Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/co99iuB2e3KGo3fty4O7-BNxvQM.roa
File: co99iuB2e3KGo3fty4O7-BNxvQM.roa (raw, json)
Hash identifier: nDgwO59fgAfJwbfwPGJ3C8+FwLqOb19ptDtlyu/s2ac=
Subject key identifier: 72:8F:7D:8A:E0:76:7B:72:86:A3:77:ED:CB:83:BB:F8:13:71:BD:03
Certificate issuer: /CN=2e6b33413faa5e5e1d279a2a25ff81d8d15325df
Certificate serial: 018CC6B7BCD78D5A4704F5F71D60DEF60645
Authority key identifier: 2E:6B:33:41:3F:AA:5E:5E:1D:27:9A:2A:25:FF:81:D8:D1:53:25:DF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LmszQT-qXl4dJ5oqJf-B2NFTJd8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/co99iuB2e3KGo3fty4O7-BNxvQM.roa
Signing time: Mon 01 Jan 2024 20:29:39 +0000
ROA not before: Mon 01 Jan 2024 20:29:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 2614
IP address blocks: 217.73.160.0/20 maxlen: 20
37.128.224.0/20 maxlen: 20
185.118.200.0/22 maxlen: 22
46.243.112.0/21 maxlen: 24
176.126.208.0/21 maxlen: 21
178.23.64.0/21 maxlen: 21
2001:b30::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/LmszQT-qXl4dJ5oqJf-B2NFTJd8.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/LmszQT-qXl4dJ5oqJf-B2NFTJd8.mft
rsync://rpki.ripe.net/repository/DEFAULT/LmszQT-qXl4dJ5oqJf-B2NFTJd8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:bc:d7:8d:5a:47:04:f5:f7:1d:60:de:f6:06:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e6b33413faa5e5e1d279a2a25ff81d8d15325df
Validity
Not Before: Jan 1 20:29:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=728f7d8ae0767b7286a377edcb83bbf81371bd03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:61:61:c8:b8:4e:40:75:17:12:1d:6b:39:40:
8a:7d:e2:20:85:ef:6e:75:2f:d9:2e:2f:66:8c:f7:
08:f9:72:4b:3c:d6:b5:88:24:41:3b:64:23:bb:3e:
61:9e:a2:9b:c2:00:e6:27:d7:90:50:8c:4d:f5:e4:
3f:fd:03:80:61:54:5c:80:ed:e3:03:41:de:80:80:
c0:95:a8:4f:a4:92:7f:55:65:c6:54:71:1b:a4:b5:
d4:2c:32:eb:ae:a1:b8:0f:9b:c6:7a:aa:ca:42:2c:
96:c4:cf:3d:ab:f8:e2:8c:46:96:78:9d:63:b8:91:
fe:75:4c:38:5c:bf:9f:82:4c:a3:e0:d5:75:6b:e1:
b7:26:09:de:01:b8:cf:50:01:8b:58:6c:0f:a0:cf:
32:7b:fc:89:d5:9f:86:8a:f6:02:02:d4:97:31:eb:
df:09:31:e0:b0:48:00:d9:76:29:a7:ea:27:3c:0d:
0a:58:c3:fd:a1:3a:90:1f:c8:45:a1:54:86:a1:f3:
68:ba:69:b9:78:a3:4c:de:e2:7b:e3:50:bc:5f:e8:
a8:4c:f6:2b:e2:54:04:d8:d5:95:9f:0d:cc:b8:2d:
1e:16:b2:b2:d1:d2:cc:c0:d3:5e:ed:c8:c6:bb:76:
30:75:29:63:cc:be:ef:6a:55:a1:f8:fa:14:12:64:
66:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:8F:7D:8A:E0:76:7B:72:86:A3:77:ED:CB:83:BB:F8:13:71:BD:03
X509v3 Authority Key Identifier:
keyid:2E:6B:33:41:3F:AA:5E:5E:1D:27:9A:2A:25:FF:81:D8:D1:53:25:DF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LmszQT-qXl4dJ5oqJf-B2NFTJd8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/co99iuB2e3KGo3fty4O7-BNxvQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/accde8-f46f-4ef9-94af-8dd81e4b3e33/1/LmszQT-qXl4dJ5oqJf-B2NFTJd8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.128.224.0/20
