Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/2tsX5BidBFEkGjdfj3xmnYLpsy8.roa
File: 2tsX5BidBFEkGjdfj3xmnYLpsy8.roa (raw, json)
Hash identifier: Dx3GVGhoNhvM2QQWHn7lAt9hj4bXHFigkitx8tbZ0+Q=
Subject key identifier: DA:DB:17:E4:18:9D:04:51:24:1A:37:5F:8F:7C:66:9D:82:E9:B3:2F
Certificate issuer: /CN=8777b5b36f66e13c4388c9934da507856515d073
Certificate serial: 018CC801F1E0A64A1275F81A8055E9A4253D
Authority key identifier: 87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/2tsX5BidBFEkGjdfj3xmnYLpsy8.roa
Signing time: Tue 02 Jan 2024 02:30:19 +0000
ROA not before: Tue 02 Jan 2024 02:30:19 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 49964
IP address blocks: 109.69.217.16/28 maxlen: 28
62.112.31.0/24 maxlen: 24
62.112.29.0/24 maxlen: 24
46.18.38.0/24 maxlen: 24
46.18.36.0/22 maxlen: 24
46.18.36.0/24 maxlen: 24
46.18.37.0/24 maxlen: 24
46.18.34.0/24 maxlen: 24
46.18.34.0/23 maxlen: 24
46.18.35.0/24 maxlen: 24
46.18.33.0/24 maxlen: 24
46.18.39.0/24 maxlen: 24
185.64.64.0/22 maxlen: 24
85.119.216.0/21 maxlen: 24
109.69.221.192/28 maxlen: 28
185.185.231.0/24 maxlen: 24
185.185.228.0/24 maxlen: 24
185.185.229.0/24 maxlen: 24
109.69.219.0/24 maxlen: 24
109.69.216.0/23 maxlen: 24
109.69.221.0/24 maxlen: 24
109.69.222.0/24 maxlen: 24
109.69.220.0/24 maxlen: 24
37.19.8.0/21 maxlen: 24
2a00:1528::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.mft
rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 01:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:f1:e0:a6:4a:12:75:f8:1a:80:55:e9:a4:25:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8777b5b36f66e13c4388c9934da507856515d073
Validity
Not Before: Jan 2 02:30:19 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dadb17e4189d0451241a375f8f7c669d82e9b32f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:42:19:73:80:29:f9:28:6a:f9:97:3f:93:ea:
5a:bc:da:cf:f7:2a:a6:44:91:ea:56:12:a9:5e:72:
49:d1:88:50:c4:af:82:e1:45:f1:16:30:39:42:94:
1a:58:88:10:ab:1d:ed:2b:0c:86:20:32:3e:9c:1f:
cd:3e:4d:47:e7:f7:0a:d4:03:84:ab:9c:c5:28:24:
ba:1c:56:c1:6d:74:53:f6:83:45:97:7c:1f:41:1b:
77:d0:37:85:ed:7b:dd:db:39:e6:ec:43:5d:da:f5:
fe:8b:df:99:6b:d1:7f:dc:06:59:a9:8a:9d:5e:11:
f6:32:34:83:7c:01:cd:0d:8b:d5:3a:37:da:be:03:
48:06:82:16:24:9d:cf:a8:c5:2c:6d:89:fd:a9:6a:
9c:8e:a3:4d:02:b3:20:7f:11:68:52:fc:d1:4d:44:
18:d1:40:50:fd:c2:2e:8b:cf:5c:50:41:9e:c3:96:
fb:2e:9b:d0:0b:31:91:35:9e:06:e9:11:eb:cd:61:
0f:f3:a9:15:f1:60:c4:69:aa:9c:c3:cc:80:3a:07:
18:c8:bb:ad:31:dc:1e:8a:f4:13:4b:13:6d:94:b0:
a5:d3:e7:1e:9b:45:da:5e:c2:53:f5:0d:d9:0a:af:
19:d1:df:49:6a:22:4a:1a:b6:7b:fe:be:27:66:93:
f8:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:DB:17:E4:18:9D:04:51:24:1A:37:5F:8F:7C:66:9D:82:E9:B3:2F
X509v3 Authority Key Identifier:
keyid:87:77:B5:B3:6F:66:E1:3C:43:88:C9:93:4D:A5:07:85:65:15:D0:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/h3e1s29m4TxDiMmTTaUHhWUV0HM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/2tsX5BidBFEkGjdfj3xmnYLpsy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/f92e2a-e1e4-487d-9acc-ed1f30cc1c57/1/h3e1s29m4TxDiMmTTaUHhWUV0HM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.19.8.0/21
