Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/u2WA6Bbv2zapPtBxTo-R0pjXT1w.roa
File: u2WA6Bbv2zapPtBxTo-R0pjXT1w.roa (raw, json)
Hash identifier: XT8rfqQsqZLZQJrDOREdj15fUbLq/aRThkIe08I5HIY=
Subject key identifier: BB:65:80:E8:16:EF:DB:36:A9:3E:D0:71:4E:8F:91:D2:98:D7:4F:5C
Certificate issuer: /CN=2c96946c501ddf48696da2cf110fdceb286fac98
Certificate serial: 018E2D6B70A4870F217B1E571613B456DAB6
Authority key identifier: 2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/u2WA6Bbv2zapPtBxTo-R0pjXT1w.roa
Signing time: Mon 11 Mar 2024 12:09:59 +0000
ROA not before: Mon 11 Mar 2024 12:09:59 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8455
IP address blocks: 85.222.236.0/24 maxlen: 24
85.222.237.0/24 maxlen: 24
85.222.238.0/24 maxlen: 24
85.222.239.0/24 maxlen: 24
89.255.200.0/21 maxlen: 24
89.255.200.0/24 maxlen: 24
89.255.201.0/24 maxlen: 24
89.255.202.0/24 maxlen: 24
89.255.203.0/24 maxlen: 24
89.255.204.0/24 maxlen: 24
89.255.205.0/24 maxlen: 24
89.255.206.0/24 maxlen: 24
89.255.207.0/24 maxlen: 24
185.223.86.0/23 maxlen: 24
185.234.96.0/22 maxlen: 24
185.242.220.0/22 maxlen: 22
195.43.158.0/24 maxlen: 24
195.137.242.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl
rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 12:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:2d:6b:70:a4:87:0f:21:7b:1e:57:16:13:b4:56:da:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c96946c501ddf48696da2cf110fdceb286fac98
Validity
Not Before: Mar 11 12:09:59 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bb6580e816efdb36a93ed0714e8f91d298d74f5c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:9b:60:97:34:d1:e3:17:f9:0c:56:44:9a:64:
69:37:49:0c:2e:40:f7:0a:3f:e5:c4:2a:ff:f9:1c:
dd:38:ed:ad:63:71:af:c7:d4:4d:3b:2d:90:d6:1c:
0d:6e:b5:ab:df:a5:bd:00:c0:6b:a6:e4:37:71:b2:
16:76:ca:48:ed:bb:35:41:a8:f0:2a:99:4c:d4:ce:
2b:44:76:29:0e:e7:87:04:28:44:af:91:1d:60:af:
2b:42:a5:8e:9d:bd:2d:ce:93:15:b8:6d:56:b6:e0:
73:b2:db:dd:e0:b7:4e:7f:5a:34:b0:41:06:21:eb:
d9:b7:89:63:fe:6a:80:f1:c7:2f:7c:86:38:9d:19:
db:e6:11:2a:13:39:bf:0d:d7:f7:ef:05:d9:ff:72:
75:19:be:b7:0d:d7:e8:8d:1d:38:10:81:0c:e8:c2:
9c:b4:21:f1:02:09:67:bf:9b:85:55:bc:0c:58:75:
7b:6f:a1:c4:c0:9d:3c:79:f0:4a:21:fe:37:91:51:
7d:1c:98:f0:7f:ae:5f:df:0b:bf:e9:6a:b7:c1:97:
e3:fb:22:d6:e6:38:2b:70:77:28:06:0e:18:a8:30:
6e:92:98:ad:37:b7:67:db:0e:18:b6:25:2b:54:42:
91:5a:46:d3:1b:d2:c2:21:a2:6c:31:50:29:d8:5a:
ce:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:65:80:E8:16:EF:DB:36:A9:3E:D0:71:4E:8F:91:D2:98:D7:4F:5C
X509v3 Authority Key Identifier:
keyid:2C:96:94:6C:50:1D:DF:48:69:6D:A2:CF:11:0F:DC:EB:28:6F:AC:98
