Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/2LftH6wS6b2UV4X9RyJoOfGMPP0.roa
File: 2LftH6wS6b2UV4X9RyJoOfGMPP0.roa (raw, json)
Hash identifier: OTVLnWRsEUctQqJ2lvs2KWzgAP+ejUaLL4/49JfkpOA=
Subject key identifier: D8:B7:ED:1F:AC:12:E9:BD:94:57:85:FD:47:22:68:39:F1:8C:3C:FD
Certificate issuer: /CN=c72a524f9b1b3801dbd7c89a160aec076b57e729
Certificate serial: 018CC50028DAF8BF1C6D5845F616AF110D3C
Authority key identifier: C7:2A:52:4F:9B:1B:38:01:DB:D7:C8:9A:16:0A:EC:07:6B:57:E7:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xypST5sbOAHb18iaFgrsB2tX5yk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/2LftH6wS6b2UV4X9RyJoOfGMPP0.roa
Signing time: Mon 01 Jan 2024 12:29:31 +0000
ROA not before: Mon 01 Jan 2024 12:29:31 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47626
IP address blocks: 91.205.190.0/23 maxlen: 23
176.118.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/xypST5sbOAHb18iaFgrsB2tX5yk.crl
rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/xypST5sbOAHb18iaFgrsB2tX5yk.mft
rsync://rpki.ripe.net/repository/DEFAULT/xypST5sbOAHb18iaFgrsB2tX5yk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:28:da:f8:bf:1c:6d:58:45:f6:16:af:11:0d:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c72a524f9b1b3801dbd7c89a160aec076b57e729
Validity
Not Before: Jan 1 12:29:31 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8b7ed1fac12e9bd945785fd47226839f18c3cfd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:07:ae:0e:a1:ce:55:1e:00:ec:12:3d:58:70:
4c:34:4e:d0:97:80:fd:88:99:c4:2a:a1:9d:80:13:
8f:6c:c5:85:66:4f:a6:07:39:54:4e:21:4a:56:64:
e5:61:91:70:4d:d6:b6:bc:e6:26:a6:b9:47:a7:45:
eb:45:6d:a7:90:5a:6c:2e:eb:40:93:d6:63:35:9a:
bf:2d:88:23:7a:f2:dc:6b:8b:eb:e2:fc:fa:89:22:
39:a8:3e:89:27:91:02:94:27:f6:29:ef:aa:c6:ac:
8a:7a:4f:c2:7c:d1:a4:2c:dd:eb:aa:9e:1a:d5:24:
63:64:c4:fa:a0:d0:36:cc:73:34:99:95:1c:6d:3d:
7d:1a:5a:1c:39:e4:06:67:1b:81:e7:fd:d9:78:d6:
41:c3:22:76:cc:e0:72:ce:1f:4c:67:08:9a:b3:6a:
b8:84:e3:ce:aa:f1:80:ac:50:69:df:0c:83:97:d0:
3a:46:fd:0d:fd:b6:5c:3c:8f:9e:68:b2:54:00:74:
92:f7:12:1b:a6:97:71:f8:d0:e7:bd:f8:f8:89:68:
6e:e2:c9:98:5d:19:7e:d5:a8:df:e3:60:a3:f4:d1:
d6:6b:5a:14:1f:a7:27:bf:f3:fb:a8:df:2a:6f:2f:
ae:bd:d5:a9:fa:96:0a:b7:18:62:15:a3:1f:7d:0e:
d0:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:B7:ED:1F:AC:12:E9:BD:94:57:85:FD:47:22:68:39:F1:8C:3C:FD
X509v3 Authority Key Identifier:
keyid:C7:2A:52:4F:9B:1B:38:01:DB:D7:C8:9A:16:0A:EC:07:6B:57:E7:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xypST5sbOAHb18iaFgrsB2tX5yk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/2LftH6wS6b2UV4X9RyJoOfGMPP0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/73/4e3cc2-1a33-495a-999f-d7a684a57b19/1/xypST5sbOAHb18iaFgrsB2tX5yk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.205.190.0/23
