan 1 20:30:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da902bbb512bfa898d3338e95f15d7e500aef5dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:b3:96:da:73:0f:d0:4f:1a:ad:7b:93:5d:03:
e9:0d:ca:da:0b:de:1b:9e:ff:e6:0b:3b:f5:f0:32:
18:5f:42:e8:7d:05:a8:34:dd:94:0b:4c:32:6c:13:
ec:9c:7d:37:2a:71:76:16:bf:8d:7f:43:48:a7:da:
f3:d8:b1:e2:2e:4e:d6:77:e7:27:09:db:d8:58:7c:
89:3f:c4:10:9c:e7:c8:80:b9:00:c8:56:7f:d8:18:
0e:69:fa:0d:f1:be:b2:57:ab:26:d9:7a:74:79:ec:
a9:f0:02:06:8e:5b:05:20:52:99:a4:58:0b:7a:d6:
6d:f4:2b:c7:03:96:e0:f2:fd:30:80:21:e8:70:4f:
56:e1:14:5a:f8:39:c8:6f:1c:47:b5:11:2d:65:d0:
ab:30:8a:c3:32:47:82:7f:d5:21:1a:5d:cb:10:08:
e6:fd:f5:18:56:5e:4f:0b:8e:04:8f:9b:6b:80:c0:
10:61:88:c6:9a:f7:c6:d0:42:25:ee:0f:74:d0:f3:
67:f7:8c:5d:3a:1e:24:ed:8d:6a:57:a8:62:47:d2:
85:01:52:0b:9c:54:d2:f1:ea:0d:de:18:d8:04:7b:
d2:44:19:28:86:46:d5:4f:0f:31:fe:90:a0:2d:e5:
0e:69:01:d6:f3:9c:26:ae:3f:20:88:58:22:0b:90:
98:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:90:2B:BB:51:2B:FA:89:8D:33:38:E9:5F:15:D7:E5:00:AE:F5:DC
X509v3 Authority Key Identifier:
keyid:04:CB:E5:B4:62:3D:AB:42:F1:5A:90:50:02:DB:7C:E6:2E:85:4F:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BMvltGI9q0LxWpBQAtt85i6FTyk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/2pAru1Er-omNMzjpXxXX5QCu9dw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/31/3d3a2d-a039-46f4-8687-057817ba9fb7/1/BMvltGI9q0LxWpBQAtt85i6FTyk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.8.0/21
212.113.96.0/19
IPv6:
2a02:9d8::/32
Signature Algorithm: sha256WithRSAEncryption
30:1d:a7:33:ee:94:5d:b6:bd:03:af:25:ad:4f:88:ff:24:09:
3b:e0:ac:93:15:be:73:ce:7c:5d:a9:70:a2:ce:a2:74:44:f7:
58:f0:a3:72:62:ec:5a:76:e9:40:37:bf:d7:65:54:f1:91:f1:
74:95:6b:06:b0:b6:35:d1:0c:a1:0d:f9:52:2c:41:68:8c:af:
9d:d4:50:9d:57:ca:81:77:f2:b6:e6:cd:89:c7:a8:c3:67:b0:
31:87:e9:c8:8d:37:70:33:30:6b:1e:4c:de:7f:2e:3c:98:7e:
4b:d9:69:85:9e:2c:03:6c:91:63:15:62:d9:11:67:8b:0e:ba:
cd:6f:93:78:db:e3:09:9d:67:b9:d1:e1:2f:95:53:2e:90:e2:
0f:40:cf:23:53:a4:f2:2d:cd:0d:cd:80:0f:fe:13:b3:cd:93:
3a:0b:35:cf:df:26:4b:f1:3e:f6:8e:10:0c:3a:d4:a1:4c:20:
60:aa:8f:14:05:42:d4:cf:3f:54:92:90:bb:56:d0:aa:f2:1a:
6d:45:e0:bf:1b:4f:cf:13:6d:74:96:3a:a2:8d:90:e0:dc:eb:
36:46:bf:8b:64:32:1d:e4:73:6d:b3:27:37:9e:53:a0:0b:aa:
1f:d2:e9:df:88:6d:d0:ba:b6:cb:d9:60:96:fa:a3:de:51:7e:
5a:e3:e4:71
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzGuKDkqlMGkmVKDvqnj3mhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA0Y2JlNWI0NjIzZGFiNDJmMTVhOTA1MDAyZGI3Y2U2MmU4
NTRmMjkwHhcNMjQwMTAxMjAzMDM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTkwMmJiYjUxMmJmYTg5OGQzMzM4ZTk1ZjE1ZDdlNTAwYWVmNWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4rOW2nMP0E8arXuTXQPpDcraC94b
nv/mCzv18DIYX0LofQWoNN2UC0wybBPsnH03KnF2Fr+Nf0NIp9rz2LHiLk7Wd+cn
CdvYWHyJP8QQnOfIgLkAyFZ/2BgOafoN8b6yV6sm2Xp0eeyp8AIGjlsFIFKZpFgL
etZt9CvHA5bg8v0wgCHocE9W4RRa+DnIbxxHtREtZdCrMIrDMkeCf9UhGl3LEAjm
/fUYVl5PC44Ej5trgMAQYYjGmvfG0EIl7g900PNn94xdOh4k7Y1qV6hiR9KFAVIL
nFTS8eoN3hjYBHvSRBkohkbVTw8x/pCgLeUOaQHW85wmrj8giFgiC5CYswIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNqQK7tRK/qJjTM46V8V1+UArvXcMB8GA1UdIwQY
MBaAFATL5bRiPatC8VqQUALbfOYuhU8pMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODct
MDU3ODE3YmE5ZmI3LzEvMnBBcnUxRXItb21OTXpqcFh4WFg1UUN1OWR3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMS8zZDNhMmQtYTAzOS00NmY0LTg2ODctMDU3ODE3YmE5ZmI3
LzEvQk12bHRHSTlxMEx4V3BCUUF0dDg1aTZGVHlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDJcoIAwQF
1HFgMA0EAgACMAcDBQAqAgnYMA0GCSqGSIb3DQEBCwUAA4IBAQAwHacz7pRdtr0D
ryWtT4j/JAk74KyTFb5zznxdqXCizqJ0RPdY8KNyYuxadulAN7/XZVTxkfF0lWsG
sLY10QyhDflSLEFojK+d1FCdV8qBd/K25s2Jx6jDZ7Axh+nIjTdwMzBrHkzefy48
mH5L2WmFniwDbJFjFWLZEWeLDrrNb5N42+MJnWe50eEvlVMukOIPQM8jU6TyLc0N
zYAP/hOzzZM6CzXP3yZL8T72jhAMOtShTCBgqo8UBULUzz9UkpC7VtCq8hptReC/
G0/PE210ljqijZDg3Os2Rr+LZDId5HNtsyc3nlOgC6of0unfiG3QurbL2WCW+qPe
UX5a4+Rx
-----END CERTIFICATE-----
Generated at Tue Nov 26 02:54:49 2024 by rpki-client on console-fra.rpki-client.org