Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/P2WZ-LnDAhWyL6yALX30XyexMvQ.roa
File: P2WZ-LnDAhWyL6yALX30XyexMvQ.roa (raw, json)
Hash identifier: 1plGWyPkKcg0HodkhtKItJ+AdF0oJM8e/PLsoGUAwvA=
Subject key identifier: 3F:65:99:F8:B9:C3:02:15:B2:2F:AC:80:2D:7D:F4:5F:27:B1:32:F4
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 018F13CB1B17B8028CB7B531021CD71581E8
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/P2WZ-LnDAhWyL6yALX30XyexMvQ.roa
Signing time: Thu 25 Apr 2024 05:47:08 +0000
ROA not before: Thu 25 Apr 2024 05:47:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20473
IP address blocks: 45.83.28.0/24 maxlen: 24
84.54.33.0/24 maxlen: 24
193.218.34.0/24 maxlen: 24
2a0b:64c4::/32 maxlen: 48
2a0b:64c5::/32 maxlen: 48
2a0b:64c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 06 May 2024 07:03:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:13:cb:1b:17:b8:02:8c:b7:b5:31:02:1c:d7:15:81:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Apr 25 05:47:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3f6599f8b9c30215b22fac802d7df45f27b132f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:62:9e:44:6e:c8:f0:8d:bc:04:81:c0:1a:04:
98:77:23:bd:52:f7:9a:c7:f3:91:6e:7a:00:98:89:
9c:ae:fb:f2:54:68:95:02:c6:a8:98:a1:6e:95:90:
97:cd:73:d7:6c:44:55:57:df:ca:55:d0:1d:f3:ad:
7c:6e:3a:97:44:bf:50:b1:c7:d0:6e:1d:3a:ef:24:
78:63:26:91:4c:5a:21:91:d5:2d:e6:69:4a:63:3a:
85:0e:28:f4:dc:f4:3a:39:f4:3d:da:88:1e:c8:a0:
d7:b2:b0:ab:28:42:95:59:87:d3:62:43:e6:28:87:
13:f2:26:ea:b6:1a:59:1a:de:6a:0d:11:82:a6:80:
ad:49:2a:09:74:1f:d1:38:11:db:05:96:72:62:25:
ce:65:dc:ce:2a:b0:6f:90:8b:c4:66:f9:5c:61:98:
a9:4b:8e:47:00:43:3e:10:f4:fe:4e:2b:67:fb:a1:
b9:68:bd:68:ab:3a:78:ea:f7:dc:c4:75:cd:9c:73:
17:b1:86:06:0d:b5:b6:83:ae:33:e0:28:0d:7d:22:
08:92:7c:27:93:9e:2f:3f:84:95:52:4d:2e:7d:e2:
8e:6b:32:fa:9c:1f:81:42:9e:3a:f4:9b:86:c0:5f:
5f:59:09:1b:a2:e2:f0:98:d8:6f:68:d3:bf:c4:67:
10:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:65:99:F8:B9:C3:02:15:B2:2F:AC:80:2D:7D:F4:5F:27:B1:32:F4
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/P2WZ-LnDAhWyL6yALX30XyexMvQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.28.0/24
84.54.33.0/24
193.218.34.0/24
IPv6:
2a0b:64c4::/31
2a0b:64c7::/32
Signature Algorithm: sha256WithRSAEncryption
45:0e:eb:ad:90:6f:a3:f9:1d:17:7d:0c:74:e0:7d:cd:e4:de:
5d:35:0f:85:22:f4:c1:8d:27:e3:d3:c0:25:18:4d:45:4b:c3:
7c:a8:ef:e9:6a:b3:f9:7d:56:30:0b:35:69:ad:ae:ec:10:da:
58:59:08:05:a1:d5:7b:7a:0f:b1:d1:d4:a7:9a:b5:df:6c:d9:
af:74:67:c6:96:33:ee:44:f8:1a:dd:b4:e7:33:20:47:7b:0a:
c2:f7:d0:48:f1:53:cf:86:81:6a:6d:21:68:1e:3c:af:7f:35:
f7:9c:14:cb:66:6a:18:da:5f:5d:7e:30:b2:c7:21:4c:09:31:
26:c0:34:96:ba:d3:ae:37:37:04:6d:ee:40:03:19:00:cb:c2:
2c:da:a9:d9:c8:71:68:08:6e:df:6f:a5:92:49:36:c7:d7:d0:
5a:c1:06:dc:48:4f:6c:8a:85:70:62:30:fa:8a:62:11:fe:ed:
df:e1:d3:7d:35:c8:e3:d3:fe:9c:25:5c:38:6f:63:bb:7d:9f:
fb:bc:03:0f:f4:16:d3:bd:66:29:30:99:77:e4:37:35:e7:bd:
bb:b4:89:71:17:e5:5f:39:00:41:74:40:04:5e:58:80:cb:1a:
fd:21:57:17:d3:f9:64:53:80:f6:31:1b:af:82:78:71:4d:94:
fb:d8:79:1d
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAY8TyxsXuAKMt7UxAhzXFYHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjQwNDI1MDU0NzA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjY1OTlmOGI5YzMwMjE1YjIyZmFjODAyZDdkZjQ1ZjI3YjEzMmY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2KeRG7I8I28BIHAGgSYdyO9Uvea
x/ORbnoAmImcrvvyVGiVAsaomKFulZCXzXPXbERVV9/KVdAd8618bjqXRL9QscfQ
bh067yR4YyaRTFohkdUt5mlKYzqFDij03PQ6OfQ92ogeyKDXsrCrKEKVWYfTYkPm
KIcT8ibqthpZGt5qDRGCpoCtSSoJdB/ROBHbBZZyYiXOZdzOKrBvkIvEZvlcYZip
S45HAEM+EPT+Titn+6G5aL1oqzp46vfcxHXNnHMXsYYGDbW2g64z4CgNfSIIknwn
k54vP4SVUk0ufeKOazL6nB+BQp469JuGwF9fWQkbouLwmNhvaNO/xGcQPQIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFD9lmfi5wwIVsi+sgC199F8nsTL0MB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUDJXWi1MbkRBaFd5TDZ5QUxYMzBYeWV4TXZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQALVMcAwQA
VDYhAwQAwdoiMBQEAgACMA4DBQEqC2TEAwUAKgtkxzANBgkqhkiG9w0BAQsFAAOC
AQEARQ7rrZBvo/kdF30MdOB9zeTeXTUPhSL0wY0n49PAJRhNRUvDfKjv6Wqz+X1W
MAs1aa2u7BDaWFkIBaHVe3oPsdHUp5q132zZr3RnxpYz7kT4Gt205zMgR3sKwvfQ
SPFTz4aBam0haB48r38195wUy2ZqGNpfXX4wsschTAkxJsA0lrrTrjc3BG3uQAMZ
AMvCLNqp2chxaAhu32+lkkk2x9fQWsEG3EhPbIqFcGIw+opiEf7t3+HTfTXI49P+
nCVcOG9ju32f+7wDD/QW071mKTCZd+Q3Nee9u7SJcRflXzkAQXRABF5YgMsa/SFX
F9P5ZFOA9jEbr4J4cU2U+9h5HQ==
-----END CERTIFICATE-----
Generated at Sun May 5 11:09:38 2024 by rpki-client on console-fra.rpki-client.org