Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/oP490aCHyPb1ky13XTWCEqlywec.roa
File: oP490aCHyPb1ky13XTWCEqlywec.roa (raw, json)
Hash identifier: MVQEEHGjTpLySUvylzsYOV2e6bAi7DuNaJRzh58XHpc=
Subject key identifier: A0:FE:3D:D1:A0:87:C8:F6:F5:93:2D:77:5D:35:82:12:A9:72:C1:E7
Certificate issuer: /CN=3b7ec9423bf90c81d22d94841c10357a54260379
Certificate serial: 018CC94E68726ECAF9CBCB60443400102693
Authority key identifier: 3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/oP490aCHyPb1ky13XTWCEqlywec.roa
Signing time: Tue 02 Jan 2024 08:33:28 +0000
ROA not before: Tue 02 Jan 2024 08:33:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 35178
IP address blocks: 85.239.32.0/24 maxlen: 24
2a07:7dc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4e:68:72:6e:ca:f9:cb:cb:60:44:34:00:10:26:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b7ec9423bf90c81d22d94841c10357a54260379
Validity
Not Before: Jan 2 08:33:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0fe3dd1a087c8f6f5932d775d358212a972c1e7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:f9:2f:1e:e1:14:f9:6c:e4:ab:dd:5f:f6:fb:
60:ba:b2:9c:e7:98:74:ab:d7:75:7e:98:cf:f5:b3:
f4:99:cc:ca:25:7e:24:b6:7e:01:a3:c3:a0:6b:9a:
b9:7d:51:dd:e2:dc:6a:61:9e:cb:78:59:ba:32:92:
28:2e:db:01:e5:e1:cc:02:6c:d5:b9:8e:ae:88:d9:
8e:c9:68:2c:e4:5b:f5:5f:5e:6a:85:3f:9e:5b:23:
ff:a0:b7:d3:82:06:17:c0:d8:2c:fb:c7:63:4c:ee:
b4:bb:c8:5c:1a:31:5d:83:5e:51:99:18:1e:8a:81:
1e:13:7d:af:aa:1e:48:bc:b6:91:cd:80:ab:ee:33:
bd:6f:75:40:82:96:94:2a:be:b4:6e:f5:8b:1a:05:
15:06:bc:39:11:e0:be:5e:6d:4b:fa:32:fb:d5:25:
40:fe:d6:58:bf:ff:7d:f3:e0:be:ae:08:93:58:89:
b5:cc:20:cc:56:74:5d:39:a2:6c:49:71:6e:a2:d9:
a7:33:9a:07:18:2b:76:fc:12:ed:07:1a:9a:c0:03:
30:29:5c:8a:15:30:7d:28:32:ed:c9:59:ba:bb:8c:
29:f1:61:0e:5f:6e:01:1c:f0:7e:30:2f:2a:84:b4:
51:0f:c1:3f:1a:b1:c9:80:8e:27:28:a9:fe:1f:77:
c4:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:FE:3D:D1:A0:87:C8:F6:F5:93:2D:77:5D:35:82:12:A9:72:C1:E7
X509v3 Authority Key Identifier:
keyid:3B:7E:C9:42:3B:F9:0C:81:D2:2D:94:84:1C:10:35:7A:54:26:03:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O37JQjv5DIHSLZSEHBA1elQmA3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/oP490aCHyPb1ky13XTWCEqlywec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/8ea47f-eff3-4627-94ed-1d10f3c70bb4/1/O37JQjv5DIHSLZSEHBA1elQmA3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.32.0/24
IPv6:
2a07:7dc0::/29
