Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/fT2Il8eVe4lx4caJq-CCsZZkO6o.roa
File: fT2Il8eVe4lx4caJq-CCsZZkO6o.roa (raw, json)
Hash identifier: 7jcm6BFsJKVvBR9XTLjUZMDCy7bPcD+AjvAPi46OdMM=
Subject key identifier: 7D:3D:88:97:C7:95:7B:89:71:E1:C6:89:AB:E0:82:B1:96:64:3B:AA
Certificate issuer: /CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Certificate serial: 019015F1ED3C136F47D41F54F46A73D81826
Authority key identifier: BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/fT2Il8eVe4lx4caJq-CCsZZkO6o.roa
Signing time: Fri 14 Jun 2024 08:51:34 +0000
ROA not before: Fri 14 Jun 2024 08:51:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50606
IP address blocks: 109.232.28.0/22 maxlen: 22
185.56.172.0/22 maxlen: 22
185.215.72.0/23 maxlen: 23
193.42.154.0/24 maxlen: 24
194.126.233.0/24 maxlen: 24
194.126.245.0/24 maxlen: 24
194.126.251.0/24 maxlen: 24
194.127.97.0/24 maxlen: 24
213.92.128.0/19 maxlen: 32
213.156.100.0/22 maxlen: 22
2a02:54e0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.mft
rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 02:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:15:f1:ed:3c:13:6f:47:d4:1f:54:f4:6a:73:d8:18:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc4703e08ca0d6a310cbc643ffcb307ff6cdc65c
Validity
Not Before: Jun 14 08:51:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7d3d8897c7957b8971e1c689abe082b196643baa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:63:34:0c:76:71:c3:c8:3f:72:15:8f:e4:9c:
14:33:c6:63:f4:c0:5b:95:d2:c9:6f:01:2b:00:fc:
88:8b:92:3a:a8:9a:1a:d2:54:89:fe:bd:70:eb:3a:
40:3d:ba:b3:41:79:49:f0:1c:e9:68:9d:42:75:b1:
98:f0:dd:88:aa:fe:b8:12:a5:c8:ce:65:4f:e2:47:
6e:e9:ee:59:ac:de:2b:9e:c5:c4:5a:77:ec:5b:cb:
10:f1:e3:4b:f6:44:01:c7:66:48:e4:e1:6f:d4:56:
c0:6a:fa:3e:aa:18:a5:49:1f:46:be:84:a0:e4:e9:
ac:19:73:2a:4e:e6:f0:02:30:7a:a2:20:47:5f:0e:
43:1e:ce:26:00:ca:95:08:0d:c8:8a:87:5e:9e:9a:
92:2e:41:a1:f5:f4:df:9a:a5:f4:04:19:25:08:d0:
ed:02:ce:84:24:f9:46:46:6a:27:b9:c5:d8:6c:2e:
aa:f9:64:c1:a1:2d:b8:e4:ce:46:09:85:0c:da:b0:
5b:b8:6f:be:79:66:20:93:7c:d8:6f:f8:65:0c:73:
90:98:9a:e5:2b:2e:9e:e8:c6:1c:83:e6:b9:e5:9c:
8d:00:e7:c7:73:89:5d:2e:ae:04:c4:78:83:f1:89:
8b:34:c6:5b:dd:1e:9b:3a:b1:d1:d4:c1:b8:74:73:
dc:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:3D:88:97:C7:95:7B:89:71:E1:C6:89:AB:E0:82:B1:96:64:3B:AA
X509v3 Authority Key Identifier:
keyid:BC:47:03:E0:8C:A0:D6:A3:10:CB:C6:43:FF:CB:30:7F:F6:CD:C6:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/fT2Il8eVe4lx4caJq-CCsZZkO6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/863ba0-0476-43d7-8be7-66eda228fec7/1/vEcD4Iyg1qMQy8ZD_8swf_bNxlw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.232.28.0/22
