Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e6/f9691d-afb2-41f2-8d22-fa46b4f9a20c/1/2PQY1SMWyIjvt8SuFjqatqjgKls.roa
File: 2PQY1SMWyIjvt8SuFjqatqjgKls.roa (raw, json)
Hash identifier: 6KnHYKLF09eSnFygwo8OR+juFByifC8snU+0u6qPIsg=
Subject key identifier: D8:F4:18:D5:23:16:C8:88:EF:B7:C4:AE:16:3A:9A:B6:A8:E0:2A:5B
Certificate issuer: /CN=9a70b051e5cdf962dbc26b352488d0831bdf9a3c
Certificate serial: 018CC6B8992D7002E68E459C68E7F939DE51
Authority key identifier: 9A:70:B0:51:E5:CD:F9:62:DB:C2:6B:35:24:88:D0:83:1B:DF:9A:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mnCwUeXN-WLbwms1JIjQgxvfmjw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e6/f9691d-afb2-41f2-8d22-fa46b4f9a20c/1/2PQY1SMWyIjvt8SuFjqatqjgKls.roa
Signing time: Mon 01 Jan 2024 20:30:35 +0000
ROA not before: Mon 01 Jan 2024 20:30:35 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201471
IP address blocks: 84.40.58.0/23 maxlen: 24
84.40.60.0/22 maxlen: 24
185.90.48.0/22 maxlen: 24
84.40.40.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e6/f9691d-afb2-41f2-8d22-fa46b4f9a20c/1/mnCwUeXN-WLbwms1JIjQgxvfmjw.crl
rsync://rpki.ripe.net/repository/DEFAULT/e6/f9691d-afb2-41f2-8d22-fa46b4f9a20c/1/mnCwUeXN-WLbwms1JIjQgxvfmjw.mft
rsync://rpki.ripe.net/repository/DEFAULT/mnCwUeXN-WLbwms1JIjQgxvfmjw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 07:02:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b8:99:2d:70:02:e6:8e:45:9c:68:e7:f9:39:de:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9a70b051e5cdf962dbc26b352488d0831bdf9a3c
Validity
Not Before: Jan 1 20:30:35 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8f418d52316c888efb7c4ae163a9ab6a8e02a5b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:b7:02:b6:48:37:01:3e:74:b2:5f:37:43:06:
e4:e0:64:c7:80:62:7c:66:44:b9:ba:bc:92:15:2e:
e4:9b:ee:6e:8f:5c:06:57:4e:c3:b9:ac:cf:f3:0d:
77:ee:79:fb:47:19:a2:43:4c:31:68:9f:84:3d:eb:
d2:b3:6a:91:35:9e:d2:1d:08:6e:b2:46:31:52:f3:
65:7d:f5:13:28:d4:ed:c8:bc:b5:d2:95:37:7b:ce:
19:09:dc:6b:33:3f:33:07:24:04:3b:eb:3a:de:8e:
91:90:b8:b9:7f:b2:d2:d0:6a:7a:f6:45:50:3f:c7:
29:10:e1:11:2c:64:ba:b5:16:b5:42:95:51:1c:f8:
83:1b:cf:77:67:b8:df:d1:12:aa:ee:50:9b:d9:51:
77:ac:0c:0e:1b:a8:67:f9:fe:2f:78:26:e6:76:ed:
b0:4a:59:b6:f3:91:59:72:9c:90:74:09:47:ea:53:
0b:b3:a6:1b:3d:f3:5d:59:74:b9:d5:74:20:2a:5e:
c8:44:8c:40:aa:f6:78:b4:87:c7:2d:5e:08:b7:66:
6f:ff:c7:1f:6e:f5:7f:da:da:15:1b:37:36:ad:74:
f5:a2:d5:a0:26:98:98:c7:f8:2d:3a:e7:cf:14:28:
7d:00:d5:86:bf:ec:f3:e7:fc:9b:2d:e1:1f:c7:db:
b3:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:F4:18:D5:23:16:C8:88:EF:B7:C4:AE:16:3A:9A:B6:A8:E0:2A:5B
X509v3 Authority Key Identifier:
