Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/9ccf72-f2df-45b6-937b-6e079069b65b/1/k2zTrsB7fWejCzofv3ARWgbw--8.roa
File: k2zTrsB7fWejCzofv3ARWgbw--8.roa (raw, json)
Hash identifier: nzIh6J+Z3UUYrp2pZ0buggk7VZoukPWhYRkQJa60huM=
Subject key identifier: 93:6C:D3:AE:C0:7B:7D:67:A3:0B:3A:1F:BF:70:11:5A:06:F0:FB:EF
Certificate issuer: /CN=f6a1722e8baddc358a15874265b466743e703656
Certificate serial: 0193AAFADA7F4E6C146A38DFF8E3E329A1CB
Authority key identifier: F6:A1:72:2E:8B:AD:DC:35:8A:15:87:42:65:B4:66:74:3E:70:36:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9qFyLout3DWKFYdCZbRmdD5wNlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/9ccf72-f2df-45b6-937b-6e079069b65b/1/k2zTrsB7fWejCzofv3ARWgbw--8.roa
Signing time: Mon 09 Dec 2024 10:33:06 +0000
ROA not before: Mon 09 Dec 2024 10:33:06 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 206217
IP address blocks: 146.66.128.0/24 maxlen: 24
185.110.228.0/22 maxlen: 22
185.110.228.0/23 maxlen: 23
185.110.228.0/24 maxlen: 24
185.110.230.0/23 maxlen: 23
185.110.230.0/24 maxlen: 24
185.110.231.0/24 maxlen: 24
2a0f:cbc0::/29 maxlen: 29
2a0f:cbc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/9ccf72-f2df-45b6-937b-6e079069b65b/1/9qFyLout3DWKFYdCZbRmdD5wNlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/9ccf72-f2df-45b6-937b-6e079069b65b/1/9qFyLout3DWKFYdCZbRmdD5wNlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/9qFyLout3DWKFYdCZbRmdD5wNlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 28 Dec 2024 18:00:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:93:aa:fa:da:7f:4e:6c:14:6a:38:df:f8:e3:e3:29:a1:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f6a1722e8baddc358a15874265b466743e703656
Validity
Not Before: Dec 9 10:33:06 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=936cd3aec07b7d67a30b3a1fbf70115a06f0fbef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:e8:08:f2:5c:d8:6a:e9:66:91:4d:3f:60:95:
d6:64:e2:8a:73:ed:ae:5b:3f:c8:09:71:44:8b:d0:
33:9e:49:eb:75:dc:aa:e4:a1:6e:98:01:4a:11:55:
bf:e6:62:72:0e:d8:8f:82:41:10:b3:83:0f:f0:ff:
1f:fe:9e:41:6a:5a:0b:ff:f0:90:5e:5e:72:1d:f7:
29:de:97:1b:19:27:36:b8:51:3e:ca:d3:de:04:aa:
3a:3e:d4:1c:35:21:4b:0a:b3:c6:93:93:7d:09:0c:
65:1a:93:41:30:30:e2:b7:51:9b:87:c4:7b:2d:e5:
09:a3:08:01:7c:2a:be:fb:b2:c0:e1:6e:59:08:5e:
68:b1:56:e7:91:a4:a0:de:bc:ec:21:13:91:34:19:
64:38:39:41:d3:92:4c:dc:ce:2a:20:7c:7e:e9:fc:
e5:a8:f7:59:e4:19:d9:3d:92:09:b4:0e:84:4a:46:
8b:2f:be:90:0c:e7:61:5a:94:2f:e2:18:c7:6d:bf:
c7:34:95:61:33:e1:cd:98:51:bd:bf:3e:22:2a:3b:
a3:84:d0:b2:2b:7f:18:b8:a5:88:35:4c:67:1b:79:
03:2b:88:cd:6b:81:9b:cb:65:87:0c:99:16:de:74:
ad:d2:8f:24:f2:5a:b7:6c:cd:7a:af:7d:88:be:a7:
01:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:6C:D3:AE:C0:7B:7D:67:A3:0B:3A:1F:BF:70:11:5A:06:F0:FB:EF
X509v3 Authority Key Identifier:
keyid:F6:A1:72:2E:8B:AD:DC:35:8A:15:87:42:65:B4:66:74:3E:70:36:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9qFyLout3DWKFYdCZbRmdD5wNlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/9ccf72-f2df-45b6-937b-6e079069b65b/1/k2zTrsB7fWejCzofv3ARWgbw--8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/9ccf72-f2df-45b6-937b-6e079069b65b/1/9qFyLout3DWKFYdCZbRmdD5wNlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.66.128.0/24
185.110.228.0/22
IPv6:
2a0f:cbc0::/29
Signature Algorithm: sha256WithRSAEncryption
93:ad:bf:4d:de:03:b6:0d:61:dc:4b:0c:54:d1:f5:94:c1:77:
91:5f:06:9b:79:5f:c7:99:29:c3:d5:17:9a:2a:d9:6e:18:d7:
26:83:8e:cd:ee:17:26:e6:74:39:ea:a2:ae:fb:44:ff:1f:df:
b8:53:d6:ab:4c:e0:cf:0d:48:45:f2:ba:78:4b:a8:c9:a1:e3:
c3:13:e3:fb:36:79:54:41:88:1f:0d:fa:18:af:c0:f7:f1:5b:
ec:11:09:d1:c5:f9:6a:20:20:80:ef:ce:2b:5e:32:67:35:cb:
f3:f8:cb:bd:34:43:d1:ff:4b:df:15:83:77:d2:fb:e7:5d:a0:
d3:99:7e:fa:ac:6a:2e:72:a6:cf:fe:97:74:94:a5:ba:fc:d3:
d7:21:ef:4d:82:e3:90:96:ac:39:a3:4d:ae:dd:2b:f3:1a:6c:
7c:60:4c:a6:02:6a:22:ae:74:b5:8f:76:d4:c9:79:9a:d7:e1:
cc:9f:c5:02:5d:ef:aa:ad:00:c5:8d:74:52:9b:31:d8:62:72:
77:87:d6:ab:77:9f:e5:26:d9:7a:1e:6d:1a:36:a8:ba:ad:55:
e6:39:c9:e6:bc:e8:05:33:e5:89:cf:c2:08:49:39:f5:e0:9f:
97:83:31:5f:2c:0c:25:27:c1:86:93:a0:d7:b6:38:32:44:4c:
b2:2b:3d:f2
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZOq+tp/TmwUajjf+OPjKaHLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2YTE3MjJlOGJhZGRjMzU4YTE1ODc0MjY1YjQ2Njc0M2U3
MDM2NTYwHhcNMjQxMjA5MTAzMzA2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzZjZDNhZWMwN2I3ZDY3YTMwYjNhMWZiZjcwMTE1YTA2ZjBmYmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+gI8lzYaulmkU0/YJXWZOKKc+2u
Wz/ICXFEi9Aznknrddyq5KFumAFKEVW/5mJyDtiPgkEQs4MP8P8f/p5BaloL//CQ
Xl5yHfcp3pcbGSc2uFE+ytPeBKo6PtQcNSFLCrPGk5N9CQxlGpNBMDDit1Gbh8R7
LeUJowgBfCq++7LA4W5ZCF5osVbnkaSg3rzsIRORNBlkODlB05JM3M4qIHx+6fzl
qPdZ5BnZPZIJtA6ESkaLL76QDOdhWpQv4hjHbb/HNJVhM+HNmFG9vz4iKjujhNCy
K38YuKWINUxnG3kDK4jNa4Gby2WHDJkW3nSt0o8k8lq3bM16r32IvqcBYwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFJNs067Ae31nows6H79wEVoG8PvvMB8GA1UdIwQY
MBaAFPahci6Lrdw1ihWHQmW0ZnQ+cDZWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXFGeUxvdXQzRFdLRllkQ1piUm1kRDV3TmxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy85Y2NmNzItZjJkZi00NWI2LTkzN2It
NmUwNzkwNjliNjViLzEvazJ6VHJzQjdmV2VqQ3pvZnYzQVJXZ2J3LS04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy85Y2NmNzItZjJkZi00NWI2LTkzN2ItNmUwNzkwNjliNjVi
LzEvOXFGeUxvdXQzRFdLRllkQ1piUm1kRDV3TmxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQAkkKAAwQC
uW7kMA0EAgACMAcDBQMqD8vAMA0GCSqGSIb3DQEBCwUAA4IBAQCTrb9N3gO2DWHc
SwxU0fWUwXeRXwabeV/HmSnD1ReaKtluGNcmg47N7hcm5nQ56qKu+0T/H9+4U9ar
TODPDUhF8rp4S6jJoePDE+P7NnlUQYgfDfoYr8D38VvsEQnRxflqICCA784rXjJn
Ncvz+Mu9NEPR/0vfFYN30vvnXaDTmX76rGoucqbP/pd0lKW6/NPXIe9NguOQlqw5
o02u3SvzGmx8YEymAmoirnS1j3bUyXma1+HMn8UCXe+qrQDFjXRSmzHYYnJ3h9ar
d5/lJtl6Hm0aNqi6rVXmOcnmvOgFM+WJz8IISTn14J+XgzFfLAwlJ8GGk6DXtjgy
REyyKz3y
-----END CERTIFICATE-----
Generated at Fri Dec 27 20:59:50 2024 by rpki-client on console-fra.rpki-client.org