Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/s2jM2m4KrOzV4Mvlcj1odhv-1rY.roa
File: s2jM2m4KrOzV4Mvlcj1odhv-1rY.roa (raw, json)
Hash identifier: 2vg4N7Yt629oOCU4QRx9uQjMYaeALy3to//FVhidm8Y=
Subject key identifier: B3:68:CC:DA:6E:0A:AC:EC:D5:E0:CB:E5:72:3D:68:76:1B:FE:D6:B6
Certificate issuer: /CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Certificate serial: 018DBE8AC473E4668665964775CF48509ECE
Authority key identifier: BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/s2jM2m4KrOzV4Mvlcj1odhv-1rY.roa
Signing time: Sun 18 Feb 2024 23:26:21 +0000
ROA not before: Sun 18 Feb 2024 23:26:21 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 12824
IP address blocks: 46.41.128.0/18 maxlen: 24
46.242.128.0/17 maxlen: 24
62.129.192.0/18 maxlen: 24
79.96.0.0/16 maxlen: 24
89.161.128.0/17 maxlen: 24
188.128.128.0/17 maxlen: 24
212.85.96.0/19 maxlen: 24
2a02:25a8::/29 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.crl
rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.mft
rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 10:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:be:8a:c4:73:e4:66:86:65:96:47:75:cf:48:50:9e:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb2b48f64358011c7842d3cec5cb2d47068b836d
Validity
Not Before: Feb 18 23:26:21 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=b368ccda6e0aacecd5e0cbe5723d68761bfed6b6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:cc:e4:ac:74:7f:6a:d5:4a:3f:01:5a:cd:16:
1f:aa:1b:d4:34:8f:ce:c1:7c:83:02:dd:aa:40:1e:
c6:b2:a0:69:e8:03:ff:1c:59:5e:df:c3:88:ff:c1:
35:14:88:30:6b:eb:6f:a2:95:5e:d8:bb:4c:4e:cc:
3b:ee:d6:18:32:f3:0a:b9:42:f7:3b:bc:6b:97:16:
4f:af:09:a9:b2:7c:ef:91:7a:2c:55:96:b1:76:1a:
63:07:26:c0:b5:3f:7b:71:fc:d6:d8:2f:1d:c1:8f:
82:f6:91:97:51:43:06:de:e9:7a:15:9d:6c:9b:86:
2d:c2:09:62:0f:f6:c5:f4:53:e0:38:4e:96:a1:94:
26:0d:c1:4c:46:8a:46:d3:6f:9c:8e:de:4b:fd:e6:
24:0c:14:87:03:d3:39:ab:24:28:0c:f5:3a:3e:7f:
d6:fb:f9:0d:b6:0e:11:ca:60:d0:21:3a:d1:48:c7:
7c:e0:fb:c7:6a:2e:3e:4a:26:13:c7:b2:49:f6:7a:
ae:6b:85:88:22:3e:1f:08:b2:a9:69:e1:90:07:9e:
ec:ce:37:72:e0:f8:14:87:ae:50:86:eb:35:1f:3f:
ac:7f:20:97:f7:5a:ef:9b:d6:c6:7b:a0:df:06:b1:
ae:f4:dd:9b:c1:43:1d:4a:dc:35:2c:80:66:7e:8f:
29:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:68:CC:DA:6E:0A:AC:EC:D5:E0:CB:E5:72:3D:68:76:1B:FE:D6:B6
X509v3 Authority Key Identifier:
keyid:BB:2B:48:F6:43:58:01:1C:78:42:D3:CE:C5:CB:2D:47:06:8B:83:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uytI9kNYARx4QtPOxcstRwaLg20.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/s2jM2m4KrOzV4Mvlcj1odhv-1rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/eb/f66b6b-cdde-40cb-a182-c5229863aeba/1/uytI9kNYARx4QtPOxcstRwaLg20.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.41.128.0/18
