Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/oI4L0lebHxB8D7yGG5MU9Cma1XI.roa
File: oI4L0lebHxB8D7yGG5MU9Cma1XI.roa (raw, json)
Hash identifier: 984xU3jBmF5R2plwdiMalGVyGxM/M3qpJ+CJe8TCkyQ=
Subject key identifier: A0:8E:0B:D2:57:9B:1F:10:7C:0F:BC:86:1B:93:14:F4:29:9A:D5:72
Certificate issuer: /CN=12133a6523e2ed0a0c9a36ea8a7c6f0e72a5dd64
Certificate serial: 01904E716CD520558807E455F74BE2178E2B
Authority key identifier: 12:13:3A:65:23:E2:ED:0A:0C:9A:36:EA:8A:7C:6F:0E:72:A5:DD:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EhM6ZSPi7QoMmjbqinxvDnKl3WQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/oI4L0lebHxB8D7yGG5MU9Cma1XI.roa
Signing time: Tue 25 Jun 2024 08:09:34 +0000
ROA not before: Tue 25 Jun 2024 08:09:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47254
IP address blocks: 185.9.148.0/22 maxlen: 22
185.9.148.0/24 maxlen: 24
185.9.149.0/24 maxlen: 24
185.9.150.0/24 maxlen: 24
185.9.151.0/24 maxlen: 24
2a02:d1c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/EhM6ZSPi7QoMmjbqinxvDnKl3WQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/EhM6ZSPi7QoMmjbqinxvDnKl3WQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/EhM6ZSPi7QoMmjbqinxvDnKl3WQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 15 Nov 2024 14:42:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:4e:71:6c:d5:20:55:88:07:e4:55:f7:4b:e2:17:8e:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12133a6523e2ed0a0c9a36ea8a7c6f0e72a5dd64
Validity
Not Before: Jun 25 08:09:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a08e0bd2579b1f107c0fbc861b9314f4299ad572
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:6a:3b:09:95:b8:f3:90:c6:8d:19:ea:42:cc:
44:b8:8c:49:38:a3:b7:4d:b0:37:1f:25:4f:95:62:
ea:1d:82:8c:63:7e:f4:02:8d:0e:6c:24:1a:00:28:
bd:6b:53:99:77:e0:64:68:54:49:ec:3e:ee:fa:5f:
54:7d:f1:e1:af:36:a5:16:a5:92:af:75:9d:8b:71:
83:db:f1:46:5d:f3:0b:86:ae:87:bf:c5:c8:72:24:
c9:2d:e2:f9:4b:f3:4f:f0:af:09:8b:97:af:3e:9d:
65:c7:b7:cc:76:0e:56:15:b8:fe:87:82:9c:be:9a:
31:4f:ac:d5:08:f4:df:59:4f:3b:93:38:de:82:c3:
d5:32:fc:06:73:51:7b:81:5b:47:db:da:f0:ca:81:
50:ce:ad:89:8b:ee:82:f8:e0:6f:73:16:71:df:b4:
0d:79:e9:41:49:18:93:be:ed:2f:22:8e:3f:7b:94:
c5:d1:99:b2:00:80:6a:30:23:2e:17:64:d9:01:b6:
40:ec:6e:cc:4f:ad:b0:51:87:c6:e4:92:e4:84:c8:
eb:b8:ad:18:e4:7a:51:06:42:21:b0:73:5e:fc:21:
58:30:42:82:aa:a2:d7:b4:f0:a6:a5:cc:a0:44:8f:
4f:e5:a4:4e:b8:56:3a:af:17:c2:05:5d:b5:1c:8f:
d3:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:8E:0B:D2:57:9B:1F:10:7C:0F:BC:86:1B:93:14:F4:29:9A:D5:72
X509v3 Authority Key Identifier:
keyid:12:13:3A:65:23:E2:ED:0A:0C:9A:36:EA:8A:7C:6F:0E:72:A5:DD:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EhM6ZSPi7QoMmjbqinxvDnKl3WQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/oI4L0lebHxB8D7yGG5MU9Cma1XI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/934ec3-b76a-40d0-8a3a-824729ab4b9a/1/EhM6ZSPi7QoMmjbqinxvDnKl3WQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.9.148.0/22