46.18.33.0-46.18.39.255
62.112.29.0/24
62.112.31.0/24
85.119.216.0/21
109.69.216.0/23
109.69.219.0-109.69.222.255
185.64.64.0/22
185.185.228.0/23
185.185.231.0/24
IPv6:
2a00:1528::/32
Signature Algorithm: sha256WithRSAEncryption
82:a6:42:b8:8a:bc:af:50:ad:20:59:aa:a3:f8:78:12:ce:8c:
28:22:a8:93:c9:71:17:4f:50:ca:d2:9c:0c:71:4d:f8:37:f0:
29:77:36:06:ff:4a:4f:f9:a3:00:20:ac:97:fc:cc:41:66:3c:
03:ee:60:c9:2d:90:34:ca:6f:40:14:36:28:10:82:a9:22:a7:
7b:dc:47:94:37:fe:02:d8:1d:bd:eb:d6:8c:59:fb:b7:6e:bf:
e5:03:c8:ef:2d:a6:09:59:1b:4c:1c:3f:12:a8:15:b4:cc:fa:
3d:45:24:f2:b5:c7:bc:b2:74:5e:69:59:e3:ef:66:e8:18:fb:
49:30:0e:0f:6e:43:09:59:b8:26:a3:35:7d:9f:a4:6e:07:5a:
40:22:1e:b8:75:e3:f9:06:ac:89:fb:8f:66:b8:9c:59:fa:17:
54:9f:24:90:06:09:fa:f8:1e:5c:53:96:57:0a:e2:64:2d:3b:
3a:9d:9d:41:53:93:7a:3a:0b:2c:31:3c:d0:5e:3c:ff:6c:14:
c7:4e:cd:f7:a0:0b:2d:d6:43:3b:3c:ea:1d:0d:69:ae:99:bd:
7f:2e:94:11:e5:6c:ba:43:7a:87:40:e4:ec:96:37:82:ad:e7:
7a:45:9c:b5:2b:07:6c:82:b1:b2:63:e6:f5:9e:4d:3a:dc:02:
42:09:f2:99
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYzIAfHgpkoSdfgagFXppCU9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg3NzdiNWIzNmY2NmUxM2M0Mzg4Yzk5MzRkYTUwNzg1NjUx
NWQwNzMwHhcNMjQwMTAyMDIzMDE5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYWRiMTdlNDE4OWQwNDUxMjQxYTM3NWY4ZjdjNjY5ZDgyZTliMzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAh0IZc4Ap+Shq+Zc/k+pavNrP9yqm
RJHqVhKpXnJJ0YhQxK+C4UXxFjA5QpQaWIgQqx3tKwyGIDI+nB/NPk1H5/cK1AOE
q5zFKCS6HFbBbXRT9oNFl3wfQRt30DeF7Xvd2znm7ENd2vX+i9+Za9F/3AZZqYqd
XhH2MjSDfAHNDYvVOjfavgNIBoIWJJ3PqMUsbYn9qWqcjqNNArMgfxFoUvzRTUQY
0UBQ/cIui89cUEGew5b7LpvQCzGRNZ4G6RHrzWEP86kV8WDEaaqcw8yAOgcYyLut
MdweivQTSxNtlLCl0+cem0XaXsJT9Q3ZCq8Z0d9JaiJKGrZ7/r4nZpP4xQIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFNrbF+QYnQRRJBo3X498Zp2C6bMvMB8GA1UdIwQY
MBaAFId3tbNvZuE8Q4jJk02lB4VlFdBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2Mt
ZWQxZjMwY2MxYzU3LzEvMnRzWDVCaWRCRkVrR2pkZmozeG1uWUxwc3k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS9mOTJlMmEtZTFlNC00ODdkLTlhY2MtZWQxZjMwY2MxYzU3
LzEvaDNlMXMyOW00VHhEaU1tVFRhVUhoV1VWMEhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMAwQDJRMIMAwD
BAAuEiEDBAMuEiADBAA+cB0DBAA+cB8DBANVd9gDBAFtRdgwDAMEAG1F2wMEAG1F
3gMEArlAQAMEAbm55AMEALm55zANBAIAAjAHAwUAKgAVKDANBgkqhkiG9w0BAQsF
AAOCAQEAgqZCuIq8r1CtIFmqo/h4Es6MKCKok8lxF09QytKcDHFN+DfwKXc2Bv9K
T/mjACCsl/zMQWY8A+5gyS2QNMpvQBQ2KBCCqSKne9xHlDf+AtgdvevWjFn7t26/
5QPI7y2mCVkbTBw/EqgVtMz6PUUk8rXHvLJ0XmlZ4+9m6Bj7STAOD25DCVm4JqM1
fZ+kbgdaQCIeuHXj+QasifuPZricWfoXVJ8kkAYJ+vgeXFOWVwriZC07Op2dQVOT
ejoLLDE80F48/2wUx07N96ALLdZDOzzqHQ1prpm9fy6UEeVsukN6h0Dk7JY3gq3n
ekWctSsHbIKxsmPm9Z5NOtwCQgnymQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 09:59:24 2024 by rpki-client on console-fra.rpki-client.org