Signature Algorithm: sha256WithRSAEncryption
a7:02:b6:5b:be:44:ee:55:df:64:bf:bb:7f:63:27:95:f6:1a:
ba:35:e3:f9:f2:c5:e2:f8:b7:7b:ba:37:c6:cf:b8:e4:f9:03:
a0:7e:e7:a4:55:0e:99:34:7d:1e:f9:4e:8d:53:1e:ae:66:4e:
0b:a4:cb:d5:18:3f:2b:1d:73:d4:40:3b:ea:6e:c3:00:b9:74:
83:f8:0f:9a:be:ba:f2:da:51:af:77:ea:90:b6:76:72:93:ca:
9e:ea:1d:6e:bc:32:ce:f4:2f:02:ce:0a:79:7e:c6:dd:08:56:
11:6f:a1:95:43:d9:1b:2c:2e:5b:ed:f6:cf:55:77:74:64:57:
31:d5:4f:35:c7:3f:45:6a:91:09:7f:1a:fc:23:cc:7b:99:6f:
69:74:ac:4f:a7:ba:ef:48:64:bd:24:00:4c:38:a0:14:6e:cd:
da:37:c6:aa:e4:f9:d3:4f:22:d5:68:97:2e:28:3a:85:8a:25:
6a:28:ab:52:cf:01:25:bb:26:5e:61:92:87:bc:c6:41:e4:3a:
cb:39:c6:01:5a:23:fd:6f:d7:15:c3:fe:f1:3d:9c:7a:74:5e:
e1:ab:1e:83:9d:ce:b0:76:93:39:72:23:8b:1f:ec:42:90:ca:
88:46:6a:9d:55:8e:9f:11:9b:79:e1:a7:4d:6c:3d:c3:ba:64:
d4:eb:06:67
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAYzJTmhybsr5y8tgRDQAECaTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiN2VjOTQyM2JmOTBjODFkMjJkOTQ4NDFjMTAzNTdhNTQy
NjAzNzkwHhcNMjQwMTAyMDgzMzI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGZlM2RkMWEwODdjOGY2ZjU5MzJkNzc1ZDM1ODIxMmE5NzJjMWU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnvkvHuEU+Wzkq91f9vtgurKc55h0
q9d1fpjP9bP0mczKJX4ktn4Bo8Oga5q5fVHd4txqYZ7LeFm6MpIoLtsB5eHMAmzV
uY6uiNmOyWgs5Fv1X15qhT+eWyP/oLfTggYXwNgs+8djTO60u8hcGjFdg15RmRge
ioEeE32vqh5IvLaRzYCr7jO9b3VAgpaUKr60bvWLGgUVBrw5EeC+Xm1L+jL71SVA
/tZYv/998+C+rgiTWIm1zCDMVnRdOaJsSXFuotmnM5oHGCt2/BLtBxqawAMwKVyK
FTB9KDLtyVm6u4wp8WEOX24BHPB+MC8qhLRRD8E/GrHJgI4nKKn+H3fEWQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFKD+PdGgh8j29ZMtd101ghKpcsHnMB8GA1UdIwQY
MBaAFDt+yUI7+QyB0i2UhBwQNXpUJgN5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQt
MWQxMGYzYzcwYmI0LzEvb1A0OTBhQ0h5UGIxa3kxM1hUV0NFcWx5d2VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy84ZWE0N2YtZWZmMy00NjI3LTk0ZWQtMWQxMGYzYzcwYmI0
LzEvTzM3SlFqdjVESUhTTFpTRUhCQTFlbFFtQTNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAVe8gMA0E
AgACMAcDBQMqB33AMA0GCSqGSIb3DQEBCwUAA4IBAQCnArZbvkTuVd9kv7t/YyeV
9hq6NeP58sXi+Ld7ujfGz7jk+QOgfuekVQ6ZNH0e+U6NUx6uZk4LpMvVGD8rHXPU
QDvqbsMAuXSD+A+avrry2lGvd+qQtnZyk8qe6h1uvDLO9C8Czgp5fsbdCFYRb6GV
Q9kbLC5b7fbPVXd0ZFcx1U81xz9FapEJfxr8I8x7mW9pdKxPp7rvSGS9JABMOKAU
bs3aN8aq5PnTTyLVaJcuKDqFiiVqKKtSzwEluyZeYZKHvMZB5DrLOcYBWiP9b9cV
w/7xPZx6dF7hqx6Dnc6wdpM5ciOLH+xCkMqIRmqdVY6fEZt54adNbD3DumTU6wZn
-----END CERTIFICATE-----
Generated at Sat Jun 1 10:00:12 2024 by rpki-client on console-ams.rpki-client.org