Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/1-_2N2DAk86KYK3ReJ5WmM9TLJ18.roa
File: 1-_2N2DAk86KYK3ReJ5WmM9TLJ18.roa (raw, json)
Hash identifier: YN7AktWxie1lgy/DxmdOSMayaLjT+qTTfeKDsjpLUpo=
Subject key identifier: FB:FD:8D:D8:30:24:F3:A2:98:2B:74:5E:27:95:A6:33:D4:CB:27:5F
Certificate issuer: /CN=764928a97be955377013d382c62940e950dd212b
Certificate serial: 018CC2DB28E9D1BC2DDB87C1D4C43AEB8B0E
Authority key identifier: 76:49:28:A9:7B:E9:55:37:70:13:D3:82:C6:29:40:E9:50:DD:21:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dkkoqXvpVTdwE9OCxilA6VDdISs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/1-_2N2DAk86KYK3ReJ5WmM9TLJ18.roa
Signing time: Mon 01 Jan 2024 02:29:51 +0000
ROA not before: Mon 01 Jan 2024 02:29:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9211
IP address blocks: 87.253.190.0/24 maxlen: 24
185.205.216.0/22 maxlen: 24
31.24.96.0/21 maxlen: 24
87.253.160.0/20 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/dkkoqXvpVTdwE9OCxilA6VDdISs.crl
rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/dkkoqXvpVTdwE9OCxilA6VDdISs.mft
rsync://rpki.ripe.net/repository/DEFAULT/dkkoqXvpVTdwE9OCxilA6VDdISs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:28:e9:d1:bc:2d:db:87:c1:d4:c4:3a:eb:8b:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=764928a97be955377013d382c62940e950dd212b
Validity
Not Before: Jan 1 02:29:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=fbfd8dd83024f3a2982b745e2795a633d4cb275f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:50:55:62:9f:b6:41:f7:e4:ef:db:40:c7:4b:
75:12:c1:6f:3d:70:92:81:7e:9a:6d:15:9f:36:00:
80:9c:6b:10:a5:41:72:17:ba:21:8e:39:c6:cd:33:
84:f2:fe:d8:be:d4:fe:aa:83:0e:ab:64:9c:9e:c2:
4a:53:7a:d2:e4:ae:b5:88:51:98:e3:81:96:02:a6:
2e:0e:95:de:07:88:e4:ef:30:91:0d:55:7c:08:82:
43:93:f1:aa:8d:9f:b7:c2:10:b5:58:3e:2b:55:f9:
84:fe:81:ed:28:d4:c1:b4:ac:12:45:be:43:c5:85:
f4:3b:1b:eb:09:98:6c:64:c8:a7:67:70:73:66:02:
74:af:66:76:10:b4:00:87:2b:3f:e6:7c:d3:83:fa:
fb:e5:93:19:32:e8:65:91:c7:7f:34:c1:f0:97:db:
0b:b0:88:a7:fb:1f:d3:88:6b:cd:57:63:78:ca:6e:
13:d4:6b:83:29:28:09:83:58:f2:47:73:39:98:fa:
2f:a8:9d:d7:32:88:fa:28:eb:1f:b2:4c:58:f4:7d:
b5:df:d4:f0:17:9d:18:a6:6a:0f:2e:b9:a6:bc:f5:
8e:9f:32:5c:f1:ab:4a:81:96:22:fa:90:1d:b0:67:
ed:97:ee:15:42:64:37:c2:45:c7:d3:0e:85:b6:2e:
75:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:FD:8D:D8:30:24:F3:A2:98:2B:74:5E:27:95:A6:33:D4:CB:27:5F
X509v3 Authority Key Identifier:
keyid:76:49:28:A9:7B:E9:55:37:70:13:D3:82:C6:29:40:E9:50:DD:21:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dkkoqXvpVTdwE9OCxilA6VDdISs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/1-_2N2DAk86KYK3ReJ5WmM9TLJ18.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/63/9536f5-f566-4c80-a7d9-bc1522789d3b/1/dkkoqXvpVTdwE9OCxilA6VDdISs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.96.0/21
