Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/2etYvwOE6LtZTdqdJsF5pL-Bk1I.roa
File: 2etYvwOE6LtZTdqdJsF5pL-Bk1I.roa (raw, json)
Hash identifier: PWDY7/yNAIIhLm9fq5rsi6jE4/R7ibMRA2ntCrqOVxw=
Subject key identifier: D9:EB:58:BF:03:84:E8:BB:59:4D:DA:9D:26:C1:79:A4:BF:81:93:52
Certificate issuer: /CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Certificate serial: 018CC2DB5DEA299DEE2A7913944966A9DF3C
Authority key identifier: F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/2etYvwOE6LtZTdqdJsF5pL-Bk1I.roa
Signing time: Mon 01 Jan 2024 02:30:05 +0000
ROA not before: Mon 01 Jan 2024 02:30:05 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 42926
IP address blocks: 84.17.64.0/24 maxlen: 24
195.128.38.0/24 maxlen: 24
195.128.36.0/24 maxlen: 24
195.128.34.0/24 maxlen: 24
195.128.33.0/24 maxlen: 24
195.128.32.0/24 maxlen: 24
195.128.39.0/24 maxlen: 24
193.254.253.0/24 maxlen: 24
193.254.252.0/24 maxlen: 24
84.17.66.0/24 maxlen: 24
84.17.77.0/24 maxlen: 24
84.17.82.0/24 maxlen: 24
84.17.81.0/24 maxlen: 24
84.17.80.0/24 maxlen: 24
84.17.85.0/24 maxlen: 24
84.17.94.0/24 maxlen: 24
84.17.92.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:5d:ea:29:9d:ee:2a:79:13:94:49:66:a9:df:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b762950eb7916668bbfa8d1b870560b1ca7739
Validity
Not Before: Jan 1 02:30:05 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9eb58bf0384e8bb594dda9d26c179a4bf819352
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:7c:77:c8:7a:7b:0b:25:d6:0b:e3:15:ec:80:
6d:a4:c3:8d:9a:5e:e5:72:fa:6a:4d:83:a6:4c:a2:
ea:38:97:da:bd:4b:6f:f7:2b:8b:46:d8:82:fb:33:
f6:74:73:49:af:99:51:da:10:44:30:3b:83:02:80:
aa:dc:53:ee:ea:76:c9:3a:83:0d:16:46:59:ad:c9:
a0:79:5e:3b:fe:8d:17:d3:e3:76:74:3c:e5:fc:a8:
8b:05:80:be:86:96:71:b1:7a:85:35:cc:c0:57:5b:
50:50:c7:1e:ca:58:a4:e6:38:1d:0a:ab:5a:f8:56:
c0:15:84:45:fe:13:a7:b2:4f:7d:02:91:cb:32:98:
9e:b2:73:d8:11:f2:dc:20:12:30:eb:2d:a3:e3:da:
c0:ce:f2:18:46:b1:83:75:14:7f:11:7d:31:b5:eb:
f6:dc:7a:8a:6e:23:9d:1f:af:75:d8:cf:88:a3:7f:
ef:f4:7c:2a:c1:72:30:2f:6e:1b:a7:1f:55:8a:39:
fc:ca:a1:fe:f4:e7:48:8b:33:2f:fd:d0:74:b0:6b:
70:57:63:5f:8a:25:48:91:11:23:55:09:d0:a4:8e:
87:2f:a2:f5:52:45:19:3a:bc:0c:0b:c9:c1:c7:fe:
a4:ae:ca:c7:dd:02:5f:f9:24:e8:a5:63:89:fc:59:
20:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:EB:58:BF:03:84:E8:BB:59:4D:DA:9D:26:C1:79:A4:BF:81:93:52
X509v3 Authority Key Identifier:
keyid:F4:B7:62:95:0E:B7:91:66:68:BB:FA:8D:1B:87:05:60:B1:CA:77:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdilQ63kWZou_qNG4cFYLHKdzk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/2etYvwOE6LtZTdqdJsF5pL-Bk1I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/0b23c5-21b5-4ab3-97a0-2f8df187f98b/1/9LdilQ63kWZou_qNG4cFYLHKdzk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.17.64.0/24
