Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/f78937-aed3-4b6f-aa2d-c832ed7d5fec/1/cN2OP3d04pShgUvMTJ0CgR39Mfw.roa
File: cN2OP3d04pShgUvMTJ0CgR39Mfw.roa (raw, json)
Hash identifier: ckoQeKKTlK5mUGBloIQyI8gUTF9wfvJzvnDf0AkyXec=
Subject key identifier: 70:DD:8E:3F:77:74:E2:94:A1:81:4B:CC:4C:9D:02:81:1D:FD:31:FC
Certificate issuer: /CN=e98e202381c1c88d82f3b70f3be068a1aa372b9d
Certificate serial: 018CCA2AEE10C24EC0672C18D7A42FB2167F
Authority key identifier: E9:8E:20:23:81:C1:C8:8D:82:F3:B7:0F:3B:E0:68:A1:AA:37:2B:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6Y4gI4HByI2C87cPO-Booao3K50.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/f78937-aed3-4b6f-aa2d-c832ed7d5fec/1/cN2OP3d04pShgUvMTJ0CgR39Mfw.roa
Signing time: Tue 02 Jan 2024 12:34:20 +0000
ROA not before: Tue 02 Jan 2024 12:34:20 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 201076
IP address blocks: 188.64.209.0/24 maxlen: 24
188.64.210.0/24 maxlen: 24
188.64.211.0/24 maxlen: 24
188.64.208.0/24 maxlen: 24
141.226.248.0/24 maxlen: 24
2a07:e7c0:2::/48 maxlen: 48
2a07:e7c0::/48 maxlen: 48
2a07:e7c0:1000::/48 maxlen: 48
2a07:e7c0:3::/48 maxlen: 48
2a07:e7c0:1::/48 maxlen: 48
2a07:e7c0:147::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/f78937-aed3-4b6f-aa2d-c832ed7d5fec/1/6Y4gI4HByI2C87cPO-Booao3K50.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/f78937-aed3-4b6f-aa2d-c832ed7d5fec/1/6Y4gI4HByI2C87cPO-Booao3K50.mft
rsync://rpki.ripe.net/repository/DEFAULT/6Y4gI4HByI2C87cPO-Booao3K50.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:ca:2a:ee:10:c2:4e:c0:67:2c:18:d7:a4:2f:b2:16:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e98e202381c1c88d82f3b70f3be068a1aa372b9d
Validity
Not Before: Jan 2 12:34:20 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=70dd8e3f7774e294a1814bcc4c9d02811dfd31fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:bf:60:a9:51:d6:7c:c3:e9:af:45:cd:e1:f5:
b6:0a:d8:29:2d:e8:88:3b:2b:f8:ec:3b:a0:3e:46:
fa:b5:c4:92:84:b4:66:16:68:d1:42:a0:41:73:3a:
60:25:16:a3:35:ca:fa:1b:ad:13:ac:c7:79:fc:1d:
c5:86:a0:b2:06:2a:08:24:d2:85:b4:35:03:81:f4:
fc:9f:8c:46:c0:7a:ce:19:b3:8b:c9:af:00:3e:48:
8e:c5:f5:1c:cf:fd:84:13:a6:79:17:b3:54:f8:76:
49:82:06:3b:05:d3:0f:4a:01:b8:e8:25:34:37:21:
38:53:ec:b0:2d:12:dd:50:a6:1d:b8:a4:37:09:28:
e8:9e:5b:c0:ca:f5:a1:d1:cc:b0:11:a6:a5:a2:5e:
03:59:17:2c:e2:b7:f4:bb:dc:8f:c2:ca:d7:92:87:
31:a6:18:94:3d:cb:cc:85:64:5a:64:4f:2f:41:64:
1e:37:6b:d3:7d:14:82:e5:88:be:8a:c5:cf:3c:fb:
4d:9f:61:af:b5:4b:9d:21:c7:be:5c:10:bc:13:34:
84:26:ad:e3:43:b3:71:37:6a:81:91:28:62:d1:82:
86:50:31:02:b6:2b:23:7e:49:ff:5d:58:0a:c5:ce:
76:7b:9a:64:2e:76:ca:61:41:05:bd:a5:28:c0:c6:
14:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:DD:8E:3F:77:74:E2:94:A1:81:4B:CC:4C:9D:02:81:1D:FD:31:FC
X509v3 Authority Key Identifier:
keyid:E9:8E:20:23:81:C1:C8:8D:82:F3:B7:0F:3B:E0:68:A1:AA:37:2B:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6Y4gI4HByI2C87cPO-Booao3K50.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f78937-aed3-4b6f-aa2d-c832ed7d5fec/1/cN2OP3d04pShgUvMTJ0CgR39Mfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/f78937-aed3-4b6f-aa2d-c832ed7d5fec/1/6Y4gI4HByI2C87cPO-Booao3K50.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.226.248.0/24
188.64.208.0/22
IPv6:
2a07:e7c0::/46
2a07:e7c0:147::/48
2a07:e7c0:1000::/48
Signature Algorithm: sha256WithRSAEncryption
43:b2:78:eb:13:53:08:13:de:f8:bc:b4:71:c6:68:2d:eb:62:
36:31:ea:af:eb:10:e9:64:ec:8c:41:47:17:d7:bb:48:df:1f:
81:cb:84:52:78:9d:8e:1d:a7:b6:e8:57:b5:67:b4:5d:cc:8e:
7d:f2:72:41:dc:4c:29:56:96:47:88:76:27:d1:5f:41:d2:8d:
23:68:4b:2f:bf:c6:7e:e0:c1:13:3c:c5:bd:3d:1c:97:9b:59:
0e:9e:6e:99:62:c2:53:28:df:14:9e:9a:af:3e:65:0a:84:71:
38:b7:d4:2d:67:83:eb:8a:6d:31:ec:e2:b3:55:97:df:68:40:
04:79:be:91:2b:24:75:4c:df:a4:96:9c:a5:3c:30:49:67:6a:
7e:b8:d3:5b:79:9a:da:eb:2f:ad:a9:fb:b0:a7:7f:b1:9d:4f:
45:29:c6:13:81:94:4a:50:19:50:0a:57:ab:01:9f:93:11:a8:
c6:a3:e7:ea:3d:53:7c:e3:ec:67:fb:34:df:7b:d2:18:da:f0:
fb:89:2a:b3:d4:86:8e:21:14:da:a8:71:d6:42:74:bc:07:eb:
85:b0:0d:8b:30:9e:77:04:51:da:d3:4e:d9:87:c5:c1:30:18:
15:94:c8:e3:45:d0:9a:0e:93:6d:68:b8:12:ab:d0:66:93:9c:
e1:3a:0e:7d
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAYzKKu4Qwk7AZywY16QvshZ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5OGUyMDIzODFjMWM4OGQ4MmYzYjcwZjNiZTA2OGExYWEz
NzJiOWQwHhcNMjQwMTAyMTIzNDIwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MGRkOGUzZjc3NzRlMjk0YTE4MTRiY2M0YzlkMDI4MTFkZmQzMWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhL9gqVHWfMPpr0XN4fW2CtgpLeiI
Oyv47DugPkb6tcSShLRmFmjRQqBBczpgJRajNcr6G60TrMd5/B3FhqCyBioIJNKF
tDUDgfT8n4xGwHrOGbOLya8APkiOxfUcz/2EE6Z5F7NU+HZJggY7BdMPSgG46CU0
NyE4U+ywLRLdUKYduKQ3CSjonlvAyvWh0cywEaalol4DWRcs4rf0u9yPwsrXkocx
phiUPcvMhWRaZE8vQWQeN2vTfRSC5Yi+isXPPPtNn2GvtUudIce+XBC8EzSEJq3j
Q7NxN2qBkShi0YKGUDECtisjfkn/XVgKxc52e5pkLnbKYUEFvaUowMYUYQIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFHDdjj93dOKUoYFLzEydAoEd/TH8MB8GA1UdIwQY
MBaAFOmOICOBwciNgvO3DzvgaKGqNyudMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlk0Z0k0SEJ5STJDODdjUE8tQm9vYW8zSzUwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9mNzg5MzctYWVkMy00YjZmLWFhMmQt
YzgzMmVkN2Q1ZmVjLzEvY04yT1AzZDA0cFNoZ1V2TVRKMENnUjM5TWZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9mNzg5MzctYWVkMy00YjZmLWFhMmQtYzgzMmVkN2Q1ZmVj
LzEvNlk0Z0k0SEJ5STJDODdjUE8tQm9vYW8zSzUwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzASBAIAATAMAwQAjeL4AwQC
vEDQMCEEAgACMBsDBwIqB+fAAAADBwAqB+fAAUcDBwAqB+fAEAAwDQYJKoZIhvcN
AQELBQADggEBAEOyeOsTUwgT3vi8tHHGaC3rYjYx6q/rEOlk7IxBRxfXu0jfH4HL
hFJ4nY4dp7boV7VntF3Mjn3yckHcTClWlkeIdifRX0HSjSNoSy+/xn7gwRM8xb09
HJebWQ6ebpliwlMo3xSemq8+ZQqEcTi31C1ng+uKbTHs4rNVl99oQAR5vpErJHVM
36SWnKU8MElnan6401t5mtrrL62p+7Cnf7GdT0UpxhOBlEpQGVAKV6sBn5MRqMaj
5+o9U3zj7Gf7NN970hja8PuJKrPUho4hFNqocdZCdLwH64WwDYswnncEUdrTTtmH
xcEwGBWUyONF0JoOk21ouBKr0GaTnOE6Dn0=
-----END CERTIFICATE-----
Generated at Sat Dec 28 03:01:53 2024 by rpki-client on console-ams.rpki-client.org