Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/OvhDOoNUuu8gSGBwUm_AFQzVw8Q.roa
File: OvhDOoNUuu8gSGBwUm_AFQzVw8Q.roa (raw, json)
Hash identifier: GemDcA50H7AlcemdGTZF0joLUqpH29m1/w9X9RL8ckw=
Subject key identifier: 3A:F8:43:3A:83:54:BA:EF:20:48:60:70:52:6F:C0:15:0C:D5:C3:C4
Certificate issuer: /CN=e85b83c87c4a3d8315025379f72987520bb5d046
Certificate serial: 018CC2DB05A41F8619331D58C067274E1800
Authority key identifier: E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/OvhDOoNUuu8gSGBwUm_AFQzVw8Q.roa
Signing time: Mon 01 Jan 2024 02:29:42 +0000
ROA not before: Mon 01 Jan 2024 02:29:42 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20910
IP address blocks: 89.191.96.0/19 maxlen: 32
91.188.32.0/19 maxlen: 32
85.115.96.0/19 maxlen: 32
79.132.64.0/19 maxlen: 32
93.177.192.0/18 maxlen: 32
62.84.0.0/19 maxlen: 32
185.144.184.0/22 maxlen: 32
188.112.128.0/18 maxlen: 32
77.38.128.0/17 maxlen: 32
89.18.192.0/19 maxlen: 32
195.244.128.0/20 maxlen: 32
91.123.64.0/20 maxlen: 32
62.205.192.0/18 maxlen: 18
87.226.0.0/17 maxlen: 32
217.198.224.0/20 maxlen: 32
213.180.96.0/19 maxlen: 32
195.62.128.0/19 maxlen: 32
94.30.128.0/17 maxlen: 32
217.199.96.0/19 maxlen: 32
217.24.64.0/20 maxlen: 32
79.135.128.0/19 maxlen: 32
80.254.208.0/20 maxlen: 32
85.234.160.0/19 maxlen: 32
109.110.0.0/19 maxlen: 32
91.142.0.0/20 maxlen: 32
136.169.0.0/17 maxlen: 17
89.201.0.0/17 maxlen: 32
2a00:f4a0::/29 maxlen: 29
2a00:9000::/29 maxlen: 32
2a03:6740::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/6FuDyHxKPYMVAlN59ymHUgu10EY.crl
rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/6FuDyHxKPYMVAlN59ymHUgu10EY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 11 Jun 2024 23:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:05:a4:1f:86:19:33:1d:58:c0:67:27:4e:18:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e85b83c87c4a3d8315025379f72987520bb5d046
Validity
Not Before: Jan 1 02:29:42 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3af8433a8354baef20486070526fc0150cd5c3c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:54:4c:7f:b7:ff:4d:c2:85:17:10:86:37:6b:
e1:4a:d6:42:15:11:a0:94:85:24:db:6a:62:1d:6f:
af:0b:7c:3c:fd:3d:c5:3b:74:0d:da:51:67:0b:32:
59:4f:9d:d4:d1:b6:63:0a:49:8b:9b:83:e8:fd:f5:
01:f8:6a:b3:c2:97:7e:aa:77:a0:32:cb:69:73:7c:
bb:fc:f4:fa:8d:d1:ff:49:e6:0b:b4:7f:64:75:0b:
48:2f:d6:54:05:06:ad:b5:ff:92:a6:0a:d6:4f:c1:
e7:b7:7c:28:38:dd:ec:a7:ce:6a:48:6c:c7:b7:44:
d5:51:71:1c:03:05:c4:d3:42:60:f8:1e:c1:23:98:
c0:9d:cd:e8:50:bd:03:95:e2:03:d9:0e:27:06:68:
10:07:1b:91:f4:fb:84:a3:97:3c:ce:94:bb:48:04:
85:65:6e:f3:dc:8f:2e:66:13:93:54:9e:1b:d8:7b:
6e:1c:87:5b:3c:e4:db:be:32:fb:80:a4:a7:1e:57:
89:cd:ac:b9:64:b6:10:56:af:22:fe:d0:52:68:aa:
66:67:04:b4:17:26:1f:a8:5e:e5:37:b6:2d:44:c6:
e8:ad:0c:c5:32:f1:26:e8:c4:ae:58:d5:06:a2:6d:
82:25:fb:65:a0:2c:64:74:41:8f:76:ac:ca:56:44:
c8:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:F8:43:3A:83:54:BA:EF:20:48:60:70:52:6F:C0:15:0C:D5:C3:C4
X509v3 Authority Key Identifier:
keyid:E8:5B:83:C8:7C:4A:3D:83:15:02:53:79:F7:29:87:52:0B:B5:D0:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6FuDyHxKPYMVAlN59ymHUgu10EY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/OvhDOoNUuu8gSGBwUm_AFQzVw8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/04/3394e3-736e-4879-b8db-89aaea36285e/1/6FuDyHxKPYMVAlN59ymHUgu10EY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.84.0.0/19