46.242.128.0/17
62.129.192.0/18
79.96.0.0/16
89.161.128.0/17
188.128.128.0/17
212.85.96.0/19
IPv6:
2a02:25a8::/29
Signature Algorithm: sha256WithRSAEncryption
0a:ae:1b:d7:6a:82:8d:4a:fa:57:a2:7f:69:69:1e:cd:4c:51:
2f:a7:69:df:fe:f6:14:d3:bb:89:ef:81:38:01:4c:cc:01:48:
1f:90:88:ef:52:7e:09:68:38:57:d2:87:ea:e6:39:fb:5c:bf:
66:ec:66:7b:ac:66:6e:70:c2:03:7f:bd:aa:fa:2c:b4:9c:38:
49:e4:9a:45:11:39:cf:67:7d:43:db:9e:0b:57:f0:2b:06:09:
2c:52:5c:b7:f0:06:17:65:2b:70:90:f9:b3:55:35:b5:97:e2:
a2:00:db:50:93:31:d1:8c:a2:dd:bb:39:08:da:63:c6:15:ad:
ab:ff:c9:a8:92:c6:d3:39:13:9d:0d:ae:6b:3a:95:18:f4:61:
fb:11:5a:8f:d7:dc:a2:45:14:af:b7:70:fe:a0:bf:4a:3d:34:
0e:f7:98:92:1a:8d:be:dc:63:be:ad:42:04:f9:d6:00:4b:7c:
94:f4:a9:92:38:7b:ed:94:24:16:f7:f2:b8:db:5c:1e:ec:27:
71:9f:e7:f5:a2:f6:19:2c:93:56:06:67:7b:44:e9:9c:4d:a5:
a4:a5:90:a9:61:e7:29:83:b9:4e:78:da:2e:bb:9b:a6:61:98:
a9:5a:76:a6:86:f9:25:b7:da:e8:c2:16:45:20:e2:b4:53:42:
18:d6:64:fd
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAY2+isRz5GaGZZZHdc9IUJ7OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiMmI0OGY2NDM1ODAxMWM3ODQyZDNjZWM1Y2IyZDQ3MDY4
YjgzNmQwHhcNMjQwMjE4MjMyNjIxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzY4Y2NkYTZlMGFhY2VjZDVlMGNiZTU3MjNkNjg3NjFiZmVkNmI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt8zkrHR/atVKPwFazRYfqhvUNI/O
wXyDAt2qQB7GsqBp6AP/HFle38OI/8E1FIgwa+tvopVe2LtMTsw77tYYMvMKuUL3
O7xrlxZPrwmpsnzvkXosVZaxdhpjBybAtT97cfzW2C8dwY+C9pGXUUMG3ul6FZ1s
m4YtwgliD/bF9FPgOE6WoZQmDcFMRopG02+cjt5L/eYkDBSHA9M5qyQoDPU6Pn/W
+/kNtg4RymDQITrRSMd84PvHai4+SiYTx7JJ9nqua4WIIj4fCLKpaeGQB57szjdy
4PgUh65Qhus1Hz+sfyCX91rvm9bGe6DfBrGu9N2bwUMdStw1LIBmfo8p7wIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFLNozNpuCqzs1eDL5XI9aHYb/ta2MB8GA1UdIwQY
MBaAFLsrSPZDWAEceELTzsXLLUcGi4NtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODIt
YzUyMjk4NjNhZWJhLzEvczJqTTJtNEtyT3pWNE12bGNqMW9kaHYtMXJZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYi9mNjZiNmItY2RkZS00MGNiLWExODItYzUyMjk4NjNhZWJh
LzEvdXl0STlrTllBUng0UXRQT3hjc3RSd2FMZzIwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAvBAIAATApAwQGLimAAwQH
LvKAAwQGPoHAAwMAT2ADBAdZoYADBAe8gIADBAXUVWAwDQQCAAIwBwMFAyoCJagw
DQYJKoZIhvcNAQELBQADggEBAAquG9dqgo1K+leif2lpHs1MUS+nad/+9hTTu4nv
gTgBTMwBSB+QiO9SfgloOFfSh+rmOftcv2bsZnusZm5wwgN/var6LLScOEnkmkUR
Oc9nfUPbngtX8CsGCSxSXLfwBhdlK3CQ+bNVNbWX4qIA21CTMdGMot27OQjaY8YV
rav/yaiSxtM5E50Nrms6lRj0YfsRWo/X3KJFFK+3cP6gv0o9NA73mJIajb7cY76t
QgT51gBLfJT0qZI4e+2UJBb38rjbXB7sJ3Gf5/Wi9hksk1YGZ3tE6ZxNpaSlkKlh
5ymDuU542i67m6ZhmKladqaG+SW32ujCFkUg4rRTQhjWZP0=
-----END CERTIFICATE-----
Generated at Sat Jun 1 12:41:14 2024 by rpki-client on console-fra.rpki-client.org