Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/IT2bk4dv9wOkuJfpHqAjH87DIvc.roa
File: IT2bk4dv9wOkuJfpHqAjH87DIvc.roa (raw, json)
Hash identifier: e0C6AzkhODudLWvRQAiKhtrl+62mStCU6ARDxkP5Jsw=
Subject key identifier: 21:3D:9B:93:87:6F:F7:03:A4:B8:97:E9:1E:A0:23:1F:CE:C3:22:F7
Certificate issuer: /CN=d9f866fb0aa83a271a0cb7dc9030188c89d23e5d
Certificate serial: 018CC793331DFC1B63F731BC22FF333FF0B5
Authority key identifier: D9:F8:66:FB:0A:A8:3A:27:1A:0C:B7:DC:90:30:18:8C:89:D2:3E:5D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fhm-wqoOicaDLfckDAYjInSPl0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/IT2bk4dv9wOkuJfpHqAjH87DIvc.roa
Signing time: Tue 02 Jan 2024 00:29:21 +0000
ROA not before: Tue 02 Jan 2024 00:29:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206451
IP address blocks: 176.97.232.0/22 maxlen: 22
176.97.232.0/21 maxlen: 21
176.97.236.0/22 maxlen: 22
212.85.232.0/22 maxlen: 22
212.85.232.0/23 maxlen: 23
212.85.234.0/23 maxlen: 23
89.33.180.0/22 maxlen: 22
185.155.4.0/22 maxlen: 24
89.39.160.0/24 maxlen: 24
89.36.168.0/24 maxlen: 24
89.36.175.0/24 maxlen: 24
31.14.24.0/24 maxlen: 24
2a0d:bf01::/32 maxlen: 32
2a0d:bf00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.mft
rsync://rpki.ripe.net/repository/DEFAULT/2fhm-wqoOicaDLfckDAYjInSPl0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:93:33:1d:fc:1b:63:f7:31:bc:22:ff:33:3f:f0:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f866fb0aa83a271a0cb7dc9030188c89d23e5d
Validity
Not Before: Jan 2 00:29:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=213d9b93876ff703a4b897e91ea0231fcec322f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ff:86:b2:19:f5:4d:de:ba:b1:dc:25:ab:c4:
4e:78:44:fa:95:8f:29:c0:92:59:2f:05:fe:21:04:
7c:5f:90:ec:56:35:94:c5:9f:16:68:2e:c4:14:82:
08:50:ee:68:84:a9:d2:5b:4b:7a:4e:06:85:43:70:
5c:78:41:fa:b7:7b:e9:0a:d9:0f:8d:b7:e6:19:2c:
3c:f4:01:5d:07:d8:16:1e:70:a3:b7:ad:16:1f:df:
8e:25:88:30:e2:7e:b7:e8:ac:c5:24:36:6f:36:05:
c9:31:a0:49:0d:dc:5a:1b:55:39:9b:13:21:11:27:
0a:b6:0c:c0:da:6a:9e:43:de:c4:5b:5d:6c:81:47:
da:44:4d:e9:6f:fa:06:51:32:8e:da:9c:60:7f:39:
d8:a3:0a:16:a6:7b:7c:d7:d5:da:e3:dd:2d:46:7b:
66:68:19:f5:4c:97:36:0b:2c:f8:a5:d0:bf:b7:98:
a8:e5:de:84:69:c8:0e:4e:5f:97:bf:b1:c8:f8:9a:
0d:a9:58:cc:f1:da:f4:fc:c0:45:c3:79:82:7f:81:
58:a3:46:f3:6d:1e:ff:a9:29:8f:7e:a8:69:b9:1f:
e2:e2:7d:87:e8:44:31:a8:6d:a5:9c:a9:2f:5f:33:
ad:dd:7e:b2:54:e4:8c:66:23:d1:7e:dd:5d:be:2f:
21:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:3D:9B:93:87:6F:F7:03:A4:B8:97:E9:1E:A0:23:1F:CE:C3:22:F7
X509v3 Authority Key Identifier:
keyid:D9:F8:66:FB:0A:A8:3A:27:1A:0C:B7:DC:90:30:18:8C:89:D2:3E:5D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fhm-wqoOicaDLfckDAYjInSPl0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/IT2bk4dv9wOkuJfpHqAjH87DIvc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5273a4-10c8-40bf-b24f-5c1d5a6992d8/1/2fhm-wqoOicaDLfckDAYjInSPl0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.24.0/24
