Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/OFCs3eaMSy84iQPhkWLymPlCOXc.roa
File: OFCs3eaMSy84iQPhkWLymPlCOXc.roa (raw, json)
Hash identifier: wG/G/quUcGiJqWNAwiKXO5wYPtk+c44RVTUPifHnVjs=
Subject key identifier: 38:50:AC:DD:E6:8C:4B:2F:38:89:03:E1:91:62:F2:98:F9:42:39:77
Certificate issuer: /CN=1913cb4856821d14cd2e0b767c2931a22c154e7c
Certificate serial: 018FEC3DDA47A1489AF7AF45F10E2C389ABA
Authority key identifier: 19:13:CB:48:56:82:1D:14:CD:2E:0B:76:7C:29:31:A2:2C:15:4E:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/OFCs3eaMSy84iQPhkWLymPlCOXc.roa
Signing time: Thu 06 Jun 2024 06:30:27 +0000
ROA not before: Thu 06 Jun 2024 06:30:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202246
IP address blocks: 109.204.176.0/20 maxlen: 20
109.204.176.0/22 maxlen: 22
109.204.180.0/23 maxlen: 23
109.204.184.0/22 maxlen: 22
109.204.188.0/23 maxlen: 23
171.22.241.0/24 maxlen: 24
185.25.200.0/22 maxlen: 24
185.128.16.0/22 maxlen: 22
2a10:a5c0::/29 maxlen: 29
2a10:a5c0::/32 maxlen: 32
2a10:a5c0::/36 maxlen: 36
2a10:a5c0:1000::/36 maxlen: 36
2a10:a5c0:4000::/36 maxlen: 36
2a10:a5c0:5000::/36 maxlen: 36
2a10:a5c0:8000::/36 maxlen: 36
2a10:a5c0:9000::/36 maxlen: 36
2a10:a5c0:c000::/36 maxlen: 36
2a10:a5c0:d000::/36 maxlen: 36
2a10:a5c1::/32 maxlen: 32
2a10:a5c2::/32 maxlen: 32
2a10:a5c3::/32 maxlen: 32
2a10:a5c4::/32 maxlen: 32
2a10:a5c5::/32 maxlen: 32
2a10:a5c6::/32 maxlen: 32
2a10:a5c7::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/GRPLSFaCHRTNLgt2fCkxoiwVTnw.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/GRPLSFaCHRTNLgt2fCkxoiwVTnw.mft
rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 22 Jun 2024 09:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ec:3d:da:47:a1:48:9a:f7:af:45:f1:0e:2c:38:9a:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1913cb4856821d14cd2e0b767c2931a22c154e7c
Validity
Not Before: Jun 6 06:30:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3850acdde68c4b2f388903e19162f298f9423977
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b9:49:47:af:ca:1e:07:d8:bd:37:7f:f6:08:
de:82:60:6a:46:48:8d:80:ea:2d:2c:81:15:9d:82:
2f:8c:a4:94:55:af:bf:e6:f7:22:4f:06:43:fc:06:
fa:f3:b8:b9:3c:9f:bc:ea:ce:77:76:37:41:f4:e5:
37:64:51:be:67:84:f0:b2:7a:94:7b:5e:fb:80:3f:
b1:ed:44:c1:7d:87:2e:a4:80:e0:62:be:81:a2:74:
b0:ab:88:0b:dd:49:c6:89:ff:a1:34:8e:c6:98:6c:
34:9b:4e:4e:f2:70:dc:9d:6d:e4:5b:69:3e:9d:d6:
ad:9c:e4:36:d5:ff:f1:c9:37:62:d3:6f:8a:49:20:
c5:08:5d:01:20:39:18:1b:28:91:b1:08:27:8b:23:
6c:ac:50:7a:f2:14:a1:af:09:d0:9c:33:c9:0f:5d:
76:5d:7d:6b:7f:6e:84:17:26:e6:19:74:94:fd:ed:
63:47:94:52:20:cc:0a:86:c3:5a:87:29:45:64:0c:
67:5f:79:51:ef:86:ac:b5:39:3f:f1:81:18:c6:61:
08:9e:49:5f:16:f9:e3:d1:01:e4:14:ef:39:68:24:
ef:fa:28:ae:1e:85:e3:b8:33:ae:fd:03:54:a6:cf:
b8:de:af:e3:60:97:1d:44:c5:61:10:b6:24:99:ad:
9b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:50:AC:DD:E6:8C:4B:2F:38:89:03:E1:91:62:F2:98:F9:42:39:77
X509v3 Authority Key Identifier:
