Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/2HcpW-jYFmf6Jn8gwlo1h4h01ss.roa
File: 2HcpW-jYFmf6Jn8gwlo1h4h01ss.roa (raw, json)
Hash identifier: 9X+kpSItBK+Jc8vypAAVTXGbtgYczY45/y0JHH+p4Is=
Subject key identifier: D8:77:29:5B:E8:D8:16:67:FA:26:7F:20:C2:5A:35:87:88:74:D6:CB
Certificate issuer: /CN=4540daa4c245a4725f38041402b6bffded15ea78
Certificate serial: 01931FD67A806DAA0747A03CD70BEFDBAEA4
Authority key identifier: 45:40:DA:A4:C2:45:A4:72:5F:38:04:14:02:B6:BF:FD:ED:15:EA:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RUDapMJFpHJfOAQUAra__e0V6ng.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/2HcpW-jYFmf6Jn8gwlo1h4h01ss.roa
Signing time: Tue 12 Nov 2024 10:06:09 +0000
ROA not before: Tue 12 Nov 2024 10:06:09 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201746
IP address blocks: 178.236.125.0/24 maxlen: 24
185.49.168.0/22 maxlen: 24
185.70.139.0/24 maxlen: 24
193.5.150.0/24 maxlen: 24
217.61.224.0/22 maxlen: 24
2a01:9f20::/37 maxlen: 37
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/RUDapMJFpHJfOAQUAra__e0V6ng.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/RUDapMJFpHJfOAQUAra__e0V6ng.mft
rsync://rpki.ripe.net/repository/DEFAULT/RUDapMJFpHJfOAQUAra__e0V6ng.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:1f:d6:7a:80:6d:aa:07:47:a0:3c:d7:0b:ef:db:ae:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4540daa4c245a4725f38041402b6bffded15ea78
Validity
Not Before: Nov 12 10:06:09 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d877295be8d81667fa267f20c25a35878874d6cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:8a:86:78:3b:93:fd:bb:0f:3e:27:22:f3:79:
a3:a0:c3:f1:b3:d0:eb:38:26:52:d2:4c:79:be:d0:
8a:8b:ae:bc:37:49:3f:9c:1c:f0:7c:d6:8a:43:bf:
1e:ae:a8:9a:c8:6c:47:44:73:33:47:fd:b2:08:d0:
40:05:56:fc:de:95:74:45:b7:b7:c6:5d:f6:6b:e2:
e3:01:c4:e3:b8:b5:3b:23:e5:a3:ca:b1:52:82:26:
f9:5b:95:a5:e1:52:25:0d:8d:c7:c0:da:c4:32:58:
7f:79:93:9a:29:54:a7:f9:05:03:be:b5:00:49:e4:
73:32:13:d3:0d:07:89:fb:ba:4f:1a:f6:66:fd:0d:
fd:32:26:a3:1a:86:fc:16:02:d6:12:8c:fa:96:9e:
bc:2b:6f:a5:44:6c:54:a7:70:c8:a7:42:f2:2d:39:
ee:99:7d:12:65:58:a0:2d:1d:3a:06:30:f8:b6:51:
11:97:20:12:fe:6e:f5:6d:c0:a2:cc:bd:70:de:39:
59:f6:05:ff:61:ed:42:b2:f4:d1:c6:48:2a:b3:6d:
e1:bd:9c:c6:cd:c5:3f:c1:61:eb:61:79:be:1b:3b:
ef:2a:ab:f3:d7:74:78:eb:4d:b2:73:3f:77:b3:b6:
b0:ca:81:c1:48:98:ca:c9:3f:25:03:44:24:e4:20:
34:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:77:29:5B:E8:D8:16:67:FA:26:7F:20:C2:5A:35:87:88:74:D6:CB
X509v3 Authority Key Identifier:
keyid:45:40:DA:A4:C2:45:A4:72:5F:38:04:14:02:B6:BF:FD:ED:15:EA:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RUDapMJFpHJfOAQUAra__e0V6ng.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/2HcpW-jYFmf6Jn8gwlo1h4h01ss.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/c0ba6f-df6f-4148-8fca-d25aaa804145/1/RUDapMJFpHJfOAQUAra__e0V6ng.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.236.125.0/24
