Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/1X2qtgxnmmOfdn-qloP6eXdmqdg.roa
File: 1X2qtgxnmmOfdn-qloP6eXdmqdg.roa (raw, json)
Hash identifier: Se98ewyQgmmMVNeTg11bzZRjAgOJuLxjRH67MAtTkMQ=
Subject key identifier: D5:7D:AA:B6:0C:67:9A:63:9F:76:7F:AA:96:83:FA:79:77:66:A9:D8
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 018DC11673DCAEF227D16DB4B4F0C92A810A
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/1X2qtgxnmmOfdn-qloP6eXdmqdg.roa
Signing time: Mon 19 Feb 2024 11:18:10 +0000
ROA not before: Mon 19 Feb 2024 11:18:10 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2914
IP address blocks: 86.38.128.0/24 maxlen: 24
86.38.129.0/24 maxlen: 24
86.38.130.0/24 maxlen: 24
86.38.158.0/24 maxlen: 24
86.38.159.0/24 maxlen: 24
86.38.160.0/24 maxlen: 24
89.117.240.0/24 maxlen: 24
89.117.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 04 May 2024 02:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:c1:16:73:dc:ae:f2:27:d1:6d:b4:b4:f0:c9:2a:81:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Feb 19 11:18:10 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d57daab60c679a639f767faa9683fa797766a9d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:2b:ba:0f:f4:05:ca:a9:90:b4:29:e7:c9:cf:
f3:08:8f:b8:32:0e:19:75:9e:05:37:d3:10:0c:c2:
3f:1e:bd:98:2f:72:00:64:1a:d2:35:69:24:35:7e:
53:d1:ab:82:51:7d:73:a5:e7:b7:ff:af:93:7c:09:
ff:af:99:c6:34:46:11:8a:d5:b1:5c:2d:31:2d:f9:
e7:5b:27:30:37:d1:c8:8a:a0:76:09:d2:50:49:8e:
9f:de:f7:a3:89:91:3c:d1:5e:fe:1d:02:2f:a4:ca:
5e:5e:28:11:e0:55:7c:0c:ce:03:fe:dc:ac:7a:76:
ce:37:97:26:af:85:0a:fd:a3:81:1a:4f:92:1a:5b:
73:61:14:f4:02:ed:32:5a:5b:12:93:5d:61:db:00:
7c:81:0a:be:d3:f5:dc:ee:1c:69:eb:b6:b8:b1:2c:
26:11:13:91:2b:36:ec:4c:3c:dd:57:5d:01:4a:5e:
5a:eb:e1:26:51:91:f2:66:b8:31:8a:8c:44:f2:d7:
cf:0e:91:fa:73:14:52:a6:6e:8f:44:19:65:23:f5:
84:c8:1a:17:e5:75:bf:91:88:c5:2a:0d:eb:17:21:
c5:ad:dd:f0:03:b6:99:75:cd:c7:8d:1e:a3:83:1b:
d6:cd:af:81:bd:0d:3b:78:2b:82:82:a3:ed:f7:54:
8b:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:7D:AA:B6:0C:67:9A:63:9F:76:7F:AA:96:83:FA:79:77:66:A9:D8
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/1X2qtgxnmmOfdn-qloP6eXdmqdg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.38.128.0-86.38.130.255
86.38.158.0-86.38.160.255
89.117.240.0/24
89.117.242.0/24
Signature Algorithm: sha256WithRSAEncryption
27:5b:77:0d:9b:21:eb:0a:72:5d:de:ea:b1:2f:42:14:28:1d:
3a:a7:77:56:31:27:45:a8:ca:fa:88:0a:ed:e2:95:5b:7f:75:
a3:a1:4d:4b:c0:d1:4d:5d:f5:4e:2f:03:93:13:c0:aa:e5:ee:
f9:75:69:cf:f3:df:16:d6:0e:a0:7c:e2:ec:44:6b:de:1b:d2:
bf:13:05:8d:11:a0:9a:7e:e5:41:07:99:2b:90:1a:17:2f:53:
7a:9e:7c:b2:7a:74:c8:d9:df:16:c3:96:4b:c3:97:8c:42:b3:
28:b9:72:84:d1:42:78:71:4f:b8:6f:9b:a2:f9:be:fe:33:3e:
bf:b8:57:54:70:51:d5:73:92:26:96:cf:ec:c7:d7:2b:96:04:
6c:19:ef:5d:30:be:96:47:4d:66:fb:6f:28:7b:aa:e2:7c:cd:
82:96:a4:50:10:dc:58:51:c4:c0:d3:ec:2c:0b:28:b8:5b:31:
bf:0d:1e:d2:16:6f:f0:68:49:23:ed:46:d2:e1:5f:44:06:38:
91:89:33:41:d4:19:20:e1:37:dd:85:df:69:72:57:05:d0:0c:
c5:71:2e:38:23:67:c2:ed:10:a3:d2:a1:25:9d:16:dd:c6:51:
f0:0e:d5:0c:f2:e5:f0:74:20:b4:5c:25:f4:70:07:cf:ef:2d:
55:e6:2e:6c
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY3BFnPcrvIn0W20tPDJKoEKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjQwMjE5MTExODEwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTdkYWFiNjBjNjc5YTYzOWY3NjdmYWE5NjgzZmE3OTc3NjZhOWQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlCu6D/QFyqmQtCnnyc/zCI+4Mg4Z
dZ4FN9MQDMI/Hr2YL3IAZBrSNWkkNX5T0auCUX1zpee3/6+TfAn/r5nGNEYRitWx
XC0xLfnnWycwN9HIiqB2CdJQSY6f3vejiZE80V7+HQIvpMpeXigR4FV8DM4D/tys
enbON5cmr4UK/aOBGk+SGltzYRT0Au0yWlsSk11h2wB8gQq+0/Xc7hxp67a4sSwm
ERORKzbsTDzdV10BSl5a6+EmUZHyZrgxioxE8tfPDpH6cxRSpm6PRBllI/WEyBoX
5XW/kYjFKg3rFyHFrd3wA7aZdc3HjR6jgxvWza+BvQ07eCuCgqPt91SLVwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFNV9qrYMZ5pjn3Z/qpaD+nl3ZqnYMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvMVgycXRneG5tbU9mZG4tcWxvUDZlWGRtcWRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBAdWJoAD
BABWJoIwDAMEAVYmngMEAFYmoAMEAFl18AMEAFl18jANBgkqhkiG9w0BAQsFAAOC
AQEAJ1t3DZsh6wpyXd7qsS9CFCgdOqd3VjEnRajK+ogK7eKVW391o6FNS8DRTV31
Ti8DkxPAquXu+XVpz/PfFtYOoHzi7ERr3hvSvxMFjRGgmn7lQQeZK5AaFy9Tep58
snp0yNnfFsOWS8OXjEKzKLlyhNFCeHFPuG+bovm+/jM+v7hXVHBR1XOSJpbP7MfX
K5YEbBnvXTC+lkdNZvtvKHuq4nzNgpakUBDcWFHEwNPsLAsouFsxvw0e0hZv8GhJ
I+1G0uFfRAY4kYkzQdQZIOE33YXfaXJXBdAMxXEuOCNnwu0Qo9KhJZ0W3cZR8A7V
DPLl8HQgtFwl9HAHz+8tVeYubA==
-----END CERTIFICATE-----
Generated at Fri May 3 07:04:03 2024 by rpki-client on console-fra.rpki-client.org