Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/2xHbfm3j35Bv5rbn38IbppTla6s.roa
File: 2xHbfm3j35Bv5rbn38IbppTla6s.roa (raw, json)
Hash identifier: puslR2WUfw95+q7e6mPgqN++TKZNg20SqEpgD5MHDnQ=
Subject key identifier: DB:11:DB:7E:6D:E3:DF:90:6F:E6:B6:E7:DF:C2:1B:A6:94:E5:6B:AB
Certificate issuer: /CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Certificate serial: 0191A23A696F5239C26ECAD2828BFE9246AB
Authority key identifier: F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/2xHbfm3j35Bv5rbn38IbppTla6s.roa
Signing time: Fri 30 Aug 2024 07:40:22 +0000
ROA not before: Fri 30 Aug 2024 07:40:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 147049
IP address blocks: 89.117.202.0/24 maxlen: 24
89.117.205.0/24 maxlen: 24
89.117.210.0/24 maxlen: 24
89.117.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.mft
rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:a2:3a:69:6f:52:39:c2:6e:ca:d2:82:8b:fe:92:46:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f0dd81a833d9b043c7ffd635a5987f536971180d
Validity
Not Before: Aug 30 07:40:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db11db7e6de3df906fe6b6e7dfc21ba694e56bab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:6c:78:6f:05:ed:82:1c:cb:87:6f:9c:9b:fb:
75:3d:c6:10:0b:d6:c7:43:ae:6a:d8:99:e4:a0:88:
48:c8:71:8d:fb:bf:a0:21:49:13:b3:2a:37:6e:c7:
40:5d:1b:a5:23:f9:dd:a9:cf:23:b4:60:2a:23:c4:
e7:b6:9c:0f:90:c4:6a:7b:23:a7:bc:af:f4:4f:30:
38:01:2c:20:69:b4:b6:cb:9a:8e:19:b4:f8:4f:e6:
ff:a3:62:e0:7b:a2:8a:e0:67:58:a4:eb:37:dd:7e:
96:ee:37:02:b7:d1:2f:49:21:6f:b7:3e:c3:2c:46:
91:a4:3e:ad:29:0f:38:67:fb:5b:d2:42:83:87:c8:
71:e9:7e:5c:3d:95:29:9d:63:82:0a:9f:02:a1:f6:
91:58:c9:b7:a0:09:9c:f5:7a:7c:fa:f1:36:86:18:
c5:c7:55:bb:76:f9:4b:7c:bd:cf:8f:79:26:6b:b9:
eb:2c:87:74:d5:ae:db:b5:58:7a:d5:8d:08:6b:f3:
d3:12:fd:ad:43:30:8d:1b:25:c7:77:4b:c9:3b:e0:
42:26:b0:dd:6a:77:c4:60:4d:e6:fe:e8:78:e5:bf:
4f:6f:d9:14:73:7e:14:08:a8:34:35:52:02:6f:4c:
05:7b:63:32:ca:11:9a:ed:f3:21:9b:93:81:8d:33:
1a:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:11:DB:7E:6D:E3:DF:90:6F:E6:B6:E7:DF:C2:1B:A6:94:E5:6B:AB
X509v3 Authority Key Identifier:
keyid:F0:DD:81:A8:33:D9:B0:43:C7:FF:D6:35:A5:98:7F:53:69:71:18:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/2xHbfm3j35Bv5rbn38IbppTla6s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6a/a8ebe4-d0b3-4e7d-af25-0468042486dc/1/8N2BqDPZsEPH_9Y1pZh_U2lxGA0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.117.202.0/24
89.117.205.0/24
89.117.210.0/24
