Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/oh1cn4uvfBZwrqQphpK1v0QKnno.roa
File: oh1cn4uvfBZwrqQphpK1v0QKnno.roa (raw, json)
Hash identifier: 0FWQPAIBLlKyoA6phf6Oq/7LM0nBoe7VR8b4TzwIXuM=
Subject key identifier: A2:1D:5C:9F:8B:AF:7C:16:70:AE:A4:29:86:92:B5:BF:44:0A:9E:7A
Certificate issuer: /CN=69507f066f2bb0389dd88436074e1426114f2d92
Certificate serial: 019017B45C6857142BCE8BFB1B44188F1E7D
Authority key identifier: 69:50:7F:06:6F:2B:B0:38:9D:D8:84:36:07:4E:14:26:11:4F:2D:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aVB_Bm8rsDid2IQ2B04UJhFPLZI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/oh1cn4uvfBZwrqQphpK1v0QKnno.roa
Signing time: Fri 14 Jun 2024 17:03:34 +0000
ROA not before: Fri 14 Jun 2024 17:03:34 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 210079
IP address blocks: 2.56.88.0/24 maxlen: 24
2.56.89.0/24 maxlen: 24
95.142.35.0/24 maxlen: 24
95.142.36.0/24 maxlen: 24
95.142.37.0/24 maxlen: 24
95.142.38.0/24 maxlen: 24
95.142.39.0/24 maxlen: 24
95.142.40.0/24 maxlen: 24
95.142.42.0/24 maxlen: 24
95.142.43.0/24 maxlen: 24
178.208.68.0/24 maxlen: 24
178.208.69.0/24 maxlen: 24
178.208.70.0/24 maxlen: 24
178.208.71.0/24 maxlen: 24
178.208.92.0/24 maxlen: 24
178.208.94.0/24 maxlen: 24
178.208.95.0/24 maxlen: 24
185.105.109.0/24 maxlen: 24
185.105.110.0/24 maxlen: 24
185.105.111.0/24 maxlen: 24
2a09:c140:3::/48 maxlen: 48
2a09:c140:db::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/aVB_Bm8rsDid2IQ2B04UJhFPLZI.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/aVB_Bm8rsDid2IQ2B04UJhFPLZI.mft
rsync://rpki.ripe.net/repository/DEFAULT/aVB_Bm8rsDid2IQ2B04UJhFPLZI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 23 Jun 2024 16:01:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:17:b4:5c:68:57:14:2b:ce:8b:fb:1b:44:18:8f:1e:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69507f066f2bb0389dd88436074e1426114f2d92
Validity
Not Before: Jun 14 17:03:34 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a21d5c9f8baf7c1670aea4298692b5bf440a9e7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:c8:e7:e4:ed:db:46:0a:1d:4f:d7:6c:69:40:
d6:13:f8:dd:9f:12:9c:a7:c7:08:02:70:8f:c9:42:
df:6f:97:3a:49:22:e7:a8:f8:2d:32:94:80:3d:72:
9b:f1:12:65:9b:a8:f1:36:f2:ff:a1:06:2b:25:a0:
ac:5f:ff:5a:40:ef:a0:4a:45:bd:82:31:7e:71:3a:
63:6d:c2:1f:92:77:f0:44:22:7a:e9:6a:7a:f2:d2:
54:6b:2d:e7:0b:3a:07:ad:48:a7:7a:9b:46:99:e3:
de:6c:14:0c:e5:2e:f9:f5:b2:22:d0:62:67:73:48:
29:fb:10:1e:7e:9e:33:34:34:0a:14:4a:a9:b4:d1:
31:9a:1f:bb:52:f6:d8:7e:ac:a5:e8:f6:0c:69:09:
a8:54:1b:4c:a9:39:28:88:69:db:70:4b:24:2b:95:
61:1e:e6:1d:81:b8:62:59:e7:01:aa:8d:cc:31:df:
58:ea:f8:16:13:74:a9:2e:58:bf:41:0d:24:64:7a:
ba:62:9b:ba:1d:8b:b3:f4:35:a2:be:33:6d:65:1c:
c7:72:c0:8f:64:67:03:7d:93:f9:44:b1:e7:f9:3b:
43:4a:82:5f:c6:eb:4b:1c:f9:fa:9b:fb:d7:2b:f6:
b2:74:5e:01:4a:43:24:b6:bd:d8:42:0a:79:22:76:
21:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:1D:5C:9F:8B:AF:7C:16:70:AE:A4:29:86:92:B5:BF:44:0A:9E:7A
X509v3 Authority Key Identifier:
