Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/O2kUXkjxYYoOA1fe_xQ1DdfWAIo.roa
File: O2kUXkjxYYoOA1fe_xQ1DdfWAIo.roa (raw, json)
Hash identifier: 0Emyzr4ZIFZcHOa1YpeYg04BfhVdqnm78zjXIopa9kc=
Subject key identifier: 3B:69:14:5E:48:F1:61:8A:0E:03:57:DE:FF:14:35:0D:D7:D6:00:8A
Certificate issuer: /CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Certificate serial: 019150FEC7282DD8140E302307BDDC12DD8E
Authority key identifier: E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/O2kUXkjxYYoOA1fe_xQ1DdfWAIo.roa
Signing time: Wed 14 Aug 2024 13:06:00 +0000
ROA not before: Wed 14 Aug 2024 13:06:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6747
IP address blocks: 80.232.180.0/24 maxlen: 24
80.232.181.0/24 maxlen: 24
80.233.136.0/24 maxlen: 24
81.198.93.0/24 maxlen: 24
2a02:16d8:105:9::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.mft
rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Sep 2024 06:21:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:50:fe:c7:28:2d:d8:14:0e:30:23:07:bd:dc:12:dd:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e3be07cb1fd4f1e3c922303b670a881b82e61491
Validity
Not Before: Aug 14 13:06:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b69145e48f1618a0e0357deff14350dd7d6008a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:e8:c4:00:0c:e5:b7:86:1d:a3:3e:30:d0:1d:
1f:7a:e7:3a:56:f3:81:58:35:f8:89:7a:ad:ec:29:
00:18:ff:64:c2:40:99:e6:38:62:7f:20:39:98:fb:
c4:75:60:b7:1e:2a:1b:95:70:7c:a3:11:4d:40:b6:
0d:72:8b:82:e6:26:4b:56:b9:36:a8:04:a6:24:53:
1e:a4:49:16:ea:19:3e:97:03:e7:8c:ad:a8:dc:03:
13:13:5a:b8:c4:eb:e1:5d:a0:97:a0:73:1e:d3:48:
1a:76:d8:e4:2d:2a:f4:ca:0d:28:88:87:ba:ff:12:
5f:d2:6a:33:2d:e2:1d:f4:3a:bf:79:f4:17:15:e7:
da:48:e0:51:35:79:4d:79:17:cf:0b:53:54:c6:26:
a3:91:99:b6:3c:dc:6f:82:a0:c8:87:79:14:e6:d6:
17:08:1b:2f:f2:e9:c5:06:32:cc:91:d3:37:40:07:
a3:66:0a:ab:70:0f:85:41:d9:59:64:83:63:3d:f3:
0d:d8:19:2e:6e:ae:29:63:24:2a:49:b3:5f:2d:d8:
10:ca:2a:01:93:30:8b:67:e0:79:82:58:f2:b2:c0:
f4:31:3e:21:03:72:e9:a3:78:6c:19:83:7d:40:ce:
b6:22:d7:a8:18:a0:4a:a6:cf:57:e0:2b:71:30:18:
9d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:69:14:5E:48:F1:61:8A:0E:03:57:DE:FF:14:35:0D:D7:D6:00:8A
X509v3 Authority Key Identifier:
keyid:E3:BE:07:CB:1F:D4:F1:E3:C9:22:30:3B:67:0A:88:1B:82:E6:14:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/474Hyx_U8ePJIjA7ZwqIG4LmFJE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/O2kUXkjxYYoOA1fe_xQ1DdfWAIo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ba/8f5fae-da90-4314-bffc-d4ee1d389e0d/1/474Hyx_U8ePJIjA7ZwqIG4LmFJE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.232.180.0/23