176.118.224.0/19
Signature Algorithm: sha256WithRSAEncryption
09:83:94:f8:86:75:bb:86:29:f6:12:2a:64:f2:c9:42:fe:d8:
f6:c0:34:fa:68:c5:e5:a4:19:50:96:31:f3:09:05:a5:6f:08:
59:16:07:0e:a3:eb:ea:09:06:46:6b:c5:b2:0c:ed:2a:9d:8d:
39:6b:09:a3:66:e0:07:86:eb:8a:14:9b:e4:9c:0f:5d:75:e2:
40:73:2c:31:56:b2:b1:6f:3f:5c:e4:c4:23:cb:0c:71:bf:82:
09:6f:2a:43:6a:d8:6b:c1:94:e0:b7:01:f7:8e:9f:2c:2a:74:
c8:75:e2:1b:e6:c2:00:20:f6:dd:d6:53:49:d8:96:05:4c:53:
e0:c1:54:68:eb:40:1e:6e:62:a1:7c:fc:ac:c2:8d:15:d7:b8:
8c:09:41:74:53:d6:f0:28:e0:08:84:fd:2e:11:2c:2b:6d:1e:
97:c2:75:dd:4b:30:9d:d5:60:e4:80:e5:01:31:76:ae:50:aa:
f2:66:5c:5b:26:7a:e0:18:7e:dc:41:28:f4:11:8b:5d:92:b9:
07:43:7d:d4:95:25:12:aa:5e:4c:5c:25:ea:01:73:68:c3:a5:
b7:d7:53:ef:94:a4:52:93:4f:f2:94:4d:6f:83:3a:47:dc:5f:
4b:4e:ec:f1:db:27:82:7b:73:11:45:cd:28:68:e8:be:da:e8:
24:aa:d4:ea
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzFACja+L8cbVhF9havEQ08MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM3MmE1MjRmOWIxYjM4MDFkYmQ3Yzg5YTE2MGFlYzA3NmI1
N2U3MjkwHhcNMjQwMTAxMTIyOTMxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGI3ZWQxZmFjMTJlOWJkOTQ1Nzg1ZmQ0NzIyNjgzOWYxOGMzY2ZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjweuDqHOVR4A7BI9WHBMNE7Ql4D9
iJnEKqGdgBOPbMWFZk+mBzlUTiFKVmTlYZFwTda2vOYmprlHp0XrRW2nkFpsLutA
k9ZjNZq/LYgjevLca4vr4vz6iSI5qD6JJ5EClCf2Ke+qxqyKek/CfNGkLN3rqp4a
1SRjZMT6oNA2zHM0mZUcbT19GlocOeQGZxuB5/3ZeNZBwyJ2zOByzh9MZwias2q4
hOPOqvGArFBp3wyDl9A6Rv0N/bZcPI+eaLJUAHSS9xIbppdx+NDnvfj4iWhu4smY
XRl+1ajf42Cj9NHWa1oUH6cnv/P7qN8qby+uvdWp+pYKtxhiFaMffQ7Q7wIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNi37R+sEum9lFeF/UciaDnxjDz9MB8GA1UdIwQY
MBaAFMcqUk+bGzgB29fImhYK7AdrV+cpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHlwU1Q1c2JPQUhiMThpYUZncnNCMnRYNXlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83My80ZTNjYzItMWEzMy00OTVhLTk5OWYt
ZDdhNjg0YTU3YjE5LzEvMkxmdEg2d1M2YjJVVjRYOVJ5Sm9PZkdNUFAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83My80ZTNjYzItMWEzMy00OTVhLTk5OWYtZDdhNjg0YTU3YjE5
LzEveHlwU1Q1c2JPQUhiMThpYUZncnNCMnRYNXlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBW82+AwQF
sHbgMA0GCSqGSIb3DQEBCwUAA4IBAQAJg5T4hnW7hin2Eipk8slC/tj2wDT6aMXl
pBlQljHzCQWlbwhZFgcOo+vqCQZGa8WyDO0qnY05awmjZuAHhuuKFJvknA9ddeJA
cywxVrKxbz9c5MQjywxxv4IJbypDathrwZTgtwH3jp8sKnTIdeIb5sIAIPbd1lNJ
2JYFTFPgwVRo60AebmKhfPyswo0V17iMCUF0U9bwKOAIhP0uESwrbR6XwnXdSzCd
1WDkgOUBMXauUKryZlxbJnrgGH7cQSj0EYtdkrkHQ33UlSUSql5MXCXqAXNow6W3
11PvlKRSk0/ylE1vgzpH3F9LTuzx2yeCe3MRRc0oaOi+2ugkqtTq
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:44:58 2024 by rpki-client on console-fra.rpki-client.org