Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/otvOxfzhuh3JlMmQpDZd4yu5ot4.roa
File: otvOxfzhuh3JlMmQpDZd4yu5ot4.roa (raw, json)
Hash identifier: p309rhUQgKkxGVEOELudSS8osJnVhSn6eGXxbYDckbg=
Subject key identifier: A2:DB:CE:C5:FC:E1:BA:1D:C9:94:C9:90:A4:36:5D:E3:2B:B9:A2:DE
Certificate issuer: /CN=126c660b30f5692b2b16e289b24901c518fda520
Certificate serial: 018CC795858D4088038686A3901B446D3D38
Authority key identifier: 12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/otvOxfzhuh3JlMmQpDZd4yu5ot4.roa
Signing time: Tue 02 Jan 2024 00:31:54 +0000
ROA not before: Tue 02 Jan 2024 00:31:54 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 57844
IP address blocks: 185.204.16.0/22 maxlen: 24
193.16.15.0/24 maxlen: 24
193.16.12.0/24 maxlen: 24
193.16.13.0/24 maxlen: 24
193.16.14.0/24 maxlen: 24
80.254.232.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 11:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:95:85:8d:40:88:03:86:86:a3:90:1b:44:6d:3d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=126c660b30f5692b2b16e289b24901c518fda520
Validity
Not Before: Jan 2 00:31:54 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a2dbcec5fce1ba1dc994c990a4365de32bb9a2de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:2d:f5:99:8a:6f:49:3d:2a:0b:be:fd:e0:ba:
2e:e8:25:03:d9:6a:e3:1a:c8:bd:e8:be:79:9d:a7:
cd:f7:9c:30:61:61:a5:72:a8:bc:97:10:b3:5f:14:
91:b8:d8:5f:fc:77:31:a4:24:db:03:2e:05:9f:f5:
fd:0f:8c:32:7a:ae:6b:f6:37:49:6a:22:b0:1c:85:
1d:63:54:cc:cb:f5:ef:7b:75:53:af:9f:4d:ec:22:
34:0a:d8:2c:a8:dc:ad:d0:38:fb:0a:99:ca:7d:0a:
20:ab:ab:97:ee:87:71:36:b4:43:0d:d2:3e:fa:81:
5e:08:c4:55:5a:9a:d9:8d:fd:86:75:54:36:6b:76:
9d:86:76:9c:69:55:94:5c:19:a2:c4:4b:9a:b1:67:
96:34:10:e9:ec:aa:d1:bb:54:38:97:98:6a:37:85:
e2:16:69:54:10:38:07:c5:66:97:90:bb:42:6e:6d:
01:8c:c6:da:87:06:33:d1:65:bb:86:8c:de:a5:77:
1e:7b:89:f1:e8:26:1c:56:22:af:4d:14:75:3d:64:
f1:84:9a:2c:ef:9f:01:c3:00:36:b6:f9:38:50:34:
94:fe:51:1d:09:f5:c8:67:77:dd:06:4d:71:a5:df:
fa:29:d2:f8:36:b6:a2:57:ed:8e:76:ae:dc:98:58:
d7:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:DB:CE:C5:FC:E1:BA:1D:C9:94:C9:90:A4:36:5D:E3:2B:B9:A2:DE
X509v3 Authority Key Identifier:
keyid:12:6C:66:0B:30:F5:69:2B:2B:16:E2:89:B2:49:01:C5:18:FD:A5:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EmxmCzD1aSsrFuKJskkBxRj9pSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/otvOxfzhuh3JlMmQpDZd4yu5ot4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8f/db787f-c27a-4f23-99b2-438acb72fc5b/1/EmxmCzD1aSsrFuKJskkBxRj9pSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.254.232.0/21