84.17.66.0/24
84.17.77.0/24
84.17.80.0-84.17.82.255
84.17.85.0/24
84.17.92.0/24
84.17.94.0/24
193.254.252.0/23
195.128.32.0-195.128.34.255
195.128.36.0/24
195.128.38.0/23
Signature Algorithm: sha256WithRSAEncryption
31:94:cc:0a:e3:f6:0f:50:9d:79:d4:41:20:3a:5d:6b:41:e3:
80:df:9b:84:83:46:c7:11:45:54:eb:67:22:b8:bc:3e:23:d4:
74:88:6c:72:5c:30:44:e6:db:26:d2:45:d4:a5:a4:03:65:28:
7c:a3:c7:d4:78:2c:6f:5a:0f:b6:33:7e:42:5e:76:40:0a:4b:
98:03:8c:30:61:ac:e3:b8:33:49:08:fd:a2:c7:c3:3c:7e:da:
f8:c1:a6:dc:34:c2:8e:3d:33:60:87:34:35:f0:34:7e:b7:06:
bc:7a:6d:d0:bf:6e:d4:6f:5e:76:ca:ce:67:54:1b:af:57:35:
c0:77:86:41:76:dd:15:b1:03:0e:3c:fc:00:d4:ab:6e:66:b0:
f6:3f:07:03:70:0c:21:b6:03:9a:71:1e:92:bc:6a:f9:e9:3f:
fb:2c:86:76:c7:1b:0d:f5:db:89:23:33:0a:ec:2d:b5:48:b1:
92:0b:34:fb:a2:15:3b:45:de:bb:14:82:25:73:67:4f:df:af:
1f:d0:8c:e4:56:85:94:32:1c:c0:79:a9:c3:44:dd:ff:63:a1:
77:eb:8d:63:3c:6e:23:6b:d4:e9:3e:54:76:d2:3e:f1:11:4b:
ed:cc:35:c5:67:62:40:3d:c2:e2:6f:6e:9a:69:00:30:fe:33:
a4:50:23:64
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAYzC213qKZ3uKnkTlElmqd88MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2Mjk1MGViNzkxNjY2OGJiZmE4ZDFiODcwNTYwYjFj
YTc3MzkwHhcNMjQwMTAxMDIzMDA1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOWViNThiZjAzODRlOGJiNTk0ZGRhOWQyNmMxNzlhNGJmODE5MzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn3x3yHp7CyXWC+MV7IBtpMONml7l
cvpqTYOmTKLqOJfavUtv9yuLRtiC+zP2dHNJr5lR2hBEMDuDAoCq3FPu6nbJOoMN
FkZZrcmgeV47/o0X0+N2dDzl/KiLBYC+hpZxsXqFNczAV1tQUMceylik5jgdCqta
+FbAFYRF/hOnsk99ApHLMpiesnPYEfLcIBIw6y2j49rAzvIYRrGDdRR/EX0xtev2
3HqKbiOdH6912M+Io3/v9HwqwXIwL24bpx9Vijn8yqH+9OdIizMv/dB0sGtwV2Nf
iiVIkREjVQnQpI6HL6L1UkUZOrwMC8nBx/6krsrH3QJf+STopWOJ/FkguwIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFNnrWL8DhOi7WU3anSbBeaS/gZNSMB8GA1UdIwQY
MBaAFPS3YpUOt5FmaLv6jRuHBWCxync5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAt
MmY4ZGYxODdmOThiLzEvMmV0WXZ3T0U2THRaVGRxZEpzRjVwTC1CazFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi8wYjIzYzUtMjFiNS00YWIzLTk3YTAtMmY4ZGYxODdmOThi
LzEvOUxkaWxRNjNrV1pvdV9xTkc0Y0ZZTEhLZHprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjBYBAIAATBSAwQAVBFAAwQA
VBFCAwQAVBFNMAwDBARUEVADBABUEVIDBABUEVUDBABUEVwDBABUEV4DBAHB/vww
DAMEBcOAIAMEAMOAIgMEAMOAJAMEAcOAJjANBgkqhkiG9w0BAQsFAAOCAQEAMZTM
CuP2D1CdedRBIDpda0HjgN+bhINGxxFFVOtnIri8PiPUdIhsclwwRObbJtJF1KWk
A2UofKPH1Hgsb1oPtjN+Ql52QApLmAOMMGGs47gzSQj9osfDPH7a+MGm3DTCjj0z
YIc0NfA0frcGvHpt0L9u1G9edsrOZ1Qbr1c1wHeGQXbdFbEDDjz8ANSrbmaw9j8H
A3AMIbYDmnEekrxq+ek/+yyGdscbDfXbiSMzCuwttUixkgs0+6IVO0XeuxSCJXNn
T9+vH9CM5FaFlDIcwHmpw0Td/2Ohd+uNYzxuI2vU6T5UdtI+8RFL7cw1xWdiQD3C
4m9ummkAMP4zpFAjZA==
-----END CERTIFICATE-----
Generated at Fri Nov 22 10:07:56 2024 by rpki-client on console-ams.rpki-client.org