Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/v_L2Patzm3vGfLghAapB13-OeEc.roa
File: v_L2Patzm3vGfLghAapB13-OeEc.roa (raw, json)
Hash identifier: LR5IrmH4w9mZM8wdnJGkkWinOJsj/fih5+iV99TigNk=
Subject key identifier: BF:F2:F6:3D:AB:73:9B:7B:C6:7C:B8:21:01:AA:41:D7:7F:8E:78:47
Certificate issuer: /CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Certificate serial: 018F194A55FFF935A9EAD847922BA19971E0
Authority key identifier: 70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/v_L2Patzm3vGfLghAapB13-OeEc.roa
Signing time: Fri 26 Apr 2024 07:24:13 +0000
ROA not before: Fri 26 Apr 2024 07:24:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200044
IP address blocks: 89.249.16.0/20 maxlen: 24
89.249.31.0/24 maxlen: 24
93.158.192.0/21 maxlen: 21
93.158.192.0/22 maxlen: 22
93.158.192.0/23 maxlen: 23
93.158.192.0/24 maxlen: 24
93.158.193.0/24 maxlen: 24
93.158.194.0/23 maxlen: 23
93.158.194.0/24 maxlen: 24
93.158.195.0/24 maxlen: 24
93.158.196.0/24 maxlen: 24
93.158.197.0/24 maxlen: 24
93.158.198.0/23 maxlen: 23
93.158.198.0/24 maxlen: 24
93.158.199.0/24 maxlen: 24
109.238.240.0/20 maxlen: 24
109.238.246.0/24 maxlen: 24
185.159.64.0/22 maxlen: 24
185.159.64.0/24 maxlen: 24
194.156.28.0/24 maxlen: 24
2a00:eb8::/32 maxlen: 32
2a0d:380::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:19:4a:55:ff:f9:35:a9:ea:d8:47:92:2b:a1:99:71:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70797db07bf6d4597ac2dc8be34f89298008f2cd
Validity
Not Before: Apr 26 07:24:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=bff2f63dab739b7bc67cb82101aa41d77f8e7847
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:4e:bb:1e:a0:c7:b3:f7:64:b1:05:8e:a6:00:
bd:5b:1a:90:bc:d2:2f:59:1a:a7:31:02:47:dc:d2:
31:3a:70:4d:80:0f:a6:f5:5a:64:b4:4f:2f:d0:ad:
ea:dc:75:e8:df:cc:10:ba:2a:0c:6a:c6:e9:0b:39:
37:bf:88:c3:7f:40:af:4f:15:ea:0e:34:62:e6:8a:
eb:ad:c4:d0:79:f4:34:ff:7f:da:6f:08:f2:fc:61:
60:10:84:55:6a:6a:74:67:d2:a1:07:89:dc:75:11:
d8:c2:f1:79:37:74:61:9c:87:88:ec:08:dc:e4:5c:
92:f4:51:99:69:23:28:fb:eb:cd:33:6a:e1:13:72:
c7:7e:29:84:29:fb:23:be:7f:f6:25:ae:ca:4b:36:
c6:09:64:67:9b:a1:89:0d:41:9e:21:ae:a6:d7:2c:
2c:d3:e3:0c:df:fe:7c:08:22:d9:6c:b4:53:cc:16:
67:f6:4b:59:4e:70:36:fd:45:fd:0d:64:8a:29:21:
98:54:6a:65:dd:96:41:be:8a:c7:63:8d:bb:60:3c:
8d:6c:8e:ec:04:9f:93:fa:1b:08:5f:c8:32:f0:c3:
5a:92:fd:b4:f3:15:76:8b:f0:2b:aa:80:30:86:53:
5c:28:d9:cd:f4:a3:c2:bb:6d:e2:76:c3:20:b1:1f:
84:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:F2:F6:3D:AB:73:9B:7B:C6:7C:B8:21:01:AA:41:D7:7F:8E:78:47
X509v3 Authority Key Identifier:
keyid:70:79:7D:B0:7B:F6:D4:59:7A:C2:DC:8B:E3:4F:89:29:80:08:F2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cHl9sHv21Fl6wtyL40-JKYAI8s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/v_L2Patzm3vGfLghAapB13-OeEc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/c2ee7a-cbb7-470e-b965-907daa46463b/1/cHl9sHv21Fl6wtyL40-JKYAI8s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.249.16.0/20