87.253.160.0/20
87.253.190.0/24
185.205.216.0/22
Signature Algorithm: sha256WithRSAEncryption
03:13:5f:28:54:b1:6f:ae:09:2f:c6:7c:26:bb:6c:32:c5:52:
42:bc:3e:59:20:d5:35:d4:49:24:9d:da:37:d3:f2:a3:dd:87:
2f:1e:bb:86:bf:2a:01:23:96:2f:34:a2:9f:dc:04:a6:b7:c8:
0f:f0:64:c1:4e:f3:44:c0:98:e8:87:f9:91:17:7c:a0:52:27:
03:a3:cb:32:4e:3d:47:bf:7f:8d:bc:df:3d:80:ed:6c:34:a2:
61:3c:01:d4:44:be:bc:6e:27:ef:55:5d:55:43:62:3b:b7:f7:
c4:46:d9:85:5a:8f:07:c4:63:63:7e:91:3a:8a:f2:36:11:5d:
e3:2c:9f:94:d4:f8:7d:ac:82:ad:7d:7f:91:62:50:57:67:27:
33:ff:4c:25:32:c3:8e:79:d6:6b:48:88:c1:51:71:92:22:51:
78:66:57:42:f1:43:1e:25:2d:08:23:b2:c9:e9:b5:de:2a:50:
50:25:2f:5f:c1:91:d2:ba:2a:b2:33:83:68:ba:f4:a7:a4:54:
d4:1e:44:a6:73:6b:8b:0c:4c:53:51:ed:e8:21:39:e7:7b:69:
0d:75:14:16:03:27:2d:5f:41:70:3a:90:74:b7:96:47:f0:e0:
d8:d8:9c:e8:af:cd:0b:55:7c:f9:9a:43:8a:5d:0e:23:a8:43:
ec:1e:60:66
-----BEGIN CERTIFICATE-----
MIIFEDCCA/igAwIBAgISAYzC2yjp0bwt24fB1MQ664sOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc2NDkyOGE5N2JlOTU1Mzc3MDEzZDM4MmM2Mjk0MGU5NTBk
ZDIxMmIwHhcNMjQwMTAxMDIyOTUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmZkOGRkODMwMjRmM2EyOTgyYjc0NWUyNzk1YTYzM2Q0Y2IyNzVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlBVYp+2Qffk79tAx0t1EsFvPXCS
gX6abRWfNgCAnGsQpUFyF7ohjjnGzTOE8v7YvtT+qoMOq2ScnsJKU3rS5K61iFGY
44GWAqYuDpXeB4jk7zCRDVV8CIJDk/GqjZ+3whC1WD4rVfmE/oHtKNTBtKwSRb5D
xYX0OxvrCZhsZMinZ3BzZgJ0r2Z2ELQAhys/5nzTg/r75ZMZMuhlkcd/NMHwl9sL
sIin+x/TiGvNV2N4ym4T1GuDKSgJg1jyR3M5mPovqJ3XMoj6KOsfskxY9H2139Tw
F50YpmoPLrmmvPWOnzJc8atKgZYi+pAdsGftl+4VQmQ3wkXH0w6Fti51RwIDAQAB
o4ICHDCCAhgwHQYDVR0OBBYEFPv9jdgwJPOimCt0XieVpjPUyydfMB8GA1UdIwQY
MBaAFHZJKKl76VU3cBPTgsYpQOlQ3SErMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZGtrb3FYdnBWVGR3RTlPQ3hpbEE2VkRkSVNzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82My85NTM2ZjUtZjU2Ni00YzgwLWE3ZDkt
YmMxNTIyNzg5ZDNiLzEvMS1fMk4yREFrODZLWUszUmVKNVdtTTlUTEoxOC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjMvOTUzNmY1LWY1NjYtNGM4MC1hN2Q5LWJjMTUyMjc4OWQz
Yi8xL2Rra29xWHZwVlRkd0U5T0N4aWxBNlZEZElTcy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAxBggrBgEFBQcBBwEB/wQiMCAwHgQCAAEwGAMEAx8YYAME
BFf9oAMEAFf9vgMEArnN2DANBgkqhkiG9w0BAQsFAAOCAQEAAxNfKFSxb64JL8Z8
JrtsMsVSQrw+WSDVNdRJJJ3aN9Pyo92HLx67hr8qASOWLzSin9wEprfID/BkwU7z
RMCY6If5kRd8oFInA6PLMk49R79/jbzfPYDtbDSiYTwB1ES+vG4n71VdVUNiO7f3
xEbZhVqPB8RjY36ROoryNhFd4yyflNT4fayCrX1/kWJQV2cnM/9MJTLDjnnWa0iI
wVFxkiJReGZXQvFDHiUtCCOyyem13ipQUCUvX8GR0roqsjODaLr0p6RU1B5EpnNr
iwxMU1Ht6CE553tpDXUUFgMnLV9BcDqQdLeWR/Dg2Nic6K/NC1V8+ZpDil0OI6hD
7B5gZg==
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:43:37 2024 by rpki-client on console-fra.rpki-client.org