89.117.232.0/24
Signature Algorithm: sha256WithRSAEncryption
90:e6:0b:7b:17:f9:46:60:64:5d:0d:96:fd:b1:e7:d3:f1:3e:
ef:2c:24:7c:c2:8a:c6:06:1b:35:6e:c1:ca:01:d9:09:a1:56:
5d:d4:a1:e4:b7:ba:d3:e1:d5:84:85:b4:94:32:37:4c:2a:f5:
b6:0e:d6:23:09:fd:87:1b:e5:15:9c:c4:46:de:fa:d0:83:6b:
e3:6b:63:40:c3:bc:ee:5c:21:73:71:fe:2f:36:d3:99:24:6a:
49:eb:59:63:1a:dc:03:29:5a:c5:60:aa:0b:c8:e8:d2:a5:16:
7a:89:d9:53:d9:7e:f5:57:e1:78:8c:f8:c6:d9:12:23:21:81:
ea:89:ec:db:ec:b3:34:78:59:6c:6e:45:35:f7:ec:8f:a2:2c:
e6:d2:18:a0:4b:a7:18:a0:16:a3:57:ba:38:85:a6:da:96:2f:
3e:d8:4e:29:bc:d9:74:27:3d:f5:46:6d:5d:e6:89:0d:e1:28:
b7:94:3a:06:e5:45:13:d1:97:1f:5e:80:90:51:bb:39:01:bf:
30:d7:b7:0e:4c:18:0a:9a:02:27:c8:65:b1:0e:d7:bc:79:28:
e6:1f:9c:50:46:82:f9:b2:32:c9:13:ed:c4:85:44:7f:f0:50:
cb:5e:4d:63:18:0c:be:0e:86:8f:c5:9d:6e:55:96:09:f7:b8:
6c:fe:7c:f0
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZGiOmlvUjnCbsrSgov+kkarMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwZGQ4MWE4MzNkOWIwNDNjN2ZmZDYzNWE1OTg3ZjUzNjk3
MTE4MGQwHhcNMjQwODMwMDc0MDIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjExZGI3ZTZkZTNkZjkwNmZlNmI2ZTdkZmMyMWJhNjk0ZTU2YmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3Wx4bwXtghzLh2+cm/t1PcYQC9bH
Q65q2JnkoIhIyHGN+7+gIUkTsyo3bsdAXRulI/ndqc8jtGAqI8TntpwPkMRqeyOn
vK/0TzA4ASwgabS2y5qOGbT4T+b/o2Lge6KK4GdYpOs33X6W7jcCt9EvSSFvtz7D
LEaRpD6tKQ84Z/tb0kKDh8hx6X5cPZUpnWOCCp8CofaRWMm3oAmc9Xp8+vE2hhjF
x1W7dvlLfL3Pj3kma7nrLId01a7btVh61Y0Ia/PTEv2tQzCNGyXHd0vJO+BCJrDd
anfEYE3m/uh45b9Pb9kUc34UCKg0NVICb0wFe2MyyhGa7fMhm5OBjTMaIQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNsR235t49+Qb+a259/CG6aU5WurMB8GA1UdIwQY
MBaAFPDdgagz2bBDx//WNaWYf1NpcRgNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUt
MDQ2ODA0MjQ4NmRjLzEvMnhIYmZtM2ozNUJ2NXJibjM4SWJwcFRsYTZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82YS9hOGViZTQtZDBiMy00ZTdkLWFmMjUtMDQ2ODA0MjQ4NmRj
LzEvOE4yQnFEUFpzRVBIXzlZMXBaaF9VMmx4R0EwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAWXXKAwQA
WXXNAwQAWXXSAwQAWXXoMA0GCSqGSIb3DQEBCwUAA4IBAQCQ5gt7F/lGYGRdDZb9
sefT8T7vLCR8worGBhs1bsHKAdkJoVZd1KHkt7rT4dWEhbSUMjdMKvW2DtYjCf2H
G+UVnMRG3vrQg2vja2NAw7zuXCFzcf4vNtOZJGpJ61ljGtwDKVrFYKoLyOjSpRZ6
idlT2X71V+F4jPjG2RIjIYHqiezb7LM0eFlsbkU19+yPoizm0higS6cYoBajV7o4
habali8+2E4pvNl0Jz31Rm1d5okN4Si3lDoG5UUT0ZcfXoCQUbs5Ab8w17cOTBgK
mgInyGWxDte8eSjmH5xQRoL5sjLJE+3EhUR/8FDLXk1jGAy+DoaPxZ1uVZYJ97hs
/nzw
-----END CERTIFICATE-----
Generated at Fri Nov 22 09:51:31 2024 by rpki-client on console-ams.rpki-client.org