Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/2ClkNxUAUhSyAF-0grUmtiK9Tk0.roa
File: 2ClkNxUAUhSyAF-0grUmtiK9Tk0.roa (raw, json)
Hash identifier: f1uJ98vzrs0ZDvpPzKaQpUAt30l0r74t8feq86mf5Sg=
Subject key identifier: D8:29:64:37:15:00:52:14:B2:00:5F:B4:82:B5:26:B6:22:BD:4E:4D
Certificate issuer: /CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Certificate serial: 018CC50033214DF0DA6DADC6A65F6274D6B6
Authority key identifier: C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/2ClkNxUAUhSyAF-0grUmtiK9Tk0.roa
Signing time: Mon 01 Jan 2024 12:29:33 +0000
ROA not before: Mon 01 Jan 2024 12:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35745
IP address blocks: 37.131.160.0/20 maxlen: 20
93.175.128.0/20 maxlen: 20
93.175.129.0/24 maxlen: 24
188.125.224.0/19 maxlen: 19
46.20.56.0/23 maxlen: 23
46.20.58.0/24 maxlen: 24
91.206.108.0/23 maxlen: 23
128.127.80.0/20 maxlen: 20
128.127.80.0/21 maxlen: 21
91.208.50.0/24 maxlen: 24
185.15.232.0/22 maxlen: 22
46.20.48.0/20 maxlen: 20
188.125.244.0/22 maxlen: 22
188.125.242.0/23 maxlen: 23
213.109.32.0/20 maxlen: 20
213.109.34.0/23 maxlen: 23
213.109.40.0/24 maxlen: 24
213.109.39.0/24 maxlen: 24
2a00:10a0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.mft
rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 03 Jul 2024 14:20:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:00:33:21:4d:f0:da:6d:ad:c6:a6:5f:62:74:d6:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c41c7221ede3af5ee92e3206af2f18bd010d5dd9
Validity
Not Before: Jan 1 12:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d829643715005214b2005fb482b526b622bd4e4d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:72:51:5b:41:7c:1b:d1:a8:d9:04:eb:29:33:
51:82:97:a8:e1:86:c1:b0:89:de:1c:15:ac:86:a3:
a0:2a:d4:e0:36:d3:bd:1b:fd:b8:06:a4:0d:d6:ac:
7a:fa:da:df:2c:42:b1:c0:e2:99:8e:6f:f0:c9:ba:
11:32:cc:26:0e:05:6e:4d:31:b5:56:d9:be:5b:f5:
c2:72:1a:4f:6b:20:3a:56:28:b9:d7:0d:4a:fc:80:
77:a8:d0:2e:41:44:d5:a0:71:40:56:0c:51:9b:6a:
03:08:88:5c:57:9f:fc:db:3f:86:d3:bd:83:5f:38:
85:d3:7f:af:41:73:86:d6:8c:54:4c:b3:0f:62:5e:
4a:a8:91:e2:4b:6e:c9:d6:86:27:d0:90:c4:43:c5:
89:7e:4d:fb:3d:78:b8:ef:24:a7:07:7a:7e:12:bb:
8b:10:a5:43:96:8e:c9:96:cb:ff:b8:74:f9:d0:20:
a0:2b:97:b6:43:d3:51:60:c2:16:da:fa:c9:11:f0:
bb:d0:df:0e:7a:5a:41:02:b9:02:f3:89:e7:78:aa:
1c:d8:0d:ca:ad:fe:b8:6b:ff:2e:06:dd:89:65:6d:
cf:03:02:5f:8b:5d:a5:c2:dc:a4:27:9a:65:ff:ee:
f9:b4:9b:e0:86:36:02:81:df:6f:ff:e8:b6:23:fa:
20:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:29:64:37:15:00:52:14:B2:00:5F:B4:82:B5:26:B6:22:BD:4E:4D
X509v3 Authority Key Identifier:
keyid:C4:1C:72:21:ED:E3:AF:5E:E9:2E:32:06:AF:2F:18:BD:01:0D:5D:D9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xBxyIe3jr17pLjIGry8YvQENXdk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/2ClkNxUAUhSyAF-0grUmtiK9Tk0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/e99b35-8cf6-4934-a591-9930f2194a0e/1/xBxyIe3jr17pLjIGry8YvQENXdk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.131.160.0/20
