Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/2BzP0Hk0faRtUkNou8yNsGsijl4.roa
File: 2BzP0Hk0faRtUkNou8yNsGsijl4.roa (raw, json)
Hash identifier: RHlBBE8sYyiSvLuwrv2BJXyJwvm8cetgz79PRBnhmx8=
Subject key identifier: D8:1C:CF:D0:79:34:7D:A4:6D:52:43:68:BB:CC:8D:B0:6B:22:8E:5E
Certificate issuer: /CN=3ac78f33e8e1187327667fa94fd7446b8d91e5b4
Certificate serial: 018E51CF9FBF833BDBF7D250D44E01A35A5D
Authority key identifier: 3A:C7:8F:33:E8:E1:18:73:27:66:7F:A9:4F:D7:44:6B:8D:91:E5:B4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/OsePM-jhGHMnZn-pT9dEa42R5bQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/2BzP0Hk0faRtUkNou8yNsGsijl4.roa
Signing time: Mon 18 Mar 2024 13:45:45 +0000
ROA not before: Mon 18 Mar 2024 13:45:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203500
IP address blocks: 185.178.184.0/24 maxlen: 24
185.178.185.0/24 maxlen: 24
185.178.186.0/24 maxlen: 24
193.25.200.0/24 maxlen: 24
2a07:6780::/29 maxlen: 29
2a0a:6680:bee::/48 maxlen: 48
2a0a:6680:1000::/36 maxlen: 36
2a0a:6680:1979::/48 maxlen: 48
2a0a:6680:2000::/36 maxlen: 36
2a0a:6680:b300::/40 maxlen: 40
2a0a:6680:bee1::/48 maxlen: 48
2a0a:6680:bee5::/48 maxlen: 48
2a0a:6680:bee6::/48 maxlen: 48
2a0a:6680:cc91::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/OsePM-jhGHMnZn-pT9dEa42R5bQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/OsePM-jhGHMnZn-pT9dEa42R5bQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/OsePM-jhGHMnZn-pT9dEa42R5bQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 22:01:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:51:cf:9f:bf:83:3b:db:f7:d2:50:d4:4e:01:a3:5a:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ac78f33e8e1187327667fa94fd7446b8d91e5b4
Validity
Not Before: Mar 18 13:45:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d81ccfd079347da46d524368bbcc8db06b228e5e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:e6:7a:c2:50:9c:f1:ee:34:72:2c:0c:43:84:
7c:50:12:bb:23:43:d1:d9:2e:d5:1e:6e:74:6c:2e:
9e:e2:ba:2a:ea:46:60:44:20:ea:1f:1d:3f:e9:d0:
15:3b:99:61:06:96:9b:cc:68:dc:ae:24:d7:03:92:
94:30:e2:a2:0b:0f:bc:0b:0c:67:6d:41:52:24:05:
d0:ce:a3:74:10:cf:df:2d:53:b9:21:4d:f9:0b:25:
62:89:bc:e9:ca:51:7a:8b:13:fd:5d:72:4c:75:56:
47:cc:da:05:3b:b5:00:80:1d:99:bf:01:7a:1b:ed:
88:20:5e:a4:be:70:21:a3:fe:ea:bb:b4:95:51:53:
4d:77:80:c6:85:82:60:96:c7:77:f6:75:84:a5:a9:
b9:22:76:d5:7d:4c:5f:2a:47:64:9d:e9:c4:07:f2:
7e:a9:ac:64:07:5e:7c:67:42:9e:93:79:71:22:c0:
69:97:03:3f:6c:6d:c8:a7:d6:b5:04:12:cc:63:03:
a7:c2:62:b8:c8:df:d0:67:09:ce:ea:da:30:4a:12:
76:a1:90:bb:a1:3b:6c:ad:ce:f9:87:4e:8c:68:e0:
4f:30:9d:21:bc:76:2b:1c:42:b8:64:1a:33:33:9f:
18:93:28:f6:9b:67:67:3b:1f:55:46:68:b2:e5:b8:
bb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:1C:CF:D0:79:34:7D:A4:6D:52:43:68:BB:CC:8D:B0:6B:22:8E:5E
X509v3 Authority Key Identifier:
keyid:3A:C7:8F:33:E8:E1:18:73:27:66:7F:A9:4F:D7:44:6B:8D:91:E5:B4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/OsePM-jhGHMnZn-pT9dEa42R5bQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/2BzP0Hk0faRtUkNou8yNsGsijl4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/5edaaf-3327-43ed-90b1-dc01f4b4bae4/1/OsePM-jhGHMnZn-pT9dEa42R5bQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.178.184.0-185.178.186.255
