Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/2c2e61-7279-483c-8475-9bf19d84220f/1/f2jOnly8IUE34mBicBRihkGivuU.roa
File: f2jOnly8IUE34mBicBRihkGivuU.roa (raw, json)
Hash identifier: 0BiNawE17Iv0+A5o06G84Tx37cptRUf6nzW2ythloA0=
Subject key identifier: 7F:68:CE:9E:5C:BC:21:41:37:E2:60:62:70:14:62:86:41:A2:BE:E5
Certificate issuer: /CN=f899aea56f50ff8f4342cbee2af2f288a168c930
Certificate serial: 018CC7275530DB643915AD67C39A98C1ED54
Authority key identifier: F8:99:AE:A5:6F:50:FF:8F:43:42:CB:EE:2A:F2:F2:88:A1:68:C9:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-JmupW9Q_49DQsvuKvLyiKFoyTA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/2c2e61-7279-483c-8475-9bf19d84220f/1/f2jOnly8IUE34mBicBRihkGivuU.roa
Signing time: Mon 01 Jan 2024 22:31:32 +0000
ROA not before: Mon 01 Jan 2024 22:31:32 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62412
IP address blocks: 185.183.220.0/22 maxlen: 24
193.202.122.0/24 maxlen: 24
193.31.68.0/22 maxlen: 24
45.150.216.0/22 maxlen: 24
188.214.240.0/23 maxlen: 24
185.36.208.0/23 maxlen: 24
2a0b:1f80::/29 maxlen: 64
2a0b:2f80::/29 maxlen: 64
2a0f:4f00::/29 maxlen: 64
2a0f:f940::/29 maxlen: 64
2a0d:5fc0::/29 maxlen: 64
2a04:6c00::/29 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/2c2e61-7279-483c-8475-9bf19d84220f/1/1-JmupW9Q_49DQsvuKvLyiKFoyTA.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/2c2e61-7279-483c-8475-9bf19d84220f/1/1-JmupW9Q_49DQsvuKvLyiKFoyTA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-JmupW9Q_49DQsvuKvLyiKFoyTA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 19 May 2024 11:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:55:30:db:64:39:15:ad:67:c3:9a:98:c1:ed:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f899aea56f50ff8f4342cbee2af2f288a168c930
Validity
Not Before: Jan 1 22:31:32 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=7f68ce9e5cbc214137e260627014628641a2bee5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5a:5d:c2:0a:47:0c:b7:30:46:fc:8a:6d:7e:
dd:f7:d7:cf:18:78:14:ab:02:7a:4d:13:25:c4:34:
2b:f6:6c:53:59:84:a7:9b:b8:8e:a2:e5:f9:1b:c8:
34:99:e5:ac:8a:58:b4:c3:4c:66:f6:0c:8a:47:f0:
03:c4:46:f4:58:e3:f2:8e:47:4f:fb:fa:af:e8:79:
74:ad:18:e4:d8:5e:b4:ad:ae:17:c4:72:6e:b6:a3:
ba:9b:b1:a6:ee:e3:2d:00:84:e4:22:51:c6:84:86:
d4:81:50:cd:90:55:ed:55:3f:33:27:1b:c1:f6:00:
f8:aa:e5:c9:e4:46:09:e1:1b:f2:7d:e9:b2:c6:97:
ed:ec:02:ba:96:d6:f1:24:27:39:a6:0f:b7:a7:39:
69:d2:ba:ad:48:7a:f4:e0:f0:f8:cf:51:5c:04:df:
91:5f:0d:a4:61:61:5e:4c:89:bd:19:a4:8f:8e:07:
3b:31:64:a1:ad:5f:24:8d:98:5f:e4:c3:2c:42:83:
8c:c1:fc:54:08:ca:b6:80:2f:94:52:74:15:96:ba:
a4:ec:25:cd:70:16:06:13:90:4d:5c:39:96:93:90:
70:f6:a3:ff:31:c6:d0:7d:f5:10:de:63:97:76:3c:
28:c1:c7:6b:65:02:1f:6f:3f:ed:18:c2:47:52:64:
ab:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:68:CE:9E:5C:BC:21:41:37:E2:60:62:70:14:62:86:41:A2:BE:E5
X509v3 Authority Key Identifier:
keyid:F8:99:AE:A5:6F:50:FF:8F:43:42:CB:EE:2A:F2:F2:88:A1:68:C9:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-JmupW9Q_49DQsvuKvLyiKFoyTA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/2c2e61-7279-483c-8475-9bf19d84220f/1/f2jOnly8IUE34mBicBRihkGivuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/2c2e61-7279-483c-8475-9bf19d84220f/1/1-JmupW9Q_49DQsvuKvLyiKFoyTA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.150.216.0/22
