Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/2BxXrNLvBnNZQFFUaiiEAiUIbDA.roa
File: 2BxXrNLvBnNZQFFUaiiEAiUIbDA.roa (raw, json)
Hash identifier: fvt67MpZOhpsNXyKz4wWsejhxjGeroDlZlW6cV9Dyl8=
Subject key identifier: D8:1C:57:AC:D2:EF:06:73:59:40:51:54:6A:28:84:02:25:08:6C:30
Certificate issuer: /CN=0babd682c1a8fc5037adbf68143ae77fd00f38ab
Certificate serial: 01928FCF2B1415834FE2BD1644BD769821F5
Authority key identifier: 0B:AB:D6:82:C1:A8:FC:50:37:AD:BF:68:14:3A:E7:7F:D0:0F:38:AB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C6vWgsGo_FA3rb9oFDrnf9APOKs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/2BxXrNLvBnNZQFFUaiiEAiUIbDA.roa
Signing time: Tue 15 Oct 2024 10:52:51 +0000
ROA not before: Tue 15 Oct 2024 10:52:51 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 50833
IP address blocks: 91.224.59.0/24 maxlen: 24
193.150.128.0/24 maxlen: 24
193.150.129.0/24 maxlen: 24
2a10:24c0:272::/48 maxlen: 48
2a10:24c0:6c2::/48 maxlen: 48
2a10:24c0:ad1b::/48 maxlen: 48
2a10:24c0:ada1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/C6vWgsGo_FA3rb9oFDrnf9APOKs.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/C6vWgsGo_FA3rb9oFDrnf9APOKs.mft
rsync://rpki.ripe.net/repository/DEFAULT/C6vWgsGo_FA3rb9oFDrnf9APOKs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:8f:cf:2b:14:15:83:4f:e2:bd:16:44:bd:76:98:21:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0babd682c1a8fc5037adbf68143ae77fd00f38ab
Validity
Not Before: Oct 15 10:52:51 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d81c57acd2ef0673594051546a28840225086c30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:61:d8:62:60:25:e5:7c:89:a5:41:47:f6:a7:
d7:94:ec:52:87:13:b0:54:38:48:93:e6:8b:1f:59:
72:e2:8f:b6:75:68:05:5d:f0:cd:18:98:b8:31:c1:
84:8d:c9:6f:66:fd:1f:0a:16:57:c4:0c:d0:9c:5b:
21:53:3f:06:45:c0:7f:0f:e8:3c:2b:68:f2:a8:db:
93:9a:43:ed:cc:fc:b4:a1:ad:a3:94:a6:4c:63:61:
db:f2:c0:eb:4f:c6:c6:6e:bf:a0:64:a3:44:4a:78:
7f:79:fa:a7:1e:3e:b4:11:1e:87:50:55:69:cd:53:
c0:79:6d:0f:72:37:82:33:4f:ee:dd:14:71:68:ae:
66:f3:1d:34:fa:98:61:00:63:e9:02:17:df:c3:9c:
5d:76:bb:9c:03:c3:77:18:1c:62:68:fe:88:47:3d:
89:f2:70:28:2e:2f:42:74:96:e4:9c:57:3b:1a:35:
fe:12:91:6b:c7:ea:07:fd:73:12:a8:51:a3:61:fc:
82:cb:06:19:4e:1a:cf:97:1c:3e:0d:1c:59:0b:92:
22:17:77:00:29:0b:4b:95:61:23:01:c0:3a:79:ed:
ad:0c:29:2e:bc:f8:1d:13:37:19:fc:41:b7:31:0b:
f9:d9:16:89:a6:ab:1d:ee:f2:19:42:90:8a:2c:06:
ff:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:1C:57:AC:D2:EF:06:73:59:40:51:54:6A:28:84:02:25:08:6C:30
X509v3 Authority Key Identifier:
keyid:0B:AB:D6:82:C1:A8:FC:50:37:AD:BF:68:14:3A:E7:7F:D0:0F:38:AB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C6vWgsGo_FA3rb9oFDrnf9APOKs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/2BxXrNLvBnNZQFFUaiiEAiUIbDA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/bc401a-6938-4fdc-9c6e-fac3d5543a2c/1/C6vWgsGo_FA3rb9oFDrnf9APOKs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.224.59.0/24
