Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2egXRgd8Gbv9M1XuCo3VpzUYvW4.roa
File: 2egXRgd8Gbv9M1XuCo3VpzUYvW4.roa (raw, json)
Hash identifier: Wza9puRNBYJzr8ra6CKWN9r9D+DXq9nrerSgKB/mZjI=
Subject key identifier: D9:E8:17:46:07:7C:19:BB:FD:33:55:EE:0A:8D:D5:A7:35:18:BD:6E
Certificate issuer: /CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Certificate serial: 0192F2736523B74E5DCFF394E6FF1F67756B
Authority key identifier: 4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2egXRgd8Gbv9M1XuCo3VpzUYvW4.roa
Signing time: Sun 03 Nov 2024 14:35:01 +0000
ROA not before: Sun 03 Nov 2024 14:35:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 64267
IP address blocks: 84.32.56.0/24 maxlen: 24
88.216.20.0/24 maxlen: 24
88.216.21.0/24 maxlen: 24
88.216.103.0/24 maxlen: 24
88.216.184.0/24 maxlen: 24
88.216.185.0/24 maxlen: 24
88.216.211.0/24 maxlen: 24
88.216.212.0/24 maxlen: 24
88.216.213.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 23:17:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:f2:73:65:23:b7:4e:5d:cf:f3:94:e6:ff:1f:67:75:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4fbd45fce356e2a65f1e4d1daf7814b6d6bda3c5
Validity
Not Before: Nov 3 14:35:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9e81746077c19bbfd3355ee0a8dd5a73518bd6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:77:6f:c6:ed:53:38:77:46:26:6c:22:f2:dc:
cb:0e:5a:b3:89:aa:fa:99:33:8e:79:c3:4b:a8:5d:
1d:e0:f7:f4:b9:ef:dd:8d:e0:e3:b8:a8:47:d4:6e:
0c:42:ff:ff:a4:0c:2a:8b:1c:a2:9e:58:a8:4e:a4:
2f:6f:12:00:2d:d6:10:34:fa:36:60:a8:85:b7:05:
3b:2e:1d:be:05:62:1a:d9:58:4a:46:01:61:92:03:
fd:82:c0:9b:af:81:09:83:44:ea:d8:59:df:62:0c:
04:8c:92:2a:3f:70:ff:70:d0:26:3b:26:df:4d:bc:
08:50:97:3e:08:b3:aa:ed:ca:7a:a7:e9:f9:63:9a:
6b:52:c5:53:31:84:d1:b4:1a:3a:8e:9c:2c:43:a7:
68:28:4b:d8:3b:f8:36:17:0a:ec:00:8c:51:96:34:
ac:3d:3f:48:10:8c:f0:5f:9c:b3:68:db:79:23:6c:
f5:37:b2:a6:b7:0d:c1:80:39:49:e4:04:09:0c:26:
e1:2e:47:14:52:6e:00:07:34:6b:c7:7d:b6:47:e3:
dd:aa:c3:c5:54:ea:d1:67:fa:49:79:7b:5e:f3:0f:
16:6d:67:60:af:d5:6b:8c:e5:f4:16:a5:ff:66:12:
9f:7b:b0:14:51:cf:f1:48:85:36:c5:58:04:69:9c:
4b:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:E8:17:46:07:7C:19:BB:FD:33:55:EE:0A:8D:D5:A7:35:18:BD:6E
X509v3 Authority Key Identifier:
keyid:4F:BD:45:FC:E3:56:E2:A6:5F:1E:4D:1D:AF:78:14:B6:D6:BD:A3:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/T71F_ONW4qZfHk0dr3gUtta9o8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/2egXRgd8Gbv9M1XuCo3VpzUYvW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/394c93-dca3-4bc5-8c9b-23481bf091c3/1/T71F_ONW4qZfHk0dr3gUtta9o8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.32.56.0/24
