Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/2UoF19p2pz1ECK8oOKnwYnlxt78.roa
File: 2UoF19p2pz1ECK8oOKnwYnlxt78.roa (raw, json)
Hash identifier: 7CHpaChrItZiF6o3/MXbDaxzh5NBhQzaEjO9hxiaXdY=
Subject key identifier: D9:4A:05:D7:DA:76:A7:3D:44:08:AF:28:38:A9:F0:62:79:71:B7:BF
Certificate issuer: /CN=6de2aab077c9eef103f97984f309d891e5a19983
Certificate serial: 018CC34959EB40602A6D2734715ACD2F0222
Authority key identifier: 6D:E2:AA:B0:77:C9:EE:F1:03:F9:79:84:F3:09:D8:91:E5:A1:99:83
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/beKqsHfJ7vED-XmE8wnYkeWhmYM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/2UoF19p2pz1ECK8oOKnwYnlxt78.roa
Signing time: Mon 01 Jan 2024 04:30:13 +0000
ROA not before: Mon 01 Jan 2024 04:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 205516
IP address blocks: 89.223.4.0/24 maxlen: 24
89.223.11.0/24 maxlen: 24
91.147.96.0/22 maxlen: 24
45.86.80.0/22 maxlen: 24
185.215.160.0/22 maxlen: 24
2a0b:abc0::/29 maxlen: 48
2a0e:db80::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/beKqsHfJ7vED-XmE8wnYkeWhmYM.crl
rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/beKqsHfJ7vED-XmE8wnYkeWhmYM.mft
rsync://rpki.ripe.net/repository/DEFAULT/beKqsHfJ7vED-XmE8wnYkeWhmYM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 13:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:49:59:eb:40:60:2a:6d:27:34:71:5a:cd:2f:02:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6de2aab077c9eef103f97984f309d891e5a19983
Validity
Not Before: Jan 1 04:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d94a05d7da76a73d4408af2838a9f0627971b7bf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:73:dc:00:5d:fb:38:ba:e7:04:b8:8e:2b:a8:
9d:64:37:15:da:57:ad:98:19:4b:ef:8f:c4:8d:46:
ea:25:ef:b4:51:af:d2:d9:0c:63:e8:06:93:8c:eb:
5f:4a:70:83:e0:47:83:71:52:5e:55:77:8e:f0:b2:
34:65:7d:86:60:98:78:bb:6f:4b:cf:0f:78:c0:49:
f3:4a:04:00:1a:68:c7:e1:f2:87:0b:46:b5:ee:4e:
9c:1b:86:9c:58:79:e4:4f:73:e6:5c:75:42:0b:08:
f0:44:d2:6d:2c:87:f1:e2:32:84:3f:4c:62:bc:df:
40:5f:54:a4:f6:d1:6f:86:34:56:bb:05:a1:0a:12:
ff:80:09:0f:4d:86:ab:22:40:ec:ba:aa:06:56:7a:
04:72:0d:ad:68:cb:ae:22:03:f7:b7:ee:5f:0b:48:
9e:cf:82:b8:dd:72:f6:1b:61:97:05:9a:11:53:cb:
42:5a:65:f1:4f:17:40:ad:c8:9b:9f:97:2f:fb:ec:
4c:c0:6c:47:91:01:00:1f:3a:d1:62:2e:72:37:52:
96:6a:df:62:5d:f4:8d:b3:54:7f:83:b4:fd:f3:7e:
b6:fe:4a:e9:b0:5b:3d:f6:05:1c:32:51:92:65:d9:
30:c4:48:76:96:5e:70:7c:71:81:47:0a:33:e6:bf:
68:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:4A:05:D7:DA:76:A7:3D:44:08:AF:28:38:A9:F0:62:79:71:B7:BF
X509v3 Authority Key Identifier:
keyid:6D:E2:AA:B0:77:C9:EE:F1:03:F9:79:84:F3:09:D8:91:E5:A1:99:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/beKqsHfJ7vED-XmE8wnYkeWhmYM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/2UoF19p2pz1ECK8oOKnwYnlxt78.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f0/a40070-aa17-42fe-86dd-b9ae57394189/1/beKqsHfJ7vED-XmE8wnYkeWhmYM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.80.0/22
