Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/o3cLdYVGCTWhPeRK_F4KtMPj20s.roa
File: o3cLdYVGCTWhPeRK_F4KtMPj20s.roa (raw, json)
Hash identifier: CuKng+0xIK0dxEqTS8rV4V20CJQY8VJo7cIUhfabMgU=
Subject key identifier: A3:77:0B:75:85:46:09:35:A1:3D:E4:4A:FC:5E:0A:B4:C3:E3:DB:4B
Certificate issuer: /CN=056ad2f4ffc5872e35a429e53ef179925ff4215e
Certificate serial: 018F809A48E741DF63F156259A18C669949A
Authority key identifier: 05:6A:D2:F4:FF:C5:87:2E:35:A4:29:E5:3E:F1:79:92:5F:F4:21:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BWrS9P_Fhy41pCnlPvF5kl_0IV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/o3cLdYVGCTWhPeRK_F4KtMPj20s.roa
Signing time: Thu 16 May 2024 08:52:25 +0000
ROA not before: Thu 16 May 2024 08:52:25 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5605
IP address blocks: 193.98.110.0/24 maxlen: 24
193.101.58.0/24 maxlen: 24
193.102.227.0/24 maxlen: 24
195.244.224.0/24 maxlen: 24
195.244.225.0/24 maxlen: 24
195.244.226.0/24 maxlen: 24
195.244.227.0/24 maxlen: 24
195.244.228.0/24 maxlen: 24
195.244.229.0/24 maxlen: 24
195.244.230.0/24 maxlen: 24
195.244.231.0/24 maxlen: 24
195.244.232.0/24 maxlen: 24
195.244.233.0/24 maxlen: 24
195.244.234.0/24 maxlen: 24
195.244.235.0/24 maxlen: 24
195.244.236.0/24 maxlen: 24
195.244.238.0/24 maxlen: 24
195.244.239.0/24 maxlen: 24
195.244.240.0/24 maxlen: 24
195.244.241.0/24 maxlen: 24
195.244.242.0/24 maxlen: 24
195.244.243.0/24 maxlen: 24
195.244.244.0/24 maxlen: 24
195.244.245.0/24 maxlen: 24
195.244.246.0/24 maxlen: 24
195.244.247.0/24 maxlen: 24
195.244.248.0/24 maxlen: 24
195.244.249.0/24 maxlen: 24
195.244.250.0/24 maxlen: 24
195.244.251.0/24 maxlen: 24
195.244.252.0/24 maxlen: 24
195.244.253.0/24 maxlen: 24
195.244.254.0/24 maxlen: 24
195.244.255.0/24 maxlen: 24
2a00:fa8::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/BWrS9P_Fhy41pCnlPvF5kl_0IV4.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/BWrS9P_Fhy41pCnlPvF5kl_0IV4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BWrS9P_Fhy41pCnlPvF5kl_0IV4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 24 Jun 2024 09:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:80:9a:48:e7:41:df:63:f1:56:25:9a:18:c6:69:94:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=056ad2f4ffc5872e35a429e53ef179925ff4215e
Validity
Not Before: May 16 08:52:25 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3770b7585460935a13de44afc5e0ab4c3e3db4b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:8f:3c:e5:38:7d:db:68:3b:b7:67:f3:f7:24:
45:d9:96:76:26:0c:79:0b:33:40:97:ae:0a:87:75:
37:42:9c:73:04:66:f9:2a:30:70:f0:e3:3b:52:99:
4a:8e:9e:73:e8:a0:8d:b0:06:1b:0b:86:d6:0b:0a:
7d:26:01:3a:59:a8:27:71:70:4e:c8:c4:0f:28:17:
3a:43:9b:37:41:38:19:b7:20:13:17:d4:d1:cf:ac:
5f:f6:08:82:db:98:91:10:bd:46:3d:65:3d:4f:32:
0c:a6:c0:c8:9d:37:9c:c5:41:c0:a1:9c:ae:bc:72:
72:94:4b:1b:d4:8c:71:c6:b1:3a:9d:c6:ed:60:2f:
e3:ab:82:2e:b1:7e:0a:c4:12:09:a1:d1:5f:36:79:
7a:16:2a:83:32:0a:65:39:93:a6:7d:6a:19:41:3e:
f6:55:b4:b5:de:60:6c:4d:65:72:e8:f2:b6:d6:67:
cb:b7:03:5d:cb:56:82:84:ba:d3:87:f0:91:1c:a2:
e9:bb:e2:3f:35:2c:cc:e3:6b:76:79:21:ac:ae:3a:
07:2c:0d:e5:13:8c:8e:7a:b4:e6:12:cd:4d:ad:75:
72:76:3d:15:9a:92:99:05:97:f8:f0:3b:b2:6e:4d:
1e:4a:8e:06:91:2b:a0:72:ad:cd:07:8b:28:29:45:
70:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:77:0B:75:85:46:09:35:A1:3D:E4:4A:FC:5E:0A:B4:C3:E3:DB:4B
X509v3 Authority Key Identifier:
keyid:05:6A:D2:F4:FF:C5:87:2E:35:A4:29:E5:3E:F1:79:92:5F:F4:21:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BWrS9P_Fhy41pCnlPvF5kl_0IV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/o3cLdYVGCTWhPeRK_F4KtMPj20s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/4330fe-dbfc-481f-8fd9-1e4fcb1c60cb/1/BWrS9P_Fhy41pCnlPvF5kl_0IV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.98.110.0/24
193.101.58.0/24
193.102.227.0/24
195.244.224.0-195.244.236.255
195.244.238.0-195.244.255.255
IPv6:
2a00:fa8::/32
Signature Algorithm: sha256WithRSAEncryption
9b:a0:27:dd:3a:36:d3:fa:79:14:4a:9b:cd:b7:9a:3e:01:7b:
c3:fe:96:19:17:38:97:37:1e:78:f1:3c:f4:ca:0f:5c:f5:a0:
34:ae:ba:ef:68:84:b5:76:b4:db:b7:24:d1:6e:90:4a:c4:f1:
b9:17:8b:e4:6d:14:dc:1b:a1:99:51:9c:5f:c2:45:58:d4:3c:
3b:23:ef:e9:f3:89:9d:5a:1f:7c:e6:32:e8:fa:ed:e1:46:e9:
27:58:c2:25:b8:0e:20:10:ee:1b:59:db:3e:ad:44:b3:f3:98:
d6:5c:c9:76:8f:f3:51:7d:2e:6a:cb:78:46:c6:f9:28:ba:a6:
a8:5b:bb:f4:b8:f7:dc:25:ef:3f:7e:db:4c:3b:be:38:72:4f:
40:3c:cf:99:34:5d:dc:ff:bc:38:fc:3d:72:dc:30:84:59:35:
20:15:f2:93:b0:92:fa:ba:c3:d2:56:5f:36:c1:ec:7c:1e:38:
78:3c:39:df:c1:fa:af:97:b3:4e:1d:8b:c9:98:fb:9c:49:e4:
ae:93:54:7c:59:49:c4:ba:ec:f5:d6:4b:cc:a2:fd:1d:58:e9:
9a:ab:77:3e:ee:a2:01:ef:f2:cd:eb:a3:77:29:63:bf:32:59:
bc:c6:7d:13:74:7f:70:ff:92:a8:2d:ff:93:c8:46:af:df:15:
ce:95:64:d3
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY+AmkjnQd9j8VYlmhjGaZSaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NmFkMmY0ZmZjNTg3MmUzNWE0MjllNTNlZjE3OTkyNWZm
NDIxNWUwHhcNMjQwNTE2MDg1MjI1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzc3MGI3NTg1NDYwOTM1YTEzZGU0NGFmYzVlMGFiNGMzZTNkYjRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyo885Th922g7t2fz9yRF2ZZ2Jgx5
CzNAl64Kh3U3QpxzBGb5KjBw8OM7UplKjp5z6KCNsAYbC4bWCwp9JgE6WagncXBO
yMQPKBc6Q5s3QTgZtyATF9TRz6xf9giC25iREL1GPWU9TzIMpsDInTecxUHAoZyu
vHJylEsb1IxxxrE6ncbtYC/jq4IusX4KxBIJodFfNnl6FiqDMgplOZOmfWoZQT72
VbS13mBsTWVy6PK21mfLtwNdy1aChLrTh/CRHKLpu+I/NSzM42t2eSGsrjoHLA3l
E4yOerTmEs1NrXVydj0VmpKZBZf48Duybk0eSo4GkSugcq3NB4soKUVw0wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKN3C3WFRgk1oT3kSvxeCrTD49tLMB8GA1UdIwQY
MBaAFAVq0vT/xYcuNaQp5T7xeZJf9CFeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQldyUzlQX0ZoeTQxcENubFB2RjVrbF8wSVY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC80MzMwZmUtZGJmYy00ODFmLThmZDkt
MWU0ZmNiMWM2MGNiLzEvbzNjTGRZVkdDVFdoUGVSS19GNEt0TVBqMjBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC80MzMwZmUtZGJmYy00ODFmLThmZDktMWU0ZmNiMWM2MGNi
LzEvQldyUzlQX0ZoeTQxcENubFB2RjVrbF8wSVY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAzBAIAATAtAwQAwWJuAwQA
wWU6AwQAwWbjMAwDBAXD9OADBADD9OwwCwMEAcP07gMDAMP0MA0EAgACMAcDBQAq
AA+oMA0GCSqGSIb3DQEBCwUAA4IBAQCboCfdOjbT+nkUSpvNt5o+AXvD/pYZFziX
Nx548Tz0yg9c9aA0rrrvaIS1drTbtyTRbpBKxPG5F4vkbRTcG6GZUZxfwkVY1Dw7
I+/p84mdWh985jLo+u3hRuknWMIluA4gEO4bWds+rUSz85jWXMl2j/NRfS5qy3hG
xvkouqaoW7v0uPfcJe8/fttMO744ck9APM+ZNF3c/7w4/D1y3DCEWTUgFfKTsJL6
usPSVl82wex8Hjh4PDnfwfqvl7NOHYvJmPucSeSuk1R8WUnEuuz11kvMov0dWOma
q3c+7qIB7/LN66N3KWO/Mlm8xn0TdH9w/5KoLf+TyEav3xXOlWTT
-----END CERTIFICATE-----
Generated at Sun Jun 23 18:46:06 2024 by rpki-client on console-ams.rpki-client.org