Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/eb27f2-e369-4b07-8d1d-c3431d320406/1/TR2ExuBdII67CCjhLx470FGH-1Y.roa
File: TR2ExuBdII67CCjhLx470FGH-1Y.roa (raw, json)
Hash identifier: JMD30coUkAZcMYrns0zG1sLZj2Oye2yYqvEneYIsLxY=
Subject key identifier: 4D:1D:84:C6:E0:5D:20:8E:BB:08:28:E1:2F:1E:3B:D0:51:87:FB:56
Certificate issuer: /CN=27321078f359d7990276dabb0f8c30070e685963
Certificate serial: 018CC3B6BF61A6B0D38456ADDD239827AF25
Authority key identifier: 27:32:10:78:F3:59:D7:99:02:76:DA:BB:0F:8C:30:07:0E:68:59:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JzIQePNZ15kCdtq7D4wwBw5oWWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/eb27f2-e369-4b07-8d1d-c3431d320406/1/TR2ExuBdII67CCjhLx470FGH-1Y.roa
Signing time: Mon 01 Jan 2024 06:29:42 +0000
ROA not before: Mon 01 Jan 2024 06:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 13121
IP address blocks: 46.231.224.0/21 maxlen: 21
213.169.64.0/19 maxlen: 19
213.169.88.0/21 maxlen: 21
2a01:6880:0:1::/64 maxlen: 64
2a01:6880::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/eb27f2-e369-4b07-8d1d-c3431d320406/1/JzIQePNZ15kCdtq7D4wwBw5oWWM.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/eb27f2-e369-4b07-8d1d-c3431d320406/1/JzIQePNZ15kCdtq7D4wwBw5oWWM.mft
rsync://rpki.ripe.net/repository/DEFAULT/JzIQePNZ15kCdtq7D4wwBw5oWWM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b6:bf:61:a6:b0:d3:84:56:ad:dd:23:98:27:af:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27321078f359d7990276dabb0f8c30070e685963
Validity
Not Before: Jan 1 06:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=4d1d84c6e05d208ebb0828e12f1e3bd05187fb56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:f0:87:06:b9:ce:b3:48:ca:59:2e:c5:24:ef:
ba:31:17:3f:47:81:d7:c8:51:52:93:a6:e8:d5:dc:
73:6a:c8:60:0f:7c:9a:2f:3e:54:83:99:0f:04:34:
e3:b7:e9:f0:8b:f6:fd:8c:0a:4a:ba:f2:ef:92:eb:
de:6d:64:2f:61:26:52:7c:19:fe:4b:0c:48:33:92:
fa:11:c4:b4:aa:8c:a4:3b:7b:75:67:f7:c2:48:f5:
cf:b6:13:39:52:f8:65:c8:9f:28:74:95:58:ab:b0:
39:2f:a0:34:43:64:71:9d:d1:26:84:2c:ba:86:70:
1c:26:8e:17:a3:c4:6c:79:9b:75:9e:c1:ac:78:0a:
ce:cb:69:06:50:bc:ba:4e:8c:96:a7:d5:63:50:bc:
c3:69:e4:c3:b3:51:15:bc:cb:b7:6a:db:48:45:3b:
d0:1e:35:f7:94:8d:ba:5d:a3:e5:9c:72:52:70:37:
ed:02:6e:d9:0a:0a:64:6a:3b:5c:d0:86:cf:9a:fd:
00:0d:a9:33:1a:8d:ad:ae:6e:f3:f1:43:85:f2:97:
6c:7f:1e:30:7b:9e:ca:49:c2:78:30:a5:6c:b2:eb:
2b:47:cc:d5:ca:98:98:41:65:b7:56:56:f9:42:51:
d5:6d:7b:66:a8:1a:06:aa:1d:00:88:9f:93:1e:d9:
42:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:1D:84:C6:E0:5D:20:8E:BB:08:28:E1:2F:1E:3B:D0:51:87:FB:56
X509v3 Authority Key Identifier:
keyid:27:32:10:78:F3:59:D7:99:02:76:DA:BB:0F:8C:30:07:0E:68:59:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JzIQePNZ15kCdtq7D4wwBw5oWWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/eb27f2-e369-4b07-8d1d-c3431d320406/1/TR2ExuBdII67CCjhLx470FGH-1Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/eb27f2-e369-4b07-8d1d-c3431d320406/1/JzIQePNZ15kCdtq7D4wwBw5oWWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.231.224.0/21
