Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/2xWAM323VhW5BcDQjzTCzhJL3pQ.roa
File: 2xWAM323VhW5BcDQjzTCzhJL3pQ.roa (raw, json)
Hash identifier: IYAlhwPYXmJWwi4Onn6w8/JBhS/fplI9a7cE4LOs8BA=
Subject key identifier: DB:15:80:33:7D:B7:56:15:B9:05:C0:D0:8F:34:C2:CE:12:4B:DE:94
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0192B5E7C05E775513F00C9E99FAE72112D7
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/2xWAM323VhW5BcDQjzTCzhJL3pQ.roa
Signing time: Tue 22 Oct 2024 20:25:17 +0000
ROA not before: Tue 22 Oct 2024 20:25:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207713
IP address blocks: 2.59.161.0/24 maxlen: 24
62.133.60.0/22 maxlen: 24
62.133.61.0/24 maxlen: 24
194.156.102.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 02:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b5:e7:c0:5e:77:55:13:f0:0c:9e:99:fa:e7:21:12:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Oct 22 20:25:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db1580337db75615b905c0d08f34c2ce124bde94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:77:4b:35:e7:90:aa:30:0b:72:4a:e7:ea:59:
76:f2:a5:a5:b0:d7:cf:e3:b2:bb:19:b9:e6:b9:a5:
7d:9f:12:94:7c:ca:35:f7:55:58:3f:93:58:b9:3f:
a0:4e:b3:bb:8e:04:53:b0:d8:c1:2b:d0:16:fb:f5:
10:f6:79:2e:fa:8a:cf:39:80:cc:cd:69:b9:cb:0d:
d4:62:11:30:53:aa:e0:bb:ed:ed:85:a7:7f:23:a9:
93:af:7c:82:ec:36:f2:df:cb:9f:69:9d:da:5b:3d:
4b:5f:f4:69:db:7b:ce:a2:a2:16:04:5c:3f:54:80:
78:5f:75:d7:41:6d:31:0d:90:95:72:e4:85:3c:7a:
b1:21:23:49:f5:bb:da:47:a9:b8:c2:75:4c:23:86:
2c:9e:cb:b6:13:84:05:8f:79:2a:3c:d1:c8:2f:f5:
30:76:3c:7c:c6:ce:b7:49:af:85:41:8f:70:03:a9:
29:9f:94:f1:00:3c:f1:e9:9d:3c:be:fb:db:b9:44:
5b:52:e8:e2:9c:db:63:9c:ee:6b:ad:91:9d:f1:45:
d2:d7:11:30:06:fc:ac:eb:99:ab:14:f3:d1:31:f8:
8b:82:62:10:a1:27:60:b9:b8:8e:4b:24:52:1d:a3:
1d:21:26:33:7c:6c:00:95:d6:0e:13:16:2d:7a:45:
90:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:15:80:33:7D:B7:56:15:B9:05:C0:D0:8F:34:C2:CE:12:4B:DE:94
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/2xWAM323VhW5BcDQjzTCzhJL3pQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.161.0/24
62.133.60.0/22
194.156.102.0/24
Signature Algorithm: sha256WithRSAEncryption
19:96:2e:7b:e2:89:a1:66:94:d9:fc:ba:4f:62:db:da:a4:43:
78:cf:a7:01:c5:5f:99:91:85:c4:75:5d:f4:4a:78:18:a7:cd:
26:d6:92:df:e4:94:f6:51:2e:de:7a:97:d7:da:97:0a:ce:35:
b0:c4:9b:9e:8f:b6:d3:f9:38:20:98:8b:ba:86:cb:da:45:bc:
d3:b2:5a:e1:a8:3d:0e:68:86:0a:9b:ed:24:b7:28:04:54:ab:
bf:42:e9:b7:e6:d8:ed:eb:c7:2b:8c:ae:0e:5c:d6:4e:db:3d:
17:4d:a9:79:e8:75:3c:ef:41:a9:9b:56:35:60:7f:57:ab:96:
70:e4:20:85:21:f2:8c:70:6c:98:9a:ae:e8:97:07:76:c4:ec:
01:d3:65:e7:c6:4e:3f:d7:cb:07:4e:17:48:98:de:b5:78:a0:
57:15:7e:0c:02:46:bf:19:02:8e:4d:e3:9f:ff:db:23:3e:62:
09:2e:e1:ef:b4:e2:b4:e1:6e:df:e7:85:f8:76:8d:06:b4:f4:
40:02:34:34:1e:1a:30:68:60:ab:20:e5:21:f8:0c:b7:6f:b5:
00:a8:ce:16:17:91:b7:d6:a5:06:0d:2f:84:20:64:74:97:3d:
b8:5a:55:2b:90:86:4b:c0:34:cd:07:a5:c0:28:8c:6a:4a:96:
b1:5d:63:6e
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZK158Bed1UT8AyemfrnIRLXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjQxMDIyMjAyNTE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjE1ODAzMzdkYjc1NjE1YjkwNWMwZDA4ZjM0YzJjZTEyNGJkZTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHdLNeeQqjALckrn6ll28qWlsNfP
47K7GbnmuaV9nxKUfMo191VYP5NYuT+gTrO7jgRTsNjBK9AW+/UQ9nku+orPOYDM
zWm5yw3UYhEwU6rgu+3thad/I6mTr3yC7Dby38ufaZ3aWz1LX/Rp23vOoqIWBFw/
VIB4X3XXQW0xDZCVcuSFPHqxISNJ9bvaR6m4wnVMI4Ysnsu2E4QFj3kqPNHIL/Uw
djx8xs63Sa+FQY9wA6kpn5TxADzx6Z08vvvbuURbUujinNtjnO5rrZGd8UXS1xEw
Bvys65mrFPPRMfiLgmIQoSdgubiOSyRSHaMdISYzfGwAldYOExYtekWQZwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNsVgDN9t1YVuQXA0I80ws4SS96UMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvMnhXQU0zMjNWaFc1QmNEUWp6VEN6aEpMM3BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjuhAwQC
PoU8AwQAwpxmMA0GCSqGSIb3DQEBCwUAA4IBAQAZli574omhZpTZ/LpPYtvapEN4
z6cBxV+ZkYXEdV30SngYp80m1pLf5JT2US7eepfX2pcKzjWwxJuej7bT+TggmIu6
hsvaRbzTslrhqD0OaIYKm+0ktygEVKu/Qum35tjt68crjK4OXNZO2z0XTal56HU8
70Gpm1Y1YH9Xq5Zw5CCFIfKMcGyYmq7olwd2xOwB02Xnxk4/18sHThdImN61eKBX
FX4MAka/GQKOTeOf/9sjPmIJLuHvtOK04W7f54X4do0GtPRAAjQ0HhowaGCrIOUh
+Ay3b7UAqM4WF5G31qUGDS+EIGR0lz24WlUrkIZLwDTNB6XAKIxqSpaxXWNu
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:48:56 2024 by rpki-client on console-ams.rpki-client.org