Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/g2aDFMc_zeXBsyAvn7oEpAPzAyM.roa
File: g2aDFMc_zeXBsyAvn7oEpAPzAyM.roa (raw, json)
Hash identifier: Ecwu6YSn7PBnhiSvevGuKG+9S0HmT1VyH8JQvLqhCvk=
Subject key identifier: 83:66:83:14:C7:3F:CD:E5:C1:B3:20:2F:9F:BA:04:A4:03:F3:03:23
Certificate issuer: /CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Certificate serial: 01931A7565B78A7290BFF8E9AE686708ABFC
Authority key identifier: FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/g2aDFMc_zeXBsyAvn7oEpAPzAyM.roa
Signing time: Mon 11 Nov 2024 09:02:01 +0000
ROA not before: Mon 11 Nov 2024 09:02:01 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203466
IP address blocks: 188.214.194.0/24 maxlen: 24
213.134.13.0/24 maxlen: 24
2a06:f940:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/1-yqlrPybsP5rkR8eytPrVNRcs28.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/1-yqlrPybsP5rkR8eytPrVNRcs28.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 06:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1a:75:65:b7:8a:72:90:bf:f8:e9:ae:68:67:08:ab:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fb2aa5acfc9bb0fe6b911f1ecad3eb54d45cb36f
Validity
Not Before: Nov 11 09:02:01 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=83668314c73fcde5c1b3202f9fba04a403f30323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ac:8f:7c:a6:c6:10:3f:7f:9b:90:55:c6:d0:
95:c4:01:7e:88:eb:91:4c:54:84:98:45:52:45:7d:
b6:c7:ae:7f:78:2a:87:2a:33:56:9a:10:bf:a1:9e:
28:ef:6b:b6:3b:9f:f3:ed:c9:24:c4:3b:78:cd:27:
6d:ee:54:f8:51:db:69:b8:94:42:78:87:92:8e:8f:
44:a4:7a:31:91:8a:91:c3:c6:93:0d:09:c5:7a:69:
bd:dd:1d:4f:0a:4e:88:f3:a0:55:0b:1d:25:b5:b1:
20:1e:fb:49:30:a3:b3:04:75:86:b2:95:85:5c:da:
bf:4b:43:b5:4b:2c:78:3d:d5:1f:18:40:e6:18:11:
c2:61:36:8e:c7:f0:66:3b:7e:cd:ad:62:5d:0c:fa:
6f:73:46:6f:8f:f2:76:5a:d5:33:cc:7a:51:73:db:
53:db:44:71:09:48:cb:78:fa:23:38:18:78:9c:9d:
ed:a3:4f:86:d5:64:16:f0:1e:4c:e1:b3:77:35:21:
25:03:1a:a5:cd:d0:0c:43:f7:05:6d:2f:7c:66:96:
8e:9d:66:83:76:22:c8:f0:9b:e4:7b:71:61:d0:d8:
05:59:e8:64:7d:0c:04:ab:50:eb:d0:d8:24:e9:ac:
4e:cb:69:bc:2e:80:6e:ee:5e:cb:a6:fa:e0:79:b7:
91:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:66:83:14:C7:3F:CD:E5:C1:B3:20:2F:9F:BA:04:A4:03:F3:03:23
X509v3 Authority Key Identifier:
keyid:FB:2A:A5:AC:FC:9B:B0:FE:6B:91:1F:1E:CA:D3:EB:54:D4:5C:B3:6F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-yqlrPybsP5rkR8eytPrVNRcs28.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/g2aDFMc_zeXBsyAvn7oEpAPzAyM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/d9e7ed-3c0f-4a92-8716-ee057cf9c161/1/1-yqlrPybsP5rkR8eytPrVNRcs28.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