213.169.64.0/19
IPv6:
2a01:6880::/32
Signature Algorithm: sha256WithRSAEncryption
64:5e:81:62:af:5c:fb:ad:b0:65:f5:c1:05:8d:47:92:6a:b9:
b3:a8:5d:34:2b:28:1d:a8:ec:4a:32:44:87:c1:25:72:9e:e1:
30:b8:13:c4:ee:e9:bf:cd:86:33:93:5f:96:c4:55:ca:7f:cd:
95:18:a8:0a:b5:b3:7b:ab:24:a0:90:e7:08:5c:1f:dd:21:a1:
94:d6:b6:71:ae:5e:cc:01:8d:91:6a:1b:02:43:4a:4b:a6:17:
09:8b:95:8d:6e:5c:3f:c4:2b:17:61:9f:02:2e:63:12:c4:4e:
7c:a1:68:f9:63:02:94:3c:88:7e:93:3b:41:74:e2:39:b2:ea:
a6:46:15:50:7d:58:6c:5c:28:b9:f9:32:25:a9:99:f1:cd:95:
40:bf:64:19:55:91:50:e9:4c:ba:ba:a5:80:3d:9b:4a:5b:f8:
0c:cc:72:cb:71:1a:66:3f:d8:61:ff:4a:40:b2:b2:6f:20:91:
7e:16:0d:fb:b1:51:2a:ce:92:28:07:37:09:59:79:a1:fd:2e:
a8:62:a6:6e:e9:d1:12:01:81:69:99:62:70:a4:18:ac:f0:aa:
eb:fd:5e:61:0a:21:3a:22:8c:56:82:ba:a7:14:7d:4f:3b:1e:
8c:34:75:25:3c:bd:ac:50:09:65:c1:2b:65:3e:2a:64:04:82:
3e:71:7a:e2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzDtr9hprDThFat3SOYJ68lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3MzIxMDc4ZjM1OWQ3OTkwMjc2ZGFiYjBmOGMzMDA3MGU2
ODU5NjMwHhcNMjQwMTAxMDYyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZDFkODRjNmUwNWQyMDhlYmIwODI4ZTEyZjFlM2JkMDUxODdmYjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhfCHBrnOs0jKWS7FJO+6MRc/R4HX
yFFSk6bo1dxzashgD3yaLz5Ug5kPBDTjt+nwi/b9jApKuvLvkuvebWQvYSZSfBn+
SwxIM5L6EcS0qoykO3t1Z/fCSPXPthM5UvhlyJ8odJVYq7A5L6A0Q2RxndEmhCy6
hnAcJo4Xo8RseZt1nsGseArOy2kGULy6ToyWp9VjULzDaeTDs1EVvMu3attIRTvQ
HjX3lI26XaPlnHJScDftAm7ZCgpkajtc0IbPmv0ADakzGo2trm7z8UOF8pdsfx4w
e57KScJ4MKVssusrR8zVypiYQWW3Vlb5QlHVbXtmqBoGqh0AiJ+THtlCvQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFE0dhMbgXSCOuwgo4S8eO9BRh/tWMB8GA1UdIwQY
MBaAFCcyEHjzWdeZAnbauw+MMAcOaFljMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnpJUWVQTloxNWtDZHRxN0Q0d3dCdzVvV1dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC9lYjI3ZjItZTM2OS00YjA3LThkMWQt
YzM0MzFkMzIwNDA2LzEvVFIyRXh1QmRJSTY3Q0NqaEx4NDcwRkdILTFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC9lYjI3ZjItZTM2OS00YjA3LThkMWQtYzM0MzFkMzIwNDA2
LzEvSnpJUWVQTloxNWtDZHRxN0Q0d3dCdzVvV1dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDLufgAwQF
1alAMA0EAgACMAcDBQAqAWiAMA0GCSqGSIb3DQEBCwUAA4IBAQBkXoFir1z7rbBl
9cEFjUeSarmzqF00KygdqOxKMkSHwSVynuEwuBPE7um/zYYzk1+WxFXKf82VGKgK
tbN7qySgkOcIXB/dIaGU1rZxrl7MAY2RahsCQ0pLphcJi5WNblw/xCsXYZ8CLmMS
xE58oWj5YwKUPIh+kztBdOI5suqmRhVQfVhsXCi5+TIlqZnxzZVAv2QZVZFQ6Uy6
uqWAPZtKW/gMzHLLcRpmP9hh/0pAsrJvIJF+Fg37sVEqzpIoBzcJWXmh/S6oYqZu
6dESAYFpmWJwpBis8Krr/V5hCiE6IoxWgrqnFH1POx6MNHUlPL2sUAllwStlPipk
BII+cXri
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:02:20 2024 by rpki-client on console-fra.rpki-client.org