Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/pmuelWXJtkly_XL3NEZpYaUU_Aw.roa
File: pmuelWXJtkly_XL3NEZpYaUU_Aw.roa (raw, json)
Hash identifier: 35iLtFM4edN2KXquIGXdV/qQnIOkALPMcVjH9KSQt9s=
Subject key identifier: A6:6B:9E:95:65:C9:B6:49:72:FD:72:F7:34:46:69:61:A5:14:FC:0C
Certificate issuer: /CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Certificate serial: 018CC7277089D5385BC8067465925C517E63
Authority key identifier: 38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/pmuelWXJtkly_XL3NEZpYaUU_Aw.roa
Signing time: Mon 01 Jan 2024 22:31:39 +0000
ROA not before: Mon 01 Jan 2024 22:31:39 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5480
IP address blocks: 195.208.224.0/22 maxlen: 22
195.208.232.0/23 maxlen: 23
195.208.239.0/24 maxlen: 24
195.208.240.0/23 maxlen: 23
195.208.237.0/24 maxlen: 24
195.208.244.0/22 maxlen: 22
195.208.243.0/24 maxlen: 24
195.208.248.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.mft
rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 14:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:70:89:d5:38:5b:c8:06:74:65:92:5c:51:7e:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=38b22023b6ead4c29683a9fed4493d03dee2c685
Validity
Not Before: Jan 1 22:31:39 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a66b9e9565c9b64972fd72f734466961a514fc0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d3:d7:78:f1:94:4d:dc:08:18:85:f9:0e:d1:
3f:83:84:f7:05:2b:83:b2:66:bd:9d:18:d4:0a:89:
cd:26:13:7d:21:e5:e1:6d:22:98:17:b5:1a:10:3a:
9e:5b:3b:b3:e4:ea:34:5a:94:e3:68:e4:50:4b:74:
a0:a9:42:66:77:77:5f:27:9e:bd:a1:69:21:5e:8c:
36:d7:df:74:10:60:5a:16:ec:ab:c1:ea:bf:62:80:
c1:da:3f:52:6b:35:1a:69:fd:28:93:1b:e3:16:fa:
69:c6:88:f6:68:4b:a3:e5:0d:83:65:02:06:ce:a9:
de:ad:41:25:61:5b:63:45:ef:97:6e:37:f6:88:5c:
99:92:b1:b0:36:9e:8a:b1:c7:dd:f9:49:a1:8a:cb:
2c:98:57:58:fc:e9:dc:57:92:1c:2e:38:ae:1b:93:
58:24:1a:b5:6d:a5:bb:25:69:78:1d:52:69:7c:47:
84:72:36:87:63:13:e5:32:5c:e2:48:42:b4:8b:13:
c8:41:16:d7:83:17:fa:92:cb:83:6d:e0:4f:d9:a7:
6f:ed:96:2a:a9:a7:98:2d:2a:3d:03:53:f2:ca:66:
51:70:6e:c7:ff:d5:cf:7e:ca:6a:23:73:a3:b6:bc:
34:01:5c:72:3a:8f:7a:0b:96:30:a0:82:00:5b:58:
36:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:6B:9E:95:65:C9:B6:49:72:FD:72:F7:34:46:69:61:A5:14:FC:0C
X509v3 Authority Key Identifier:
keyid:38:B2:20:23:B6:EA:D4:C2:96:83:A9:FE:D4:49:3D:03:DE:E2:C6:85
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OLIgI7bq1MKWg6n-1Ek9A97ixoU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/pmuelWXJtkly_XL3NEZpYaUU_Aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a7/8813f5-4e7b-4d51-b5f3-40d95bd33fcb/1/OLIgI7bq1MKWg6n-1Ek9A97ixoU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.208.224.0/22