keyid:69:50:7F:06:6F:2B:B0:38:9D:D8:84:36:07:4E:14:26:11:4F:2D:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aVB_Bm8rsDid2IQ2B04UJhFPLZI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/oh1cn4uvfBZwrqQphpK1v0QKnno.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/bf8338-8752-4d55-9c31-0e1b8fea8913/1/aVB_Bm8rsDid2IQ2B04UJhFPLZI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.88.0/23
95.142.35.0-95.142.40.255
95.142.42.0/23
178.208.68.0/22
178.208.92.0/24
178.208.94.0/23
185.105.109.0-185.105.111.255
IPv6:
2a09:c140:3::/48
2a09:c140:db::/48
Signature Algorithm: sha256WithRSAEncryption
34:e5:24:8e:6b:7b:c5:03:bf:59:45:c1:46:dd:7f:e2:ec:fa:
69:e2:a2:69:a5:05:43:b2:b5:a1:15:42:41:ac:b6:16:c2:d4:
03:1d:c8:00:b5:34:43:76:f9:75:77:86:5e:86:3d:0d:79:5e:
4c:0a:39:fe:6d:62:b1:37:63:fe:1f:c9:19:62:1d:c2:d2:e4:
d7:f5:29:a3:78:e7:14:a3:cf:fc:dd:2d:12:ef:b7:c0:fe:1f:
4d:82:82:f0:69:2e:08:60:bb:19:6b:f9:08:ba:a0:5e:1d:2b:
27:5c:f9:0b:18:ab:f1:c7:13:e8:5a:e6:11:ba:99:51:a5:73:
0e:db:a7:b9:43:aa:2b:03:5b:7c:0c:25:3e:8c:a2:58:bb:22:
ef:60:fc:86:9a:49:7d:60:a9:6b:0f:e1:9a:ef:2f:71:71:8b:
d4:24:41:a2:84:02:9e:ac:03:e8:cc:fe:4a:1f:51:cd:9f:e4:
c4:f8:0a:bb:cd:b4:1d:6f:52:b8:ab:6a:d7:a8:d4:12:ed:b7:
76:0b:f0:f8:19:5a:d7:ed:49:bb:b3:d7:59:7b:eb:ed:b0:b1:
bf:fb:cc:3f:53:71:3f:fc:07:62:a2:e3:f3:9f:12:4f:fd:09:
eb:c3:64:c5:33:8a:d8:9b:43:d1:dc:ea:71:a9:48:a0:4c:65:
ae:06:c1:4f
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZAXtFxoVxQrzov7G0QYjx59MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5NTA3ZjA2NmYyYmIwMzg5ZGQ4ODQzNjA3NGUxNDI2MTE0
ZjJkOTIwHhcNMjQwNjE0MTcwMzM0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjFkNWM5ZjhiYWY3YzE2NzBhZWE0Mjk4NjkyYjViZjQ0MGE5ZTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3sjn5O3bRgodT9dsaUDWE/jdnxKc
p8cIAnCPyULfb5c6SSLnqPgtMpSAPXKb8RJlm6jxNvL/oQYrJaCsX/9aQO+gSkW9
gjF+cTpjbcIfknfwRCJ66Wp68tJUay3nCzoHrUineptGmePebBQM5S759bIi0GJn
c0gp+xAefp4zNDQKFEqptNExmh+7UvbYfqyl6PYMaQmoVBtMqTkoiGnbcEskK5Vh
HuYdgbhiWecBqo3MMd9Y6vgWE3SpLli/QQ0kZHq6Ypu6HYuz9DWivjNtZRzHcsCP
ZGcDfZP5RLHn+TtDSoJfxutLHPn6m/vXK/aydF4BSkMktr3YQgp5InYhhQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFKIdXJ+Lr3wWcK6kKYaStb9ECp56MB8GA1UdIwQY
MBaAFGlQfwZvK7A4ndiENgdOFCYRTy2SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVZCX0JtOHJzRGlkMklRMkIwNFVKaEZQTFpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy9iZjgzMzgtODc1Mi00ZDU1LTljMzEt
MGUxYjhmZWE4OTEzLzEvb2gxY240dXZmQlp3cnFRcGhwSzF2MFFLbm5vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy9iZjgzMzgtODc1Mi00ZDU1LTljMzEtMGUxYjhmZWE4OTEz
LzEvYVZCX0JtOHJzRGlkMklRMkIwNFVKaEZQTFpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBABAIAATA6AwQBAjhYMAwD
BABfjiMDBABfjigDBAFfjioDBAKy0EQDBACy0FwDBAGy0F4wDAMEALlpbQMEBLlp
YDAYBAIAAjASAwcAKgnBQAADAwcAKgnBQADbMA0GCSqGSIb3DQEBCwUAA4IBAQA0
5SSOa3vFA79ZRcFG3X/i7Ppp4qJppQVDsrWhFUJBrLYWwtQDHcgAtTRDdvl1d4Ze
hj0NeV5MCjn+bWKxN2P+H8kZYh3C0uTX9SmjeOcUo8/83S0S77fA/h9NgoLwaS4I
YLsZa/kIuqBeHSsnXPkLGKvxxxPoWuYRuplRpXMO26e5Q6orA1t8DCU+jKJYuyLv
YPyGmkl9YKlrD+Ga7y9xcYvUJEGihAKerAPozP5KH1HNn+TE+Aq7zbQdb1K4q2rX
qNQS7bd2C/D4GVrX7Um7s9dZe+vtsLG/+8w/U3E//AdiouPznxJP/Qnrw2TFM4rY
m0PR3OpxqUigTGWuBsFP
-----END CERTIFICATE-----
Generated at Sun Jun 23 01:47:26 2024 by rpki-client on console-fra.rpki-client.org