Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/c13e12-e50d-4338-8a2f-fffb5a4e762a/1/2XNEQpGq89Z05MF5R38RFa4dslE.roa
File: 2XNEQpGq89Z05MF5R38RFa4dslE.roa (raw, json)
Hash identifier: l5Qm8V4R1ngH1m/KzTiGOfvfNy3DTQ0mPbHD59/cctg=
Subject key identifier: D9:73:44:42:91:AA:F3:D6:74:E4:C1:79:47:7F:11:15:AE:1D:B2:51
Certificate issuer: /CN=27d7304c1b59dc22731bb53eff5a84ed9a30614c
Certificate serial: 018CC94E573CA7A1A51D83BED26D67822DC1
Authority key identifier: 27:D7:30:4C:1B:59:DC:22:73:1B:B5:3E:FF:5A:84:ED:9A:30:61:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J9cwTBtZ3CJzG7U-_1qE7ZowYUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/c13e12-e50d-4338-8a2f-fffb5a4e762a/1/2XNEQpGq89Z05MF5R38RFa4dslE.roa
Signing time: Tue 02 Jan 2024 08:33:23 +0000
ROA not before: Tue 02 Jan 2024 08:33:23 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 38930
IP address blocks: 94.75.196.0/24 maxlen: 24
2001:1af8:4410::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/c13e12-e50d-4338-8a2f-fffb5a4e762a/1/J9cwTBtZ3CJzG7U-_1qE7ZowYUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/c13e12-e50d-4338-8a2f-fffb5a4e762a/1/J9cwTBtZ3CJzG7U-_1qE7ZowYUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/J9cwTBtZ3CJzG7U-_1qE7ZowYUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 21:03:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:57:3c:a7:a1:a5:1d:83:be:d2:6d:67:82:2d:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27d7304c1b59dc22731bb53eff5a84ed9a30614c
Validity
Not Before: Jan 2 08:33:23 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d973444291aaf3d674e4c179477f1115ae1db251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:9d:bc:7c:ad:1f:ee:12:49:e4:90:40:af:7c:
ec:1c:49:b4:ab:a7:6f:30:70:be:ee:91:49:01:81:
46:da:d5:23:03:af:24:e8:02:2e:52:5b:39:0e:81:
59:7a:af:df:88:ed:a0:16:af:9a:42:85:71:fd:c9:
45:cf:4d:db:51:37:4a:06:6c:d5:42:92:83:5c:9a:
2a:53:ca:fa:c5:f6:bc:38:fe:99:a5:a9:db:78:d9:
04:f2:1e:4f:7f:4b:d2:42:9a:e2:2b:84:66:78:cb:
c5:06:3d:c6:ab:5a:d7:bc:bd:59:06:8f:e8:34:6f:
ec:d8:99:9c:10:90:79:c7:e2:bf:a2:9c:ce:f4:58:
55:d1:4f:81:65:c2:19:89:8b:3e:94:7c:24:a8:c7:
6e:cf:8d:27:d6:7e:71:34:37:ca:5c:c8:81:63:a4:
d8:c7:b9:b6:83:72:3e:ec:b3:fa:97:87:ac:87:01:
0a:77:c0:f1:d2:15:69:32:55:6e:54:d9:58:5d:74:
b5:e1:b6:e0:57:63:a5:46:16:1b:e4:72:d6:0a:e8:
c8:2f:96:ba:4b:47:05:bb:ef:ac:52:9a:77:cd:45:
c2:5c:e3:a9:b6:a8:fc:4f:6a:da:e2:d0:b7:5f:2d:
f4:cc:a6:c5:40:fc:b2:75:a6:47:b6:59:39:8c:e5:
fb:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:73:44:42:91:AA:F3:D6:74:E4:C1:79:47:7F:11:15:AE:1D:B2:51
X509v3 Authority Key Identifier:
keyid:27:D7:30:4C:1B:59:DC:22:73:1B:B5:3E:FF:5A:84:ED:9A:30:61:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J9cwTBtZ3CJzG7U-_1qE7ZowYUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/c13e12-e50d-4338-8a2f-fffb5a4e762a/1/2XNEQpGq89Z05MF5R38RFa4dslE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/c13e12-e50d-4338-8a2f-fffb5a4e762a/1/J9cwTBtZ3CJzG7U-_1qE7ZowYUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.75.196.0/24