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LJaUbFAd30hpbaLPEQ_c6yhvrJg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/u2WA6Bbv2zapPtBxTo-R0pjXT1w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a2/04fef8-d2df-4f7a-92b4-7f970a3af9cd/1/LJaUbFAd30hpbaLPEQ_c6yhvrJg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.222.236.0/22
89.255.200.0/21
185.223.86.0/23
185.234.96.0/22
185.242.220.0/22
195.43.158.0/24
195.137.242.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:69:1f:c9:ab:75:7a:70:f7:42:b6:1c:d5:4c:6a:e1:1c:0e:
78:0f:42:6a:c8:b3:1c:44:af:d4:1c:8f:07:cd:05:8e:7c:2c:
c8:65:42:7a:e3:82:48:55:1b:56:00:19:d6:60:0c:b1:87:33:
6a:e8:55:3c:4a:8e:b5:29:2b:ad:d6:ab:29:4d:1b:f2:0f:f1:
3a:66:f2:a1:a9:f2:bd:a6:b6:00:c8:0f:7f:92:20:9f:a5:bd:
61:32:09:15:ba:18:f4:c4:38:3d:00:60:2d:7f:c8:f8:7f:31:
f9:08:ec:d3:0f:67:bb:df:0b:ef:96:e9:a3:3c:cc:bc:f7:f2:
85:6c:23:d0:6b:72:58:a8:2b:07:5f:9e:13:90:12:f8:fa:dd:
9d:3f:1a:57:91:ea:f5:51:3d:58:56:2e:f9:bf:2e:c0:0d:ce:
9f:50:b1:59:68:69:ac:2d:c6:e7:f5:a7:1a:e6:b6:c6:61:f4:
d7:96:9c:ac:bd:da:27:e3:ac:a8:a2:66:c7:54:02:2d:d5:3a:
0b:ca:81:d8:30:44:fa:3f:04:cd:2c:25:4d:6b:d0:78:84:1e:
56:45:68:db:3d:c0:d7:f4:8f:af:64:83:fd:bd:9a:28:fa:32:
0b:d6:28:0d:69:a0:fe:49:f0:8f:3f:7e:8e:fc:cb:0c:20:0b:
af:83:7d:09
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAY4ta3Ckhw8hex5XFhO0Vtq2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjOTY5NDZjNTAxZGRmNDg2OTZkYTJjZjExMGZkY2ViMjg2
ZmFjOTgwHhcNMjQwMzExMTIwOTU5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjY1ODBlODE2ZWZkYjM2YTkzZWQwNzE0ZThmOTFkMjk4ZDc0ZjVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZtglzTR4xf5DFZEmmRpN0kMLkD3
Cj/lxCr/+RzdOO2tY3Gvx9RNOy2Q1hwNbrWr36W9AMBrpuQ3cbIWdspI7bs1Qajw
KplM1M4rRHYpDueHBChEr5EdYK8rQqWOnb0tzpMVuG1WtuBzstvd4LdOf1o0sEEG
IevZt4lj/mqA8ccvfIY4nRnb5hEqEzm/Ddf37wXZ/3J1Gb63DdfojR04EIEM6MKc
tCHxAglnv5uFVbwMWHV7b6HEwJ08efBKIf43kVF9HJjwf65f3wu/6Wq3wZfj+yLW
5jgrcHcoBg4YqDBukpitN7dn2w4YtiUrVEKRWkbTG9LCIaJsMVAp2FrOKwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFLtlgOgW79s2qT7QcU6PkdKY109cMB8GA1UdIwQY
MBaAFCyWlGxQHd9IaW2izxEP3Osob6yYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQt
N2Y5NzBhM2FmOWNkLzEvdTJXQTZCYnYyemFwUHRCeFRvLVIwcGpYVDF3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMi8wNGZlZjgtZDJkZi00ZjdhLTkyYjQtN2Y5NzBhM2FmOWNk
LzEvTEphVWJGQWQzMGhwYmFMUEVRX2M2eWh2ckpnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQCVd7sAwQD
Wf/IAwQBud9WAwQCuepgAwQCufLcAwQAwyueAwQAw4nyMA0GCSqGSIb3DQEBCwUA
A4IBAQCfaR/Jq3V6cPdCthzVTGrhHA54D0JqyLMcRK/UHI8HzQWOfCzIZUJ644JI
VRtWABnWYAyxhzNq6FU8So61KSut1qspTRvyD/E6ZvKhqfK9prYAyA9/kiCfpb1h
MgkVuhj0xDg9AGAtf8j4fzH5COzTD2e73wvvlumjPMy89/KFbCPQa3JYqCsHX54T
kBL4+t2dPxpXker1UT1YVi75vy7ADc6fULFZaGmsLcbn9aca5rbGYfTXlpysvdon
46yoombHVAIt1ToLyoHYMET6PwTNLCVNa9B4hB5WRWjbPcDX9I+vZIP9vZoo+jIL
1igNaaD+SfCPP36O/MsMIAuvg30J
-----END CERTIFICATE-----
Generated at Fri Jun 7 16:30:41 2024 by rpki-client on console-fra.rpki-client.org