Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/oX_IBl2YR7RMUGRny4TiBTghmjI.roa
File: oX_IBl2YR7RMUGRny4TiBTghmjI.roa (raw, json)
Hash identifier: HFQHBkNzh0u05Gm7p4x3/IDLaYXjcNy6BS/9gc3G8uY=
Subject key identifier: A1:7F:C8:06:5D:98:47:B4:4C:50:64:67:CB:84:E2:05:38:21:9A:32
Certificate issuer: /CN=86d542323c0e3051c9c7bb8ed1d1e8acfd3db834
Certificate serial: 018CC2DAF20A0FE451556DF9D5CD0B805A48
Authority key identifier: 86:D5:42:32:3C:0E:30:51:C9:C7:BB:8E:D1:D1:E8:AC:FD:3D:B8:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htVCMjwOMFHJx7uO0dHorP09uDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/oX_IBl2YR7RMUGRny4TiBTghmjI.roa
Signing time: Mon 01 Jan 2024 02:29:37 +0000
ROA not before: Mon 01 Jan 2024 02:29:37 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 29695
IP address blocks: 178.16.64.0/20 maxlen: 20
80.89.32.0/19 maxlen: 19
82.148.128.0/19 maxlen: 19
89.162.0.0/17 maxlen: 17
185.65.152.0/22 maxlen: 22
185.10.28.0/22 maxlen: 22
77.222.192.0/19 maxlen: 19
141.0.224.0/19 maxlen: 19
77.110.192.0/18 maxlen: 18
194.182.224.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/htVCMjwOMFHJx7uO0dHorP09uDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/htVCMjwOMFHJx7uO0dHorP09uDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/htVCMjwOMFHJx7uO0dHorP09uDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:f2:0a:0f:e4:51:55:6d:f9:d5:cd:0b:80:5a:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d542323c0e3051c9c7bb8ed1d1e8acfd3db834
Validity
Not Before: Jan 1 02:29:37 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a17fc8065d9847b44c506467cb84e20538219a32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:f0:49:31:a5:66:d8:d6:c2:aa:f4:76:78:1b:
6e:2f:ad:21:d1:ee:b0:4b:7c:fa:16:83:1e:04:7c:
e2:d8:d4:db:71:25:d6:94:ba:52:50:8f:ab:26:5f:
9d:19:68:dc:aa:d9:ab:a6:5c:83:94:21:94:d6:91:
a4:00:1d:61:71:8c:91:12:2a:82:2d:18:54:6c:c7:
e9:7f:ed:a6:82:4a:ef:4f:9b:ed:d8:29:dc:d6:b7:
4b:be:9e:3d:6e:f9:77:23:d7:ca:a3:e7:e5:62:42:
31:81:62:b3:4d:9c:c6:8a:10:88:02:f4:d5:7c:eb:
ab:dd:9a:1f:04:8f:66:a1:40:a7:2b:89:89:a1:05:
48:ad:7d:68:7a:7d:04:c6:5c:eb:2a:9e:77:3b:84:
32:77:f9:c3:55:37:20:65:ac:87:5d:69:e0:5e:18:
ce:a0:a8:02:89:46:45:2e:37:37:68:2b:41:aa:b9:
a7:35:ae:51:3b:b7:4e:1c:6d:55:0c:a3:cf:13:c5:
47:91:18:6a:4b:76:db:26:27:20:a7:e2:42:87:3f:
c7:35:41:5d:fc:11:60:16:93:46:54:c2:c4:7a:99:
2a:a4:76:43:70:13:87:4f:9c:47:84:89:37:11:a2:
52:b8:6b:7d:95:82:82:80:d9:f5:b3:d4:2c:8b:54:
d8:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:7F:C8:06:5D:98:47:B4:4C:50:64:67:CB:84:E2:05:38:21:9A:32
X509v3 Authority Key Identifier:
keyid:86:D5:42:32:3C:0E:30:51:C9:C7:BB:8E:D1:D1:E8:AC:FD:3D:B8:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htVCMjwOMFHJx7uO0dHorP09uDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/oX_IBl2YR7RMUGRny4TiBTghmjI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/a7c7c1-fc42-43a3-9ad8-70dad51e73fb/1/htVCMjwOMFHJx7uO0dHorP09uDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.110.192.0/18