195.208.232.0/23
195.208.237.0/24
195.208.239.0-195.208.241.255
195.208.243.0-195.208.255.255
Signature Algorithm: sha256WithRSAEncryption
10:49:82:d4:39:d7:79:28:87:87:f3:f1:eb:49:fe:07:9e:3c:
c0:26:30:2d:7b:45:57:8e:3d:bc:2a:47:5c:5f:39:97:00:49:
25:9e:ec:c4:a0:38:4b:81:72:56:e6:6b:47:36:b8:65:cc:a8:
3e:68:c5:50:e1:78:28:91:4e:2b:ff:24:8b:b5:6a:6e:20:55:
e7:bd:9c:14:6b:65:95:dd:1e:0c:60:f4:9e:9f:b1:40:36:73:
15:46:06:05:59:ed:63:c0:1e:a7:00:1f:35:f5:1f:94:9a:81:
ce:5f:5c:0f:08:a5:24:d0:fe:89:7e:b1:4f:b4:06:b3:5b:9f:
cb:5c:9e:42:ca:f1:d6:3a:fd:dc:fb:93:99:b2:83:81:5a:ae:
0b:18:f6:9f:65:65:25:6a:3d:bf:58:83:19:56:65:ec:c4:33:
3b:21:32:85:ee:cb:a1:1e:6c:d9:00:66:27:17:ac:58:47:01:
4e:fc:51:42:59:9c:5e:45:90:82:a3:09:9b:a0:8f:cb:dd:fc:
a5:bc:4c:04:1b:df:eb:a9:15:df:4d:b0:53:a4:21:83:fb:6f:
ea:e3:3e:0e:01:bc:43:72:6d:cc:eb:b0:8a:38:2c:f9:ac:30:
ee:b2:9e:4b:65:05:ad:94:68:28:1f:e3:e7:74:d4:78:38:89:
48:64:3b:63
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAYzHJ3CJ1ThbyAZ0ZZJcUX5jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM4YjIyMDIzYjZlYWQ0YzI5NjgzYTlmZWQ0NDkzZDAzZGVl
MmM2ODUwHhcNMjQwMTAxMjIzMTM5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjZiOWU5NTY1YzliNjQ5NzJmZDcyZjczNDQ2Njk2MWE1MTRmYzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtPXePGUTdwIGIX5DtE/g4T3BSuD
sma9nRjUConNJhN9IeXhbSKYF7UaEDqeWzuz5Oo0WpTjaORQS3SgqUJmd3dfJ569
oWkhXow21990EGBaFuyrweq/YoDB2j9SazUaaf0okxvjFvppxoj2aEuj5Q2DZQIG
zqnerUElYVtjRe+Xbjf2iFyZkrGwNp6Kscfd+UmhisssmFdY/OncV5IcLjiuG5NY
JBq1baW7JWl4HVJpfEeEcjaHYxPlMlziSEK0ixPIQRbXgxf6ksuDbeBP2adv7ZYq
qaeYLSo9A1PyymZRcG7H/9XPfspqI3Ojtrw0AVxyOo96C5YwoIIAW1g2ZwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFKZrnpVlybZJcv1y9zRGaWGlFPwMMB8GA1UdIwQY
MBaAFDiyICO26tTCloOp/tRJPQPe4saFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMt
NDBkOTViZDMzZmNiLzEvcG11ZWxXWEp0a2x5X1hMM05FWnBZYVVVX0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNy84ODEzZjUtNGU3Yi00ZDUxLWI1ZjMtNDBkOTViZDMzZmNi
LzEvT0xJZ0k3YnExTUtXZzZuLTFFazlBOTdpeG9VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAzBAIAATAtAwQCw9DgAwQB
w9DoAwQAw9DtMAwDBADD0O8DBAHD0PAwCwMEAMPQ8wMDAMPQMA0GCSqGSIb3DQEB
CwUAA4IBAQAQSYLUOdd5KIeH8/HrSf4HnjzAJjAte0VXjj28KkdcXzmXAEklnuzE
oDhLgXJW5mtHNrhlzKg+aMVQ4XgokU4r/ySLtWpuIFXnvZwUa2WV3R4MYPSen7FA
NnMVRgYFWe1jwB6nAB819R+UmoHOX1wPCKUk0P6JfrFPtAazW5/LXJ5CyvHWOv3c
+5OZsoOBWq4LGPafZWUlaj2/WIMZVmXsxDM7ITKF7suhHmzZAGYnF6xYRwFO/FFC
WZxeRZCCowmboI/L3fylvEwEG9/rqRXfTbBTpCGD+2/q4z4OAbxDcm3M67CKOCz5
rDDusp5LZQWtlGgoH+PndNR4OIlIZDtj
-----END CERTIFICATE-----
Generated at Sat Sep 28 19:23:16 2024 by rpki-client on console-ams.rpki-client.org