Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/2ft_xK6lxEu1JncXg-vxCFyca3o.roa
File: 2ft_xK6lxEu1JncXg-vxCFyca3o.roa (raw, json)
Hash identifier: csGjGLQj1+dUOTdch03XcitHJbcd/bgAIo9s2njHxcs=
Subject key identifier: D9:FB:7F:C4:AE:A5:C4:4B:B5:26:77:17:83:EB:F1:08:5C:9C:6B:7A
Certificate issuer: /CN=ad52c28ef9a5b2291aba671ac9a65d8faadc5518
Certificate serial: 018CC5DC071F10597B6ACD3E55D58FD0B9E4
Authority key identifier: AD:52:C2:8E:F9:A5:B2:29:1A:BA:67:1A:C9:A6:5D:8F:AA:DC:55:18
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rVLCjvmlsikaumcayaZdj6rcVRg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/2ft_xK6lxEu1JncXg-vxCFyca3o.roa
Signing time: Mon 01 Jan 2024 16:29:40 +0000
ROA not before: Mon 01 Jan 2024 16:29:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29255
IP address blocks: 89.237.176.0/20 maxlen: 20
82.147.192.0/19 maxlen: 19
212.24.224.0/19 maxlen: 24
89.237.128.0/19 maxlen: 19
89.237.128.0/18 maxlen: 18
212.24.230.0/24 maxlen: 24
85.194.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/rVLCjvmlsikaumcayaZdj6rcVRg.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/rVLCjvmlsikaumcayaZdj6rcVRg.mft
rsync://rpki.ripe.net/repository/DEFAULT/rVLCjvmlsikaumcayaZdj6rcVRg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 17 Jun 2024 17:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:dc:07:1f:10:59:7b:6a:cd:3e:55:d5:8f:d0:b9:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ad52c28ef9a5b2291aba671ac9a65d8faadc5518
Validity
Not Before: Jan 1 16:29:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9fb7fc4aea5c44bb526771783ebf1085c9c6b7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:aa:22:94:90:d9:ad:0d:b6:ed:60:db:ac:d6:
fb:5d:3d:ef:42:2c:b2:38:25:aa:28:10:b4:bf:cd:
25:55:50:b7:74:2b:43:4f:32:d6:a1:8f:33:e4:35:
31:8b:63:2f:46:06:2f:52:4d:e4:b9:24:a0:dd:cd:
72:bc:73:cf:61:81:4a:05:f6:a0:7a:b8:ab:32:f4:
36:34:ec:ff:9d:08:be:b2:42:e4:fd:1e:c7:e5:10:
d5:9f:54:94:8a:ff:ca:ea:3c:34:c9:02:86:82:63:
d0:bb:c1:90:d3:cb:a3:97:62:76:fc:6b:51:95:4d:
fc:8d:fd:c0:af:74:5a:2b:d6:7c:2f:95:32:92:1a:
a2:5c:af:df:cc:0e:04:36:52:26:d4:d5:d6:71:17:
2b:c0:88:ae:d8:bd:01:c6:c4:d7:0f:1c:71:a6:75:
24:c6:40:3e:f4:77:5e:ca:11:da:cd:14:6a:25:6c:
46:9b:66:0a:da:13:57:13:88:b6:b4:42:47:8c:9e:
0d:12:02:84:10:bc:9c:c2:b2:73:42:07:e3:b7:d8:
fe:08:db:77:91:42:9c:93:60:cf:54:a6:f7:81:91:
c5:ff:a2:3c:8b:3e:6e:d1:92:66:d1:d2:7e:48:5d:
ec:14:4b:86:b4:6c:96:78:95:19:2d:9b:c9:02:2c:
46:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:FB:7F:C4:AE:A5:C4:4B:B5:26:77:17:83:EB:F1:08:5C:9C:6B:7A
X509v3 Authority Key Identifier:
keyid:AD:52:C2:8E:F9:A5:B2:29:1A:BA:67:1A:C9:A6:5D:8F:AA:DC:55:18