IPv6:
2001:1af8:4410::/48
Signature Algorithm: sha256WithRSAEncryption
80:11:e3:c4:a1:b0:4c:4c:81:f7:9e:a0:84:f0:b1:d2:8e:e6:
c5:a7:99:44:bf:65:05:57:95:c0:5d:08:b7:e1:99:19:84:88:
53:37:da:14:c8:47:26:82:8c:6b:a4:f1:59:59:01:99:2a:e4:
1d:ed:59:3a:68:24:70:f9:df:12:9b:59:aa:54:d7:79:ec:23:
48:ca:f9:70:5e:29:2f:3f:8a:e8:98:f7:fe:89:28:4e:11:f8:
46:c0:86:0a:d8:13:5a:ea:fc:25:b9:de:df:6c:e5:dc:b4:cb:
dc:04:cb:04:fd:78:0f:14:a7:82:ad:5f:dc:97:2b:ff:49:e0:
03:79:df:19:a3:09:3d:e0:3e:9b:ce:f9:d6:61:db:ba:77:cc:
34:60:6e:19:41:53:63:a5:db:6b:2e:1c:04:f9:be:52:a2:05:
9a:b8:3e:d0:b3:74:96:d5:4b:c6:e0:50:5e:10:9b:9e:81:40:
00:33:96:22:8e:2b:db:ce:fd:67:68:55:0f:44:4b:b5:f8:93:
8b:7b:6b:a3:94:09:d9:e7:f8:34:63:6f:c6:11:42:9c:15:62:
22:12:c8:48:e4:16:41:1e:c2:d7:b5:11:32:07:80:d0:75:d2:
fa:31:a2:a8:ae:be:39:3e:cd:3b:67:c4:c3:9c:e0:61:28:fc:
fd:99:0b:99
-----BEGIN CERTIFICATE-----
MIIFDjCCA/agAwIBAgISAYzJTlc8p6GlHYO+0m1ngi3BMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZDczMDRjMWI1OWRjMjI3MzFiYjUzZWZmNWE4NGVkOWEz
MDYxNGMwHhcNMjQwMTAyMDgzMzIzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTczNDQ0MjkxYWFmM2Q2NzRlNGMxNzk0NzdmMTExNWFlMWRiMjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjZ28fK0f7hJJ5JBAr3zsHEm0q6dv
MHC+7pFJAYFG2tUjA68k6AIuUls5DoFZeq/fiO2gFq+aQoVx/clFz03bUTdKBmzV
QpKDXJoqU8r6xfa8OP6ZpanbeNkE8h5Pf0vSQpriK4RmeMvFBj3Gq1rXvL1ZBo/o
NG/s2JmcEJB5x+K/opzO9FhV0U+BZcIZiYs+lHwkqMduz40n1n5xNDfKXMiBY6TY
x7m2g3I+7LP6l4eshwEKd8Dx0hVpMlVuVNlYXXS14bbgV2OlRhYb5HLWCujIL5a6
S0cFu++sUpp3zUXCXOOptqj8T2ra4tC3Xy30zKbFQPyydaZHtlk5jOX7cQIDAQAB
o4ICGjCCAhYwHQYDVR0OBBYEFNlzREKRqvPWdOTBeUd/ERWuHbJRMB8GA1UdIwQY
MBaAFCfXMEwbWdwicxu1Pv9ahO2aMGFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjljd1RCdFozQ0p6RzdVLV8xcUU3Wm93WVV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9jMTNlMTItZTUwZC00MzM4LThhMmYt
ZmZmYjVhNGU3NjJhLzEvMlhORVFwR3E4OVowNU1GNVIzOFJGYTRkc2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9jMTNlMTItZTUwZC00MzM4LThhMmYtZmZmYjVhNGU3NjJh
LzEvSjljd1RCdFozQ0p6RzdVLV8xcUU3Wm93WVV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDAGCCsGAQUFBwEHAQH/BCEwHzAMBAIAATAGAwQAXkvEMA8E
AgACMAkDBwAgARr4RBAwDQYJKoZIhvcNAQELBQADggEBAIAR48ShsExMgfeeoITw
sdKO5sWnmUS/ZQVXlcBdCLfhmRmEiFM32hTIRyaCjGuk8VlZAZkq5B3tWTpoJHD5
3xKbWapU13nsI0jK+XBeKS8/iuiY9/6JKE4R+EbAhgrYE1rq/CW53t9s5dy0y9wE
ywT9eA8Up4KtX9yXK/9J4AN53xmjCT3gPpvO+dZh27p3zDRgbhlBU2Ol22suHAT5
vlKiBZq4PtCzdJbVS8bgUF4Qm56BQAAzliKOK9vO/WdoVQ9ES7X4k4t7a6OUCdnn
+DRjb8YRQpwVYiISyEjkFkEewte1ETIHgNB10voxoqiuvjk+zTtnxMOc4GEo/P2Z
C5k=
-----END CERTIFICATE-----
Generated at Sat Jun 8 00:56:27 2024 by rpki-client on console-fra.rpki-client.org