Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/2cHk9_buKYiX30mHgoHc4ZQZrHA.roa
File: 2cHk9_buKYiX30mHgoHc4ZQZrHA.roa (raw, json)
Hash identifier: 93rwnFsl7ylvp3wL3LOYaGqkxv7SDBnj+sGjSGI8BHQ=
Subject key identifier: D9:C1:E4:F7:F6:EE:29:88:97:DF:49:87:82:81:DC:E1:94:19:AC:70
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 0192FD3461C18D9579BDEA12B785575803AC
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/2cHk9_buKYiX30mHgoHc4ZQZrHA.roa
Signing time: Tue 05 Nov 2024 16:42:01 +0000
ROA not before: Tue 05 Nov 2024 16:42:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 198934
IP address blocks: 31.31.88.0/23 maxlen: 23
31.31.88.0/24 maxlen: 24
31.31.89.0/24 maxlen: 24
37.252.97.0/24 maxlen: 24
91.242.243.0/24 maxlen: 24
188.214.225.0/24 maxlen: 24
212.237.230.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.mft
rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:fd:34:61:c1:8d:95:79:bd:ea:12:b7:85:57:58:03:ac
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Nov 5 16:42:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9c1e4f7f6ee298897df49878281dce19419ac70
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:b5:a7:97:89:c4:cf:1f:88:34:cf:fb:fb:ad:
fe:5d:22:3c:12:00:d0:41:1c:bc:1e:98:6a:0a:ae:
63:c3:32:89:c6:61:75:d2:af:32:c9:32:d8:e9:da:
47:bd:85:10:09:33:89:2e:e8:ca:c6:51:59:12:31:
1f:96:ee:94:bb:e3:c1:5d:49:a9:df:ab:c8:60:86:
a4:ac:1d:0f:1e:b9:c3:2b:ac:af:c6:02:a0:40:6c:
6b:eb:35:97:f9:c2:21:df:bd:14:71:bc:27:84:7e:
ab:aa:b9:b9:84:d5:d6:f6:61:fd:28:86:2c:31:15:
8b:8a:dc:3f:c9:58:be:74:9d:4f:cd:7d:1a:a3:c9:
bf:de:04:c3:59:a0:97:f6:1b:07:c7:60:ec:2e:ea:
aa:b6:51:7a:db:83:0c:01:34:bd:c4:d8:16:e2:b9:
8d:2f:50:ea:d1:12:18:c6:6c:18:1f:b7:2c:62:73:
2c:ba:e6:13:4b:54:e9:51:3c:57:69:22:e8:8e:39:
cd:f2:41:95:5f:4c:e1:83:67:53:e0:c7:85:db:a1:
d1:da:ff:03:13:f3:b4:90:46:85:48:76:8a:30:f5:
65:39:b5:6d:b4:a8:7a:49:29:3e:70:3a:69:57:49:
00:74:ae:47:b0:5a:ca:58:1e:92:f5:03:54:a1:ed:
51:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:C1:E4:F7:F6:EE:29:88:97:DF:49:87:82:81:DC:E1:94:19:AC:70
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/2cHk9_buKYiX30mHgoHc4ZQZrHA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.31.88.0/23
37.252.97.0/24
91.242.243.0/24
188.214.225.0/24
212.237.230.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:fe:27:b4:28:a9:5c:32:8a:30:39:3c:5e:c1:d4:2c:60:0b:
26:80:c4:22:ee:84:08:fe:d6:f1:61:88:77:a8:38:57:22:30:
ae:2b:fb:cf:45:1e:69:d5:18:55:a1:5e:b6:8b:4b:df:91:53:
e0:c1:1e:7a:0f:e7:41:58:e7:c8:3f:f9:2e:32:03:2f:e6:48:
e7:b6:8c:6d:19:b2:69:6a:64:79:16:45:69:1a:f9:d3:87:8f:
40:cb:1a:c5:ce:7f:92:83:e0:ce:f0:71:26:b3:de:71:96:ec:
62:b2:6f:ca:13:d1:24:8f:33:fa:12:6a:6d:69:47:ba:38:89:
98:5e:e7:18:38:26:a6:55:54:7a:5d:8b:23:35:6a:80:47:ef:
19:68:43:8c:65:82:d3:60:91:fe:14:25:60:9d:79:cb:ce:6c:
9e:36:c6:f6:36:20:dd:c5:a3:5c:c8:00:9e:ed:a4:e0:32:82:
0c:55:91:fa:ae:e3:05:f6:cd:3b:be:96:97:f2:4a:91:4d:c1:
17:69:e8:1e:48:72:89:7d:43:d0:b5:e1:51:0e:57:95:41:01:
45:46:9c:b8:0d:75:3c:94:ca:51:19:e3:57:7f:73:4a:e6:ee:
b9:98:27:ca:1e:23:cf:af:f9:7a:e8:89:3e:57:ca:83:91:05:
66:ac:05:ad
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZL9NGHBjZV5veoSt4VXWAOsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjQxMTA1MTY0MjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWMxZTRmN2Y2ZWUyOTg4OTdkZjQ5ODc4MjgxZGNlMTk0MTlhYzcwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi7Wnl4nEzx+INM/7+63+XSI8EgDQ
QRy8HphqCq5jwzKJxmF10q8yyTLY6dpHvYUQCTOJLujKxlFZEjEflu6Uu+PBXUmp
36vIYIakrB0PHrnDK6yvxgKgQGxr6zWX+cIh370UcbwnhH6rqrm5hNXW9mH9KIYs
MRWLitw/yVi+dJ1PzX0ao8m/3gTDWaCX9hsHx2DsLuqqtlF624MMATS9xNgW4rmN
L1Dq0RIYxmwYH7csYnMsuuYTS1TpUTxXaSLojjnN8kGVX0zhg2dT4MeF26HR2v8D
E/O0kEaFSHaKMPVlObVttKh6SSk+cDppV0kAdK5HsFrKWB6S9QNUoe1R7QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNnB5Pf27imIl99Jh4KB3OGUGaxwMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvMmNIazlfYnVLWWlYMzBtSGdvSGM0WlFackhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBHx9YAwQA
JfxhAwQAW/LzAwQAvNbhAwQA1O3mMA0GCSqGSIb3DQEBCwUAA4IBAQCq/ie0KKlc
MoowOTxewdQsYAsmgMQi7oQI/tbxYYh3qDhXIjCuK/vPRR5p1RhVoV62i0vfkVPg
wR56D+dBWOfIP/kuMgMv5kjntoxtGbJpamR5FkVpGvnTh49AyxrFzn+Sg+DO8HEm
s95xluxism/KE9EkjzP6EmptaUe6OImYXucYOCamVVR6XYsjNWqAR+8ZaEOMZYLT
YJH+FCVgnXnLzmyeNsb2NiDdxaNcyACe7aTgMoIMVZH6ruMF9s07vpaX8kqRTcEX
aegeSHKJfUPQteFRDleVQQFFRpy4DXU8lMpRGeNXf3NK5u65mCfKHiPPr/l66Ik+
V8qDkQVmrAWt
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:24:52 2024 by rpki-client on console-ams.rpki-client.org