89.223.4.0/24
89.223.11.0/24
91.147.96.0/22
185.215.160.0/22
IPv6:
2a0b:abc0::/29
2a0e:db80::/29
Signature Algorithm: sha256WithRSAEncryption
30:7a:02:2b:fa:4d:a6:82:60:37:e2:46:37:2c:57:cd:6f:19:
57:36:99:79:5d:96:e4:5d:0e:18:ae:b0:8f:6d:f4:92:ea:ab:
08:0f:c6:45:e9:e4:d5:b5:c8:4a:d0:95:d0:6a:07:26:30:b5:
39:9b:32:8c:4a:51:5f:6e:3a:9c:13:ce:b8:cd:89:4a:75:fb:
42:10:cd:ee:d0:ab:75:ad:d6:65:18:e8:a8:49:76:7c:0b:00:
1b:a7:02:b4:c7:b1:97:a5:44:8a:04:70:95:a3:0b:0e:4b:e2:
68:6f:99:d5:05:e8:f8:7f:d0:39:ae:05:57:f8:53:ad:91:7a:
d8:32:5d:37:0e:25:ed:10:a0:83:3c:0a:40:79:91:96:f7:e7:
31:34:ec:ae:38:41:32:a6:16:85:15:e1:f1:a8:a6:9b:10:f6:
94:e3:c7:c8:7f:37:41:13:76:8b:0a:74:94:37:f6:2a:54:81:
b2:f7:04:89:de:58:f8:79:16:b1:ee:8c:0e:3c:1b:a0:df:a3:
37:a9:28:24:21:cd:d8:db:d7:d9:73:f5:17:3c:68:47:b3:fb:
1b:69:55:e3:7c:4e:f6:d9:b4:a4:4b:26:97:94:7f:e4:85:1c:
d3:fa:14:8a:d7:5c:a5:29:44:56:45:ec:38:af:1f:07:3f:be:
72:d7:6f:e1
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAYzDSVnrQGAqbSc0cVrNLwIiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZTJhYWIwNzdjOWVlZjEwM2Y5Nzk4NGYzMDlkODkxZTVh
MTk5ODMwHhcNMjQwMTAxMDQzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTRhMDVkN2RhNzZhNzNkNDQwOGFmMjgzOGE5ZjA2Mjc5NzFiN2JmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HPcAF37OLrnBLiOK6idZDcV2let
mBlL74/EjUbqJe+0Ua/S2Qxj6AaTjOtfSnCD4EeDcVJeVXeO8LI0ZX2GYJh4u29L
zw94wEnzSgQAGmjH4fKHC0a17k6cG4acWHnkT3PmXHVCCwjwRNJtLIfx4jKEP0xi
vN9AX1Sk9tFvhjRWuwWhChL/gAkPTYarIkDsuqoGVnoEcg2taMuuIgP3t+5fC0ie
z4K43XL2G2GXBZoRU8tCWmXxTxdArcibn5cv++xMwGxHkQEAHzrRYi5yN1KWat9i
XfSNs1R/g7T98362/krpsFs99gUcMlGSZdkwxEh2ll5wfHGBRwoz5r9oJwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFNlKBdfadqc9RAivKDip8GJ5cbe/MB8GA1UdIwQY
MBaAFG3iqrB3ye7xA/l5hPMJ2JHloZmDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmVLcXNIZko3dkVELVhtRTh3bllrZVdobVlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMC9hNDAwNzAtYWExNy00MmZlLTg2ZGQt
YjlhZTU3Mzk0MTg5LzEvMlVvRjE5cDJwejFFQ0s4b09LbndZbmx4dDc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMC9hNDAwNzAtYWExNy00MmZlLTg2ZGQtYjlhZTU3Mzk0MTg5
LzEvYmVLcXNIZko3dkVELVhtRTh3bllrZVdobVlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQCLVZQAwQA
Wd8EAwQAWd8LAwQCW5NgAwQCudegMBQEAgACMA4DBQMqC6vAAwUDKg7bgDANBgkq
hkiG9w0BAQsFAAOCAQEAMHoCK/pNpoJgN+JGNyxXzW8ZVzaZeV2W5F0OGK6wj230
kuqrCA/GRenk1bXIStCV0GoHJjC1OZsyjEpRX246nBPOuM2JSnX7QhDN7tCrda3W
ZRjoqEl2fAsAG6cCtMexl6VEigRwlaMLDkviaG+Z1QXo+H/QOa4FV/hTrZF62DJd
Nw4l7RCggzwKQHmRlvfnMTTsrjhBMqYWhRXh8aimmxD2lOPHyH83QRN2iwp0lDf2
KlSBsvcEid5Y+HkWse6MDjwboN+jN6koJCHN2NvX2XP1FzxoR7P7G2lV43xO9tm0
pEsml5R/5IUc0/oUitdcpSlEVkXsOK8fBz++ctdv4Q==
-----END CERTIFICATE-----
Generated at Wed May 15 17:13:15 2024 by rpki-client on console-ams.rpki-client.org