46.20.48.0/20
91.206.108.0/23
91.208.50.0/24
93.175.128.0/20
128.127.80.0/20
185.15.232.0/22
188.125.224.0/19
213.109.32.0/20
IPv6:
2a00:10a0::/32
Signature Algorithm: sha256WithRSAEncryption
bc:51:4c:03:1f:b3:5d:2f:77:e8:63:50:8d:e3:c5:c7:42:eb:
11:9c:22:47:7c:41:dd:b1:b1:fb:0f:a9:24:de:a9:dd:8b:00:
33:7e:22:9b:f5:a2:3b:8b:3d:57:0c:9b:e5:9d:01:cf:8d:de:
ae:f3:3f:cf:ca:9b:8b:da:0c:c2:04:a4:fc:e7:f2:b6:16:e0:
2c:29:7c:23:4f:e9:05:fc:48:c0:e0:d5:6b:82:23:22:95:47:
83:6a:7b:7f:11:dc:11:58:bd:02:cb:08:bf:86:14:cb:3f:7e:
a0:a0:48:28:9b:fa:09:ac:41:9a:21:2e:54:e1:ac:81:fc:06:
b9:7a:d7:de:ba:68:cc:d2:50:a1:33:d7:25:26:24:09:4f:63:
c9:22:d8:2c:5f:b6:a0:62:be:ad:dc:08:a3:4b:64:a7:2c:4f:
d6:71:b8:31:a9:16:32:b2:a2:b2:ad:fa:c3:76:f0:b4:01:c6:
2b:dc:04:72:b1:94:8b:41:d3:e8:43:f1:3a:39:10:0f:36:b0:
e6:2c:96:56:7a:2e:56:65:60:bf:ad:26:65:bf:16:8f:97:2e:
c1:2f:43:d1:2d:1b:6b:8b:0c:06:60:1e:22:40:a6:64:21:6f:
f2:2d:5c:18:16:61:5d:87:9b:56:83:ce:0e:0a:0f:9e:0d:3c:
3f:fa:65:78
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAYzFADMhTfDaba3Gpl9idNa2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM0MWM3MjIxZWRlM2FmNWVlOTJlMzIwNmFmMmYxOGJkMDEw
ZDVkZDkwHhcNMjQwMTAxMTIyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODI5NjQzNzE1MDA1MjE0YjIwMDVmYjQ4MmI1MjZiNjIyYmQ0ZTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknJRW0F8G9Go2QTrKTNRgpeo4YbB
sIneHBWshqOgKtTgNtO9G/24BqQN1qx6+trfLEKxwOKZjm/wyboRMswmDgVuTTG1
Vtm+W/XCchpPayA6Vii51w1K/IB3qNAuQUTVoHFAVgxRm2oDCIhcV5/82z+G072D
XziF03+vQXOG1oxUTLMPYl5KqJHiS27J1oYn0JDEQ8WJfk37PXi47ySnB3p+EruL
EKVDlo7Jlsv/uHT50CCgK5e2Q9NRYMIW2vrJEfC70N8OelpBArkC84nneKoc2A3K
rf64a/8uBt2JZW3PAwJfi12lwtykJ5pl/+75tJvghjYCgd9v/+i2I/ogRwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFNgpZDcVAFIUsgBftIK1JrYivU5NMB8GA1UdIwQY
MBaAFMQcciHt469e6S4yBq8vGL0BDV3ZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEt
OTkzMGYyMTk0YTBlLzEvMkNsa054VUFVaFN5QUYtMGdyVW10aUs5VGswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC9lOTliMzUtOGNmNi00OTM0LWE1OTEtOTkzMGYyMTk0YTBl
LzEveEJ4eUllM2pyMTdwTGpJR3J5OFl2UUVOWGRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQEJYOgAwQE
LhQwAwQBW85sAwQAW9AyAwQEXa+AAwQEgH9QAwQCuQ/oAwQFvH3gAwQE1W0gMA0E
AgACMAcDBQAqABCgMA0GCSqGSIb3DQEBCwUAA4IBAQC8UUwDH7NdL3foY1CN48XH
QusRnCJHfEHdsbH7D6kk3qndiwAzfiKb9aI7iz1XDJvlnQHPjd6u8z/PypuL2gzC
BKT85/K2FuAsKXwjT+kF/EjA4NVrgiMilUeDant/EdwRWL0Cywi/hhTLP36goEgo
m/oJrEGaIS5U4ayB/Aa5etfeumjM0lChM9clJiQJT2PJItgsX7agYr6t3AijS2Sn
LE/WcbgxqRYysqKyrfrDdvC0AcYr3ARysZSLQdPoQ/E6ORAPNrDmLJZWei5WZWC/
rSZlvxaPly7BL0PRLRtriwwGYB4iQKZkIW/yLVwYFmFdh5tWg84OCg+eDTw/+mV4
-----END CERTIFICATE-----
Generated at Tue Jul 2 22:14:19 2024 by rpki-client on console-fra.rpki-client.org