185.204.16.0/22
193.16.12.0/22
Signature Algorithm: sha256WithRSAEncryption
17:5c:57:51:9c:c3:91:07:eb:78:e2:95:fd:92:83:6e:89:ef:
75:ed:e6:38:2b:63:41:db:82:3a:c3:4c:8e:69:cf:5d:ad:45:
73:d4:34:91:b6:a5:53:bb:cf:30:c4:6a:a9:6c:75:b8:3e:ee:
1f:1f:8c:90:bb:1f:17:8d:0f:1b:e0:fd:1d:34:6d:6c:99:72:
ee:8f:20:26:90:57:cb:be:26:cd:9d:68:a1:75:72:8e:42:83:
67:15:6f:ae:e6:37:8e:00:2c:71:78:6c:ae:93:ed:33:3a:a1:
40:41:de:2a:72:34:b9:4f:fd:ae:11:8b:9c:6b:e2:c1:49:01:
fc:9a:66:c6:68:94:ba:c2:86:36:e2:5a:e4:a8:26:53:f9:7b:
f4:47:0d:20:a7:67:32:66:fb:be:7d:ff:2a:34:96:cc:47:75:
fd:7d:4a:55:97:1f:25:58:d8:b9:7d:fa:c6:76:30:c9:c6:39:
f3:63:5a:26:06:b5:e0:b1:ef:1f:47:1a:0f:1a:e1:83:65:65:
83:57:0c:49:26:8a:b7:91:71:43:e4:ae:57:4f:9f:95:30:70:
85:11:0c:0c:68:ed:0f:12:fe:65:d3:0a:26:21:5c:38:e2:ca:
9d:43:55:bb:e7:b2:c6:d3:4e:04:2c:b4:26:f0:84:1a:3f:c0:
92:77:d7:a5
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAYzHlYWNQIgDhoajkBtEbT04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyNmM2NjBiMzBmNTY5MmIyYjE2ZTI4OWIyNDkwMWM1MThm
ZGE1MjAwHhcNMjQwMTAyMDAzMTU0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMmRiY2VjNWZjZTFiYTFkYzk5NGM5OTBhNDM2NWRlMzJiYjlhMmRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqC31mYpvST0qC7794Lou6CUD2Wrj
Gsi96L55nafN95wwYWGlcqi8lxCzXxSRuNhf/HcxpCTbAy4Fn/X9D4wyeq5r9jdJ
aiKwHIUdY1TMy/Xve3VTr59N7CI0CtgsqNyt0Dj7CpnKfQogq6uX7odxNrRDDdI+
+oFeCMRVWprZjf2GdVQ2a3adhnacaVWUXBmixEuasWeWNBDp7KrRu1Q4l5hqN4Xi
FmlUEDgHxWaXkLtCbm0BjMbahwYz0WW7hozepXcee4nx6CYcViKvTRR1PWTxhJos
758BwwA2tvk4UDSU/lEdCfXIZ3fdBk1xpd/6KdL4NraiV+2Odq7cmFjXhwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFKLbzsX84bodyZTJkKQ2XeMruaLeMB8GA1UdIwQY
MBaAFBJsZgsw9WkrKxbiibJJAcUY/aUgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjIt
NDM4YWNiNzJmYzViLzEvb3R2T3hmemh1aDNKbE1tUXBEWmQ0eXU1b3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Zi9kYjc4N2YtYzI3YS00ZjIzLTk5YjItNDM4YWNiNzJmYzVi
LzEvRW14bUN6RDFhU3NyRnVLSnNra0J4Umo5cFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQDUP7oAwQC
ucwQAwQCwRAMMA0GCSqGSIb3DQEBCwUAA4IBAQAXXFdRnMORB+t44pX9koNuie91
7eY4K2NB24I6w0yOac9drUVz1DSRtqVTu88wxGqpbHW4Pu4fH4yQux8XjQ8b4P0d
NG1smXLujyAmkFfLvibNnWihdXKOQoNnFW+u5jeOACxxeGyuk+0zOqFAQd4qcjS5
T/2uEYuca+LBSQH8mmbGaJS6woY24lrkqCZT+Xv0Rw0gp2cyZvu+ff8qNJbMR3X9
fUpVlx8lWNi5ffrGdjDJxjnzY1omBrXgse8fRxoPGuGDZWWDVwxJJoq3kXFD5K5X
T5+VMHCFEQwMaO0PEv5l0womIVw44sqdQ1W757LG004ELLQm8IQaP8CSd9el
-----END CERTIFICATE-----
Generated at Sun Jun 2 16:10:42 2024 by rpki-client on console-ams.rpki-client.org