Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/_2eOxMC5juXVzqJQhVqlZzgSoBA.roa
File: _2eOxMC5juXVzqJQhVqlZzgSoBA.roa (raw, json)
Hash identifier: WSPYAoOoxssjbiRs3YT9wXDPHOxLj2QZc3MogbayiXQ=
Subject key identifier: FF:67:8E:C4:C0:B9:8E:E5:D5:CE:A2:50:85:5A:A5:67:38:12:A0:10
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 018CC56DF5F194A9C5C1FF6820DCA4C6914A
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/_2eOxMC5juXVzqJQhVqlZzgSoBA.roa
Signing time: Mon 01 Jan 2024 14:29:26 +0000
ROA not before: Mon 01 Jan 2024 14:29:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 9087
IP address blocks: 213.145.76.0/23 maxlen: 23
213.145.72.0/23 maxlen: 23
213.145.78.0/23 maxlen: 23
213.145.90.0/23 maxlen: 24
213.145.92.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c5:6d:f5:f1:94:a9:c5:c1:ff:68:20:dc:a4:c6:91:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Jan 1 14:29:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ff678ec4c0b98ee5d5cea250855aa5673812a010
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6c:d5:20:b9:53:48:4d:9e:6d:32:ec:72:c8:
cc:3f:4f:1f:7d:5b:d4:e4:76:36:a6:67:56:fd:53:
fc:75:7f:49:02:fc:df:f3:33:9f:42:58:59:78:4b:
f1:31:d0:c2:0f:e6:cb:7c:5a:97:01:9c:2f:b2:d6:
42:8d:a2:1c:c7:dd:76:b8:5f:ba:99:7f:dd:8b:27:
b5:43:3d:e9:c8:3f:c5:7e:da:8f:89:32:33:30:bf:
fb:c5:7b:61:88:cf:bb:cc:ab:47:74:a4:63:fb:38:
34:25:5d:f6:fb:4d:54:a7:68:25:30:b7:58:1d:69:
f0:7f:eb:8e:85:f3:13:b1:e2:aa:63:8b:18:cd:a2:
5a:25:b6:f1:8c:2c:8f:c5:6f:cd:c9:83:6f:1b:53:
eb:18:44:eb:58:6d:db:de:4b:cf:88:91:b4:4e:0c:
9a:c2:0e:3d:68:62:55:ab:bd:73:17:61:bd:00:dc:
32:3a:55:11:37:f8:b6:ab:c9:4f:05:fe:1e:1d:ee:
cb:e9:64:14:60:56:2a:bb:85:91:d1:6a:03:de:85:
14:1f:bb:b1:da:4a:88:4f:1c:b2:65:f1:a1:e4:dc:
da:4d:f5:db:11:49:17:e5:ce:ce:e9:c3:a9:6c:c5:
51:e3:c4:03:f9:45:a7:49:76:47:2a:48:b9:31:94:
cd:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:67:8E:C4:C0:B9:8E:E5:D5:CE:A2:50:85:5A:A5:67:38:12:A0:10
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/_2eOxMC5juXVzqJQhVqlZzgSoBA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.145.72.0/23
213.145.76.0/22
213.145.90.0-213.145.93.255
Signature Algorithm: sha256WithRSAEncryption
51:df:e2:47:40:0e:48:cf:ed:45:a7:62:69:08:77:8b:f3:b7:
3a:85:3a:0c:f1:65:36:9f:cc:47:ba:61:b5:16:9d:1f:a7:c4:
bf:01:2c:6a:9f:48:fb:25:e6:83:ec:13:7b:46:30:7c:3f:9e:
84:26:19:b1:90:f9:22:8c:cc:6b:c3:d6:b0:6b:65:54:ca:b0:
e6:4a:0f:ed:5f:3a:d2:27:5a:c4:fd:24:45:2f:d4:49:d3:da:
f0:7b:4e:31:20:6e:9e:9a:b4:3f:7c:81:9d:74:e8:ce:e4:24:
5b:20:b6:21:3f:73:f5:79:dc:b8:df:59:89:c3:02:81:7b:d6:
78:3d:8a:63:a2:d4:7b:d4:87:0f:d1:df:ef:f3:4f:d6:55:8d:
94:cf:04:cd:24:12:ea:21:61:75:02:4b:b9:b5:51:62:71:fe:
08:aa:7c:5d:f4:3d:23:8f:eb:05:48:11:79:74:c1:b1:ee:b5:
f6:25:39:43:0f:47:d5:b7:cc:89:0a:24:e7:d2:d9:63:54:b7:
01:6c:31:12:db:78:91:cb:45:74:af:0d:0d:6a:4b:08:84:8e:
c3:01:f4:40:34:09:7f:63:7f:98:b5:2b:9e:64:78:3e:95:2b:
53:97:c8:29:2f:2b:f8:28:bd:89:30:ca:6d:47:df:84:b9:6c:
1e:71:44:fd
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAYzFbfXxlKnFwf9oINykxpFKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjQwMTAxMTQyOTI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjY3OGVjNGMwYjk4ZWU1ZDVjZWEyNTA4NTVhYTU2NzM4MTJhMDEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsmzVILlTSE2ebTLscsjMP08ffVvU
5HY2pmdW/VP8dX9JAvzf8zOfQlhZeEvxMdDCD+bLfFqXAZwvstZCjaIcx912uF+6
mX/diye1Qz3pyD/FftqPiTIzML/7xXthiM+7zKtHdKRj+zg0JV32+01Up2glMLdY
HWnwf+uOhfMTseKqY4sYzaJaJbbxjCyPxW/NyYNvG1PrGETrWG3b3kvPiJG0Tgya
wg49aGJVq71zF2G9ANwyOlURN/i2q8lPBf4eHe7L6WQUYFYqu4WR0WoD3oUUH7ux
2kqITxyyZfGh5NzaTfXbEUkX5c7O6cOpbMVR48QD+UWnSXZHKki5MZTNowIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFP9njsTAuY7l1c6iUIVapWc4EqAQMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvXzJlT3hNQzVqdVhWenFKUWhWcWxaemdTb0JBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQB1ZFIAwQC
1ZFMMAwDBAHVkVoDBAHVkVwwDQYJKoZIhvcNAQELBQADggEBAFHf4kdADkjP7UWn
YmkId4vztzqFOgzxZTafzEe6YbUWnR+nxL8BLGqfSPsl5oPsE3tGMHw/noQmGbGQ
+SKMzGvD1rBrZVTKsOZKD+1fOtInWsT9JEUv1EnT2vB7TjEgbp6atD98gZ106M7k
JFsgtiE/c/V53LjfWYnDAoF71ng9imOi1HvUhw/R3+/zT9ZVjZTPBM0kEuohYXUC
S7m1UWJx/giqfF30PSOP6wVIEXl0wbHutfYlOUMPR9W3zIkKJOfS2WNUtwFsMRLb
eJHLRXSvDQ1qSwiEjsMB9EA0CX9jf5i1K55keD6VK1OXyCkvK/govYkwym1H34S5
bB5xRP0=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:46:59 2024 by rpki-client on console-ams.rpki-client.org