Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/5a6eee-a09a-44e1-88db-2878203a009d/1/2dGAU9HdMqGvTHzhqKHjTpCsK8Q.roa
File: 2dGAU9HdMqGvTHzhqKHjTpCsK8Q.roa (raw, json)
Hash identifier: mLalQ/BF3idj7yfAPZVT0aNzX6CdHoDlA2NUdQrPLNk=
Subject key identifier: D9:D1:80:53:D1:DD:32:A1:AF:4C:7C:E1:A8:A1:E3:4E:90:AC:2B:C4
Certificate issuer: /CN=677b43f538f0ae720e527b2a6c0b8a876d96c947
Certificate serial: 018CC86F3C41991F4A39F05C7815ACC889CA
Authority key identifier: 67:7B:43:F5:38:F0:AE:72:0E:52:7B:2A:6C:0B:8A:87:6D:96:C9:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z3tD9TjwrnIOUnsqbAuKh22WyUc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/5a6eee-a09a-44e1-88db-2878203a009d/1/2dGAU9HdMqGvTHzhqKHjTpCsK8Q.roa
Signing time: Tue 02 Jan 2024 04:29:42 +0000
ROA not before: Tue 02 Jan 2024 04:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 62113
IP address blocks: 185.38.172.0/23 maxlen: 24
185.38.174.0/24 maxlen: 24
2a01:4260::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/5a6eee-a09a-44e1-88db-2878203a009d/1/Z3tD9TjwrnIOUnsqbAuKh22WyUc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/5a6eee-a09a-44e1-88db-2878203a009d/1/Z3tD9TjwrnIOUnsqbAuKh22WyUc.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z3tD9TjwrnIOUnsqbAuKh22WyUc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 23:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:6f:3c:41:99:1f:4a:39:f0:5c:78:15:ac:c8:89:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=677b43f538f0ae720e527b2a6c0b8a876d96c947
Validity
Not Before: Jan 2 04:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9d18053d1dd32a1af4c7ce1a8a1e34e90ac2bc4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:24:c8:88:c0:0d:3d:79:e7:8d:3f:23:e8:cd:
64:09:9a:8e:7d:41:9a:65:6a:a4:b9:52:c6:84:16:
de:d7:93:35:9f:b5:b6:62:0b:48:c0:5f:45:c0:f9:
7e:56:96:4f:a3:d0:56:9e:88:11:0c:81:0b:6a:d4:
1d:89:00:a5:72:a2:67:33:bb:fb:94:a8:5c:28:fb:
2f:1f:43:d8:b9:e8:42:2a:3f:c1:b2:e0:b2:56:30:
67:e5:1b:c3:ee:2f:75:d6:dc:e3:c6:58:25:de:a7:
b3:49:18:86:7b:08:b3:84:ee:7b:d1:f3:35:48:69:
66:15:bf:18:2d:e1:ae:41:c9:c8:cd:fe:00:f1:d3:
46:f3:c0:56:ef:9b:61:e6:71:ba:c4:c6:ac:5e:af:
0f:4d:aa:8c:98:60:4a:b3:8d:4f:c7:57:e6:42:c7:
97:f0:4b:81:ac:70:b4:16:9e:cc:22:2c:0c:11:f3:
50:ad:59:30:be:54:fc:c8:5c:66:af:58:f7:d3:cc:
8c:aa:a9:c0:d4:b2:32:59:28:2e:6a:38:e0:51:6c:
b1:c1:82:5a:d4:58:f0:ae:ba:3e:c7:50:0d:cf:42:
0d:58:bf:80:a6:df:57:d2:0a:23:0a:26:96:52:19:
59:66:96:7f:7f:de:b2:fe:69:1e:2e:70:25:28:92:
a0:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:D1:80:53:D1:DD:32:A1:AF:4C:7C:E1:A8:A1:E3:4E:90:AC:2B:C4
X509v3 Authority Key Identifier:
keyid:67:7B:43:F5:38:F0:AE:72:0E:52:7B:2A:6C:0B:8A:87:6D:96:C9:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z3tD9TjwrnIOUnsqbAuKh22WyUc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5a6eee-a09a-44e1-88db-2878203a009d/1/2dGAU9HdMqGvTHzhqKHjTpCsK8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/5a6eee-a09a-44e1-88db-2878203a009d/1/Z3tD9TjwrnIOUnsqbAuKh22WyUc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.38.172.0-185.38.174.255