93.158.192.0/21
109.238.240.0/20
185.159.64.0/22
194.156.28.0/24
IPv6:
2a00:eb8::/32
2a0d:380::/29
Signature Algorithm: sha256WithRSAEncryption
a2:2b:af:d5:01:35:70:7c:71:ed:b5:b1:9e:20:04:94:3a:af:
b3:d6:ad:98:8e:fb:9e:97:c6:37:52:cc:f0:dd:37:f2:eb:11:
a0:bd:a0:0b:6f:46:5e:b4:25:44:c7:ed:a3:c1:f6:fa:6b:75:
f4:98:dd:80:9b:e0:6e:14:b8:81:75:ed:f7:a1:f3:e3:5f:90:
92:78:af:3e:09:14:0b:2f:77:a4:9f:22:ab:5a:28:39:0a:ef:
95:0c:06:a0:5e:15:e4:f5:b6:bb:af:59:08:36:81:49:15:9c:
6e:b6:5e:df:dd:11:5a:98:99:09:94:7f:75:0d:3e:59:43:d6:
1c:a9:1f:58:bf:d5:ef:00:ed:cc:57:0c:c2:17:d0:c7:6a:6e:
2c:c1:fe:df:c0:a2:a9:8b:44:7e:82:5c:44:0c:fe:3b:5b:7d:
de:69:de:78:12:57:4c:04:0f:f9:d5:1d:a7:cd:76:dd:ef:be:
49:c8:ad:df:47:b1:fa:82:31:ee:c1:b6:a4:9d:83:a2:13:cc:
cb:0c:52:d2:4b:57:0d:12:cc:83:1c:4a:8f:b1:26:9b:a5:ba:
10:d4:1e:19:eb:6e:f1:1b:97:48:f0:f9:7e:26:12:b4:b0:b5:
f9:8f:bd:cc:8a:8a:62:66:c7:e4:dc:f4:f5:08:33:78:bb:87:
48:d0:e7:15
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAY8ZSlX/+TWp6thHkiuhmXHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwNzk3ZGIwN2JmNmQ0NTk3YWMyZGM4YmUzNGY4OTI5ODAw
OGYyY2QwHhcNMjQwNDI2MDcyNDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZmYyZjYzZGFiNzM5YjdiYzY3Y2I4MjEwMWFhNDFkNzdmOGU3ODQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtE67HqDHs/dksQWOpgC9WxqQvNIv
WRqnMQJH3NIxOnBNgA+m9VpktE8v0K3q3HXo38wQuioMasbpCzk3v4jDf0CvTxXq
DjRi5orrrcTQefQ0/3/abwjy/GFgEIRVamp0Z9KhB4ncdRHYwvF5N3RhnIeI7Ajc
5FyS9FGZaSMo++vNM2rhE3LHfimEKfsjvn/2Ja7KSzbGCWRnm6GJDUGeIa6m1yws
0+MM3/58CCLZbLRTzBZn9ktZTnA2/UX9DWSKKSGYVGpl3ZZBvorHY427YDyNbI7s
BJ+T+hsIX8gy8MNakv208xV2i/ArqoAwhlNcKNnN9KPCu23idsMgsR+EcQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFL/y9j2rc5t7xny4IQGqQdd/jnhHMB8GA1UdIwQY
MBaAFHB5fbB79tRZesLci+NPiSmACPLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUt
OTA3ZGFhNDY0NjNiLzEvdl9MMlBhdHptM3ZHZkxnaEFhcEIxMy1PZUVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS9jMmVlN2EtY2JiNy00NzBlLWI5NjUtOTA3ZGFhNDY0NjNi
LzEvY0hsOXNIdjIxRmw2d3R5TDQwLUpLWUFJOHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDAkBAIAATAeAwQEWfkQAwQD
XZ7AAwQEbe7wAwQCuZ9AAwQAwpwcMBQEAgACMA4DBQAqAA64AwUDKg0DgDANBgkq
hkiG9w0BAQsFAAOCAQEAoiuv1QE1cHxx7bWxniAElDqvs9atmI77npfGN1LM8N03
8usRoL2gC29GXrQlRMfto8H2+mt19JjdgJvgbhS4gXXt96Hz41+QknivPgkUCy93
pJ8iq1ooOQrvlQwGoF4V5PW2u69ZCDaBSRWcbrZe390RWpiZCZR/dQ0+WUPWHKkf
WL/V7wDtzFcMwhfQx2puLMH+38CiqYtEfoJcRAz+O1t93mneeBJXTAQP+dUdp812
3e++Scit30ex+oIx7sG2pJ2DohPMywxS0ktXDRLMgxxKj7Emm6W6ENQeGetu8RuX
SPD5fiYStLC1+Y+9zIqKYmbH5Nz09QgzeLuHSNDnFQ==
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:14:17 2024 by rpki-client on console-ams.rpki-client.org