185.56.172.0/22
185.215.72.0/23
193.42.154.0/24
194.126.233.0/24
194.126.245.0/24
194.126.251.0/24
194.127.97.0/24
213.92.128.0/19
213.156.100.0/22
IPv6:
2a02:54e0::/29
Signature Algorithm: sha256WithRSAEncryption
98:83:16:f7:e5:74:13:5e:47:01:9d:cd:47:d2:3b:34:1a:cd:
51:4a:9c:7f:77:b8:84:72:3e:72:ce:94:25:5c:0d:c1:7c:e6:
a5:0c:87:6d:77:cf:9b:9f:b6:e5:3f:b3:5b:9a:c9:0b:d8:00:
45:44:3e:6e:68:51:a2:6a:a1:9f:8d:bd:c8:1e:6a:d5:84:0c:
70:52:0d:0e:5a:17:59:74:99:9a:d2:dc:81:77:9b:5e:a0:a6:
f8:45:eb:9c:6b:2f:67:cf:e1:f6:db:11:7f:8d:69:9a:db:5e:
41:00:93:95:27:cd:35:6b:84:00:ce:74:1f:74:75:8b:bf:c9:
4f:e9:80:b1:be:80:f2:17:7a:e2:cf:1a:81:1d:ed:b6:36:c2:
45:33:b1:6b:15:bb:1b:d1:17:cd:b9:43:95:dd:35:3a:21:b0:
32:70:9b:55:c8:02:a7:0a:44:d6:20:c5:c8:ed:13:49:b2:2c:
77:c7:0b:cb:23:66:15:de:50:12:2c:70:0e:cf:9d:a2:d9:49:
ff:b5:e6:39:e2:54:e1:76:60:34:66:ff:e5:ea:57:7a:98:4f:
e2:ea:ce:a0:66:79:98:04:40:82:f8:45:ca:a6:62:4f:51:91:
4b:8e:22:55:17:98:4e:c7:c6:46:5f:18:7a:a3:f7:c0:08:58:
21:0e:08:c7
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZAV8e08E29H1B9U9Gpz2BgmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDcwM2UwOGNhMGQ2YTMxMGNiYzY0M2ZmY2IzMDdmZjZj
ZGM2NWMwHhcNMjQwNjE0MDg1MTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZDNkODg5N2M3OTU3Yjg5NzFlMWM2ODlhYmUwODJiMTk2NjQzYmFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnWM0DHZxw8g/chWP5JwUM8Zj9MBb
ldLJbwErAPyIi5I6qJoa0lSJ/r1w6zpAPbqzQXlJ8BzpaJ1CdbGY8N2Iqv64EqXI
zmVP4kdu6e5ZrN4rnsXEWnfsW8sQ8eNL9kQBx2ZI5OFv1FbAavo+qhilSR9GvoSg
5OmsGXMqTubwAjB6oiBHXw5DHs4mAMqVCA3IiodenpqSLkGh9fTfmqX0BBklCNDt
As6EJPlGRmonucXYbC6q+WTBoS245M5GCYUM2rBbuG++eWYgk3zYb/hlDHOQmJrl
Ky6e6MYcg+a55ZyNAOfHc4ldLq4ExHiD8YmLNMZb3R6bOrHR1MG4dHPcwwIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFH09iJfHlXuJceHGiavggrGWZDuqMB8GA1UdIwQY
MBaAFLxHA+CMoNajEMvGQ//LMH/2zcZcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTct
NjZlZGEyMjhmZWM3LzEvZlQySWw4ZVZlNGx4NGNhSnEtQ0NzWlprTzZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy84NjNiYTAtMDQ3Ni00M2Q3LThiZTctNjZlZGEyMjhmZWM3
LzEvdkVjRDRJeWcxcU1ReThaRF84c3dmX2JOeGx3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQCbegcAwQC
uTisAwQBuddIAwQAwSqaAwQAwn7pAwQAwn71AwQAwn77AwQAwn9hAwQF1VyAAwQC
1ZxkMA0EAgACMAcDBQMqAlTgMA0GCSqGSIb3DQEBCwUAA4IBAQCYgxb35XQTXkcB
nc1H0js0Gs1RSpx/d7iEcj5yzpQlXA3BfOalDIdtd8+bn7blP7NbmskL2ABFRD5u
aFGiaqGfjb3IHmrVhAxwUg0OWhdZdJma0tyBd5teoKb4Reucay9nz+H22xF/jWma
215BAJOVJ801a4QAznQfdHWLv8lP6YCxvoDyF3rizxqBHe22NsJFM7FrFbsb0RfN
uUOV3TU6IbAycJtVyAKnCkTWIMXI7RNJsix3xwvLI2YV3lASLHAOz52i2Un/teY5
4lThdmA0Zv/l6ld6mE/i6s6gZnmYBECC+EXKpmJPUZFLjiJVF5hOx8ZGXxh6o/fA
CFghDgjH
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:55:27 2024 by rpki-client on console-fra.rpki-client.org