Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/3cce22-c301-4bbc-b027-64eecaed11dc/1/MWov1h277Cf99IdyyPz019fGsec.roa
File: MWov1h277Cf99IdyyPz019fGsec.roa (raw, json)
Hash identifier: ZOmCHyjWrBbNt8AKNPOB+yEJGEc92P8H8SwV5Bk97aI=
Subject key identifier: 31:6A:2F:D6:1D:BB:EC:27:FD:F4:87:72:C8:FC:F4:D7:D7:C6:B1:E7
Certificate issuer: /CN=fad949f66253543ee89b9196390736b5a6ed7cb8
Certificate serial: 018F48B4255735AB87BBD35C10B6507EC5BD
Authority key identifier: FA:D9:49:F6:62:53:54:3E:E8:9B:91:96:39:07:36:B5:A6:ED:7C:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tlJ9mJTVD7om5GWOQc2tabtfLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/3cce22-c301-4bbc-b027-64eecaed11dc/1/MWov1h277Cf99IdyyPz019fGsec.roa
Signing time: Sun 05 May 2024 12:21:56 +0000
ROA not before: Sun 05 May 2024 12:21:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 14445
IP address blocks: 185.218.2.0/24 maxlen: 24
2a11:2800:239::/48 maxlen: 48
2a11:2800:26b::/48 maxlen: 48
2a11:2800:761::/48 maxlen: 48
2a11:2800:ad3::/48 maxlen: 48
2a11:2800:bc6::/48 maxlen: 48
2a11:2800:10db::/48 maxlen: 48
2a11:2800:131c::/48 maxlen: 48
2a11:2800:18b8::/48 maxlen: 48
2a11:2800:1bce::/48 maxlen: 48
2a11:2800:1f33::/48 maxlen: 48
2a11:2800:2047::/48 maxlen: 48
2a11:2800:215b::/48 maxlen: 48
2a11:2800:285d::/48 maxlen: 48
2a11:2800:3472::/48 maxlen: 48
2a11:2800:3dc6::/48 maxlen: 48
2a11:2800:4f07::/48 maxlen: 48
2a11:2800:661f::/48 maxlen: 48
2a11:2800:6ce2::/48 maxlen: 48
2a11:2800:792e::/48 maxlen: 48
2a11:2800:9e16::/48 maxlen: 48
2a11:2800:b41d::/48 maxlen: 48
2a11:2800:d2d1::/48 maxlen: 48
2a11:2800:e02b::/48 maxlen: 48
2a11:2800:e822::/48 maxlen: 48
2a11:2801:422a::/48 maxlen: 48
2a11:2803:e78b::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/3cce22-c301-4bbc-b027-64eecaed11dc/1/1-tlJ9mJTVD7om5GWOQc2tabtfLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/3cce22-c301-4bbc-b027-64eecaed11dc/1/1-tlJ9mJTVD7om5GWOQc2tabtfLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-tlJ9mJTVD7om5GWOQc2tabtfLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 18:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:48:b4:25:57:35:ab:87:bb:d3:5c:10:b6:50:7e:c5:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad949f66253543ee89b9196390736b5a6ed7cb8
Validity
Not Before: May 5 12:21:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=316a2fd61dbbec27fdf48772c8fcf4d7d7c6b1e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:fa:06:66:65:96:0e:46:ee:3e:e0:ac:e9:34:
be:04:88:93:f0:8c:ba:a5:10:ff:e1:a4:6c:7c:95:
ac:f7:82:a7:74:77:f4:26:36:e8:41:c1:27:f4:6e:
ca:c1:68:81:dd:34:7f:a0:45:05:28:eb:b6:59:92:
04:38:16:ff:cb:52:b8:3e:f7:2e:f2:2c:87:ea:ff:
6f:40:c8:4e:25:33:65:82:c8:e2:c7:b8:84:05:4f:
0f:e2:b6:10:77:11:e3:7d:96:14:d9:cd:2d:52:e6:
3e:2b:7f:df:6b:a5:3f:45:bf:5d:fa:e2:6f:b4:ff:
b3:6c:14:0e:63:57:bf:d1:19:94:ed:17:c9:28:c2:
29:9c:6e:61:8b:c9:fe:49:22:58:32:48:d7:83:b2:
df:41:6c:c8:98:30:64:77:fe:67:ed:02:f8:3d:81:
82:94:49:8a:a0:6e:30:9b:57:ff:b6:25:e1:30:2a:
e4:9b:13:f1:87:4d:df:51:33:07:a1:81:f6:99:9e:
c4:6d:a4:41:2f:25:ad:a1:d0:18:92:cc:d5:02:e4:
e0:23:de:9f:59:bd:08:87:18:d7:cb:fa:ac:0a:75:
bf:0a:b1:4e:e5:e9:6b:cf:e4:3d:3e:9b:12:97:70:
13:b8:4a:70:ab:55:0e:df:be:dd:5a:d2:14:dc:21:
4e:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:6A:2F:D6:1D:BB:EC:27:FD:F4:87:72:C8:FC:F4:D7:D7:C6:B1:E7
X509v3 Authority Key Identifier:
keyid:FA:D9:49:F6:62:53:54:3E:E8:9B:91:96:39:07:36:B5:A6:ED:7C:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tlJ9mJTVD7om5GWOQc2tabtfLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3cce22-c301-4bbc-b027-64eecaed11dc/1/MWov1h277Cf99IdyyPz019fGsec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/3cce22-c301-4bbc-b027-64eecaed11dc/1/1-tlJ9mJTVD7om5GWOQc2tabtfLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.218.2.0/24
IPv6:
2a11:2800:239::/48
2a11:2800:26b::/48
2a11:2800:761::/48
2a11:2800:ad3::/48
2a11:2800:bc6::/48
2a11:2800:10db::/48
2a11:2800:131c::/48
2a11:2800:18b8::/48
2a11:2800:1bce::/48
2a11:2800:1f33::/48
2a11:2800:2047::/48
2a11:2800:215b::/48
2a11:2800:285d::/48
2a11:2800:3472::/48
2a11:2800:3dc6::/48
2a11:2800:4f07::/48
2a11:2800:661f::/48
2a11:2800:6ce2::/48
2a11:2800:792e::/48
2a11:2800:9e16::/48
2a11:2800:b41d::/48
2a11:2800:d2d1::/48
2a11:2800:e02b::/48
2a11:2800:e822::/48
2a11:2801:422a::/48
2a11:2803:e78b::/48
Signature Algorithm: sha256WithRSAEncryption
89:dd:db:60:ce:32:4e:3b:fa:61:44:70:8f:88:8f:76:b6:fa:
d2:41:7c:13:81:88:59:42:45:f7:90:43:7e:67:fa:65:ba:0f:
c1:ec:dc:ad:63:e6:b0:aa:c7:28:09:46:c6:e7:fb:b6:55:35:
e2:21:3d:1d:be:05:25:1a:29:3b:33:e2:eb:56:63:2e:a9:ea:
80:68:c2:72:18:42:03:de:9c:49:ca:4d:fc:45:5a:cb:ec:ce:
f0:0a:02:1b:7c:42:2e:fb:bd:00:1f:15:de:4e:47:72:90:9b:
87:4d:76:7e:eb:e3:16:a3:0f:6b:a1:04:49:26:96:56:e7:b6:
4f:eb:a6:3f:fa:ae:32:16:d3:52:0f:04:e3:cc:4f:5c:fe:e0:
8a:5c:d2:3f:a0:83:6b:d8:e0:4f:fb:2f:63:32:8f:a3:e7:fa:
58:43:85:8e:c4:5d:e4:75:4c:0d:92:ae:9f:4d:46:11:bd:4e:
36:ab:77:a6:f1:c0:74:97:b2:8e:28:4c:ef:44:aa:ed:cc:aa:
69:eb:52:27:15:61:54:43:d6:fd:fe:28:56:0a:2b:d8:d8:fa:
dd:e7:36:a5:53:48:c1:76:97:1d:76:7c:f8:85:54:69:e2:35:
b4:07:45:80:3b:da:a2:da:a4:b9:f9:65:ac:f1:c8:db:b1:17:
5a:87:75:d7
-----BEGIN CERTIFICATE-----
MIIF+TCCBOGgAwIBAgISAY9ItCVXNauHu9NcELZQfsW9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZDk0OWY2NjI1MzU0M2VlODliOTE5NjM5MDczNmI1YTZl
ZDdjYjgwHhcNMjQwNTA1MTIyMTU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMTZhMmZkNjFkYmJlYzI3ZmRmNDg3NzJjOGZjZjRkN2Q3YzZiMWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4voGZmWWDkbuPuCs6TS+BIiT8Iy6
pRD/4aRsfJWs94KndHf0JjboQcEn9G7KwWiB3TR/oEUFKOu2WZIEOBb/y1K4Pvcu
8iyH6v9vQMhOJTNlgsjix7iEBU8P4rYQdxHjfZYU2c0tUuY+K3/fa6U/Rb9d+uJv
tP+zbBQOY1e/0RmU7RfJKMIpnG5hi8n+SSJYMkjXg7LfQWzImDBkd/5n7QL4PYGC
lEmKoG4wm1f/tiXhMCrkmxPxh03fUTMHoYH2mZ7EbaRBLyWtodAYkszVAuTgI96f
Wb0IhxjXy/qsCnW/CrFO5elrz+Q9PpsSl3ATuEpwq1UO377dWtIU3CFO6wIDAQAB
o4IDBTCCAwEwHQYDVR0OBBYEFDFqL9Ydu+wn/fSHcsj89NfXxrHnMB8GA1UdIwQY
MBaAFPrZSfZiU1Q+6JuRljkHNrWm7Xy4MA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10bEo5bUpUVkQ3b201R1dPUWMydGFidGZMZy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvNjkvM2NjZTIyLWMzMDEtNGJiYy1iMDI3
LTY0ZWVjYWVkMTFkYy8xL01Xb3YxaDI3N0NmOTlJZHl5UHowMTlmR3NlYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjkvM2NjZTIyLWMzMDEtNGJiYy1iMDI3LTY0ZWVjYWVkMTFk
Yy8xLzEtdGxKOW1KVFZEN29tNUdXT1FjMnRhYnRmTGcuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggEXBggrBgEFBQcBBwEB/wSCAQYwggECMAwEAgABMAYD
BAC52gIwgfEEAgACMIHqAwcAKhEoAAI5AwcAKhEoAAJrAwcAKhEoAAdhAwcAKhEo
AArTAwcAKhEoAAvGAwcAKhEoABDbAwcAKhEoABMcAwcAKhEoABi4AwcAKhEoABvO
AwcAKhEoAB8zAwcAKhEoACBHAwcAKhEoACFbAwcAKhEoAChdAwcAKhEoADRyAwcA
KhEoAD3GAwcAKhEoAE8HAwcAKhEoAGYfAwcAKhEoAGziAwcAKhEoAHkuAwcAKhEo
AJ4WAwcAKhEoALQdAwcAKhEoANLRAwcAKhEoAOArAwcAKhEoAOgiAwcAKhEoAUIq
AwcAKhEoA+eLMA0GCSqGSIb3DQEBCwUAA4IBAQCJ3dtgzjJOO/phRHCPiI92tvrS
QXwTgYhZQkX3kEN+Z/plug/B7NytY+awqscoCUbG5/u2VTXiIT0dvgUlGik7M+Lr
VmMuqeqAaMJyGEID3pxJyk38RVrL7M7wCgIbfEIu+70AHxXeTkdykJuHTXZ+6+MW
ow9roQRJJpZW57ZP66Y/+q4yFtNSDwTjzE9c/uCKXNI/oINr2OBP+y9jMo+j5/pY
Q4WOxF3kdUwNkq6fTUYRvU42q3em8cB0l7KOKEzvRKrtzKpp61InFWFUQ9b9/ihW
CivY2Prd5zalU0jBdpcddnz4hVRp4jW0B0WAO9qi2qS5+WWs8cjbsRdah3XX
-----END CERTIFICATE-----
Generated at Fri Nov 22 00:34:45 2024 by rpki-client on console-fra.rpki-client.org