Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/e4e696-9d78-414c-af40-cf56c66a0ac0/1/2drh9Colunxgs1C0oFPd4wi4ch0.roa
File: 2drh9Colunxgs1C0oFPd4wi4ch0.roa (raw, json)
Hash identifier: Hi2F2tFMmZx3f+btl8VU/cGyRrJ+kKTjOu0EfijYQ4I=
Subject key identifier: D9:DA:E1:F4:2A:25:BA:7C:60:B3:50:B4:A0:53:DD:E3:08:B8:72:1D
Certificate issuer: /CN=4c93213d88fa874eb4460e2c5cf1bb1a91da9078
Certificate serial: 018CC80194038C936ECD7DCEA4D72C625FAD
Authority key identifier: 4C:93:21:3D:88:FA:87:4E:B4:46:0E:2C:5C:F1:BB:1A:91:DA:90:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TJMhPYj6h060Rg4sXPG7GpHakHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/e4e696-9d78-414c-af40-cf56c66a0ac0/1/2drh9Colunxgs1C0oFPd4wi4ch0.roa
Signing time: Tue 02 Jan 2024 02:29:55 +0000
ROA not before: Tue 02 Jan 2024 02:29:55 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 41073
IP address blocks: 89.207.56.0/21 maxlen: 24
185.54.104.0/22 maxlen: 22
2a00:1ed8::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/e4e696-9d78-414c-af40-cf56c66a0ac0/1/TJMhPYj6h060Rg4sXPG7GpHakHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/e4e696-9d78-414c-af40-cf56c66a0ac0/1/TJMhPYj6h060Rg4sXPG7GpHakHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/TJMhPYj6h060Rg4sXPG7GpHakHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 01:02:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:01:94:03:8c:93:6e:cd:7d:ce:a4:d7:2c:62:5f:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4c93213d88fa874eb4460e2c5cf1bb1a91da9078
Validity
Not Before: Jan 2 02:29:55 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9dae1f42a25ba7c60b350b4a053dde308b8721d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:90:44:37:fc:d1:4a:bd:c9:0d:ea:fe:58:de:
07:1b:cd:4f:fe:4b:4d:74:45:66:08:41:6c:54:e5:
9e:01:01:ba:88:94:8f:24:9c:1e:a4:7c:d8:ef:0d:
95:44:1b:6f:af:06:2d:b9:af:95:d0:ff:7c:24:af:
3a:ae:53:59:a9:f2:81:99:72:36:16:ff:ae:85:34:
f8:b7:5a:00:28:bf:83:eb:84:5e:1b:2b:54:a2:bc:
bb:e7:07:27:71:05:7c:64:2a:18:41:c8:38:d5:27:
4f:35:f9:55:e0:0c:61:b5:71:47:5f:b1:39:fe:97:
2f:cb:a0:a8:82:a4:b1:8a:66:f7:f9:61:11:ec:e7:
c2:18:2b:b6:89:56:90:b7:ec:2b:f0:14:08:64:a5:
93:f3:23:87:22:70:bb:9c:9f:65:d2:93:ad:62:a2:
97:a0:94:c0:7b:43:72:e7:e7:fb:59:0b:24:cf:85:
45:a9:5f:91:ce:6b:aa:fd:47:4e:1c:17:7b:2a:ea:
c2:3a:10:ce:63:ef:1a:f6:d1:31:40:af:23:c7:ba:
10:cf:4f:22:d1:8e:8c:af:35:5f:95:e8:96:d5:54:
e0:3a:64:0d:73:02:b4:bb:41:fc:77:a5:f9:3e:a0:
98:86:52:4a:29:71:c3:a8:f4:bf:95:38:da:fd:6c:
d1:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:DA:E1:F4:2A:25:BA:7C:60:B3:50:B4:A0:53:DD:E3:08:B8:72:1D
X509v3 Authority Key Identifier:
keyid:4C:93:21:3D:88:FA:87:4E:B4:46:0E:2C:5C:F1:BB:1A:91:DA:90:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TJMhPYj6h060Rg4sXPG7GpHakHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e4e696-9d78-414c-af40-cf56c66a0ac0/1/2drh9Colunxgs1C0oFPd4wi4ch0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/e4e696-9d78-414c-af40-cf56c66a0ac0/1/TJMhPYj6h060Rg4sXPG7GpHakHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.207.56.0/21
