Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/o9LAGdnvkUiS-XyaW7g-a08TSt4.roa
File: o9LAGdnvkUiS-XyaW7g-a08TSt4.roa (raw, json)
Hash identifier: /j1fiOWQh3tZcIVXTVdMbSON7jLj63TMRSzEaVT42u4=
Subject key identifier: A3:D2:C0:19:D9:EF:91:48:92:F9:7C:9A:5B:B8:3E:6B:4F:13:4A:DE
Certificate issuer: /CN=066369e2705cb433db0658ab666d08b67b1551dc
Certificate serial: 018CC2DACBE7CCD896A603085DD02C828650
Authority key identifier: 06:63:69:E2:70:5C:B4:33:DB:06:58:AB:66:6D:08:B6:7B:15:51:DC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BmNp4nBctDPbBlirZm0ItnsVUdw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/o9LAGdnvkUiS-XyaW7g-a08TSt4.roa
Signing time: Mon 01 Jan 2024 02:29:28 +0000
ROA not before: Mon 01 Jan 2024 02:29:28 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 197308
IP address blocks: 193.108.4.0/24 maxlen: 24
193.108.2.0/23 maxlen: 23
193.108.0.0/24 maxlen: 24
193.108.1.0/24 maxlen: 24
193.108.6.0/24 maxlen: 24
193.108.5.0/24 maxlen: 24
213.180.64.0/19 maxlen: 19
81.91.0.0/20 maxlen: 20
5.179.112.0/21 maxlen: 21
176.57.88.0/22 maxlen: 22
185.27.240.0/22 maxlen: 22
185.21.144.0/22 maxlen: 22
31.216.32.0/21 maxlen: 21
2a03:2f80::/32 maxlen: 32
2a00:5860::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/BmNp4nBctDPbBlirZm0ItnsVUdw.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/BmNp4nBctDPbBlirZm0ItnsVUdw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BmNp4nBctDPbBlirZm0ItnsVUdw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 16:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:da:cb:e7:cc:d8:96:a6:03:08:5d:d0:2c:82:86:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=066369e2705cb433db0658ab666d08b67b1551dc
Validity
Not Before: Jan 1 02:29:28 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3d2c019d9ef914892f97c9a5bb83e6b4f134ade
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:00:cd:55:cc:53:57:a8:4b:64:5f:1d:36:6b:
eb:8c:0e:fc:45:69:d0:b7:5c:87:b4:ea:68:3f:59:
f3:ad:4a:6d:aa:4d:6f:88:10:71:a4:fc:96:b8:ff:
aa:c1:ac:29:43:10:31:38:08:e1:cc:be:a3:ab:22:
0c:f3:16:b6:a8:69:d3:d8:28:b4:64:4c:40:c3:56:
97:4d:ef:df:5d:f1:3e:59:95:d5:c4:7e:dd:14:98:
e9:f3:96:92:45:e3:9f:d5:eb:38:5d:e3:9b:b5:76:
b5:7f:9f:fd:92:4c:0d:d9:1e:b1:de:7e:61:81:0c:
fb:b1:a7:26:f7:7e:db:c2:f9:3d:fe:d0:b4:79:f6:
88:57:bb:16:00:1f:88:b8:78:4e:a1:07:50:ec:f9:
e9:65:19:6c:24:71:9a:76:69:95:a1:18:58:42:b5:
a0:1e:b0:18:16:1b:84:01:22:4a:51:f9:11:7b:a4:
83:b1:71:7a:47:17:13:c7:bd:d9:e2:0c:bd:a8:35:
59:73:34:e3:3e:e2:51:c2:12:1e:33:1c:c6:6e:ae:
47:b2:14:5b:8e:8a:7b:33:f7:36:09:20:00:82:61:
9e:cc:ba:0a:23:1e:ea:87:ed:59:95:2d:38:6a:82:
72:74:1d:37:ae:0e:eb:85:7d:5e:a1:00:b9:62:62:
7d:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:D2:C0:19:D9:EF:91:48:92:F9:7C:9A:5B:B8:3E:6B:4F:13:4A:DE
X509v3 Authority Key Identifier:
keyid:06:63:69:E2:70:5C:B4:33:DB:06:58:AB:66:6D:08:B6:7B:15:51:DC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BmNp4nBctDPbBlirZm0ItnsVUdw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/o9LAGdnvkUiS-XyaW7g-a08TSt4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/64e49a-5fe1-45c2-8310-34a9e98a5f86/1/BmNp4nBctDPbBlirZm0ItnsVUdw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.179.112.0/21