88.216.20.0/23
88.216.103.0/24
88.216.184.0/23
88.216.211.0-88.216.213.255
Signature Algorithm: sha256WithRSAEncryption
1f:3a:7c:0d:a8:4b:49:e5:e4:9d:31:3b:a1:c0:9d:a4:ea:f1:
02:a0:2d:40:61:fc:5c:98:eb:fa:a5:e5:82:b4:ef:df:3a:1a:
92:82:e4:89:be:6e:de:c8:d7:07:4c:c2:e2:24:0f:a9:4a:27:
5d:ea:64:f2:5b:de:43:92:f9:91:e6:5d:c6:ab:29:cb:b7:01:
df:f4:35:cf:a3:0b:9a:e2:18:f2:c4:18:50:14:3c:ec:f3:17:
14:08:54:4b:47:6a:8d:6b:53:df:ee:44:b1:64:ba:23:9d:5d:
a8:5b:86:1c:3e:8d:60:e2:37:57:c1:e6:02:ff:f5:d2:2f:52:
ff:88:4c:0e:5b:0d:d3:b7:ed:1e:5c:3e:f9:b8:1a:97:94:1c:
ae:a7:ff:0d:05:65:fc:37:00:bf:d0:da:90:5d:d5:66:3b:84:
7d:f7:89:91:af:7f:b3:98:75:63:a5:43:8c:4c:df:aa:e1:b4:
de:64:8c:e7:b3:20:ee:2c:6f:ec:f9:1d:02:02:7e:cc:48:0f:
e5:b1:bf:d2:58:a5:2c:04:d9:48:48:5e:0d:c6:5a:db:00:29:
f5:af:63:7f:68:10:4b:a7:c3:81:8a:d4:c5:96:db:bf:9b:21:
fa:45:5f:d7:55:a0:69:4a:00:40:8c:e9:10:1b:09:51:2a:70:
c3:d5:80:83
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZLyc2Ujt05dz/OU5v8fZ3VrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRmYmQ0NWZjZTM1NmUyYTY1ZjFlNGQxZGFmNzgxNGI2ZDZi
ZGEzYzUwHhcNMjQxMTAzMTQzNTAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWU4MTc0NjA3N2MxOWJiZmQzMzU1ZWUwYThkZDVhNzM1MThiZDZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtHdvxu1TOHdGJmwi8tzLDlqziar6
mTOOecNLqF0d4Pf0ue/djeDjuKhH1G4MQv//pAwqixyinlioTqQvbxIALdYQNPo2
YKiFtwU7Lh2+BWIa2VhKRgFhkgP9gsCbr4EJg0Tq2FnfYgwEjJIqP3D/cNAmOybf
TbwIUJc+CLOq7cp6p+n5Y5prUsVTMYTRtBo6jpwsQ6doKEvYO/g2FwrsAIxRljSs
PT9IEIzwX5yzaNt5I2z1N7Kmtw3BgDlJ5AQJDCbhLkcUUm4ABzRrx322R+PdqsPF
VOrRZ/pJeXte8w8WbWdgr9VrjOX0FqX/ZhKfe7AUUc/xSIU2xVgEaZxLyQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNnoF0YHfBm7/TNV7gqN1ac1GL1uMB8GA1UdIwQY
MBaAFE+9RfzjVuKmXx5NHa94FLbWvaPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWIt
MjM0ODFiZjA5MWMzLzEvMmVnWFJnZDhHYnY5TTFYdUNvM1ZwelVZdlc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8zOTRjOTMtZGNhMy00YmM1LThjOWItMjM0ODFiZjA5MWMz
LzEvVDcxRl9PTlc0cVpmSGswZHIzZ1V0dGE5bzhVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQAVCA4AwQB
WNgUAwQAWNhnAwQBWNi4MAwDBABY2NMDBAFY2NQwDQYJKoZIhvcNAQELBQADggEB
AB86fA2oS0nl5J0xO6HAnaTq8QKgLUBh/FyY6/ql5YK07986GpKC5Im+bt7I1wdM
wuIkD6lKJ13qZPJb3kOS+ZHmXcarKcu3Ad/0Nc+jC5riGPLEGFAUPOzzFxQIVEtH
ao1rU9/uRLFkuiOdXahbhhw+jWDiN1fB5gL/9dIvUv+ITA5bDdO37R5cPvm4GpeU
HK6n/w0FZfw3AL/Q2pBd1WY7hH33iZGvf7OYdWOlQ4xM36rhtN5kjOezIO4sb+z5
HQICfsxID+Wxv9JYpSwE2UhIXg3GWtsAKfWvY39oEEunw4GK1MWW27+bIfpFX9dV
oGlKAECM6RAbCVEqcMPVgIM=
-----END CERTIFICATE-----
Generated at Fri Nov 22 04:54:07 2024 by rpki-client on console-ams.rpki-client.org