IPv6:
2a02:d1c0::/29
Signature Algorithm: sha256WithRSAEncryption
71:b1:26:0b:84:6b:9a:0f:bd:ac:44:a6:f9:4d:5c:10:b7:8a:
93:9b:48:9d:fb:99:22:78:1d:b0:c5:b5:45:4b:29:b5:64:83:
39:93:48:d4:80:f2:da:03:3a:01:03:a4:0c:8a:aa:7f:7b:fa:
97:28:c8:f6:98:24:e8:82:bf:27:02:54:9a:5b:15:5e:82:de:
62:8c:be:6d:42:6e:ba:b7:51:62:4d:bd:91:05:bf:80:a7:48:
31:00:90:64:ab:b1:d7:c4:3f:09:a0:32:f8:df:71:5a:5d:5a:
a1:62:94:3d:60:8e:d3:62:03:19:30:09:4a:41:8f:e3:c8:e2:
e2:57:47:6c:3e:2b:d8:12:cd:2d:87:c6:7d:6f:1c:11:df:78:
ce:95:84:f2:67:32:69:24:8e:0d:7f:f1:f2:d7:be:8f:65:ef:
6a:0a:9a:a0:8c:5c:7b:ea:57:0c:5e:cf:35:2a:dd:c9:c6:fb:
58:c6:de:72:3d:9f:d1:04:e1:a3:e3:c9:d2:48:c1:57:11:c1:
12:43:c8:57:09:ac:c9:e9:fe:0d:fc:63:e6:c2:56:29:6f:ba:
2e:f6:b4:26:27:2d:fc:ee:c0:b2:69:27:17:0c:9f:1d:c1:74:
ba:91:5e:95:13:0d:72:84:8b:49:af:82:99:f0:68:af:18:4b:
02:88:02:db
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZBOcWzVIFWIB+RV90viF44rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyMTMzYTY1MjNlMmVkMGEwYzlhMzZlYThhN2M2ZjBlNzJh
NWRkNjQwHhcNMjQwNjI1MDgwOTM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDhlMGJkMjU3OWIxZjEwN2MwZmJjODYxYjkzMTRmNDI5OWFkNTcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi2o7CZW485DGjRnqQsxEuIxJOKO3
TbA3HyVPlWLqHYKMY370Ao0ObCQaACi9a1OZd+BkaFRJ7D7u+l9UffHhrzalFqWS
r3Wdi3GD2/FGXfMLhq6Hv8XIciTJLeL5S/NP8K8Ji5evPp1lx7fMdg5WFbj+h4Kc
vpoxT6zVCPTfWU87kzjegsPVMvwGc1F7gVtH29rwyoFQzq2Ji+6C+OBvcxZx37QN
eelBSRiTvu0vIo4/e5TF0ZmyAIBqMCMuF2TZAbZA7G7MT62wUYfG5JLkhMjruK0Y
5HpRBkIhsHNe/CFYMEKCqqLXtPCmpcygRI9P5aROuFY6rxfCBV21HI/TOQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKCOC9JXmx8QfA+8hhuTFPQpmtVyMB8GA1UdIwQY
MBaAFBITOmUj4u0KDJo26op8bw5ypd1kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWhNNlpTUGk3UW9NbWpicWlueHZEbktsM1dRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC85MzRlYzMtYjc2YS00MGQwLThhM2Et
ODI0NzI5YWI0YjlhLzEvb0k0TDBsZWJIeEI4RDd5R0c1TVU5Q21hMVhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC85MzRlYzMtYjc2YS00MGQwLThhM2EtODI0NzI5YWI0Yjlh
LzEvRWhNNlpTUGk3UW9NbWpicWlueHZEbktsM1dRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQCuQmUMA0E
AgACMAcDBQMqAtHAMA0GCSqGSIb3DQEBCwUAA4IBAQBxsSYLhGuaD72sRKb5TVwQ
t4qTm0id+5kieB2wxbVFSym1ZIM5k0jUgPLaAzoBA6QMiqp/e/qXKMj2mCTogr8n
AlSaWxVegt5ijL5tQm66t1FiTb2RBb+Ap0gxAJBkq7HXxD8JoDL433FaXVqhYpQ9
YI7TYgMZMAlKQY/jyOLiV0dsPivYEs0th8Z9bxwR33jOlYTyZzJpJI4Nf/Hy176P
Ze9qCpqgjFx76lcMXs81Kt3JxvtYxt5yPZ/RBOGj48nSSMFXEcESQ8hXCazJ6f4N
/GPmwlYpb7ou9rQmJy387sCyaScXDJ8dwXS6kV6VEw1yhItJr4KZ8GivGEsCiALb
-----END CERTIFICATE-----
Generated at Thu Nov 14 21:35:08 2024 by rpki-client on console-ams.rpki-client.org