185.49.168.0/22
185.70.139.0/24
193.5.150.0/24
217.61.224.0/22
IPv6:
2a01:9f20::/37
Signature Algorithm: sha256WithRSAEncryption
70:74:a1:5c:47:0d:4f:5a:da:70:90:10:d1:17:07:54:a5:04:
dd:21:58:f7:53:02:96:1f:89:f5:a4:76:cc:b7:d8:0e:f4:7f:
3a:3f:d5:a4:15:3a:f6:48:69:23:77:39:e3:38:a8:3e:71:c7:
54:e2:b6:d5:5d:23:03:af:cb:a9:27:15:41:a0:46:d1:98:dd:
1c:09:b1:6a:e0:2e:45:3f:ec:31:50:40:31:5f:ca:5d:58:ee:
63:cb:77:d8:b1:68:25:16:e6:db:04:bb:58:21:e8:8e:0b:af:
29:02:31:76:6a:dd:ff:49:66:f1:58:b7:bf:bb:22:05:20:a3:
8b:ca:0d:72:e9:c8:ea:12:f2:5a:bc:c2:61:a7:48:cf:bf:24:
52:d7:49:19:d3:fc:e7:76:2d:cf:71:2d:8e:f1:c7:d6:92:d9:
f5:82:a8:be:ca:c5:8a:5b:70:09:4d:a4:16:a6:df:09:a0:51:
84:04:89:88:50:9c:da:dd:42:03:f7:50:ce:e8:6b:31:3c:12:
41:bb:9e:1a:84:a4:55:88:82:05:7d:10:fe:ad:ac:d6:79:53:
39:cb:f0:6a:f4:2e:f7:11:a3:5c:1f:da:1b:f7:40:62:93:52:
80:34:c8:ce:1a:a5:68:e8:2c:61:de:3c:61:76:75:b1:ce:53:
81:f3:1d:29
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZMf1nqAbaoHR6A81wvv266kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ1NDBkYWE0YzI0NWE0NzI1ZjM4MDQxNDAyYjZiZmZkZWQx
NWVhNzgwHhcNMjQxMTEyMTAwNjA5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODc3Mjk1YmU4ZDgxNjY3ZmEyNjdmMjBjMjVhMzU4Nzg4NzRkNmNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwIqGeDuT/bsPPici83mjoMPxs9Dr
OCZS0kx5vtCKi668N0k/nBzwfNaKQ78erqiayGxHRHMzR/2yCNBABVb83pV0Rbe3
xl32a+LjAcTjuLU7I+WjyrFSgib5W5Wl4VIlDY3HwNrEMlh/eZOaKVSn+QUDvrUA
SeRzMhPTDQeJ+7pPGvZm/Q39MiajGob8FgLWEoz6lp68K2+lRGxUp3DIp0LyLTnu
mX0SZVigLR06BjD4tlERlyAS/m71bcCizL1w3jlZ9gX/Ye1CsvTRxkgqs23hvZzG
zcU/wWHrYXm+GzvvKqvz13R4602ycz93s7awyoHBSJjKyT8lA0Qk5CA0DQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFNh3KVvo2BZn+iZ/IMJaNYeIdNbLMB8GA1UdIwQY
MBaAFEVA2qTCRaRyXzgEFAK2v/3tFep4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUlVEYXBNSkZwSEpmT0FRVUFyYV9fZTBWNm5nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi9jMGJhNmYtZGY2Zi00MTQ4LThmY2Et
ZDI1YWFhODA0MTQ1LzEvMkhjcFctallGbWY2Sm44Z3dsbzFoNGgwMXNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi9jMGJhNmYtZGY2Zi00MTQ4LThmY2EtZDI1YWFhODA0MTQ1
LzEvUlVEYXBNSkZwSEpmT0FRVUFyYV9fZTBWNm5nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjAkBAIAATAeAwQAsux9AwQC
uTGoAwQAuUaLAwQAwQWWAwQC2T3gMA4EAgACMAgDBgMqAZ8gADANBgkqhkiG9w0B
AQsFAAOCAQEAcHShXEcNT1racJAQ0RcHVKUE3SFY91MClh+J9aR2zLfYDvR/Oj/V
pBU69khpI3c54zioPnHHVOK21V0jA6/LqScVQaBG0ZjdHAmxauAuRT/sMVBAMV/K
XVjuY8t32LFoJRbm2wS7WCHojguvKQIxdmrd/0lm8Vi3v7siBSCji8oNcunI6hLy
WrzCYadIz78kUtdJGdP853Ytz3EtjvHH1pLZ9YKovsrFiltwCU2kFqbfCaBRhASJ
iFCc2t1CA/dQzuhrMTwSQbueGoSkVYiCBX0Q/q2s1nlTOcvwavQu9xGjXB/aG/dA
YpNSgDTIzhqlaOgsYd48YXZ1sc5TgfMdKQ==
-----END CERTIFICATE-----
Generated at Fri Nov 22 20:30:26 2024 by rpki-client on console-ams.rpki-client.org