Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2iMBF8z8oIXg2Bn2QnwGCrGaz4U.roa
File: 2iMBF8z8oIXg2Bn2QnwGCrGaz4U.roa (raw, json)
Hash identifier: l20Ln+In5VxPyqj6pclLtlb4flyk2aHDsK426HoZzek=
Subject key identifier: DA:23:01:17:CC:FC:A0:85:E0:D8:19:F6:42:7C:06:0A:B1:9A:CF:85
Certificate issuer: /CN=d89b44e2c057f01a99261f94bbf6da1bf1865f39
Certificate serial: 018CC4935CD8ED0AAA4A6BA2F63A6EAD1A92
Authority key identifier: D8:9B:44:E2:C0:57:F0:1A:99:26:1F:94:BB:F6:DA:1B:F1:86:5F:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2JtE4sBX8BqZJh-Uu_baG_GGXzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2iMBF8z8oIXg2Bn2QnwGCrGaz4U.roa
Signing time: Mon 01 Jan 2024 10:30:41 +0000
ROA not before: Mon 01 Jan 2024 10:30:41 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203321
IP address blocks: 94.142.254.0/24 maxlen: 24
2a12:5c40::/48 maxlen: 48
2a12:5c40:3::/48 maxlen: 48
2a12:5c40:1::/48 maxlen: 48
2a12:5c40:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/2JtE4sBX8BqZJh-Uu_baG_GGXzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c4:93:5c:d8:ed:0a:aa:4a:6b:a2:f6:3a:6e:ad:1a:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d89b44e2c057f01a99261f94bbf6da1bf1865f39
Validity
Not Before: Jan 1 10:30:41 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=da230117ccfca085e0d819f6427c060ab19acf85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:a0:1a:0a:1a:04:9e:99:e9:b4:dc:94:00:8d:
42:b8:58:31:42:4d:f2:60:40:16:f0:f5:16:1b:0b:
9c:73:6e:6f:43:2e:4c:19:85:66:d9:4f:3e:75:ca:
cd:e0:72:26:0a:a4:55:e0:1a:95:5c:f7:3d:bf:2a:
c3:60:a5:d9:92:13:b9:ec:46:68:83:33:82:b5:bd:
9f:25:99:e9:18:ec:72:da:f1:51:01:04:fc:52:0b:
cd:ff:c2:cd:89:22:fa:56:99:3b:7e:f0:1a:65:28:
c5:86:6a:ba:4b:17:f4:8b:2f:30:ed:af:5f:95:2c:
8a:86:eb:a5:a8:0b:c6:a1:8d:c6:e7:43:70:01:ec:
79:27:16:19:c6:ab:ac:a5:c1:8b:ed:ce:1e:7d:9f:
d9:c6:45:c8:db:a4:93:6e:a8:d0:ac:51:64:4f:94:
e0:ba:ae:3d:68:36:a0:53:65:d0:19:99:60:65:a0:
22:ac:bb:49:de:07:2e:9c:79:06:b0:a8:be:06:4f:
8d:8a:f2:92:ea:35:da:43:85:39:57:48:e6:02:27:
2b:0e:9e:11:8b:4b:23:76:e9:b0:0f:06:9a:81:fe:
a8:24:4c:30:88:08:7a:e3:49:82:4e:be:93:43:4e:
c4:ab:8c:5e:12:e7:2c:66:cc:1e:b8:d1:b6:47:69:
69:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:23:01:17:CC:FC:A0:85:E0:D8:19:F6:42:7C:06:0A:B1:9A:CF:85
X509v3 Authority Key Identifier:
keyid:D8:9B:44:E2:C0:57:F0:1A:99:26:1F:94:BB:F6:DA:1B:F1:86:5F:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2JtE4sBX8BqZJh-Uu_baG_GGXzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2iMBF8z8oIXg2Bn2QnwGCrGaz4U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/00a71e-def8-4a4f-a499-b60fbb14c19d/1/2JtE4sBX8BqZJh-Uu_baG_GGXzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.142.254.0/24