77.222.192.0/19
80.89.32.0/19
82.148.128.0/19
89.162.0.0/17
141.0.224.0/19
178.16.64.0/20
185.10.28.0/22
185.65.152.0/22
194.182.224.0/21
Signature Algorithm: sha256WithRSAEncryption
28:98:3c:86:b7:3d:f5:2b:8f:d4:dd:9c:a5:eb:6d:0c:71:4c:
fc:90:d4:d3:85:b3:6f:d1:16:6a:e2:24:83:23:c8:43:9a:45:
5b:1d:3f:93:5b:e7:1c:7d:3f:93:81:0b:7c:57:4e:bb:a4:f3:
e0:4e:c8:cb:c4:c1:45:91:55:6c:1e:7c:bd:d0:5c:77:e3:23:
81:6b:b3:93:d4:64:e4:0b:4b:8a:b8:81:b6:4c:79:76:78:7c:
2c:1f:12:89:72:25:b8:4a:2c:bf:bd:67:16:7e:5c:fc:96:e5:
e1:e6:ee:ea:6f:23:7b:d4:9c:aa:35:0c:bd:71:8a:ae:01:17:
88:fe:88:86:a4:0e:b0:ab:59:2d:36:eb:4d:f4:41:0c:06:a2:
f2:d9:13:7f:7b:f5:72:b5:6e:63:ae:8c:3e:44:62:32:bf:e9:
4f:23:3b:8d:0b:f2:ff:f2:17:2c:4f:19:75:3b:dd:e8:60:8e:
d0:b3:49:f2:c3:61:bc:42:0a:42:58:77:19:71:44:cd:05:36:
8e:c3:38:aa:9c:da:21:d2:1f:1b:4e:d9:57:5d:3a:ba:5f:a2:
e7:b4:31:84:f8:b1:d4:e7:3b:9b:d7:e0:d2:c3:02:77:58:87:
8b:8e:12:d5:37:93:08:37:72:23:06:5d:92:54:f2:d3:1d:aa:
e5:f7:32:d0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAYzC2vIKD+RRVW351c0LgFpIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDU0MjMyM2MwZTMwNTFjOWM3YmI4ZWQxZDFlOGFjZmQz
ZGI4MzQwHhcNMjQwMTAxMDIyOTM3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTdmYzgwNjVkOTg0N2I0NGM1MDY0NjdjYjg0ZTIwNTM4MjE5YTMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkPBJMaVm2NbCqvR2eBtuL60h0e6w
S3z6FoMeBHzi2NTbcSXWlLpSUI+rJl+dGWjcqtmrplyDlCGU1pGkAB1hcYyREiqC
LRhUbMfpf+2mgkrvT5vt2Cnc1rdLvp49bvl3I9fKo+flYkIxgWKzTZzGihCIAvTV
fOur3ZofBI9moUCnK4mJoQVIrX1oen0ExlzrKp53O4Qyd/nDVTcgZayHXWngXhjO
oKgCiUZFLjc3aCtBqrmnNa5RO7dOHG1VDKPPE8VHkRhqS3bbJicgp+JChz/HNUFd
/BFgFpNGVMLEepkqpHZDcBOHT5xHhIk3EaJSuGt9lYKCgNn1s9Qsi1TYBwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFKF/yAZdmEe0TFBkZ8uE4gU4IZoyMB8GA1UdIwQY
MBaAFIbVQjI8DjBRyce7jtHR6Kz9Pbg0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRWQ01qd09NRkhKeDd1TzBkSG9yUDA5dURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9hN2M3YzEtZmM0Mi00M2EzLTlhZDgt
NzBkYWQ1MWU3M2ZiLzEvb1hfSUJsMllSN1JNVUdSbnk0VGlCVGdobWpJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9hN2M3YzEtZmM0Mi00M2EzLTlhZDgtNzBkYWQ1MWU3M2Zi
LzEvaHRWQ01qd09NRkhKeDd1TzBkSG9yUDA5dURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQGTW7AAwQF
Td7AAwQFUFkgAwQFUpSAAwQHWaIAAwQFjQDgAwQEshBAAwQCuQocAwQCuUGYAwQD
wrbgMA0GCSqGSIb3DQEBCwUAA4IBAQAomDyGtz31K4/U3Zyl620McUz8kNTThbNv
0RZq4iSDI8hDmkVbHT+TW+ccfT+TgQt8V067pPPgTsjLxMFFkVVsHny90Fx34yOB
a7OT1GTkC0uKuIG2THl2eHwsHxKJciW4Siy/vWcWflz8luXh5u7qbyN71JyqNQy9
cYquAReI/oiGpA6wq1ktNutN9EEMBqLy2RN/e/VytW5jrow+RGIyv+lPIzuNC/L/
8hcsTxl1O93oYI7Qs0nyw2G8QgpCWHcZcUTNBTaOwziqnNoh0h8bTtlXXTq6X6Ln
tDGE+LHU5zub1+DSwwJ3WIeLjhLVN5MIN3IjBl2SVPLTHarl9zLQ
-----END CERTIFICATE-----
Generated at Sat Nov 23 13:13:29 2024 by rpki-client on console-ams.rpki-client.org