62.205.192.0/18
77.38.128.0/17
79.132.64.0/19
79.135.128.0/19
80.254.208.0/20
85.115.96.0/19
85.234.160.0/19
87.226.0.0/17
89.18.192.0/19
89.191.96.0/19
89.201.0.0/17
91.123.64.0/20
91.142.0.0/20
91.188.32.0/19
93.177.192.0/18
94.30.128.0/17
109.110.0.0/19
136.169.0.0/17
185.144.184.0/22
188.112.128.0/18
195.62.128.0/19
195.244.128.0/20
213.180.96.0/19
217.24.64.0/20
217.198.224.0/20
217.199.96.0/19
IPv6:
2a00:9000::/29
2a00:f4a0::/29
2a03:6740::/29
Signature Algorithm: sha256WithRSAEncryption
42:d5:e4:41:2c:c7:9e:04:06:76:c6:41:d6:39:d5:41:15:40:
04:5c:ed:f6:13:4a:7f:d9:ae:35:29:45:58:e8:58:0c:95:f1:
ac:ca:0f:d8:04:30:01:15:d5:45:a1:b8:db:ea:4c:bf:23:1d:
28:84:d3:02:9d:24:fd:63:36:91:89:aa:b4:88:9b:51:a4:45:
26:f4:9b:4c:c3:e5:5b:f3:b9:15:6b:5f:14:9f:f9:0c:b9:6b:
16:62:46:39:70:3e:a3:04:dd:f1:56:4d:e0:5e:de:64:d2:d8:
55:3b:c5:42:1f:56:72:d4:4a:91:df:b5:60:4b:76:82:4c:78:
9a:00:f2:04:16:6c:75:20:70:5c:f1:7d:13:3d:2e:40:5a:87:
cb:2c:70:b4:93:34:f2:0e:68:90:16:47:67:ff:04:ad:9a:4f:
85:c4:27:a9:99:8a:9a:b6:57:79:0d:99:ae:13:14:3f:29:51:
3d:a0:25:0a:67:45:34:fc:c7:46:16:ff:53:16:21:63:4e:14:
dd:31:26:4c:dd:03:42:e0:89:75:bf:87:75:b2:07:56:3a:cc:
00:c8:b6:df:c5:93:f1:4d:1e:1d:d5:fd:cf:fb:53:5a:c6:6c:
82:d0:8c:b7:28:5f:af:4b:3b:30:3a:0b:23:93:80:f2:63:77:
ef:84:d8:57
-----BEGIN CERTIFICATE-----
MIIFuzCCBKOgAwIBAgISAYzC2wWkH4YZMx1YwGcnThgAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NWI4M2M4N2M0YTNkODMxNTAyNTM3OWY3Mjk4NzUyMGJi
NWQwNDYwHhcNMjQwMTAxMDIyOTQyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYWY4NDMzYTgzNTRiYWVmMjA0ODYwNzA1MjZmYzAxNTBjZDVjM2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA01RMf7f/TcKFFxCGN2vhStZCFRGg
lIUk22piHW+vC3w8/T3FO3QN2lFnCzJZT53U0bZjCkmLm4Po/fUB+Gqzwpd+qneg
Mstpc3y7/PT6jdH/SeYLtH9kdQtIL9ZUBQattf+SpgrWT8Hnt3woON3sp85qSGzH
t0TVUXEcAwXE00Jg+B7BI5jAnc3oUL0DleID2Q4nBmgQBxuR9PuEo5c8zpS7SASF
ZW7z3I8uZhOTVJ4b2HtuHIdbPOTbvjL7gKSnHleJzay5ZLYQVq8i/tBSaKpmZwS0
FyYfqF7lN7YtRMborQzFMvEm6MSuWNUGom2CJftloCxkdEGPdqzKVkTIHwIDAQAB
o4ICxzCCAsMwHQYDVR0OBBYEFDr4QzqDVLrvIEhgcFJvwBUM1cPEMB8GA1UdIwQY
MBaAFOhbg8h8Sj2DFQJTefcph1ILtdBGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGIt
ODlhYWVhMzYyODVlLzEvT3ZoRE9vTlV1dThnU0dCd1VtX0FGUXpWdzhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNC8zMzk0ZTMtNzM2ZS00ODc5LWI4ZGItODlhYWVhMzYyODVl
LzEvNkZ1RHlIeEtQWU1WQWxONTl5bUhVZ3UxMEVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHcBggrBgEFBQcBBwEB/wSBzDCByTCBqQQCAAEwgaIDBAU+
VAADBAY+zcADBAdNJoADBAVPhEADBAVPh4ADBARQ/tADBAVVc2ADBAVV6qADBAdX
4gADBAVZEsADBAVZv2ADBAdZyQADBARbe0ADBARbjgADBAVbvCADBAZdscADBAde
HoADBAVtbgADBAeIqQADBAK5kLgDBAa8cIADBAXDPoADBATD9IADBAXVtGADBATZ
GEADBATZxuADBAXZx2AwGwQCAAIwFQMFAyoAkAADBQMqAPSgAwUDKgNnQDANBgkq
hkiG9w0BAQsFAAOCAQEAQtXkQSzHngQGdsZB1jnVQRVABFzt9hNKf9muNSlFWOhY
DJXxrMoP2AQwARXVRaG42+pMvyMdKITTAp0k/WM2kYmqtIibUaRFJvSbTMPlW/O5
FWtfFJ/5DLlrFmJGOXA+owTd8VZN4F7eZNLYVTvFQh9WctRKkd+1YEt2gkx4mgDy
BBZsdSBwXPF9Ez0uQFqHyyxwtJM08g5okBZHZ/8ErZpPhcQnqZmKmrZXeQ2ZrhMU
PylRPaAlCmdFNPzHRhb/UxYhY04U3TEmTN0DQuCJdb+HdbIHVjrMAMi238WT8U0e
HdX9z/tTWsZsgtCMtyhfr0s7MDoLI5OA8mN374TYVw==
-----END CERTIFICATE-----
Generated at Tue Jun 11 07:31:11 2024 by rpki-client on console-ams.rpki-client.org