IPv6:
2a12:5c40::/46
Signature Algorithm: sha256WithRSAEncryption
69:65:16:f2:a1:f6:d9:5f:f7:f5:92:f2:01:80:d4:0f:3d:49:
d5:6d:28:36:f9:53:1e:90:b7:5d:83:07:b8:3c:76:4c:a9:02:
f4:f8:38:bf:ec:95:68:2a:a4:6a:fb:53:f5:c4:50:93:04:84:
cf:1e:2b:7a:49:ba:33:2f:db:ea:50:8e:36:97:78:16:e3:e1:
36:02:ee:85:2b:9b:cd:fd:aa:00:8a:dd:ca:ac:e3:62:2e:54:
63:f8:cc:d0:8e:d2:cd:d3:b4:c5:81:e4:42:83:94:21:d2:48:
a9:c0:65:6c:5a:d1:c6:83:50:6c:67:7d:cb:ff:8f:04:ca:20:
66:46:d7:a8:ef:f4:39:43:53:b9:be:e2:8f:9a:98:57:f4:51:
86:fd:9e:b5:d0:0c:16:be:62:d1:8a:ae:b9:74:b4:94:05:30:
15:d7:df:33:66:74:2c:c7:e1:6a:c1:c6:b8:cc:fc:49:ba:00:
97:bc:30:2c:1b:db:e2:99:4b:23:48:ef:d6:c7:13:d6:68:76:
58:7d:f6:fd:95:00:ce:22:22:86:d1:49:02:6c:8c:70:86:89:
54:3e:4b:11:88:f5:31:7e:61:57:23:23:75:c7:e6:a7:8f:38:
a4:6b:c5:d2:f4:84:56:35:14:21:8c:e9:18:ca:c8:b5:96:fe:
3b:20:89:41
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzEk1zY7QqqSmui9jpurRqSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4OWI0NGUyYzA1N2YwMWE5OTI2MWY5NGJiZjZkYTFiZjE4
NjVmMzkwHhcNMjQwMTAxMTAzMDQxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYTIzMDExN2NjZmNhMDg1ZTBkODE5ZjY0MjdjMDYwYWIxOWFjZjg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+KAaChoEnpnptNyUAI1CuFgxQk3y
YEAW8PUWGwucc25vQy5MGYVm2U8+dcrN4HImCqRV4BqVXPc9vyrDYKXZkhO57EZo
gzOCtb2fJZnpGOxy2vFRAQT8UgvN/8LNiSL6Vpk7fvAaZSjFhmq6Sxf0iy8w7a9f
lSyKhuulqAvGoY3G50NwAex5JxYZxquspcGL7c4efZ/ZxkXI26STbqjQrFFkT5Tg
uq49aDagU2XQGZlgZaAirLtJ3gcunHkGsKi+Bk+NivKS6jXaQ4U5V0jmAicrDp4R
i0sjdumwDwaagf6oJEwwiAh640mCTr6TQ07Eq4xeEucsZsweuNG2R2lpXwIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNojARfM/KCF4NgZ9kJ8Bgqxms+FMB8GA1UdIwQY
MBaAFNibROLAV/AamSYflLv22hvxhl85MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkp0RTRzQlg4QnFaSmgtVXVfYmFHX0dHWHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8wMGE3MWUtZGVmOC00YTRmLWE0OTkt
YjYwZmJiMTRjMTlkLzEvMmlNQkY4ejhvSVhnMkJuMlFud0dDckdhejRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8wMGE3MWUtZGVmOC00YTRmLWE0OTktYjYwZmJiMTRjMTlk
LzEvMkp0RTRzQlg4QnFaSmgtVXVfYmFHX0dHWHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAXo7+MA8E
AgACMAkDBwIqElxAAAAwDQYJKoZIhvcNAQELBQADggEBAGllFvKh9tlf9/WS8gGA
1A89SdVtKDb5Ux6Qt12DB7g8dkypAvT4OL/slWgqpGr7U/XEUJMEhM8eK3pJujMv
2+pQjjaXeBbj4TYC7oUrm839qgCK3cqs42IuVGP4zNCO0s3TtMWB5EKDlCHSSKnA
ZWxa0caDUGxnfcv/jwTKIGZG16jv9DlDU7m+4o+amFf0UYb9nrXQDBa+YtGKrrl0
tJQFMBXX3zNmdCzH4WrBxrjM/Em6AJe8MCwb2+KZSyNI79bHE9Zodlh99v2VAM4i
IobRSQJsjHCGiVQ+SxGI9TF+YVcjI3XH5qePOKRrxdL0hFY1FCGM6RjKyLWW/jsg
iUE=
-----END CERTIFICATE-----
Generated at Sat Nov 23 12:01:18 2024 by rpki-client on console-fra.rpki-client.org