keyid:19:13:CB:48:56:82:1D:14:CD:2E:0B:76:7C:29:31:A2:2C:15:4E:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GRPLSFaCHRTNLgt2fCkxoiwVTnw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/OFCs3eaMSy84iQPhkWLymPlCOXc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/1977de-1df4-404c-9da9-0779df1dd64d/1/GRPLSFaCHRTNLgt2fCkxoiwVTnw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.204.176.0/20
171.22.241.0/24
185.25.200.0/22
185.128.16.0/22
IPv6:
2a10:a5c0::/29
Signature Algorithm: sha256WithRSAEncryption
9d:e2:a4:8c:15:0a:87:f5:6d:7c:81:b4:aa:ca:8b:d2:a6:01:
79:9c:31:e8:31:28:45:2d:2c:e2:a9:f8:98:b1:ec:33:e3:24:
c4:48:34:00:cf:71:4f:ce:f1:da:a4:71:ae:c1:ea:48:fa:45:
0c:d0:4f:35:ba:80:97:83:98:71:f9:b3:eb:c5:a0:5f:0b:b4:
ea:cb:9a:5f:a5:06:3c:da:48:2d:a0:b1:25:2a:0c:1f:9f:01:
e6:86:c5:c0:8d:68:cf:e0:87:4b:19:6e:62:5d:00:29:15:14:
2a:30:ef:9d:f5:cd:62:a2:3a:54:64:18:d9:43:ab:a7:63:ea:
bf:12:53:7a:f1:4e:ab:e1:b6:2c:a8:55:22:22:ab:eb:0d:c3:
76:84:84:6c:ff:da:49:ca:f3:92:ef:c1:ad:d0:32:95:f0:ea:
ef:12:8d:81:9f:6a:20:c8:88:a4:42:e3:dc:ff:b5:03:e8:e8:
70:70:69:07:b0:ba:ba:b0:ce:54:37:97:36:22:69:ba:ba:e7:
44:35:e9:57:cf:bb:0e:b3:e8:8d:7e:9e:c0:6d:a2:4d:b2:a8:
7a:75:96:7f:21:a0:96:0e:d3:42:58:52:9b:3b:cf:1c:58:45:
4c:4f:7c:dd:86:94:be:64:7d:1a:46:56:f4:81:9c:e2:25:0d:
19:8d:44:d0
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAY/sPdpHoUia969F8Q4sOJq6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5MTNjYjQ4NTY4MjFkMTRjZDJlMGI3NjdjMjkzMWEyMmMx
NTRlN2MwHhcNMjQwNjA2MDYzMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODUwYWNkZGU2OGM0YjJmMzg4OTAzZTE5MTYyZjI5OGY5NDIzOTc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxblJR6/KHgfYvTd/9gjegmBqRkiN
gOotLIEVnYIvjKSUVa+/5vciTwZD/Ab687i5PJ+86s53djdB9OU3ZFG+Z4TwsnqU
e177gD+x7UTBfYcupIDgYr6BonSwq4gL3UnGif+hNI7GmGw0m05O8nDcnW3kW2k+
ndatnOQ21f/xyTdi02+KSSDFCF0BIDkYGyiRsQgniyNsrFB68hShrwnQnDPJD112
XX1rf26EFybmGXSU/e1jR5RSIMwKhsNahylFZAxnX3lR74astTk/8YEYxmEInklf
Fvnj0QHkFO85aCTv+iiuHoXjuDOu/QNUps+43q/jYJcdRMVhELYkma2bPQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDhQrN3mjEsvOIkD4ZFi8pj5Qjl3MB8GA1UdIwQY
MBaAFBkTy0hWgh0UzS4LdnwpMaIsFU58MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR1JQTFNGYUNIUlROTGd0MmZDa3hvaXdWVG53LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS8xOTc3ZGUtMWRmNC00MDRjLTlkYTkt
MDc3OWRmMWRkNjRkLzEvT0ZDczNlYU1TeTg0aVFQaGtXTHltUGxDT1hjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS8xOTc3ZGUtMWRmNC00MDRjLTlkYTktMDc3OWRmMWRkNjRk
LzEvR1JQTFNGYUNIUlROTGd0MmZDa3hvaXdWVG53LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEbcywAwQA
qxbxAwQCuRnIAwQCuYAQMA0EAgACMAcDBQMqEKXAMA0GCSqGSIb3DQEBCwUAA4IB
AQCd4qSMFQqH9W18gbSqyovSpgF5nDHoMShFLSziqfiYsewz4yTESDQAz3FPzvHa
pHGuwepI+kUM0E81uoCXg5hx+bPrxaBfC7Tqy5pfpQY82kgtoLElKgwfnwHmhsXA
jWjP4IdLGW5iXQApFRQqMO+d9c1iojpUZBjZQ6unY+q/ElN68U6r4bYsqFUiIqvr
DcN2hIRs/9pJyvOS78Gt0DKV8OrvEo2Bn2ogyIikQuPc/7UD6OhwcGkHsLq6sM5U
N5c2Imm6uudENelXz7sOs+iNfp7AbaJNsqh6dZZ/IaCWDtNCWFKbO88cWEVMT3zd
hpS+ZH0aRlb0gZziJQ0ZjUTQ
-----END CERTIFICATE-----
Generated at Fri Jun 21 16:53:06 2024 by rpki-client on console-ams.rpki-client.org