80.233.136.0/24
81.198.93.0/24
IPv6:
2a02:16d8:105:9::/64
Signature Algorithm: sha256WithRSAEncryption
be:86:67:d9:66:a7:e9:80:41:bb:5a:63:fe:bd:2a:e0:25:47:
f5:59:8b:6e:00:c7:b1:74:67:73:f5:9e:44:0a:56:8f:cd:83:
21:61:84:5c:1a:66:05:df:7d:a9:3e:4c:8e:b9:9c:c6:f1:82:
e2:ea:a6:0c:19:9d:2f:06:0c:4b:69:1c:76:7c:90:60:ea:70:
84:f9:e8:42:42:54:ca:60:fc:17:6c:f4:69:48:0f:f8:ad:27:
a8:13:29:48:28:dd:54:26:1f:ca:eb:51:fe:72:10:8f:ad:99:
a6:69:7a:00:15:4e:fe:da:4b:c8:78:a2:de:74:45:e1:7d:e6:
22:41:62:ac:b2:f0:6a:d3:ee:b8:9e:2f:3c:a4:1e:7e:86:72:
e6:24:1c:56:a3:db:ee:1e:6b:c3:87:78:0c:0b:46:9f:71:7b:
c3:61:29:89:67:ae:76:24:28:bb:66:e7:88:03:c9:63:61:be:
69:33:d9:d6:60:ab:84:82:bc:9f:42:40:11:80:85:2c:26:f1:
46:e8:a3:1e:72:49:55:70:81:20:00:8b:bd:8d:82:ee:2c:aa:
46:e5:66:03:73:fe:9b:d6:e6:f4:c8:49:33:89:7c:66:4a:a5:
ea:41:74:3f:b8:04:a9:68:4c:e6:eb:99:d1:b8:ff:87:a9:a2:
3c:dd:5b:e0
-----BEGIN CERTIFICATE-----
MIIFHDCCBASgAwIBAgISAZFQ/scoLdgUDjAjB73cEt2OMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzYmUwN2NiMWZkNGYxZTNjOTIyMzAzYjY3MGE4ODFiODJl
NjE0OTEwHhcNMjQwODE0MTMwNjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjY5MTQ1ZTQ4ZjE2MThhMGUwMzU3ZGVmZjE0MzUwZGQ3ZDYwMDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkejEAAzlt4Ydoz4w0B0feuc6VvOB
WDX4iXqt7CkAGP9kwkCZ5jhifyA5mPvEdWC3HioblXB8oxFNQLYNcouC5iZLVrk2
qASmJFMepEkW6hk+lwPnjK2o3AMTE1q4xOvhXaCXoHMe00gadtjkLSr0yg0oiIe6
/xJf0mozLeId9Dq/efQXFefaSOBRNXlNeRfPC1NUxiajkZm2PNxvgqDIh3kU5tYX
CBsv8unFBjLMkdM3QAejZgqrcA+FQdlZZINjPfMN2Bkubq4pYyQqSbNfLdgQyioB
kzCLZ+B5gljyssD0MT4hA3Lpo3hsGYN9QM62IteoGKBKps9X4CtxMBidjQIDAQAB
o4ICKDCCAiQwHQYDVR0OBBYEFDtpFF5I8WGKDgNX3v8UNQ3X1gCKMB8GA1UdIwQY
MBaAFOO+B8sf1PHjySIwO2cKiBuC5hSRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMt
ZDRlZTFkMzg5ZTBkLzEvTzJrVVhranhZWW9PQTFmZV94UTFEZGZXQUlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYS84ZjVmYWUtZGE5MC00MzE0LWJmZmMtZDRlZTFkMzg5ZTBk
LzEvNDc0SHl4X1U4ZVBKSWpBN1p3cUlHNExtRkpFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD4GCCsGAQUFBwEHAQH/BC8wLTAYBAIAATASAwQBUOi0AwQA
UOmIAwQAUcZdMBEEAgACMAsDCQAqAhbYAQUACTANBgkqhkiG9w0BAQsFAAOCAQEA
voZn2Wan6YBBu1pj/r0q4CVH9VmLbgDHsXRnc/WeRApWj82DIWGEXBpmBd99qT5M
jrmcxvGC4uqmDBmdLwYMS2kcdnyQYOpwhPnoQkJUymD8F2z0aUgP+K0nqBMpSCjd
VCYfyutR/nIQj62Zpml6ABVO/tpLyHii3nRF4X3mIkFirLLwatPuuJ4vPKQefoZy
5iQcVqPb7h5rw4d4DAtGn3F7w2EpiWeudiQou2bniAPJY2G+aTPZ1mCrhIK8n0JA
EYCFLCbxRuijHnJJVXCBIACLvY2C7iyqRuVmA3P+m9bm9MhJM4l8Zkql6kF0P7gE
qWhM5uuZ0bj/h6miPN1b4A==
-----END CERTIFICATE-----
Generated at Sat Sep 28 14:41:34 2024 by rpki-client on console-ams.rpki-client.org