Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/2L3SEp9aMtIJk721QKD1Z2QBw-8.roa
File: 2L3SEp9aMtIJk721QKD1Z2QBw-8.roa (raw, json)
Hash identifier: a9/6OxVRukRZdko+PvqA45JYtpg6pC9UXEAJgHtKdz0=
Subject key identifier: D8:BD:D2:12:9F:5A:32:D2:09:93:BD:B5:40:A0:F5:67:64:01:C3:EF
Certificate issuer: /CN=618cc46d71e7848978488961d7b51aba1541f3c4
Certificate serial: 0193043C4E7D9EBFEBA79F31607CBB3F02BC
Authority key identifier: 61:8C:C4:6D:71:E7:84:89:78:48:89:61:D7:B5:1A:BA:15:41:F3:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/2L3SEp9aMtIJk721QKD1Z2QBw-8.roa
Signing time: Thu 07 Nov 2024 01:28:01 +0000
ROA not before: Thu 07 Nov 2024 01:28:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209372
IP address blocks: 89.184.8.0/23 maxlen: 23
89.184.14.0/23 maxlen: 23
89.184.16.0/21 maxlen: 24
89.184.24.0/21 maxlen: 24
193.223.103.0/24 maxlen: 24
193.223.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/YYzEbXHnhIl4SIlh17UauhVB88Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/YYzEbXHnhIl4SIlh17UauhVB88Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:04:3c:4e:7d:9e:bf:eb:a7:9f:31:60:7c:bb:3f:02:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618cc46d71e7848978488961d7b51aba1541f3c4
Validity
Not Before: Nov 7 01:28:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d8bdd2129f5a32d20993bdb540a0f5676401c3ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:15:a8:bf:d2:1f:9a:ff:f6:82:ab:17:8c:fe:
db:1e:68:a4:34:7e:cc:2b:9a:fa:51:16:6e:55:eb:
93:7f:97:1d:eb:a3:90:fe:3c:31:70:38:a2:61:59:
d9:1d:09:10:8e:f5:23:fb:c9:51:c8:4d:39:e9:9c:
d5:78:8e:49:9f:9a:aa:dc:ac:6d:b8:20:66:2d:3e:
3a:9d:7c:70:1b:86:d1:4f:dd:b1:b9:f5:3b:92:01:
d9:cf:02:c7:87:21:e2:70:b7:1f:76:f4:c7:57:a5:
5f:8c:7e:5a:a1:05:ed:47:3b:3e:0b:e3:e6:0f:89:
b9:81:9b:79:1f:2c:70:dc:20:c8:4e:a0:9a:35:cc:
68:97:91:84:34:73:6b:bf:e0:9d:1e:96:08:7d:2c:
e2:60:37:8c:1f:e4:6d:f8:ce:6f:56:33:0a:5d:36:
95:11:9a:e3:1b:d3:a4:d1:68:8b:fc:1f:f4:e1:05:
49:b8:c9:6b:71:32:7c:be:0a:eb:93:54:06:05:f9:
ae:ee:5d:2d:87:03:a1:5f:92:09:a1:b4:6e:03:a7:
02:89:7a:e4:55:29:ad:63:2e:a8:ef:91:e1:25:d5:
d5:e7:97:f7:61:3f:f6:5a:4f:89:78:1c:bf:8a:d1:
38:59:45:a0:57:cf:02:ae:27:23:e7:eb:8c:31:ae:
94:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:BD:D2:12:9F:5A:32:D2:09:93:BD:B5:40:A0:F5:67:64:01:C3:EF
X509v3 Authority Key Identifier:
keyid:61:8C:C4:6D:71:E7:84:89:78:48:89:61:D7:B5:1A:BA:15:41:F3:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/2L3SEp9aMtIJk721QKD1Z2QBw-8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/YYzEbXHnhIl4SIlh17UauhVB88Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.184.8.0/23
89.184.14.0-89.184.31.255