185.54.104.0/22
IPv6:
2a00:1ed8::/29
Signature Algorithm: sha256WithRSAEncryption
0d:94:31:5f:ec:0f:04:dd:4e:59:f4:4b:33:37:de:20:81:33:
1a:e4:92:7b:fd:2e:51:4f:7c:93:aa:80:cb:c4:34:09:8d:03:
5e:73:36:d3:19:c0:af:a5:01:61:16:4e:45:5f:4d:a4:0e:8a:
5b:e5:a7:8d:03:88:7e:be:7d:07:fd:fb:cc:37:c3:cf:3f:57:
64:55:99:e8:ef:08:dd:05:99:71:c0:7f:1a:3d:4e:4f:ec:0c:
dd:a3:03:52:fc:f4:c0:53:67:82:1b:12:42:d2:5f:64:67:54:
27:04:bb:7a:2a:39:93:17:a0:de:0b:e1:39:aa:30:ea:8c:2d:
06:7a:ed:42:28:af:30:6f:f1:e1:c3:fd:9b:f3:d0:12:98:13:
e6:8d:af:0d:b6:7c:0e:f3:0f:55:57:73:7d:56:f8:df:28:41:
c1:b3:da:26:6a:d5:b7:a2:2c:57:47:f2:7c:42:9a:5d:93:69:
20:46:91:f6:a4:0c:6f:72:9f:ea:eb:63:e7:47:f9:08:ec:e3:
eb:cc:06:b4:38:2f:8c:6f:00:4d:ab:5a:4d:9f:34:d5:51:88:
4a:31:74:e1:6e:64:db:4e:d0:db:17:63:fd:ac:fe:cc:8d:4c:
c2:bf:df:94:9c:1c:5d:e5:64:76:ea:5b:1e:2b:8f:35:fc:c6:
f3:6d:e6:89
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAYzIAZQDjJNuzX3OpNcsYl+tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjOTMyMTNkODhmYTg3NGViNDQ2MGUyYzVjZjFiYjFhOTFk
YTkwNzgwHhcNMjQwMTAyMDIyOTU1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWRhZTFmNDJhMjViYTdjNjBiMzUwYjRhMDUzZGRlMzA4Yjg3MjFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjJBEN/zRSr3JDer+WN4HG81P/ktN
dEVmCEFsVOWeAQG6iJSPJJwepHzY7w2VRBtvrwYtua+V0P98JK86rlNZqfKBmXI2
Fv+uhTT4t1oAKL+D64ReGytUory75wcncQV8ZCoYQcg41SdPNflV4AxhtXFHX7E5
/pcvy6CogqSximb3+WER7OfCGCu2iVaQt+wr8BQIZKWT8yOHInC7nJ9l0pOtYqKX
oJTAe0Ny5+f7WQskz4VFqV+Rzmuq/UdOHBd7KurCOhDOY+8a9tExQK8jx7oQz08i
0Y6MrzVfleiW1VTgOmQNcwK0u0H8d6X5PqCYhlJKKXHDqPS/lTja/WzRFQIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFNna4fQqJbp8YLNQtKBT3eMIuHIdMB8GA1UdIwQY
MBaAFEyTIT2I+odOtEYOLFzxuxqR2pB4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEpNaFBZajZoMDYwUmc0c1hQRzdHcEhha0hnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9lNGU2OTYtOWQ3OC00MTRjLWFmNDAt
Y2Y1NmM2NmEwYWMwLzEvMmRyaDlDb2x1bnhnczFDMG9GUGQ0d2k0Y2gwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9lNGU2OTYtOWQ3OC00MTRjLWFmNDAtY2Y1NmM2NmEwYWMw
LzEvVEpNaFBZajZoMDYwUmc0c1hQRzdHcEhha0hnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQDWc84AwQC
uTZoMA0EAgACMAcDBQMqAB7YMA0GCSqGSIb3DQEBCwUAA4IBAQANlDFf7A8E3U5Z
9EszN94ggTMa5JJ7/S5RT3yTqoDLxDQJjQNeczbTGcCvpQFhFk5FX02kDopb5aeN
A4h+vn0H/fvMN8PPP1dkVZno7wjdBZlxwH8aPU5P7AzdowNS/PTAU2eCGxJC0l9k
Z1QnBLt6KjmTF6DeC+E5qjDqjC0Geu1CKK8wb/Hhw/2b89ASmBPmja8NtnwO8w9V
V3N9VvjfKEHBs9omatW3oixXR/J8Qppdk2kgRpH2pAxvcp/q62PnR/kI7OPrzAa0
OC+MbwBNq1pNnzTVUYhKMXThbmTbTtDbF2P9rP7MjUzCv9+UnBxd5WR26lseK481
/MbzbeaJ
-----END CERTIFICATE-----
Generated at Sat Jun 8 10:06:19 2024 by rpki-client on console-fra.rpki-client.org