Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/2XleP-8zhAdOevspTHYR6YtVjLc.roa
File: 2XleP-8zhAdOevspTHYR6YtVjLc.roa (raw, json)
Hash identifier: NfTUcQp7G95Emd1RuGScawkVYbk99a68/w+mwpUYhW0=
Subject key identifier: D9:79:5E:3F:EF:33:84:07:4E:7A:FB:29:4C:76:11:E9:8B:55:8C:B7
Certificate issuer: /CN=4126ac4afafd269881c10ad2eca2f4def8edbd21
Certificate serial: 018CC6B8A5C3CD2295AADCAA1A3A640844B8
Authority key identifier: 41:26:AC:4A:FA:FD:26:98:81:C1:0A:D2:EC:A2:F4:DE:F8:ED:BD:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QSasSvr9JpiBwQrS7KL03vjtvSE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/2XleP-8zhAdOevspTHYR6YtVjLc.roa
Signing time: Mon 01 Jan 2024 20:30:38 +0000
ROA not before: Mon 01 Jan 2024 20:30:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9121
IP address blocks: 91.208.199.0/24 maxlen: 24
85.209.165.0/24 maxlen: 24
85.209.166.0/24 maxlen: 24
85.209.164.0/24 maxlen: 24
85.209.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/QSasSvr9JpiBwQrS7KL03vjtvSE.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/QSasSvr9JpiBwQrS7KL03vjtvSE.mft
rsync://rpki.ripe.net/repository/DEFAULT/QSasSvr9JpiBwQrS7KL03vjtvSE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:a5:c3:cd:22:95:aa:dc:aa:1a:3a:64:08:44:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4126ac4afafd269881c10ad2eca2f4def8edbd21
Validity
Not Before: Jan 1 20:30:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d9795e3fef3384074e7afb294c7611e98b558cb7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a3:b5:5e:31:13:2c:e1:50:b4:28:17:02:f1:
3d:eb:bf:cd:3f:01:4a:5e:c8:e5:aa:cf:b8:09:27:
3e:2e:78:f4:84:63:33:84:74:87:9d:c6:a3:95:cc:
39:2b:f6:ac:aa:75:ba:c7:26:78:88:b0:b8:49:b9:
3e:30:37:72:75:77:8b:1b:4e:42:a8:d5:f7:8b:23:
85:3b:fe:3f:28:c3:d3:de:89:f3:49:65:ff:ed:bb:
e8:46:96:18:46:c6:33:38:0b:97:30:25:15:60:7d:
d9:14:e7:ae:ce:00:18:a3:4e:48:32:48:89:de:5f:
85:c6:d6:20:d1:a2:f9:43:57:9c:1a:c0:34:25:1d:
ef:25:e6:8c:15:b9:db:7c:a6:27:a0:db:9b:0d:48:
1f:49:0c:54:26:50:f3:40:d2:50:4a:6b:30:eb:7f:
fd:e3:a9:73:ba:fa:e5:eb:ba:51:7a:fb:ba:08:88:
63:42:6c:5a:81:6a:c6:78:0c:23:25:3f:ca:7c:04:
b9:42:e0:d1:45:cb:53:69:2c:3e:cf:e8:1d:24:2f:
98:fb:ea:ab:a4:3f:41:c2:e1:b0:b9:da:a7:b7:3f:
c4:62:e1:08:55:f3:d3:a8:ce:c0:c3:6d:89:6b:b2:
96:7c:33:9e:a1:2e:d3:97:4b:15:04:58:4e:f7:c1:
b7:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:79:5E:3F:EF:33:84:07:4E:7A:FB:29:4C:76:11:E9:8B:55:8C:B7
X509v3 Authority Key Identifier:
keyid:41:26:AC:4A:FA:FD:26:98:81:C1:0A:D2:EC:A2:F4:DE:F8:ED:BD:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QSasSvr9JpiBwQrS7KL03vjtvSE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/2XleP-8zhAdOevspTHYR6YtVjLc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/94dd2a-5046-4883-91da-c399be031b4a/1/QSasSvr9JpiBwQrS7KL03vjtvSE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.209.164.0/22