31.216.32.0/21
81.91.0.0/20
176.57.88.0/22
185.21.144.0/22
185.27.240.0/22
193.108.0.0-193.108.6.255
213.180.64.0/19
IPv6:
2a00:5860::/32
2a03:2f80::/32
Signature Algorithm: sha256WithRSAEncryption
89:24:1e:ff:3d:ca:af:7b:42:9f:30:b5:b8:39:53:a2:c8:78:
a5:88:61:3c:dc:cd:f3:81:9c:fb:16:96:c1:32:09:85:62:56:
57:4f:b3:41:7b:93:55:58:af:b8:36:20:ac:bb:bb:f6:8e:fd:
fa:4b:b1:ff:6f:d6:5f:e9:b7:c3:46:9b:3e:ff:74:6d:73:10:
80:43:92:97:81:bc:84:51:aa:0f:3e:b5:b0:f6:a1:da:a3:94:
4c:a4:03:e1:62:ca:e6:53:27:db:6d:3b:d9:e2:96:0f:97:f9:
05:c5:04:65:35:aa:e7:3c:60:ba:73:9b:75:b1:b0:e5:a3:47:
3b:22:73:29:61:4d:b8:47:b8:34:b0:79:47:13:3a:4d:57:f5:
9a:24:c9:1b:8a:bc:24:cd:f8:5d:4d:c3:53:c0:59:55:c4:78:
a8:ed:9f:9b:6f:65:24:80:b8:c2:0c:06:3e:7a:f2:f0:09:72:
bb:52:91:81:5c:2c:12:1f:46:be:d2:a5:7e:8a:57:f0:7b:cd:
a9:ab:62:4c:62:84:1b:f1:ce:dd:c5:c3:61:f3:b5:e3:b8:ce:
c9:ee:57:7d:41:2b:34:26:f0:41:7a:65:9a:05:5f:61:9c:d3:
bf:a7:20:0d:1b:6e:be:2c:51:14:75:37:30:f6:2a:7e:38:9c:
7c:12:94:08
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAYzC2svnzNiWpgMIXdAsgoZQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NjM2OWUyNzA1Y2I0MzNkYjA2NThhYjY2NmQwOGI2N2Ix
NTUxZGMwHhcNMjQwMTAxMDIyOTI4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2QyYzAxOWQ5ZWY5MTQ4OTJmOTdjOWE1YmI4M2U2YjRmMTM0YWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhQDNVcxTV6hLZF8dNmvrjA78RWnQ
t1yHtOpoP1nzrUptqk1viBBxpPyWuP+qwawpQxAxOAjhzL6jqyIM8xa2qGnT2Ci0
ZExAw1aXTe/fXfE+WZXVxH7dFJjp85aSReOf1es4XeObtXa1f5/9kkwN2R6x3n5h
gQz7sacm937bwvk9/tC0efaIV7sWAB+IuHhOoQdQ7PnpZRlsJHGadmmVoRhYQrWg
HrAYFhuEASJKUfkRe6SDsXF6RxcTx73Z4gy9qDVZczTjPuJRwhIeMxzGbq5HshRb
jop7M/c2CSAAgmGezLoKIx7qh+1ZlS04aoJydB03rg7rhX1eoQC5YmJ99wIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFKPSwBnZ75FIkvl8mlu4PmtPE0reMB8GA1UdIwQY
MBaAFAZjaeJwXLQz2wZYq2ZtCLZ7FVHcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm1OcDRuQmN0RFBiQmxpclptMEl0bnNWVWR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC82NGU0OWEtNWZlMS00NWMyLTgzMTAt
MzRhOWU5OGE1Zjg2LzEvbzlMQUdkbnZrVWlTLVh5YVc3Zy1hMDhUU3Q0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC82NGU0OWEtNWZlMS00NWMyLTgzMTAtMzRhOWU5OGE1Zjg2
LzEvQm1OcDRuQmN0RFBiQmxpclptMEl0bnNWVWR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTA9BAIAATA3AwQDBbNwAwQD
H9ggAwQEUVsAAwQCsDlYAwQCuRWQAwQCuRvwMAsDAwLBbAMEAMFsBgMEBdW0QDAU
BAIAAjAOAwUAKgBYYAMFACoDL4AwDQYJKoZIhvcNAQELBQADggEBAIkkHv89yq97
Qp8wtbg5U6LIeKWIYTzczfOBnPsWlsEyCYViVldPs0F7k1VYr7g2IKy7u/aO/fpL
sf9v1l/pt8NGmz7/dG1zEIBDkpeBvIRRqg8+tbD2odqjlEykA+FiyuZTJ9ttO9ni
lg+X+QXFBGU1quc8YLpzm3WxsOWjRzsicylhTbhHuDSweUcTOk1X9ZokyRuKvCTN
+F1Nw1PAWVXEeKjtn5tvZSSAuMIMBj568vAJcrtSkYFcLBIfRr7SpX6KV/B7zamr
YkxihBvxzt3Fw2HzteO4zsnuV31BKzQm8EF6ZZoFX2Gc07+nIA0bbr4sURR1NzD2
Kn44nHwSlAg=
-----END CERTIFICATE-----
Generated at Mon Nov 25 21:48:34 2024 by rpki-client on console-ams.rpki-client.org