Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/01/513734-a485-4c28-8aa6-9555d30f6f8f/1/oIm1wBRHXDanU9ZcWONnX3UF3Cw.roa
File: oIm1wBRHXDanU9ZcWONnX3UF3Cw.roa (raw, json)
Hash identifier: MerSfBHCAmEZpUt8GDPFQs2S1UG4BvbZjYGplgzG1fE=
Subject key identifier: A0:89:B5:C0:14:47:5C:36:A7:53:D6:5C:58:E3:67:5F:75:05:DC:2C
Certificate issuer: /CN=fd3a1e8465bfc4df700894372d0b9808e8b629ea
Certificate serial: 018CC72771A3B9FDEF80BE1B64CCC2AA230E
Authority key identifier: FD:3A:1E:84:65:BF:C4:DF:70:08:94:37:2D:0B:98:08:E8:B6:29:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_ToehGW_xN9wCJQ3LQuYCOi2Keo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/01/513734-a485-4c28-8aa6-9555d30f6f8f/1/oIm1wBRHXDanU9ZcWONnX3UF3Cw.roa
Signing time: Mon 01 Jan 2024 22:31:40 +0000
ROA not before: Mon 01 Jan 2024 22:31:40 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 47692
IP address blocks: 192.166.242.0/23 maxlen: 23
192.166.241.0/24 maxlen: 24
84.242.8.0/21 maxlen: 24
146.255.56.0/21 maxlen: 24
5.183.173.0/24 maxlen: 24
5.183.174.0/23 maxlen: 23
45.155.244.0/22 maxlen: 24
83.137.112.0/21 maxlen: 24
77.244.240.0/20 maxlen: 24
217.74.8.0/21 maxlen: 24
92.42.136.0/21 maxlen: 24
212.232.24.0/21 maxlen: 24
2a02:1b9::/32 maxlen: 32
2a02:1b8::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/01/513734-a485-4c28-8aa6-9555d30f6f8f/1/_ToehGW_xN9wCJQ3LQuYCOi2Keo.crl
rsync://rpki.ripe.net/repository/DEFAULT/01/513734-a485-4c28-8aa6-9555d30f6f8f/1/_ToehGW_xN9wCJQ3LQuYCOi2Keo.mft
rsync://rpki.ripe.net/repository/DEFAULT/_ToehGW_xN9wCJQ3LQuYCOi2Keo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 04:00:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c7:27:71:a3:b9:fd:ef:80:be:1b:64:cc:c2:aa:23:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fd3a1e8465bfc4df700894372d0b9808e8b629ea
Validity
Not Before: Jan 1 22:31:40 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a089b5c014475c36a753d65c58e3675f7505dc2c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:23:c8:54:ef:8f:b0:6d:0c:13:55:cc:4e:1e:
ce:fb:bc:c0:ff:fc:92:df:da:b1:ae:f6:c3:87:28:
c4:9c:36:5f:5c:86:3c:d4:14:3c:ae:1b:2b:42:fe:
af:58:6e:4a:6c:ae:2c:2a:fd:4c:0a:f5:19:d0:2a:
24:5b:9a:85:43:cc:3f:ca:36:18:92:70:98:ab:ef:
fe:68:6c:08:c3:3b:cd:ff:60:91:1c:14:75:5b:d2:
68:43:d0:ed:ff:8b:e1:ac:48:a2:57:cc:04:a1:e0:
a3:b4:89:36:2f:57:5a:89:b1:41:ae:a8:51:b1:fc:
08:9e:23:9a:f8:24:f2:10:75:ed:be:60:18:ad:cf:
d7:4c:79:9c:36:00:00:14:c1:1d:c4:2a:dd:ba:26:
d5:00:66:14:da:ef:c8:10:64:28:57:77:63:5e:c3:
e5:c2:fc:b9:42:08:e2:f4:42:be:0d:7c:d2:92:6d:
82:be:00:5d:ee:c0:d8:07:bd:5f:df:7b:8f:a8:d0:
15:eb:28:69:ae:d2:e6:58:d0:a8:9d:e6:f7:06:e7:
9d:8d:ed:8a:7b:99:34:f2:69:b4:6d:77:7b:60:cc:
93:2e:fa:75:60:af:30:d6:ff:b6:f0:df:96:42:f7:
5d:06:a8:55:8e:52:19:20:df:4f:60:1f:e1:57:40:
3a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:89:B5:C0:14:47:5C:36:A7:53:D6:5C:58:E3:67:5F:75:05:DC:2C
X509v3 Authority Key Identifier:
keyid:FD:3A:1E:84:65:BF:C4:DF:70:08:94:37:2D:0B:98:08:E8:B6:29:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_ToehGW_xN9wCJQ3LQuYCOi2Keo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/01/513734-a485-4c28-8aa6-9555d30f6f8f/1/oIm1wBRHXDanU9ZcWONnX3UF3Cw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/01/513734-a485-4c28-8aa6-9555d30f6f8f/1/_ToehGW_xN9wCJQ3LQuYCOi2Keo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.173.0-5.183.175.255
45.155.244.0/22
77.244.240.0/20
83.137.112.0/21
84.242.8.0/21
92.42.136.0/21
146.255.56.0/21
192.166.241.0-192.166.243.255
212.232.24.0/21
217.74.8.0/21
IPv6:
2a02:1b8::/29
Signature Algorithm: sha256WithRSAEncryption
70:ae:f7:ec:db:56:5a:2e:2c:5f:3e:40:16:86:32:cb:f7:c5:
93:4f:de:66:b4:5f:91:a5:0c:cd:d1:ed:96:a0:9a:b4:49:93:
d7:df:59:cf:1d:8b:1e:49:a9:3b:e4:18:65:18:fb:29:c8:d0:
7b:ca:27:d2:7b:fb:50:d0:f0:f1:19:7c:c6:97:63:2f:c3:44:
df:76:d6:e7:61:c9:6d:5e:b5:e5:a0:d0:d2:8a:51:90:7a:9b:
74:4b:e9:3b:5d:ae:47:40:27:e8:ca:30:a9:94:74:c7:b6:50:
d7:03:78:45:86:4f:1e:2a:9c:91:eb:7d:48:e4:30:cb:c6:a5:
bd:8c:20:19:5b:0d:c6:9d:91:69:68:0b:26:5c:21:07:35:61:
ca:91:ab:c6:65:d2:d9:ab:ea:72:1d:82:d6:87:71:f8:d1:7d:
ee:98:0e:fa:bb:ee:de:d7:e9:3c:f4:36:76:68:23:24:bc:83:
d5:92:9d:16:e0:d4:12:16:c9:b2:c5:1d:f2:ac:c7:14:14:b2:
e0:87:01:ad:87:5e:9e:60:50:f0:e6:f9:c5:de:ca:64:44:55:
88:d4:9e:35:cd:35:ce:f4:62:0a:67:d5:5e:13:0f:d5:03:9f:
7f:b3:10:a5:4a:b2:37:20:2a:91:d0:6a:b7:fe:de:3b:01:6e:
ce:da:1d:47
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAYzHJ3Gjuf3vgL4bZMzCqiMOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZkM2ExZTg0NjViZmM0ZGY3MDA4OTQzNzJkMGI5ODA4ZThi
NjI5ZWEwHhcNMjQwMTAxMjIzMTQwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDg5YjVjMDE0NDc1YzM2YTc1M2Q2NWM1OGUzNjc1Zjc1MDVkYzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3yPIVO+PsG0ME1XMTh7O+7zA//yS
39qxrvbDhyjEnDZfXIY81BQ8rhsrQv6vWG5KbK4sKv1MCvUZ0CokW5qFQ8w/yjYY
knCYq+/+aGwIwzvN/2CRHBR1W9JoQ9Dt/4vhrEiiV8wEoeCjtIk2L1daibFBrqhR
sfwIniOa+CTyEHXtvmAYrc/XTHmcNgAAFMEdxCrduibVAGYU2u/IEGQoV3djXsPl
wvy5Qgji9EK+DXzSkm2CvgBd7sDYB71f33uPqNAV6yhprtLmWNConeb3Buedje2K
e5k08mm0bXd7YMyTLvp1YK8w1v+28N+WQvddBqhVjlIZIN9PYB/hV0A6HwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFKCJtcAUR1w2p1PWXFjjZ191BdwsMB8GA1UdIwQY
MBaAFP06HoRlv8TfcAiUNy0LmAjotinqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX1RvZWhHV194Tjl3Q0pRM0xRdVlDT2kyS2VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMS81MTM3MzQtYTQ4NS00YzI4LThhYTYt
OTU1NWQzMGY2ZjhmLzEvb0ltMXdCUkhYRGFuVTlaY1dPTm5YM1VGM0N3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMS81MTM3MzQtYTQ4NS00YzI4LThhYTYtOTU1NWQzMGY2Zjhm
LzEvX1RvZWhHV194Tjl3Q0pRM0xRdVlDT2kyS2VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBSBAIAATBMMAwDBAAFt60D
BAQFt6ADBAItm/QDBARN9PADBANTiXADBANU8ggDBANcKogDBAOS/zgwDAMEAMCm
8QMEAsCm8AMEA9ToGAMEA9lKCDANBAIAAjAHAwUDKgIBuDANBgkqhkiG9w0BAQsF
AAOCAQEAcK737NtWWi4sXz5AFoYyy/fFk0/eZrRfkaUMzdHtlqCatEmT199Zzx2L
HkmpO+QYZRj7KcjQe8on0nv7UNDw8Rl8xpdjL8NE33bW52HJbV615aDQ0opRkHqb
dEvpO12uR0An6MowqZR0x7ZQ1wN4RYZPHiqcket9SOQwy8alvYwgGVsNxp2RaWgL
JlwhBzVhypGrxmXS2avqch2C1odx+NF97pgO+rvu3tfpPPQ2dmgjJLyD1ZKdFuDU
EhbJssUd8qzHFBSy4IcBrYdenmBQ8Ob5xd7KZERViNSeNc01zvRiCmfVXhMP1QOf
f7MQpUqyNyAqkdBqt/7eOwFuztodRw==
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:16:16 2024 by rpki-client on console-fra.rpki-client.org