91.208.199.0/24
Signature Algorithm: sha256WithRSAEncryption
61:6c:58:eb:f9:77:09:83:9e:f9:36:87:57:1e:76:ea:02:60:
17:38:ff:00:7c:9e:6e:55:90:3a:7b:03:70:eb:54:63:20:57:
f0:06:93:5c:0d:6c:1a:3d:7e:af:a3:6c:f4:8d:09:83:9b:a3:
27:f9:4b:37:ea:b2:d9:50:5e:03:3f:03:e5:88:2d:5c:8b:a5:
0a:b4:78:bb:ff:2b:d1:4d:fe:e1:36:9c:cd:ac:04:b6:ad:91:
a8:85:cd:4f:d6:94:f7:3a:0c:9c:a4:63:02:d9:78:6b:5e:75:
6c:8a:69:e6:cd:ca:cf:bb:fb:19:ef:cd:93:b5:0a:2a:0a:a1:
60:cc:a6:09:ae:de:ac:d6:fe:f3:74:05:46:73:8d:31:09:65:
40:29:45:1c:95:a4:8f:d7:3a:5f:9b:04:18:6c:f6:b1:7f:f5:
40:0b:5b:04:4c:f5:67:11:5d:d9:ca:03:47:8d:87:13:fc:fb:
d5:6c:c2:6f:02:53:4c:90:7b:ee:08:c9:bc:2b:c7:e0:78:4f:
26:5d:e5:ae:c1:5f:c1:73:6a:50:a2:14:0e:a8:d4:ec:cb:90:
79:bc:6c:ec:ac:82:c2:dc:81:d7:c8:a2:89:b6:03:95:89:ee:
a8:7c:87:39:15:d1:ad:87:ff:6b:be:d3:e3:09:de:a6:ce:0e:
d7:5b:17:ef
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzGuKXDzSKVqtyqGjpkCES4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQxMjZhYzRhZmFmZDI2OTg4MWMxMGFkMmVjYTJmNGRlZjhl
ZGJkMjEwHhcNMjQwMTAxMjAzMDM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTc5NWUzZmVmMzM4NDA3NGU3YWZiMjk0Yzc2MTFlOThiNTU4Y2I3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqO1XjETLOFQtCgXAvE967/NPwFK
Xsjlqs+4CSc+Lnj0hGMzhHSHncajlcw5K/asqnW6xyZ4iLC4Sbk+MDdydXeLG05C
qNX3iyOFO/4/KMPT3onzSWX/7bvoRpYYRsYzOAuXMCUVYH3ZFOeuzgAYo05IMkiJ
3l+FxtYg0aL5Q1ecGsA0JR3vJeaMFbnbfKYnoNubDUgfSQxUJlDzQNJQSmsw63/9
46lzuvrl67pRevu6CIhjQmxagWrGeAwjJT/KfAS5QuDRRctTaSw+z+gdJC+Y++qr
pD9BwuGwudqntz/EYuEIVfPTqM7Aw22Ja7KWfDOeoS7Tl0sVBFhO98G3WQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNl5Xj/vM4QHTnr7KUx2EemLVYy3MB8GA1UdIwQY
MBaAFEEmrEr6/SaYgcEK0uyi9N747b0hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUVNhc1N2cjlKcGlCd1FyUzdLTDAzdmp0dlNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi85NGRkMmEtNTA0Ni00ODgzLTkxZGEt
YzM5OWJlMDMxYjRhLzEvMlhsZVAtOHpoQWRPZXZzcFRIWVI2WXRWakxjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi85NGRkMmEtNTA0Ni00ODgzLTkxZGEtYzM5OWJlMDMxYjRh
LzEvUVNhc1N2cjlKcGlCd1FyUzdLTDAzdmp0dlNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCVdGkAwQA
W9DHMA0GCSqGSIb3DQEBCwUAA4IBAQBhbFjr+XcJg575NodXHnbqAmAXOP8AfJ5u
VZA6ewNw61RjIFfwBpNcDWwaPX6vo2z0jQmDm6Mn+Us36rLZUF4DPwPliC1ci6UK
tHi7/yvRTf7hNpzNrAS2rZGohc1P1pT3OgycpGMC2XhrXnVsimnmzcrPu/sZ782T
tQoqCqFgzKYJrt6s1v7zdAVGc40xCWVAKUUclaSP1zpfmwQYbPaxf/VAC1sETPVn
EV3ZygNHjYcT/PvVbMJvAlNMkHvuCMm8K8fgeE8mXeWuwV/Bc2pQohQOqNTsy5B5
vGzsrILC3IHXyKKJtgOVie6ofIc5FdGth/9rvtPjCd6mzg7XWxfv
-----END CERTIFICATE-----
Generated at Sat Jun 1 17:21:00 2024 by rpki-client on console-fra.rpki-client.org