Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/2z8H1wtrJuNw1DRlH2I1P9bKsxY.roa
File: 2z8H1wtrJuNw1DRlH2I1P9bKsxY.roa (raw, json)
Hash identifier: jFRsArYvBhU0kJ2cJpYic+bA5w4YsMSn/ON+VfGxNcQ=
Subject key identifier: DB:3F:07:D7:0B:6B:26:E3:70:D4:34:65:1F:62:35:3F:D6:CA:B3:16
Certificate issuer: /CN=9fb4a8b93af9ea9cf18aaca4e73f116ec26eb357
Certificate serial: 0192B2DE77D4C272E765AB600EC014279D80
Authority key identifier: 9F:B4:A8:B9:3A:F9:EA:9C:F1:8A:AC:A4:E7:3F:11:6E:C2:6E:B3:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/n7SouTr56pzxiqyk5z8RbsJus1c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/2z8H1wtrJuNw1DRlH2I1P9bKsxY.roa
Signing time: Tue 22 Oct 2024 06:16:17 +0000
ROA not before: Tue 22 Oct 2024 06:16:17 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 43060
IP address blocks: 91.196.76.0/23 maxlen: 24
91.196.77.0/24 maxlen: 24
94.158.48.0/20 maxlen: 20
94.158.48.0/21 maxlen: 21
94.158.56.0/24 maxlen: 24
94.158.57.0/24 maxlen: 24
94.158.58.0/24 maxlen: 24
94.158.59.0/24 maxlen: 24
94.158.60.0/24 maxlen: 24
94.158.61.0/24 maxlen: 24
94.158.62.0/24 maxlen: 24
94.158.63.0/24 maxlen: 24
185.196.216.0/22 maxlen: 22
2a04:1b80::/32 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/n7SouTr56pzxiqyk5z8RbsJus1c.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/n7SouTr56pzxiqyk5z8RbsJus1c.mft
rsync://rpki.ripe.net/repository/DEFAULT/n7SouTr56pzxiqyk5z8RbsJus1c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 03:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b2:de:77:d4:c2:72:e7:65:ab:60:0e:c0:14:27:9d:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9fb4a8b93af9ea9cf18aaca4e73f116ec26eb357
Validity
Not Before: Oct 22 06:16:17 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=db3f07d70b6b26e370d434651f62353fd6cab316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:19:14:bf:e0:41:c0:d1:e5:8c:2e:81:b8:39:
30:55:05:38:82:b8:90:11:27:83:b0:1c:ce:4e:44:
07:e1:3e:7e:45:c7:f7:16:89:b5:bd:16:ea:0b:a3:
cd:00:bd:35:19:f5:8e:fd:57:31:f3:d0:1b:87:02:
59:92:1a:a8:fe:40:e1:75:55:c1:87:7a:ba:b6:19:
5b:3f:57:75:f2:9d:08:5d:e2:5d:ab:64:7f:74:70:
10:71:26:bd:f9:ef:08:31:41:99:05:06:66:36:cf:
90:57:6d:e7:78:fa:28:6d:8d:29:d1:b6:cb:e0:4c:
36:6c:90:80:b9:2b:20:06:e2:6a:65:0d:5d:f9:5d:
85:9b:f2:54:41:84:08:72:cc:4c:71:4c:5b:22:da:
26:f7:b2:ea:9a:c9:a4:e6:14:ac:a2:0b:75:47:37:
ad:77:e7:4b:0a:c7:87:70:92:a7:8d:22:24:8b:b2:
f2:7a:75:7e:38:16:8c:43:b1:ff:9e:b1:96:f5:c2:
bd:bc:3d:41:84:c3:f6:63:7a:c0:b3:15:13:2b:4c:
c5:cb:a5:53:13:79:73:eb:a0:00:af:e0:14:ea:92:
e9:62:ff:bf:70:11:ac:bf:dd:b3:1c:78:5d:70:4f:
c3:68:d0:be:02:49:a7:8e:4f:55:9a:6f:b9:5c:6c:
46:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:3F:07:D7:0B:6B:26:E3:70:D4:34:65:1F:62:35:3F:D6:CA:B3:16
X509v3 Authority Key Identifier:
keyid:9F:B4:A8:B9:3A:F9:EA:9C:F1:8A:AC:A4:E7:3F:11:6E:C2:6E:B3:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/n7SouTr56pzxiqyk5z8RbsJus1c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/2z8H1wtrJuNw1DRlH2I1P9bKsxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/898741-eda4-4c5d-af9f-8d68eb20fbdd/1/n7SouTr56pzxiqyk5z8RbsJus1c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.76.0/23
94.158.48.0/20
185.196.216.0/22
IPv6:
2a04:1b80::/32
Signature Algorithm: sha256WithRSAEncryption
4a:df:91:bd:e0:7a:12:52:b5:2e:9f:16:c7:06:f0:c3:f3:c4:
dc:47:23:3d:e6:0c:8a:a4:15:e1:dc:e7:0d:68:3b:7d:53:5a:
d4:02:d1:cc:1d:ba:12:35:cd:82:41:53:96:1d:3f:2f:e3:fd:
72:d0:a9:b9:1d:3b:65:0a:28:2b:73:de:7a:98:d6:68:45:4a:
66:5e:b4:c8:ae:56:17:89:f2:5d:db:97:0f:1e:54:0d:ab:ab:
51:56:cd:ee:04:54:c7:90:b8:00:b2:ac:bb:5d:e2:84:e4:32:
c0:5a:fd:f2:f4:72:9e:58:17:fe:f4:9f:6c:ea:1d:13:61:c8:
7e:a2:e1:8b:2d:d8:5d:8d:8d:22:68:d2:a2:f6:2e:24:a7:23:
76:d2:72:c3:b9:b6:9b:99:0b:93:1f:bb:13:b9:24:0d:07:f4:
b8:ee:07:53:51:80:22:0f:6a:eb:d3:1d:0f:19:93:ab:1c:c3:
91:07:c2:0d:1b:ed:20:bc:7d:a2:75:b4:1f:c3:68:0a:e7:0e:
4f:76:6e:39:26:f8:f8:8e:9b:0d:87:74:7b:a9:7d:df:11:64:
b8:18:12:06:4d:f2:52:b7:cd:41:b9:a9:00:fd:59:58:9d:6d:
6a:fa:af:a7:e8:dd:4a:d2:1f:44:ad:76:b4:57:c9:2c:28:18:
6c:e7:99:0c
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZKy3nfUwnLnZatgDsAUJ52AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlmYjRhOGI5M2FmOWVhOWNmMThhYWNhNGU3M2YxMTZlYzI2
ZWIzNTcwHhcNMjQxMDIyMDYxNjE3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjNmMDdkNzBiNmIyNmUzNzBkNDM0NjUxZjYyMzUzZmQ2Y2FiMzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuhkUv+BBwNHljC6BuDkwVQU4griQ
ESeDsBzOTkQH4T5+Rcf3Fom1vRbqC6PNAL01GfWO/Vcx89AbhwJZkhqo/kDhdVXB
h3q6thlbP1d18p0IXeJdq2R/dHAQcSa9+e8IMUGZBQZmNs+QV23nePoobY0p0bbL
4Ew2bJCAuSsgBuJqZQ1d+V2Fm/JUQYQIcsxMcUxbItom97Lqmsmk5hSsogt1Rzet
d+dLCseHcJKnjSIki7LyenV+OBaMQ7H/nrGW9cK9vD1BhMP2Y3rAsxUTK0zFy6VT
E3lz66AAr+AU6pLpYv+/cBGsv92zHHhdcE/DaNC+Akmnjk9Vmm+5XGxGkwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFNs/B9cLaybjcNQ0ZR9iNT/WyrMWMB8GA1UdIwQY
MBaAFJ+0qLk6+eqc8YqspOc/EW7CbrNXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbjdTb3VUcjU2cHp4aXF5azV6OFJic0p1czFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC84OTg3NDEtZWRhNC00YzVkLWFmOWYt
OGQ2OGViMjBmYmRkLzEvMno4SDF3dHJKdU53MURSbEgySTFQOWJLc3hZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC84OTg3NDEtZWRhNC00YzVkLWFmOWYtOGQ2OGViMjBmYmRk
LzEvbjdTb3VUcjU2cHp4aXF5azV6OFJic0p1czFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQBW8RMAwQE
Xp4wAwQCucTYMA0EAgACMAcDBQAqBBuAMA0GCSqGSIb3DQEBCwUAA4IBAQBK35G9
4HoSUrUunxbHBvDD88TcRyM95gyKpBXh3OcNaDt9U1rUAtHMHboSNc2CQVOWHT8v
4/1y0Km5HTtlCigrc956mNZoRUpmXrTIrlYXifJd25cPHlQNq6tRVs3uBFTHkLgA
sqy7XeKE5DLAWv3y9HKeWBf+9J9s6h0TYch+ouGLLdhdjY0iaNKi9i4kpyN20nLD
ubabmQuTH7sTuSQNB/S47gdTUYAiD2rr0x0PGZOrHMORB8ING+0gvH2idbQfw2gK
5w5Pdm45Jvj4jpsNh3R7qX3fEWS4GBIGTfJSt81BuakA/VlYnW1q+q+n6N1K0h9E
rXa0V8ksKBhs55kM
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:56:33 2024 by rpki-client on console-ams.rpki-client.org