89.33.180.0/22
89.36.168.0/24
89.36.175.0/24
89.39.160.0/24
176.97.232.0/21
185.155.4.0/22
212.85.232.0/22
IPv6:
2a0d:bf00::/31
Signature Algorithm: sha256WithRSAEncryption
72:b5:cf:35:cd:c8:5f:16:75:79:f1:bf:59:d8:9f:1f:b3:25:
66:71:bb:43:99:63:13:ee:b0:86:b8:4b:92:6f:ae:ee:81:7a:
52:56:cb:1e:bb:02:e9:29:44:55:f6:6e:85:95:52:c6:d6:9d:
70:17:86:e1:26:d3:e6:6d:59:75:2a:d6:b8:65:2b:62:ea:40:
31:e9:57:fc:f0:fb:fa:8c:40:9f:95:3d:f4:53:c8:ef:cb:d7:
6d:f3:72:8b:cc:a4:93:f3:b3:7f:ee:82:a8:2f:ab:9d:89:ad:
eb:2c:d8:01:bc:ae:aa:0c:3f:76:bf:29:7d:ca:de:36:70:f8:
b3:09:5b:f0:1d:a6:95:0b:ae:95:33:f3:78:ca:45:52:3a:c2:
33:53:be:52:3d:00:91:ca:1f:80:7b:05:e2:f8:c7:30:d1:f9:
09:c8:1a:d0:ee:62:31:e1:44:8c:5a:5a:5e:4e:11:79:16:31:
34:f8:57:b1:f1:36:41:22:85:eb:de:7c:16:52:41:3d:87:60:
90:96:f9:b7:1d:14:7e:b1:3c:24:87:bd:ac:88:a0:dc:b5:93:
a7:ad:00:3e:c4:46:f6:67:c0:8b:10:ee:29:b2:15:86:f6:40:
3b:f8:7e:e0:96:01:06:81:d3:d7:5c:72:b6:da:e6:98:99:8b:
c9:9a:d9:ee
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAYzHkzMd/Btj9zG8Iv8zP/C1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5Zjg2NmZiMGFhODNhMjcxYTBjYjdkYzkwMzAxODhjODlk
MjNlNWQwHhcNMjQwMTAyMDAyOTIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTNkOWI5Mzg3NmZmNzAzYTRiODk3ZTkxZWEwMjMxZmNlYzMyMmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApv+Gshn1Td66sdwlq8ROeET6lY8p
wJJZLwX+IQR8X5DsVjWUxZ8WaC7EFIIIUO5ohKnSW0t6TgaFQ3BceEH6t3vpCtkP
jbfmGSw89AFdB9gWHnCjt60WH9+OJYgw4n636KzFJDZvNgXJMaBJDdxaG1U5mxMh
EScKtgzA2mqeQ97EW11sgUfaRE3pb/oGUTKO2pxgfznYowoWpnt819Xa490tRntm
aBn1TJc2Cyz4pdC/t5io5d6EacgOTl+Xv7HI+JoNqVjM8dr0/MBFw3mCf4FYo0bz
bR7/qSmPfqhpuR/i4n2H6EQxqG2lnKkvXzOt3X6yVOSMZiPRft1dvi8hdwIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFCE9m5OHb/cDpLiX6R6gIx/OwyL3MB8GA1UdIwQY
MBaAFNn4ZvsKqDonGgy33JAwGIyJ0j5dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZobS13cW9PaWNhRExmY2tEQVlqSW5TUGwwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81MjczYTQtMTBjOC00MGJmLWIyNGYt
NWMxZDVhNjk5MmQ4LzEvSVQyYms0ZHY5d09rdUpmcEhxQWpIODdESXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81MjczYTQtMTBjOC00MGJmLWIyNGYtNWMxZDVhNjk5MmQ4
LzEvMmZobS13cW9PaWNhRExmY2tEQVlqSW5TUGwwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQAHw4YAwQC
WSG0AwQAWSSoAwQAWSSvAwQAWSegAwQDsGHoAwQCuZsEAwQC1FXoMA0EAgACMAcD
BQEqDb8AMA0GCSqGSIb3DQEBCwUAA4IBAQBytc81zchfFnV58b9Z2J8fsyVmcbtD
mWMT7rCGuEuSb67ugXpSVsseuwLpKURV9m6FlVLG1p1wF4bhJtPmbVl1Kta4ZSti
6kAx6Vf88Pv6jECflT30U8jvy9dt83KLzKST87N/7oKoL6udia3rLNgBvK6qDD92
vyl9yt42cPizCVvwHaaVC66VM/N4ykVSOsIzU75SPQCRyh+AewXi+Mcw0fkJyBrQ
7mIx4USMWlpeThF5FjE0+Fex8TZBIoXr3nwWUkE9h2CQlvm3HRR+sTwkh72siKDc
tZOnrQA+xEb2Z8CLEO4pshWG9kA7+H7glgEGgdPXXHK22uaYmYvJmtnu
-----END CERTIFICATE-----
Generated at Fri Dec 27 23:34:54 2024 by rpki-client on console-ams.rpki-client.org