Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/2ESbtU3Pm2l9CZAXLxalBKZLXZA.roa
File: 2ESbtU3Pm2l9CZAXLxalBKZLXZA.roa (raw, json)
Hash identifier: vBv+XQiSrB2vI+SLxOPDQWzGT/f4lphaeug3tbu3NCo=
Subject key identifier: D8:44:9B:B5:4D:CF:9B:69:7D:09:90:17:2F:16:A5:04:A6:4B:5D:90
Certificate issuer: /CN=a6b789b32e16e9dd2f70513119dc77ea61ff1e09
Certificate serial: 018CC6B7BD8E7C920D6BEC205E7D89D23A8F
Authority key identifier: A6:B7:89:B3:2E:16:E9:DD:2F:70:51:31:19:DC:77:EA:61:FF:1E:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/preJsy4W6d0vcFExGdx36mH_Hgk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/2ESbtU3Pm2l9CZAXLxalBKZLXZA.roa
Signing time: Mon 01 Jan 2024 20:29:39 +0000
ROA not before: Mon 01 Jan 2024 20:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 24703
IP address blocks: 193.111.9.0/24 maxlen: 24
193.111.8.0/23 maxlen: 23
193.111.8.0/24 maxlen: 24
176.111.49.0/24 maxlen: 24
176.111.48.0/23 maxlen: 23
176.111.48.0/24 maxlen: 24
176.111.58.0/24 maxlen: 24
195.128.17.0/24 maxlen: 24
176.111.58.0/23 maxlen: 23
176.111.57.0/24 maxlen: 24
195.128.16.0/24 maxlen: 24
195.128.16.0/22 maxlen: 22
176.111.60.0/24 maxlen: 24
195.128.19.0/24 maxlen: 24
176.111.59.0/24 maxlen: 24
195.128.18.0/24 maxlen: 24
176.111.63.0/24 maxlen: 24
176.111.62.0/24 maxlen: 24
176.111.61.0/24 maxlen: 24
176.111.60.0/22 maxlen: 22
195.234.213.0/24 maxlen: 24
195.234.212.0/22 maxlen: 22
195.234.212.0/24 maxlen: 24
195.234.215.0/24 maxlen: 24
195.234.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/preJsy4W6d0vcFExGdx36mH_Hgk.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/preJsy4W6d0vcFExGdx36mH_Hgk.mft
rsync://rpki.ripe.net/repository/DEFAULT/preJsy4W6d0vcFExGdx36mH_Hgk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:bd:8e:7c:92:0d:6b:ec:20:5e:7d:89:d2:3a:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a6b789b32e16e9dd2f70513119dc77ea61ff1e09
Validity
Not Before: Jan 1 20:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8449bb54dcf9b697d0990172f16a504a64b5d90
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c8:19:cb:98:8f:c7:ee:7e:d3:38:4c:e9:3f:
43:ab:6b:c3:d3:88:5d:0e:e6:20:87:73:8f:b7:c0:
ea:a2:15:85:c9:20:6c:88:2a:a4:c9:71:b6:dc:b3:
09:4e:1c:df:83:9c:92:c0:24:16:25:9e:49:2d:53:
b8:72:d1:88:f8:da:5c:73:08:67:d5:98:ec:21:56:
ab:88:59:8e:82:a2:9b:f0:85:76:6d:80:13:10:f8:
d9:c0:97:43:d5:3d:43:1a:c7:16:98:ef:b3:4e:7b:
f5:dd:19:83:ab:0b:1f:1a:13:c4:3c:10:51:58:dc:
31:51:93:b5:63:d9:87:b7:ff:0c:5f:f7:fe:27:5b:
32:fa:52:5e:8f:62:2d:7a:6a:ed:0b:91:47:a8:d3:
90:8e:bf:7d:cf:00:c6:a5:11:75:93:3a:7d:e5:d2:
f6:d5:4e:6b:27:e2:e3:c1:34:58:17:26:f7:eb:da:
6f:a3:77:3f:3e:13:05:60:54:bb:52:d4:e6:3e:e1:
a6:0b:08:2c:13:5a:95:bc:5e:11:98:c6:bf:5b:6b:
42:8b:c5:fa:48:fc:56:12:f0:92:21:68:50:9b:98:
cd:52:07:fa:8b:af:86:da:b3:9e:bf:d0:93:7d:db:
1f:7f:de:80:ae:3a:47:5b:1f:0c:55:ff:43:21:bf:
43:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:44:9B:B5:4D:CF:9B:69:7D:09:90:17:2F:16:A5:04:A6:4B:5D:90
X509v3 Authority Key Identifier:
keyid:A6:B7:89:B3:2E:16:E9:DD:2F:70:51:31:19:DC:77:EA:61:FF:1E:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/preJsy4W6d0vcFExGdx36mH_Hgk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/2ESbtU3Pm2l9CZAXLxalBKZLXZA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/e768bd-f512-4b8a-936a-06c9296f08a2/1/preJsy4W6d0vcFExGdx36mH_Hgk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.111.48.0/23
176.111.57.0-176.111.63.255
193.111.8.0/23
195.128.16.0/22
195.234.212.0/22
Signature Algorithm: sha256WithRSAEncryption
09:9e:c9:59:69:34:ef:d5:88:52:7c:35:f9:a2:2d:83:58:61:
ee:38:a2:0f:2d:af:e3:70:f7:6a:ed:ef:dd:e1:ff:d2:55:83:
c3:1b:da:7e:1b:1b:07:94:f6:7e:b9:ed:76:17:74:f9:b3:3d:
ec:fd:e4:04:db:23:8f:70:fd:50:8e:2c:50:d9:a8:34:01:22:
91:35:48:4b:56:20:82:c4:38:b2:e5:84:cb:8a:86:5d:1a:ce:
48:58:ba:4a:f2:11:b8:80:c4:14:c8:be:0e:c5:fd:9f:ae:23:
fa:57:36:6c:68:0b:77:2e:47:8a:62:48:42:bd:a8:53:ef:98:
cd:9b:42:33:06:8c:68:f8:0b:d1:cc:f4:95:d8:2c:f7:4f:b6:
16:99:2f:26:8d:e2:71:3d:d8:f9:c2:cf:e7:5f:f0:60:ea:47:
6a:e7:59:1a:a1:cb:e2:ec:6f:16:b7:3d:84:9a:52:72:2f:81:
91:69:93:3c:db:3a:94:c2:f5:82:dd:83:eb:36:7e:0f:61:c9:
27:c1:07:b2:ad:74:51:5b:f4:7e:34:4c:04:7c:32:64:73:9e:
53:ef:98:7a:3c:8a:10:dc:4b:e5:87:80:91:fc:f4:73:fe:ab:
4b:52:7e:0a:1c:12:c0:79:9e:64:1d:56:90:ad:03:33:91:fd:
d7:d4:bc:6c
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAYzGt72OfJINa+wgXn2J0jqPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE2Yjc4OWIzMmUxNmU5ZGQyZjcwNTEzMTE5ZGM3N2VhNjFm
ZjFlMDkwHhcNMjQwMTAxMjAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODQ0OWJiNTRkY2Y5YjY5N2QwOTkwMTcyZjE2YTUwNGE2NGI1ZDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMgZy5iPx+5+0zhM6T9Dq2vD04hd
DuYgh3OPt8DqohWFySBsiCqkyXG23LMJThzfg5ySwCQWJZ5JLVO4ctGI+Npccwhn
1ZjsIVariFmOgqKb8IV2bYATEPjZwJdD1T1DGscWmO+zTnv13RmDqwsfGhPEPBBR
WNwxUZO1Y9mHt/8MX/f+J1sy+lJej2ItemrtC5FHqNOQjr99zwDGpRF1kzp95dL2
1U5rJ+LjwTRYFyb369pvo3c/PhMFYFS7UtTmPuGmCwgsE1qVvF4RmMa/W2tCi8X6
SPxWEvCSIWhQm5jNUgf6i6+G2rOev9CTfdsff96ArjpHWx8MVf9DIb9DUwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNhEm7VNz5tpfQmQFy8WpQSmS12QMB8GA1UdIwQY
MBaAFKa3ibMuFundL3BRMRncd+ph/x4JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcHJlSnN5NFc2ZDB2Y0ZFeEdkeDM2bUhfSGdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi9lNzY4YmQtZjUxMi00YjhhLTkzNmEt
MDZjOTI5NmYwOGEyLzEvMkVTYnRVM1BtMmw5Q1pBWEx4YWxCS1pMWFpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi9lNzY4YmQtZjUxMi00YjhhLTkzNmEtMDZjOTI5NmYwOGEy
LzEvcHJlSnN5NFc2ZDB2Y0ZFeEdkeDM2bUhfSGdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBsG8wMAwD
BACwbzkDBAawbwADBAHBbwgDBALDgBADBALD6tQwDQYJKoZIhvcNAQELBQADggEB
AAmeyVlpNO/ViFJ8NfmiLYNYYe44og8tr+Nw92rt793h/9JVg8Mb2n4bGweU9n65
7XYXdPmzPez95ATbI49w/VCOLFDZqDQBIpE1SEtWIILEOLLlhMuKhl0azkhYukry
EbiAxBTIvg7F/Z+uI/pXNmxoC3cuR4piSEK9qFPvmM2bQjMGjGj4C9HM9JXYLPdP
thaZLyaN4nE92PnCz+df8GDqR2rnWRqhy+Lsbxa3PYSaUnIvgZFpkzzbOpTC9YLd
g+s2fg9hySfBB7KtdFFb9H40TAR8MmRznlPvmHo8ihDcS+WHgJH89HP+q0tSfgoc
EsB5nmQdVpCtAzOR/dfUvGw=
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:08:43 2024 by rpki-client on console-ams.rpki-client.org