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rVLCjvmlsikaumcayaZdj6rcVRg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/2ft_xK6lxEu1JncXg-vxCFyca3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/bb3d73-ca3f-4467-b6e8-702be48a551e/1/rVLCjvmlsikaumcayaZdj6rcVRg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.147.192.0/19
85.194.64.0/18
89.237.128.0/18
212.24.224.0/19
Signature Algorithm: sha256WithRSAEncryption
2e:de:b1:f2:64:1f:83:9c:4c:68:6b:5e:71:7b:37:de:e6:8e:
4a:4f:1e:82:19:47:a3:ba:61:89:36:df:c4:b4:3f:b6:49:47:
47:2f:f0:c8:ff:35:d5:16:65:3c:1d:24:bc:75:dd:30:10:f0:
2f:b5:ae:6d:62:b9:52:43:a0:b0:b9:05:9b:28:72:b8:f5:5e:
9d:20:d9:17:ac:96:89:1f:0e:e7:c3:ee:77:6f:31:60:a5:2d:
ee:1f:89:26:ed:96:0b:27:e0:71:80:e9:82:fe:97:ec:50:b8:
6f:90:dc:71:3b:70:68:23:5d:fa:77:b8:1f:92:f6:7a:0a:9e:
50:00:b8:ed:b9:7c:11:99:28:14:45:6a:09:86:af:a5:05:9a:
ac:2d:88:af:70:a5:f8:25:e9:c7:d6:1a:16:4f:55:fb:f1:da:
e1:f3:93:01:0b:38:cc:89:57:3e:a0:62:a1:60:2d:f4:3d:c7:
46:34:60:19:57:5e:70:34:59:20:9e:3d:33:da:19:ab:dd:ff:
69:79:d1:8e:7e:01:ce:4c:c5:23:55:87:f0:02:b7:4f:09:6c:
ea:44:58:4b:6b:29:d0:85:ce:c7:23:c4:41:f7:98:22:90:8f:
c3:14:c6:f0:70:b9:d1:29:91:63:55:dd:79:85:13:03:a1:cb:
ab:9b:b5:e4
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzF3AcfEFl7as0+VdWP0LnkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkNTJjMjhlZjlhNWIyMjkxYWJhNjcxYWM5YTY1ZDhmYWFk
YzU1MTgwHhcNMjQwMTAxMTYyOTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWZiN2ZjNGFlYTVjNDRiYjUyNjc3MTc4M2ViZjEwODVjOWM2YjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKoilJDZrQ227WDbrNb7XT3vQiyy
OCWqKBC0v80lVVC3dCtDTzLWoY8z5DUxi2MvRgYvUk3kuSSg3c1yvHPPYYFKBfag
erirMvQ2NOz/nQi+skLk/R7H5RDVn1SUiv/K6jw0yQKGgmPQu8GQ08ujl2J2/GtR
lU38jf3Ar3RaK9Z8L5UykhqiXK/fzA4ENlIm1NXWcRcrwIiu2L0BxsTXDxxxpnUk
xkA+9HdeyhHazRRqJWxGm2YK2hNXE4i2tEJHjJ4NEgKEELycwrJzQgfjt9j+CNt3
kUKck2DPVKb3gZHF/6I8iz5u0ZJm0dJ+SF3sFEuGtGyWeJUZLZvJAixGJwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNn7f8SupcRLtSZ3F4Pr8QhcnGt6MB8GA1UdIwQY
MBaAFK1Swo75pbIpGrpnGsmmXY+q3FUYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvclZMQ2p2bWxzaWthdW1jYXlhWmRqNnJjVlJnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC9iYjNkNzMtY2EzZi00NDY3LWI2ZTgt
NzAyYmU0OGE1NTFlLzEvMmZ0X3hLNmx4RXUxSm5jWGctdnhDRnljYTNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC9iYjNkNzMtY2EzZi00NDY3LWI2ZTgtNzAyYmU0OGE1NTFl
LzEvclZMQ2p2bWxzaWthdW1jYXlhWmRqNnJjVlJnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQFUpPAAwQG
VcJAAwQGWe2AAwQF1BjgMA0GCSqGSIb3DQEBCwUAA4IBAQAu3rHyZB+DnExoa15x
ezfe5o5KTx6CGUejumGJNt/EtD+2SUdHL/DI/zXVFmU8HSS8dd0wEPAvta5tYrlS
Q6CwuQWbKHK49V6dINkXrJaJHw7nw+53bzFgpS3uH4km7ZYLJ+BxgOmC/pfsULhv
kNxxO3BoI136d7gfkvZ6Cp5QALjtuXwRmSgURWoJhq+lBZqsLYivcKX4JenH1hoW
T1X78drh85MBCzjMiVc+oGKhYC30PcdGNGAZV15wNFkgnj0z2hmr3f9pedGOfgHO
TMUjVYfwArdPCWzqRFhLaynQhc7HI8RB95gikI/DFMbwcLnRKZFjVd15hRMDocur
m7Xk
-----END CERTIFICATE-----
Generated at Sun Jun 16 23:49:35 2024 by rpki-client on console-ams.rpki-client.org