193.150.128.0/23
IPv6:
2a10:24c0:272::/48
2a10:24c0:6c2::/48
2a10:24c0:ad1b::/48
2a10:24c0:ada1::/48
Signature Algorithm: sha256WithRSAEncryption
b0:e1:36:bb:0d:bf:aa:d0:a3:93:48:73:63:59:d4:3d:ce:2a:
29:c8:de:ef:58:f0:c5:06:4d:8d:dd:1d:0c:9e:b4:66:e4:4c:
07:df:a8:1c:e7:22:c3:a9:72:78:83:ef:34:45:96:83:28:04:
2f:be:e0:10:21:ce:bf:85:bc:d7:b6:f4:35:fe:6c:7e:67:c1:
b9:a6:0c:01:a7:06:ff:b3:fa:41:b1:05:07:96:92:7e:f9:91:
10:ce:b2:42:81:86:97:d9:f1:4e:d7:11:f2:6a:f0:ea:4c:1d:
ea:c2:a6:d5:9c:45:ba:2a:c7:d3:23:9e:b3:ed:01:46:09:91:
93:89:8f:49:f9:bc:44:57:a4:b9:9a:af:39:3d:75:ca:38:cb:
5b:79:07:c4:b8:e4:a4:4e:8a:a4:77:3a:96:21:99:48:13:26:
b6:da:ee:57:83:a8:a0:56:ee:81:0e:fd:90:df:ef:1b:86:9f:
76:af:e1:f9:8c:75:f9:e2:bf:9b:07:3c:ee:8e:80:20:4b:16:
ae:4a:fb:6a:3b:a3:67:db:26:1e:73:ff:be:42:76:9c:a2:9d:
ff:0e:0e:ec:7a:b3:8d:cd:ec:c1:75:05:72:cc:6b:53:46:f5:
36:35:cd:ec:6e:64:1f:7e:bb:ad:dd:0a:84:9e:9c:c6:35:9d:
67:b2:20:1c
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZKPzysUFYNP4r0WRL12mCH1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiYWJkNjgyYzFhOGZjNTAzN2FkYmY2ODE0M2FlNzdmZDAw
ZjM4YWIwHhcNMjQxMDE1MTA1MjUxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODFjNTdhY2QyZWYwNjczNTk0MDUxNTQ2YTI4ODQwMjI1MDg2YzMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA62HYYmAl5XyJpUFH9qfXlOxShxOw
VDhIk+aLH1ly4o+2dWgFXfDNGJi4McGEjclvZv0fChZXxAzQnFshUz8GRcB/D+g8
K2jyqNuTmkPtzPy0oa2jlKZMY2Hb8sDrT8bGbr+gZKNESnh/efqnHj60ER6HUFVp
zVPAeW0PcjeCM0/u3RRxaK5m8x00+phhAGPpAhffw5xddrucA8N3GBxiaP6IRz2J
8nAoLi9CdJbknFc7GjX+EpFrx+oH/XMSqFGjYfyCywYZThrPlxw+DRxZC5IiF3cA
KQtLlWEjAcA6ee2tDCkuvPgdEzcZ/EG3MQv52RaJpqsd7vIZQpCKLAb/OwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFNgcV6zS7wZzWUBRVGoohAIlCGwwMB8GA1UdIwQY
MBaAFAur1oLBqPxQN62/aBQ653/QDzirMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzZ2V2dzR29fRkEzcmI5b0ZEcm5mOUFQT0tzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9iYzQwMWEtNjkzOC00ZmRjLTljNmUt
ZmFjM2Q1NTQzYTJjLzEvMkJ4WHJOTHZCbk5aUUZGVWFpaUVBaVVJYkRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9iYzQwMWEtNjkzOC00ZmRjLTljNmUtZmFjM2Q1NTQzYTJj
LzEvQzZ2V2dzR29fRkEzcmI5b0ZEcm5mOUFQT0tzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDASBAIAATAMAwQAW+A7AwQB
wZaAMCoEAgACMCQDBwAqECTAAnIDBwAqECTABsIDBwAqECTArRsDBwAqECTAraEw
DQYJKoZIhvcNAQELBQADggEBALDhNrsNv6rQo5NIc2NZ1D3OKinI3u9Y8MUGTY3d
HQyetGbkTAffqBznIsOpcniD7zRFloMoBC++4BAhzr+FvNe29DX+bH5nwbmmDAGn
Bv+z+kGxBQeWkn75kRDOskKBhpfZ8U7XEfJq8OpMHerCptWcRboqx9MjnrPtAUYJ
kZOJj0n5vERXpLmarzk9dco4y1t5B8S45KROiqR3OpYhmUgTJrba7leDqKBW7oEO
/ZDf7xuGn3av4fmMdfniv5sHPO6OgCBLFq5K+2o7o2fbJh5z/75Cdpyinf8ODux6
s43N7MF1BXLMa1NG9TY1zexuZB9+u63dCoSenMY1nWeyIBw=
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:23:36 2024 by rpki-client on console-ams.rpki-client.org