188.214.194.0/24
213.134.13.0/24
IPv6:
2a06:f940:1::/48
Signature Algorithm: sha256WithRSAEncryption
3b:d7:db:84:00:9e:f8:f5:d5:46:b7:12:0a:57:e4:eb:b9:ba:
9f:7d:a3:bc:6e:39:e6:d1:ca:03:f1:4f:72:20:5d:67:ec:bd:
32:95:51:28:40:9f:2f:36:58:85:eb:09:d6:fd:be:97:7a:40:
a8:7a:b0:6d:d6:61:32:05:b1:21:a3:b6:d3:c3:de:3c:7f:5c:
42:e4:d4:5b:b0:2f:54:13:6a:47:b3:ca:8d:06:6f:e2:b1:89:
3c:38:10:3e:b0:67:44:76:2a:25:b2:3b:c1:5d:18:cf:1c:5c:
5c:e0:c3:34:7f:c6:4e:6f:ee:cf:95:53:62:1f:21:32:81:74:
e4:0e:ab:9b:bc:dc:26:df:82:a4:27:bf:4a:33:53:ca:a3:ee:
b7:80:8c:43:68:87:29:c8:47:b1:7e:6e:56:b1:77:ba:98:6f:
8d:fb:e8:fc:11:8d:d2:21:df:9a:e7:7c:13:cb:d7:2c:10:0c:
11:ba:1a:67:45:ea:ee:e4:a1:46:82:5f:ab:84:31:7a:85:3e:
d2:11:df:9e:1f:bc:ed:a0:7d:c2:9a:29:68:41:e0:4f:53:90:
67:32:6e:6a:e3:21:19:cb:4d:ad:d9:d7:06:ec:18:bb:a7:5d:
bf:57:d6:06:24:1c:cd:aa:b1:84:54:d9:2b:8c:18:e0:2b:02:
f0:27:9c:fc
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZMadWW3inKQv/jprmhnCKv8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiMmFhNWFjZmM5YmIwZmU2YjkxMWYxZWNhZDNlYjU0ZDQ1
Y2IzNmYwHhcNMjQxMTExMDkwMjAxWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzY2ODMxNGM3M2ZjZGU1YzFiMzIwMmY5ZmJhMDRhNDAzZjMwMzIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzKyPfKbGED9/m5BVxtCVxAF+iOuR
TFSEmEVSRX22x65/eCqHKjNWmhC/oZ4o72u2O5/z7ckkxDt4zSdt7lT4UdtpuJRC
eIeSjo9EpHoxkYqRw8aTDQnFemm93R1PCk6I86BVCx0ltbEgHvtJMKOzBHWGspWF
XNq/S0O1Syx4PdUfGEDmGBHCYTaOx/BmO37NrWJdDPpvc0Zvj/J2WtUzzHpRc9tT
20RxCUjLePojOBh4nJ3to0+G1WQW8B5M4bN3NSElAxqlzdAMQ/cFbS98ZpaOnWaD
diLI8Jvke3Fh0NgFWehkfQwEq1Dr0Ngk6axOy2m8LoBu7l7LpvrgebeR3wIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFINmgxTHP83lwbMgL5+6BKQD8wMjMB8GA1UdIwQY
MBaAFPsqpaz8m7D+a5EfHsrT61TUXLNvMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS15cWxyUHlic1A1cmtSOGV5dFByVk5SY3MyOC5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2
LWVlMDU3Y2Y5YzE2MS8xL2cyYURGTWNfemVYQnN5QXZuN29FcEFQekF5TS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjEvZDllN2VkLTNjMGYtNGE5Mi04NzE2LWVlMDU3Y2Y5YzE2
MS8xLzEteXFsclB5YnNQNXJrUjhleXRQclZOUmNzMjguY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwNgYIKwYBBQUHAQcBAf8EJzAlMBIEAgABMAwDBAC81sID
BADVhg0wDwQCAAIwCQMHACoG+UAAATANBgkqhkiG9w0BAQsFAAOCAQEAO9fbhACe
+PXVRrcSClfk67m6n32jvG455tHKA/FPciBdZ+y9MpVRKECfLzZYhesJ1v2+l3pA
qHqwbdZhMgWxIaO208PePH9cQuTUW7AvVBNqR7PKjQZv4rGJPDgQPrBnRHYqJbI7
wV0YzxxcXODDNH/GTm/uz5VTYh8hMoF05A6rm7zcJt+CpCe/SjNTyqPut4CMQ2iH
KchHsX5uVrF3uphvjfvo/BGN0iHfmud8E8vXLBAMEboaZ0Xq7uShRoJfq4QxeoU+
0hHfnh+87aB9wpopaEHgT1OQZzJuauMhGctNrdnXBuwYu6ddv1fWBiQczaqxhFTZ
K4wY4CsC8Cec/A==
-----END CERTIFICATE-----
Generated at Fri Nov 22 15:02:24 2024 by rpki-client on console-ams.rpki-client.org