46.243.112.0/21
176.126.208.0/21
178.23.64.0/21
185.118.200.0/22
217.73.160.0/20
IPv6:
2001:b30::/29
Signature Algorithm: sha256WithRSAEncryption
33:d5:39:35:a2:de:dd:a1:dd:07:25:bb:7f:b1:47:b0:eb:8f:
e8:de:fd:1a:bc:f2:41:97:9c:5e:93:3a:27:5a:44:c0:fc:29:
d6:05:22:09:3e:ab:8b:17:a9:29:cb:43:67:f3:38:de:d7:39:
04:c1:ab:0e:f9:13:01:9a:35:20:74:fc:2a:b6:98:ae:c6:d2:
71:3e:ab:d4:b1:7d:6d:f3:f6:e3:26:2a:dd:3d:af:af:50:e6:
8a:e1:24:12:6e:16:b1:33:82:11:49:67:25:ac:a9:fe:17:67:
90:d6:1e:41:75:df:5e:78:39:cd:7b:8e:7d:51:a1:b3:9f:17:
9f:48:5b:a8:f1:38:90:1a:12:5e:4e:ca:64:50:20:a6:df:41:
89:2b:58:bd:ef:a7:32:66:60:df:99:d2:64:5c:a4:b8:6e:05:
d2:13:24:0e:38:8d:b1:02:7e:48:e2:31:c1:e6:26:17:5c:26:
c3:ee:3c:be:8c:f5:b8:87:cd:48:01:09:de:ad:a1:8f:ce:88:
8d:96:c5:e4:ab:95:52:22:37:78:eb:9f:a7:0e:10:3f:70:f0:
fc:bf:69:0c:bf:2c:25:7a:30:e7:4f:d2:07:96:2b:45:93:65:
ba:8a:e3:fd:ac:43:76:7b:bb:13:82:8e:db:0a:34:99:bf:94:
27:6e:cf:66
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAYzGt7zXjVpHBPX3HWDe9gZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlNmIzMzQxM2ZhYTVlNWUxZDI3OWEyYTI1ZmY4MWQ4ZDE1
MzI1ZGYwHhcNMjQwMTAxMjAyOTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjhmN2Q4YWUwNzY3YjcyODZhMzc3ZWRjYjgzYmJmODEzNzFiZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2FhyLhOQHUXEh1rOUCKfeIghe9u
dS/ZLi9mjPcI+XJLPNa1iCRBO2Qjuz5hnqKbwgDmJ9eQUIxN9eQ//QOAYVRcgO3j
A0HegIDAlahPpJJ/VWXGVHEbpLXULDLrrqG4D5vGeqrKQiyWxM89q/jijEaWeJ1j
uJH+dUw4XL+fgkyj4NV1a+G3JgneAbjPUAGLWGwPoM8ye/yJ1Z+GivYCAtSXMevf
CTHgsEgA2XYpp+onPA0KWMP9oTqQH8hFoVSGofNoumm5eKNM3uJ741C8X+ioTPYr
4lQE2NWVnw3MuC0eFrKy0dLMwNNe7cjGu3YwdSljzL7valWh+PoUEmRmGwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFHKPfYrgdntyhqN37cuDu/gTcb0DMB8GA1UdIwQY
MBaAFC5rM0E/ql5eHSeaKiX/gdjRUyXfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTG1zelFULXFYbDRkSjVvcUpmLUIyTkZUSmQ4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi9hY2NkZTgtZjQ2Zi00ZWY5LTk0YWYt
OGRkODFlNGIzZTMzLzEvY285OWl1QjJlM0tHbzNmdHk0TzctQk54dlFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi9hY2NkZTgtZjQ2Zi00ZWY5LTk0YWYtOGRkODFlNGIzZTMz
LzEvTG1zelFULXFYbDRkSjVvcUpmLUIyTkZUSmQ4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQEJYDgAwQD
LvNwAwQDsH7QAwQDshdAAwQCuXbIAwQE2UmgMA0EAgACMAcDBQMgAQswMA0GCSqG
SIb3DQEBCwUAA4IBAQAz1Tk1ot7dod0HJbt/sUew64/o3v0avPJBl5xekzonWkTA
/CnWBSIJPquLF6kpy0Nn8zje1zkEwasO+RMBmjUgdPwqtpiuxtJxPqvUsX1t8/bj
JirdPa+vUOaK4SQSbhaxM4IRSWclrKn+F2eQ1h5Bdd9eeDnNe459UaGznxefSFuo
8TiQGhJeTspkUCCm30GJK1i976cyZmDfmdJkXKS4bgXSEyQOOI2xAn5I4jHB5iYX
XCbD7jy+jPW4h81IAQneraGPzoiNlsXkq5VSIjd465+nDhA/cPD8v2kMvywlejDn
T9IHlitFk2W6iuP9rEN2e7sTgo7bCjSZv5Qnbs9m
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:22:27 2024 by rpki-client on console-fra.rpki-client.org