Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/2_t-ImRmryjWm0jVbNJPNhaocts.roa
File: 2_t-ImRmryjWm0jVbNJPNhaocts.roa (raw, json)
Hash identifier: Ubdg4AuKKSW2HUa2uSsr0+xPrU6mLJdW4zdr2Puv1C8=
Subject key identifier: DB:FB:7E:22:64:66:AF:28:D6:9B:48:D5:6C:D2:4F:36:16:A8:72:DB
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 0192A099F494A8FEFF74719302D0C003E83D
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/2_t-ImRmryjWm0jVbNJPNhaocts.roa
Signing time: Fri 18 Oct 2024 17:08:17 +0000
ROA not before: Fri 18 Oct 2024 17:08:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209854
IP address blocks: 82.140.187.0/24 maxlen: 24
82.140.188.0/24 maxlen: 24
84.46.131.0/24 maxlen: 24
84.46.145.0/24 maxlen: 24
217.9.244.0/24 maxlen: 24
217.9.245.0/24 maxlen: 24
217.9.247.0/24 maxlen: 24
217.9.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 07:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:a0:99:f4:94:a8:fe:ff:74:71:93:02:d0:c0:03:e8:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Oct 18 17:08:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dbfb7e226466af28d69b48d56cd24f3616a872db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:7f:f9:f5:32:17:2a:9f:f0:a3:aa:d3:da:db:
ba:c1:77:67:40:ef:b9:5d:ff:7e:ef:96:cf:e7:a9:
df:f2:9d:4b:ba:a4:fe:fc:da:fd:2e:28:21:76:9d:
4f:75:bc:70:5e:42:e7:70:ac:c9:d1:2d:0e:91:d5:
4e:27:e1:e0:4d:52:38:4a:3a:b2:79:87:de:8c:4b:
6f:5f:3e:c1:34:23:b4:d8:bf:aa:a8:d1:14:7e:84:
39:7b:27:36:9d:fb:a4:f3:62:f3:dc:8e:d6:94:9c:
9c:34:4b:36:d9:92:c7:99:e2:0c:42:9e:6b:82:06:
eb:0e:0c:32:38:83:00:99:7b:c5:65:07:29:ba:44:
79:ed:c3:e5:a8:59:0e:42:6b:71:11:1e:b9:0c:59:
bb:a8:be:43:dd:50:4d:65:29:d4:35:f1:4b:6a:7c:
ef:7d:83:a9:94:15:58:f7:1d:6c:85:be:11:77:d0:
be:67:be:b0:c0:6e:e3:6c:90:8f:5b:65:55:e0:47:
2d:f0:e8:79:a1:7a:11:e0:3d:11:22:87:50:7c:f7:
84:a8:bb:2f:fd:1c:d9:3b:81:f8:32:94:aa:e0:f8:
e6:55:75:e1:9d:df:6d:d5:1e:ef:ee:f8:03:0e:27:
4e:56:a8:65:c1:cd:07:d8:cb:e1:87:a8:9d:4c:74:
76:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:FB:7E:22:64:66:AF:28:D6:9B:48:D5:6C:D2:4F:36:16:A8:72:DB
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/2_t-ImRmryjWm0jVbNJPNhaocts.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.140.187.0-82.140.188.255
84.46.131.0/24
84.46.145.0/24
217.9.244.0/23
217.9.247.0/24
217.9.250.0/24
Signature Algorithm: sha256WithRSAEncryption
14:24:89:c4:47:e5:79:01:6c:10:cc:b6:c6:1f:12:f7:cf:68:
71:61:a0:7c:2d:29:44:3a:90:8a:24:03:2f:d8:d6:41:06:c0:
73:c5:fe:40:d1:9c:61:14:07:41:5f:4e:d6:0a:93:66:07:bd:
36:f7:58:e2:39:c0:9e:4d:95:2c:38:81:0c:83:36:d9:31:5a:
05:67:b7:f7:8b:91:bb:05:e5:0b:65:93:54:98:f5:1e:99:57:
31:77:83:7f:21:3b:c8:d7:d2:f7:48:ed:7c:e8:25:dc:b6:61:
09:f9:7a:90:fc:47:a7:cd:6e:5f:ad:6c:2d:00:9d:96:dc:d0:
68:83:ff:cc:2d:cd:c8:0c:e9:11:0f:65:82:14:a9:04:8f:9c:
a8:2a:02:3e:cb:1c:46:78:90:cd:3b:d7:8b:d6:2d:f3:15:ec:
e3:a7:99:d9:85:71:57:08:42:6c:a2:2f:0f:16:b2:f4:80:40:
05:b9:63:40:5d:56:d3:98:ea:53:32:d2:d2:bb:c0:15:35:66:
85:a9:ff:62:28:ef:00:56:22:ba:ea:ec:d0:88:f6:fb:8c:ab:
d0:7d:7e:37:2e:8f:29:85:44:84:ab:e9:76:50:df:6e:19:16:
d2:0b:ae:c3:f8:45:93:de:ab:42:46:51:c4:ff:3c:6a:d7:4a:
bd:6a:29:7f
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZKgmfSUqP7/dHGTAtDAA+g9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjQxMDE4MTcwODE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmZiN2UyMjY0NjZhZjI4ZDY5YjQ4ZDU2Y2QyNGYzNjE2YTg3MmRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA73/59TIXKp/wo6rT2tu6wXdnQO+5
Xf9+75bP56nf8p1LuqT+/Nr9Lighdp1PdbxwXkLncKzJ0S0OkdVOJ+HgTVI4Sjqy
eYfejEtvXz7BNCO02L+qqNEUfoQ5eyc2nfuk82Lz3I7WlJycNEs22ZLHmeIMQp5r
ggbrDgwyOIMAmXvFZQcpukR57cPlqFkOQmtxER65DFm7qL5D3VBNZSnUNfFLanzv
fYOplBVY9x1shb4Rd9C+Z76wwG7jbJCPW2VV4Ect8Oh5oXoR4D0RIodQfPeEqLsv
/RzZO4H4MpSq4PjmVXXhnd9t1R7v7vgDDidOVqhlwc0H2Mvhh6idTHR2dQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFNv7fiJkZq8o1ptI1WzSTzYWqHLbMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvMl90LUltUm1yeWpXbTBqVmJOSlBOaGFvY3RzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBABSjLsD
BABSjLwDBABULoMDBABULpEDBAHZCfQDBADZCfcDBADZCfowDQYJKoZIhvcNAQEL
BQADggEBABQkicRH5XkBbBDMtsYfEvfPaHFhoHwtKUQ6kIokAy/Y1kEGwHPF/kDR
nGEUB0FfTtYKk2YHvTb3WOI5wJ5NlSw4gQyDNtkxWgVnt/eLkbsF5Qtlk1SY9R6Z
VzF3g38hO8jX0vdI7XzoJdy2YQn5epD8R6fNbl+tbC0AnZbc0GiD/8wtzcgM6REP
ZYIUqQSPnKgqAj7LHEZ4kM0714vWLfMV7OOnmdmFcVcIQmyiLw8WsvSAQAW5Y0Bd
VtOY6lMy0tK7wBU1ZoWp/2Io7wBWIrrq7NCI9vuMq9B9fjcujymFRISr6XZQ324Z
FtILrsP4RZPeq0JGUcT/PGrXSr1qKX8=
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:55:20 2024 by rpki-client on console-fra.rpki-client.org