185.36.208.0/23
185.183.220.0/22
188.214.240.0/23
193.31.68.0/22
193.202.122.0/24
IPv6:
2a04:6c00::/29
2a0b:1f80::/29
2a0b:2f80::/29
2a0d:5fc0::/29
2a0f:4f00::/29
2a0f:f940::/29
Signature Algorithm: sha256WithRSAEncryption
8d:63:aa:5a:9f:48:41:03:1a:13:cb:10:f3:04:3b:10:98:96:
a6:f8:26:b5:7c:50:25:db:c6:cf:81:7d:c0:11:4b:4f:54:e0:
81:73:82:54:91:b7:8b:96:31:86:94:49:dd:80:9a:ea:c7:e1:
42:51:44:ed:9e:f3:db:33:69:93:d3:3a:aa:9c:1b:76:f3:c4:
2f:36:e9:d5:4c:c7:c7:85:89:32:7b:22:86:d9:9a:05:3d:1d:
e2:4b:c1:74:69:1d:19:23:af:fb:8a:a3:a9:61:da:9c:13:ea:
a9:c1:0d:6f:43:74:61:a8:6a:4a:e7:0f:03:14:6f:99:b6:b5:
ba:3c:28:3d:59:8d:0b:c0:5a:a8:94:12:56:7f:de:f0:1b:89:
39:65:93:4a:00:21:2b:ae:e8:c8:7c:31:92:a6:51:f6:10:60:
5d:f5:cc:70:bd:cc:56:82:85:ed:0c:bc:e3:37:b2:3f:34:3a:
9f:67:79:c9:d8:7f:c8:c9:d3:25:bb:12:7e:de:71:84:a0:d5:
e5:fd:34:e9:18:8f:46:ea:f0:ca:b9:82:b9:c4:33:80:25:6b:
66:28:4e:f2:d4:9c:69:d2:65:28:4d:91:14:ca:f4:81:c3:d1:
0e:14:8e:71:25:a9:4c:9c:e5:21:e3:63:d7:4a:79:f0:f1:9f:
c4:2d:0f:5f
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAYzHJ1Uw22Q5Fa1nw5qYwe1UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY4OTlhZWE1NmY1MGZmOGY0MzQyY2JlZTJhZjJmMjg4YTE2
OGM5MzAwHhcNMjQwMTAxMjIzMTMyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZjY4Y2U5ZTVjYmMyMTQxMzdlMjYwNjI3MDE0NjI4NjQxYTJiZWU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1pdwgpHDLcwRvyKbX7d99fPGHgU
qwJ6TRMlxDQr9mxTWYSnm7iOouX5G8g0meWsili0w0xm9gyKR/ADxEb0WOPyjkdP
+/qv6Hl0rRjk2F60ra4XxHJutqO6m7Gm7uMtAITkIlHGhIbUgVDNkFXtVT8zJxvB
9gD4quXJ5EYJ4Rvyfemyxpft7AK6ltbxJCc5pg+3pzlp0rqtSHr04PD4z1FcBN+R
Xw2kYWFeTIm9GaSPjgc7MWShrV8kjZhf5MMsQoOMwfxUCMq2gC+UUnQVlrqk7CXN
cBYGE5BNXDmWk5Bw9qP/McbQffUQ3mOXdjwowcdrZQIfbz/tGMJHUmSrUQIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFH9ozp5cvCFBN+JgYnAUYoZBor7lMB8GA1UdIwQY
MBaAFPiZrqVvUP+PQ0LL7iry8oihaMkwMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1KbXVwVzlRXzQ5RFFzdnVLdkx5aUtGb3lUQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNDYvMmMyZTYxLTcyNzktNDgzYy04NDc1
LTliZjE5ZDg0MjIwZi8xL2Yyak9ubHk4SVVFMzRtQmljQlJpaGtHaXZ1VS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDYvMmMyZTYxLTcyNzktNDgzYy04NDc1LTliZjE5ZDg0MjIw
Zi8xLzEtSm11cFc5UV80OURRc3Z1S3ZMeWlLRm95VEEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwbwYIKwYBBQUHAQcBAf8EYDBeMCoEAgABMCQDBAItltgD
BAG5JNADBAK5t9wDBAG81vADBALBH0QDBADBynowMAQCAAIwKgMFAyoEbAADBQMq
Cx+AAwUDKgsvgAMFAyoNX8ADBQMqD08AAwUDKg/5QDANBgkqhkiG9w0BAQsFAAOC
AQEAjWOqWp9IQQMaE8sQ8wQ7EJiWpvgmtXxQJdvGz4F9wBFLT1TggXOCVJG3i5Yx
hpRJ3YCa6sfhQlFE7Z7z2zNpk9M6qpwbdvPELzbp1UzHx4WJMnsihtmaBT0d4kvB
dGkdGSOv+4qjqWHanBPqqcENb0N0YahqSucPAxRvmba1ujwoPVmNC8BaqJQSVn/e
8BuJOWWTSgAhK67oyHwxkqZR9hBgXfXMcL3MVoKF7Qy84zeyPzQ6n2d5ydh/yMnT
JbsSft5xhKDV5f006RiPRurwyrmCucQzgCVrZihO8tScadJlKE2RFMr0gcPRDhSO
cSWpTJzlIeNj10p58PGfxC0PXw==
-----END CERTIFICATE-----
Generated at Sat May 18 13:46:42 2024 by rpki-client on console-fra.rpki-client.org