193.223.103.0/24
193.223.108.0/24
Signature Algorithm: sha256WithRSAEncryption
93:28:4e:a2:0d:52:67:69:71:0d:cf:a0:54:ca:b6:69:3a:cf:
a9:9d:08:59:56:54:86:ee:54:25:37:de:b7:35:8f:5b:73:cb:
29:45:a9:1a:d1:f3:93:42:c5:56:a3:11:df:50:e5:94:0c:09:
58:61:47:5f:a7:2a:3f:84:55:36:d6:d5:45:d9:f0:d9:39:ee:
bf:f1:2b:33:b9:2a:b9:6f:70:10:ed:19:2a:df:93:2f:a6:b3:
c0:26:de:6e:df:05:0d:6e:45:1c:5c:ae:59:72:a1:6f:65:d6:
8a:b1:a9:27:08:1a:10:e0:20:f6:0f:9b:2f:85:6c:ff:08:1f:
2e:04:51:75:1f:9c:d7:cd:f7:80:c7:80:20:59:cb:13:0c:06:
f0:15:de:9b:c7:74:9c:0c:4d:20:e5:7e:48:47:45:e1:fb:08:
2e:81:06:d6:2f:03:54:4e:52:7a:a8:56:fa:c7:e9:35:37:c9:
ff:f6:97:b9:11:4f:3f:eb:69:8e:99:7f:4a:a0:80:ee:8f:ae:
a4:9f:f2:ef:36:ee:b1:77:d5:78:79:93:8e:af:4a:24:a2:89:
8c:28:e5:bd:34:6b:58:fa:bc:b9:4a:0c:2f:6a:c4:25:c6:2e:
36:10:68:42:46:2b:76:5b:ce:40:ec:28:57:86:95:1d:fb:6e:
f8:46:6a:82
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZMEPE59nr/rp58xYHy7PwK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxOGNjNDZkNzFlNzg0ODk3ODQ4ODk2MWQ3YjUxYWJhMTU0
MWYzYzQwHhcNMjQxMTA3MDEyODAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGJkZDIxMjlmNWEzMmQyMDk5M2JkYjU0MGEwZjU2NzY0MDFjM2VmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqhWov9Ifmv/2gqsXjP7bHmikNH7M
K5r6URZuVeuTf5cd66OQ/jwxcDiiYVnZHQkQjvUj+8lRyE056ZzVeI5Jn5qq3Kxt
uCBmLT46nXxwG4bRT92xufU7kgHZzwLHhyHicLcfdvTHV6VfjH5aoQXtRzs+C+Pm
D4m5gZt5Hyxw3CDITqCaNcxol5GENHNrv+CdHpYIfSziYDeMH+Rt+M5vVjMKXTaV
EZrjG9Ok0WiL/B/04QVJuMlrcTJ8vgrrk1QGBfmu7l0thwOhX5IJobRuA6cCiXrk
VSmtYy6o75HhJdXV55f3YT/2Wk+JeBy/itE4WUWgV88Cricj5+uMMa6UKQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFNi90hKfWjLSCZO9tUCg9WdkAcPvMB8GA1UdIwQY
MBaAFGGMxG1x54SJeEiJYde1GroVQfPEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVl6RWJYSG5oSWw0U0lsaDE3VWF1aFZCODhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8xMjc0MzAtZDRlOC00ZGEzLWJlYTIt
NGVmMTljY2M1N2QwLzEvMkwzU0VwOWFNdElKazcyMVFLRDFaMlFCdy04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8xMjc0MzAtZDRlOC00ZGEzLWJlYTItNGVmMTljY2M1N2Qw
LzEvWVl6RWJYSG5oSWw0U0lsaDE3VWF1aFZCODhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQBWbgIMAwD
BAFZuA4DBAVZuAADBADB32cDBADB32wwDQYJKoZIhvcNAQELBQADggEBAJMoTqIN
UmdpcQ3PoFTKtmk6z6mdCFlWVIbuVCU33rc1j1tzyylFqRrR85NCxVajEd9Q5ZQM
CVhhR1+nKj+EVTbW1UXZ8Nk57r/xKzO5KrlvcBDtGSrfky+ms8Am3m7fBQ1uRRxc
rllyoW9l1oqxqScIGhDgIPYPmy+FbP8IHy4EUXUfnNfN94DHgCBZyxMMBvAV3pvH
dJwMTSDlfkhHReH7CC6BBtYvA1ROUnqoVvrH6TU3yf/2l7kRTz/raY6Zf0qggO6P
rqSf8u827rF31Xh5k46vSiSiiYwo5b00a1j6vLlKDC9qxCXGLjYQaEJGK3ZbzkDs
KFeGlR37bvhGaoI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:12:37 2024 by rpki-client on console-fra.rpki-client.org