193.25.200.0/24
IPv6:
2a07:6780::/29
2a0a:6680:bee::/48
2a0a:6680:1000::-2a0a:6680:2fff:ffff:ffff:ffff:ffff:ffff
2a0a:6680:b300::/40
2a0a:6680:bee1::/48
2a0a:6680:bee5::-2a0a:6680:bee6:ffff:ffff:ffff:ffff:ffff
2a0a:6680:cc91::/48
Signature Algorithm: sha256WithRSAEncryption
80:93:bf:dc:19:38:ed:02:75:a3:70:43:55:52:10:73:9e:e5:
49:6f:f7:a1:4c:de:7d:80:27:ee:fa:50:59:56:b6:60:84:c5:
dc:9c:0e:48:08:7e:85:b1:2b:16:5f:2e:42:13:a5:40:e8:2c:
d4:d0:f6:b6:96:96:b4:45:a3:16:a3:30:1b:42:62:30:91:e0:
46:af:ef:38:ee:ce:8c:96:f4:12:57:72:d0:ad:91:97:75:c8:
98:9e:ad:6d:3e:55:f6:f8:1f:05:64:d3:b9:88:55:d7:75:ed:
3a:87:ec:4d:07:1f:e1:d1:31:d1:37:0a:92:b6:21:0c:a7:04:
5b:14:d1:86:8c:b1:4a:15:98:3c:27:21:ad:28:1b:d0:41:ea:
1c:60:7c:f7:b9:df:4a:2c:cc:60:fc:5a:e7:2e:88:67:e7:65:
2b:24:24:38:aa:7c:57:8a:8c:12:17:ba:22:b3:92:bb:74:85:
54:b4:b6:38:1d:b0:9b:cb:ff:5f:b8:f7:cd:34:75:20:e1:e9:
65:2c:ae:be:06:cc:11:0e:38:1b:86:5b:fa:63:99:a7:b7:c1:
75:ec:a3:85:d2:bb:e2:c0:29:9e:54:16:f2:bf:2f:f9:67:c9:
53:00:38:05:72:81:57:9c:9e:e1:95:17:85:59:d1:09:7d:7b:
4a:13:0a:8f
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAY5Rz5+/gzvb99JQ1E4Bo1pdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNhYzc4ZjMzZThlMTE4NzMyNzY2N2ZhOTRmZDc0NDZiOGQ5
MWU1YjQwHhcNMjQwMzE4MTM0NTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODFjY2ZkMDc5MzQ3ZGE0NmQ1MjQzNjhiYmNjOGRiMDZiMjI4ZTVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmeZ6wlCc8e40ciwMQ4R8UBK7I0PR
2S7VHm50bC6e4roq6kZgRCDqHx0/6dAVO5lhBpabzGjcriTXA5KUMOKiCw+8Cwxn
bUFSJAXQzqN0EM/fLVO5IU35CyViibzpylF6ixP9XXJMdVZHzNoFO7UAgB2ZvwF6
G+2IIF6kvnAho/7qu7SVUVNNd4DGhYJglsd39nWEpam5InbVfUxfKkdknenEB/J+
qaxkB158Z0Kek3lxIsBplwM/bG3Ip9a1BBLMYwOnwmK4yN/QZwnO6towShJ2oZC7
oTtsrc75h06MaOBPMJ0hvHYrHEK4ZBozM58Ykyj2m2dnOx9VRmiy5bi70QIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFNgcz9B5NH2kbVJDaLvMjbBrIo5eMB8GA1UdIwQY
MBaAFDrHjzPo4RhzJ2Z/qU/XRGuNkeW0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvT3NlUE0tamhHSE1uWm4tcFQ5ZEVhNDJSNWJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy81ZWRhYWYtMzMyNy00M2VkLTkwYjEt
ZGMwMWY0YjRiYWU0LzEvMkJ6UDBIazBmYVJ0VWtOb3U4eU5zR3Npamw0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy81ZWRhYWYtMzMyNy00M2VkLTkwYjEtZGMwMWY0YjRiYWU0
LzEvT3NlUE0tamhHSE1uWm4tcFQ5ZEVhNDJSNWJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwGgQCAAEwFDAMAwQDubK4
AwQAubK6AwQAwRnIMFYEAgACMFADBQMqB2eAAwcAKgpmgAvuMBADBgQqCmaAEAMG
BCoKZoAgAwYAKgpmgLMDBwAqCmaAvuEwEgMHACoKZoC+5QMHACoKZoC+5gMHACoK
ZoDMkTANBgkqhkiG9w0BAQsFAAOCAQEAgJO/3Bk47QJ1o3BDVVIQc57lSW/3oUze
fYAn7vpQWVa2YITF3JwOSAh+hbErFl8uQhOlQOgs1ND2tpaWtEWjFqMwG0JiMJHg
Rq/vOO7OjJb0Eldy0K2Rl3XImJ6tbT5V9vgfBWTTuYhV13XtOofsTQcf4dEx0TcK
krYhDKcEWxTRhoyxShWYPCchrSgb0EHqHGB897nfSizMYPxa5y6IZ+dlKyQkOKp8
V4qMEhe6IrOSu3SFVLS2OB2wm8v/X7j3zTR1IOHpZSyuvgbMEQ44G4Zb+mOZp7fB
deyjhdK74sApnlQW8r8v+WfJUwA4BXKBV5ye4ZUXhVnRCX17ShMKjw==
-----END CERTIFICATE-----
Generated at Sat Jun 8 06:02:40 2024 by rpki-client on console-ams.rpki-client.org