IPv6:
2a01:4260::/29
Signature Algorithm: sha256WithRSAEncryption
9f:84:f2:8a:fb:5b:43:2c:29:61:c6:3d:a6:e1:94:5e:17:5a:
fc:3e:14:43:e6:4f:4e:2b:a8:f8:af:ee:66:d7:a2:d0:3c:7f:
d4:ec:4e:51:bf:bd:93:75:b5:98:14:86:fe:5e:61:91:96:86:
04:06:ba:52:e1:e7:05:fd:c5:68:58:b2:f2:1d:44:1a:b1:20:
f9:d5:7f:a7:8b:85:eb:cc:32:d1:e4:05:da:38:26:39:6c:17:
e7:68:4f:33:d2:40:9d:a7:ea:cd:68:69:92:24:96:ce:00:db:
fd:f5:31:f9:b5:63:14:9e:24:e3:89:4e:d1:20:58:27:38:f5:
b2:e3:6c:2f:26:99:8c:99:79:6f:c6:f0:ad:68:61:e8:82:9f:
9f:00:b0:2f:6e:8e:07:18:a5:21:a8:e1:8c:76:2c:fe:83:69:
78:8e:81:85:27:07:4c:00:07:d4:ec:ff:0f:48:e5:0d:e0:6c:
82:b2:fa:17:92:db:3c:e0:5e:57:0b:39:27:4a:c4:fa:d2:41:
8d:1b:d8:09:f1:f9:ce:e0:73:eb:1b:1f:ed:38:44:3a:af:1c:
ef:60:01:d7:e4:09:e9:4f:41:f0:e4:89:55:9b:98:97:26:d1:
38:bc:9e:9e:c0:a6:44:79:47:b9:13:de:8d:20:a2:ce:e7:f4:
ac:06:6f:f9
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzIbzxBmR9KOfBceBWsyInKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3N2I0M2Y1MzhmMGFlNzIwZTUyN2IyYTZjMGI4YTg3NmQ5
NmM5NDcwHhcNMjQwMTAyMDQyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWQxODA1M2QxZGQzMmExYWY0YzdjZTFhOGExZTM0ZTkwYWMyYmM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0CTIiMANPXnnjT8j6M1kCZqOfUGa
ZWqkuVLGhBbe15M1n7W2YgtIwF9FwPl+VpZPo9BWnogRDIELatQdiQClcqJnM7v7
lKhcKPsvH0PYuehCKj/BsuCyVjBn5RvD7i911tzjxlgl3qezSRiGewizhO570fM1
SGlmFb8YLeGuQcnIzf4A8dNG88BW75th5nG6xMasXq8PTaqMmGBKs41Px1fmQseX
8EuBrHC0Fp7MIiwMEfNQrVkwvlT8yFxmr1j308yMqqnA1LIyWSguajjgUWyxwYJa
1Fjwrro+x1ANz0INWL+Apt9X0gojCiaWUhlZZpZ/f96y/mkeLnAlKJKgNQIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFNnRgFPR3TKhr0x84aih406QrCvEMB8GA1UdIwQY
MBaAFGd7Q/U48K5yDlJ7KmwLiodtlslHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjN0RDlUandybklPVW5zcWJBdUtoMjJXeVVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS81YTZlZWUtYTA5YS00NGUxLTg4ZGIt
Mjg3ODIwM2EwMDlkLzEvMmRHQVU5SGRNcUd2VEh6aHFLSGpUcENzSzhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS81YTZlZWUtYTA5YS00NGUxLTg4ZGItMjg3ODIwM2EwMDlk
LzEvWjN0RDlUandybklPVW5zcWJBdUtoMjJXeVVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTAUBAIAATAOMAwDBAK5JqwD
BAC5Jq4wDQQCAAIwBwMFAyoBQmAwDQYJKoZIhvcNAQELBQADggEBAJ+E8or7W0Ms
KWHGPabhlF4XWvw+FEPmT04rqPiv7mbXotA8f9TsTlG/vZN1tZgUhv5eYZGWhgQG
ulLh5wX9xWhYsvIdRBqxIPnVf6eLhevMMtHkBdo4JjlsF+doTzPSQJ2n6s1oaZIk
ls4A2/31Mfm1YxSeJOOJTtEgWCc49bLjbC8mmYyZeW/G8K1oYeiCn58AsC9ujgcY
pSGo4Yx2LP6DaXiOgYUnB0wAB9Ts/w9I5Q3gbIKy+heS2zzgXlcLOSdKxPrSQY0b
2Anx+c7gc+sbH+04RDqvHO9gAdfkCelPQfDkiVWbmJcm0Ti8np7ApkR5R7kT3o0g
os7n9KwGb/k=
-----END CERTIFICATE-----
Generated at Sat Jun 8 05:59:17 2024 by rpki-client on console-fra.rpki-client.org