Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ac/d81745-658d-4a74-92f7-5d3a421a0f10/1/2TmEhMqR5_fns249Qf5u2YhPK4g.roa
File: 2TmEhMqR5_fns249Qf5u2YhPK4g.roa (raw, json)
Hash identifier: NZVAIzg0a70fdzzkhtMUww+j95nJ4Zo6mAlTyItiJnk=
Subject key identifier: D9:39:84:84:CA:91:E7:F7:E7:B3:6E:3D:41:FE:6E:D9:88:4F:2B:88
Certificate issuer: /CN=5f08dc10218ac6db79430ae7c44515590417d605
Certificate serial: 018F20D90DBC2671493ED76A9BD5BBA44B96
Authority key identifier: 5F:08:DC:10:21:8A:C6:DB:79:43:0A:E7:C4:45:15:59:04:17:D6:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XwjcECGKxtt5QwrnxEUVWQQX1gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ac/d81745-658d-4a74-92f7-5d3a421a0f10/1/2TmEhMqR5_fns249Qf5u2YhPK4g.roa
Signing time: Sat 27 Apr 2024 18:37:26 +0000
ROA not before: Sat 27 Apr 2024 18:37:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29577
IP address blocks: 92.249.56.0/24 maxlen: 24
92.249.57.0/24 maxlen: 24
92.249.58.0/24 maxlen: 24
92.249.59.0/24 maxlen: 24
176.101.32.0/24 maxlen: 24
176.101.33.0/24 maxlen: 24
176.101.34.0/24 maxlen: 24
176.101.35.0/24 maxlen: 24
176.101.36.0/24 maxlen: 24
176.101.37.0/24 maxlen: 24
176.101.38.0/24 maxlen: 24
176.101.39.0/24 maxlen: 24
176.101.40.0/24 maxlen: 24
176.101.41.0/24 maxlen: 24
176.101.42.0/24 maxlen: 24
176.101.43.0/24 maxlen: 24
176.101.44.0/24 maxlen: 24
176.101.45.0/24 maxlen: 24
176.101.46.0/24 maxlen: 24
176.101.47.0/24 maxlen: 24
176.101.48.0/24 maxlen: 24
176.101.49.0/24 maxlen: 24
176.101.50.0/24 maxlen: 24
176.101.51.0/24 maxlen: 24
176.101.52.0/24 maxlen: 24
176.101.53.0/24 maxlen: 24
176.101.54.0/24 maxlen: 24
176.101.55.0/24 maxlen: 24
194.146.148.0/24 maxlen: 24
194.146.149.0/24 maxlen: 24
194.146.150.0/24 maxlen: 24
194.146.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ac/d81745-658d-4a74-92f7-5d3a421a0f10/1/XwjcECGKxtt5QwrnxEUVWQQX1gU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ac/d81745-658d-4a74-92f7-5d3a421a0f10/1/XwjcECGKxtt5QwrnxEUVWQQX1gU.mft
rsync://rpki.ripe.net/repository/DEFAULT/XwjcECGKxtt5QwrnxEUVWQQX1gU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:20:d9:0d:bc:26:71:49:3e:d7:6a:9b:d5:bb:a4:4b:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5f08dc10218ac6db79430ae7c44515590417d605
Validity
Not Before: Apr 27 18:37:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9398484ca91e7f7e7b36e3d41fe6ed9884f2b88
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:d7:6e:8c:ef:6f:a0:bf:7c:05:b5:e6:59:08:
13:df:da:ca:d3:45:14:4f:6d:58:52:51:e1:21:94:
7d:a1:1b:41:63:63:5e:b1:92:00:9e:48:4c:d5:c1:
39:60:61:1f:b7:f7:98:ac:97:82:a5:92:a3:b6:40:
5a:be:09:92:9a:3f:05:d9:8d:86:d0:fb:7c:b5:cb:
46:72:b4:6c:ec:2d:cc:06:7d:e6:a8:72:8d:32:1d:
18:32:0d:80:f7:77:61:a2:87:89:55:e5:63:38:c7:
81:bc:50:80:b8:32:14:c5:22:6a:c7:a5:31:b5:46:
bc:34:4d:91:0c:10:5e:b1:85:d8:a6:00:e9:5d:b6:
c3:2e:ec:db:6d:1f:75:63:13:ce:2d:a2:25:ed:53:
c2:d3:77:8c:b2:ca:28:d9:8c:bd:af:4c:a4:25:b7:
eb:ba:81:93:67:28:76:3f:b0:cd:35:a1:ee:dd:5c:
85:80:91:aa:1c:3a:03:49:bc:b9:ba:7b:d0:99:94:
05:89:6b:92:f3:46:78:77:21:50:2d:a8:0a:3d:59:
90:bf:4b:ae:1c:73:25:54:ba:a9:6e:39:b1:33:a1:
d1:77:19:6c:97:7a:f8:75:4d:a4:56:a2:e7:09:f3:
da:d0:98:ac:85:2f:89:79:2d:9e:c3:42:91:d8:91:
9a:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:39:84:84:CA:91:E7:F7:E7:B3:6E:3D:41:FE:6E:D9:88:4F:2B:88
X509v3 Authority Key Identifier:
keyid:5F:08:DC:10:21:8A:C6:DB:79:43:0A:E7:C4:45:15:59:04:17:D6:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XwjcECGKxtt5QwrnxEUVWQQX1gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/d81745-658d-4a74-92f7-5d3a421a0f10/1/2TmEhMqR5_fns249Qf5u2YhPK4g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ac/d81745-658d-4a74-92f7-5d3a421a0f10/1/XwjcECGKxtt5QwrnxEUVWQQX1gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.249.56.0/22
176.101.32.0-176.101.55.255
194.146.148.0/22
Signature Algorithm: sha256WithRSAEncryption
28:f7:db:a6:8c:4e:c6:9a:2c:17:92:72:58:96:5e:11:16:4c:
98:a7:3a:06:41:4f:a2:17:f5:52:56:0a:42:1a:4e:42:e7:14:
ae:3c:0d:0f:7f:b0:b0:4e:d2:a0:d5:83:db:de:51:ae:34:e2:
06:73:b2:89:29:67:43:88:a7:af:f6:25:c7:d2:07:72:3b:e7:
10:ff:8c:38:e6:09:ba:d4:39:a3:44:37:cd:ed:de:11:79:ba:
9d:41:53:b8:09:34:dc:e3:0e:d0:2d:5b:84:15:c3:30:96:02:
9c:f7:a9:f2:2a:86:36:90:06:a8:f8:e3:4e:9a:bb:29:01:a9:
89:c5:9d:b2:cd:2e:d3:73:72:2b:b2:5a:b0:01:b7:e0:c0:49:
45:7f:8c:11:56:b2:af:ae:87:3c:49:1e:2a:3d:15:ba:39:39:
ef:5c:c9:7b:25:3a:53:42:9a:41:60:53:c0:db:4a:17:bd:8e:
89:c4:ae:e2:40:4e:94:3a:2c:ac:e8:5d:d8:3b:68:66:e3:32:
ca:74:77:0a:68:10:cc:c3:ee:8d:e3:31:b1:41:1a:8d:44:a7:
01:c3:eb:7b:67:62:34:37:42:ce:e8:48:f2:fb:f1:91:f0:48:
6b:9d:fa:45:04:31:50:c2:ab:dd:2a:6f:a4:51:b8:40:91:c9:
e1:53:ca:65
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAY8g2Q28JnFJPtdqm9W7pEuWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmMDhkYzEwMjE4YWM2ZGI3OTQzMGFlN2M0NDUxNTU5MDQx
N2Q2MDUwHhcNMjQwNDI3MTgzNzI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTM5ODQ4NGNhOTFlN2Y3ZTdiMzZlM2Q0MWZlNmVkOTg4NGYyYjg4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn9dujO9voL98BbXmWQgT39rK00UU
T21YUlHhIZR9oRtBY2NesZIAnkhM1cE5YGEft/eYrJeCpZKjtkBavgmSmj8F2Y2G
0Pt8tctGcrRs7C3MBn3mqHKNMh0YMg2A93dhooeJVeVjOMeBvFCAuDIUxSJqx6Ux
tUa8NE2RDBBesYXYpgDpXbbDLuzbbR91YxPOLaIl7VPC03eMssoo2Yy9r0ykJbfr
uoGTZyh2P7DNNaHu3VyFgJGqHDoDSby5unvQmZQFiWuS80Z4dyFQLagKPVmQv0uu
HHMlVLqpbjmxM6HRdxlsl3r4dU2kVqLnCfPa0JishS+JeS2ew0KR2JGafQIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNk5hITKkef357NuPUH+btmITyuIMB8GA1UdIwQY
MBaAFF8I3BAhisbbeUMK58RFFVkEF9YFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHdqY0VDR0t4dHQ1UXdybnhFVVZXUVFYMWdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYy9kODE3NDUtNjU4ZC00YTc0LTkyZjct
NWQzYTQyMWEwZjEwLzEvMlRtRWhNcVI1X2ZuczI0OVFmNXUyWWhQSzRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYy9kODE3NDUtNjU4ZC00YTc0LTkyZjctNWQzYTQyMWEwZjEw
LzEvWHdqY0VDR0t4dHQ1UXdybnhFVVZXUVFYMWdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQCXPk4MAwD
BAWwZSADBAOwZTADBALCkpQwDQYJKoZIhvcNAQELBQADggEBACj326aMTsaaLBeS
cliWXhEWTJinOgZBT6IX9VJWCkIaTkLnFK48DQ9/sLBO0qDVg9veUa404gZzsokp
Z0OIp6/2JcfSB3I75xD/jDjmCbrUOaNEN83t3hF5up1BU7gJNNzjDtAtW4QVwzCW
Apz3qfIqhjaQBqj4406auykBqYnFnbLNLtNzciuyWrABt+DASUV/jBFWsq+uhzxJ
Hio9Fbo5Oe9cyXslOlNCmkFgU8DbShe9jonEruJATpQ6LKzoXdg7aGbjMsp0dwpo
EMzD7o3jMbFBGo1EpwHD63tnYjQ3Qs7oSPL78ZHwSGud+kUEMVDCq90qb6RRuECR
yeFTymU=
-----END CERTIFICATE-----
Generated at Sat Jun 1 15:46:29 2024 by rpki-client on console-fra.rpki-client.org