keyid:9A:70:B0:51:E5:CD:F9:62:DB:C2:6B:35:24:88:D0:83:1B:DF:9A:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mnCwUeXN-WLbwms1JIjQgxvfmjw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f9691d-afb2-41f2-8d22-fa46b4f9a20c/1/2PQY1SMWyIjvt8SuFjqatqjgKls.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e6/f9691d-afb2-41f2-8d22-fa46b4f9a20c/1/mnCwUeXN-WLbwms1JIjQgxvfmjw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.40.40.0/21
84.40.58.0-84.40.63.255
185.90.48.0/22
Signature Algorithm: sha256WithRSAEncryption
19:48:10:cc:c7:0d:bb:5f:2d:22:f5:93:49:c0:9b:82:33:58:
5a:5d:79:18:ef:38:fe:8e:b8:ff:d2:1d:f4:eb:5c:a0:21:a6:
19:c9:7e:a4:8c:0b:ee:ed:21:ea:b1:49:bb:85:35:d5:cb:c1:
dd:ae:75:0b:ba:4a:27:2a:e6:f4:0a:28:93:ea:4b:41:d2:bc:
46:60:d8:60:73:4a:84:46:f6:92:32:d7:16:06:2b:99:68:19:
7e:59:e8:1e:40:bd:82:25:dd:f5:17:6f:5f:c8:fe:b1:b9:82:
1f:97:ca:96:06:f0:35:3c:fd:c5:5a:44:ea:5a:5d:36:45:15:
8a:da:de:9a:86:fb:7f:51:1c:c1:e6:4b:86:50:e8:02:b1:a3:
12:37:a6:e1:4e:c6:f4:7a:1f:5e:c5:3e:43:9d:49:c9:2c:01:
cc:01:fe:74:08:ce:85:b9:a2:28:e6:30:64:85:ca:67:3e:0b:
8b:13:5f:d2:f1:ef:47:81:e1:8f:ee:df:28:91:73:b7:6d:8d:
e2:97:fb:db:d2:a0:56:01:b0:1c:65:ac:fd:54:e7:dd:2e:20:
9c:4b:2d:01:63:b4:44:5b:dd:70:23:26:5f:3f:bf:4b:ab:cc:
ef:64:d4:3c:11:54:75:06:93:8b:e8:0e:a6:8e:80:3a:35:94:
ec:03:b6:2c
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzGuJktcALmjkWcaOf5Od5RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhNzBiMDUxZTVjZGY5NjJkYmMyNmIzNTI0ODhkMDgzMWJk
ZjlhM2MwHhcNMjQwMTAxMjAzMDM1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGY0MThkNTIzMTZjODg4ZWZiN2M0YWUxNjNhOWFiNmE4ZTAyYTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxLcCtkg3AT50sl83Qwbk4GTHgGJ8
ZkS5urySFS7km+5uj1wGV07DuazP8w137nn7RxmiQ0wxaJ+EPevSs2qRNZ7SHQhu
skYxUvNlffUTKNTtyLy10pU3e84ZCdxrMz8zByQEO+s63o6RkLi5f7LS0Gp69kVQ
P8cpEOERLGS6tRa1QpVRHPiDG893Z7jf0RKq7lCb2VF3rAwOG6hn+f4veCbmdu2w
Slm285FZcpyQdAlH6lMLs6YbPfNdWXS51XQgKl7IRIxAqvZ4tIfHLV4It2Zv/8cf
bvV/2toVGzc2rXT1otWgJpiYx/gtOufPFCh9ANWGv+zz5/ybLeEfx9uzjwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFNj0GNUjFsiI77fErhY6mrao4CpbMB8GA1UdIwQY
MBaAFJpwsFHlzfli28JrNSSI0IMb35o8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbW5Dd1VlWE4tV0xid21zMUpJalFneHZmbWp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNi9mOTY5MWQtYWZiMi00MWYyLThkMjIt
ZmE0NmI0ZjlhMjBjLzEvMlBRWTFTTVd5SWp2dDhTdUZqcWF0cWpnS2xzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNi9mOTY5MWQtYWZiMi00MWYyLThkMjItZmE0NmI0ZjlhMjBj
LzEvbW5Dd1VlWE4tV0xid21zMUpJalFneHZmbWp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQDVCgoMAwD
BAFUKDoDBAZUKAADBAK5WjAwDQYJKoZIhvcNAQELBQADggEBABlIEMzHDbtfLSL1
k0nAm4IzWFpdeRjvOP6OuP/SHfTrXKAhphnJfqSMC+7tIeqxSbuFNdXLwd2udQu6
Sicq5vQKKJPqS0HSvEZg2GBzSoRG9pIy1xYGK5loGX5Z6B5AvYIl3fUXb1/I/rG5
gh+XypYG8DU8/cVaROpaXTZFFYra3pqG+39RHMHmS4ZQ6AKxoxI3puFOxvR6H17F
PkOdScksAcwB/nQIzoW5oijmMGSFymc+C4sTX9Lx70eB4Y/u3yiRc7dtjeKX+9vS
oFYBsBxlrP1U590uIJxLLQFjtERb3XAjJl8/v0urzO9k1DwRVHUGk4voDqaOgDo1
lOwDtiw=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:40:04 2024 by rpki-client on console-fra.rpki-client.org