Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/ohrUpMZ6Mkuwqnn-WZrVPff--ps.roa
File: ohrUpMZ6Mkuwqnn-WZrVPff--ps.roa (raw, json)
Hash identifier: dvXTZncTMXjFFHeDJynEM0qDUK97YoKKQZR2vjH+itw=
Subject key identifier: A2:1A:D4:A4:C6:7A:32:4B:B0:AA:79:FE:59:9A:D5:3D:F7:FE:FA:9B
Certificate issuer: /CN=d9f9fa7b944f7e7c60d73ef10b776fc27995a4ed
Certificate serial: 018D4490B86CB178DCCF356F7EB4BAF6A690
Authority key identifier: D9:F9:FA:7B:94:4F:7E:7C:60:D7:3E:F1:0B:77:6F:C2:79:95:A4:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/ohrUpMZ6Mkuwqnn-WZrVPff--ps.roa
Signing time: Fri 26 Jan 2024 06:59:11 +0000
ROA not before: Fri 26 Jan 2024 06:59:11 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 20661
IP address blocks: 95.85.96.0/19 maxlen: 19
95.85.96.0/24 maxlen: 24
95.85.98.0/24 maxlen: 24
95.85.99.0/24 maxlen: 24
95.85.100.0/22 maxlen: 22
95.85.100.0/24 maxlen: 24
95.85.101.0/24 maxlen: 24
95.85.104.0/22 maxlen: 22
95.85.104.0/24 maxlen: 24
95.85.121.0/24 maxlen: 24
103.220.0.0/22 maxlen: 22
119.235.112.0/20 maxlen: 20
177.93.143.0/24 maxlen: 24
185.69.184.0/24 maxlen: 24
216.250.8.0/21 maxlen: 21
217.174.224.0/20 maxlen: 20
2a05:2180::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/2fn6e5RPfnxg1z7xC3dvwnmVpO0.crl
rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/2fn6e5RPfnxg1z7xC3dvwnmVpO0.mft
rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 16 May 2024 12:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8d:44:90:b8:6c:b1:78:dc:cf:35:6f:7e:b4:ba:f6:a6:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d9f9fa7b944f7e7c60d73ef10b776fc27995a4ed
Validity
Not Before: Jan 26 06:59:11 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a21ad4a4c67a324bb0aa79fe599ad53df7fefa9b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:fc:41:b3:19:f9:5c:54:82:b1:3a:85:1e:ec:
65:63:7c:b9:f1:f0:77:2f:3c:66:3f:14:4d:c8:9e:
50:af:a4:c1:91:94:bd:f7:f9:10:b3:eb:1c:b2:aa:
83:d2:f5:85:2f:2b:49:5d:6a:eb:8d:e2:5d:e6:35:
78:07:87:93:eb:93:b5:17:fd:c0:38:3d:3e:84:8c:
85:f0:b6:ff:0c:22:07:cb:24:7e:2f:15:46:f1:70:
75:a4:81:ef:91:88:65:bf:5c:64:eb:ab:6d:c2:f8:
f6:46:e3:a3:35:13:8a:86:ab:53:93:1a:f2:65:6b:
80:e6:33:aa:57:5b:04:da:ca:ae:e4:df:46:2f:86:
2b:46:c5:28:92:ba:75:51:52:05:48:be:68:db:c4:
85:41:3c:f8:98:15:15:5a:a7:3e:c8:32:ec:50:73:
2d:c4:6d:e9:a6:f6:9a:70:fc:ab:f5:d2:80:eb:bd:
f6:6d:7b:ac:b9:10:1d:9c:50:64:1d:79:79:17:71:
f2:5f:24:3a:91:a2:75:a9:92:f9:a8:96:ec:c9:59:
dc:99:9b:03:0e:bd:8d:23:3f:cb:42:a5:0b:a2:28:
e7:99:86:8a:53:61:24:05:29:93:32:c3:86:86:e6:
09:8a:a2:16:f4:35:da:b8:8f:30:62:b2:6f:73:61:
3e:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:1A:D4:A4:C6:7A:32:4B:B0:AA:79:FE:59:9A:D5:3D:F7:FE:FA:9B
X509v3 Authority Key Identifier:
keyid:D9:F9:FA:7B:94:4F:7E:7C:60:D7:3E:F1:0B:77:6F:C2:79:95:A4:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2fn6e5RPfnxg1z7xC3dvwnmVpO0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/ohrUpMZ6Mkuwqnn-WZrVPff--ps.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/08/9d4203-2eee-41de-8d85-08bf22f64097/1/2fn6e5RPfnxg1z7xC3dvwnmVpO0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.85.96.0/19
103.220.0.0/22
119.235.112.0/20
177.93.143.0/24
185.69.184.0/24
216.250.8.0/21
217.174.224.0/20
IPv6:
2a05:2180::/29
Signature Algorithm: sha256WithRSAEncryption
63:eb:a4:40:64:d4:d8:d1:47:72:7f:ef:53:61:81:9d:c7:b1:
6e:01:94:e8:be:51:8e:83:21:48:20:02:df:ef:f1:85:a0:f1:
d3:49:02:51:e2:51:59:68:7a:fd:d8:9a:c2:ad:41:8e:55:ab:
89:69:3b:ef:68:37:4d:f8:d6:0e:57:e2:78:5f:df:54:d7:6d:
c4:bc:21:c4:c5:1c:75:cb:19:db:17:ed:5c:e1:64:99:0a:e5:
5f:ae:34:9d:a2:71:fa:36:2f:61:6e:9b:1c:ba:d4:35:da:b6:
a3:78:2a:ac:0a:70:7f:cd:e8:9b:33:5c:a7:95:f6:b8:cb:3a:
33:26:2c:08:72:7a:5f:10:b9:16:cc:e3:61:3a:01:3b:eb:1f:
98:a5:5e:8c:58:40:97:4e:dc:bd:f3:fc:fe:32:be:f6:4b:35:
4c:3b:63:3d:24:f1:2e:f0:d4:0f:ad:40:3b:b0:ed:cf:d0:b9:
bf:9b:17:e3:a3:0e:37:93:b9:32:c9:75:76:26:d2:24:13:11:
9a:60:24:0f:ca:e0:b9:e1:55:c6:3a:6e:10:bc:1c:61:97:96:
30:f4:7b:f0:1f:b4:b5:fa:f9:6a:9c:5b:57:f9:4e:a1:3e:b8:
41:da:58:72:dc:2a:5d:19:a9:5b:5d:dc:5c:b4:45:af:c0:b9:
73:9d:2d:49
-----BEGIN CERTIFICATE-----
MIIFMDCCBBigAwIBAgISAY1EkLhssXjczzVvfrS69qaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ5ZjlmYTdiOTQ0ZjdlN2M2MGQ3M2VmMTBiNzc2ZmMyNzk5
NWE0ZWQwHhcNMjQwMTI2MDY1OTExWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjFhZDRhNGM2N2EzMjRiYjBhYTc5ZmU1OTlhZDUzZGY3ZmVmYTliMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApPxBsxn5XFSCsTqFHuxlY3y58fB3
LzxmPxRNyJ5Qr6TBkZS99/kQs+scsqqD0vWFLytJXWrrjeJd5jV4B4eT65O1F/3A
OD0+hIyF8Lb/DCIHyyR+LxVG8XB1pIHvkYhlv1xk66ttwvj2RuOjNROKhqtTkxry
ZWuA5jOqV1sE2squ5N9GL4YrRsUokrp1UVIFSL5o28SFQTz4mBUVWqc+yDLsUHMt
xG3ppvaacPyr9dKA6732bXusuRAdnFBkHXl5F3HyXyQ6kaJ1qZL5qJbsyVncmZsD
Dr2NIz/LQqULoijnmYaKU2EkBSmTMsOGhuYJiqIW9DXauI8wYrJvc2E+WwIDAQAB
o4ICPDCCAjgwHQYDVR0OBBYEFKIa1KTGejJLsKp5/lma1T33/vqbMB8GA1UdIwQY
MBaAFNn5+nuUT358YNc+8Qt3b8J5laTtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMmZuNmU1UlBmbnhnMXo3eEMzZHZ3bm1WcE8wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOC85ZDQyMDMtMmVlZS00MWRlLThkODUt
MDhiZjIyZjY0MDk3LzEvb2hyVXBNWjZNa3V3cW5uLVdaclZQZmYtLXBzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOC85ZDQyMDMtMmVlZS00MWRlLThkODUtMDhiZjIyZjY0MDk3
LzEvMmZuNmU1UlBmbnhnMXo3eEMzZHZ3bm1WcE8wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFIGCCsGAQUFBwEHAQH/BEMwQTAwBAIAATAqAwQFX1VgAwQC
Z9wAAwQEd+twAwQAsV2PAwQAuUW4AwQD2PoIAwQE2a7gMA0EAgACMAcDBQMqBSGA
MA0GCSqGSIb3DQEBCwUAA4IBAQBj66RAZNTY0Udyf+9TYYGdx7FuAZTovlGOgyFI
IALf7/GFoPHTSQJR4lFZaHr92JrCrUGOVauJaTvvaDdN+NYOV+J4X99U123EvCHE
xRx1yxnbF+1c4WSZCuVfrjSdonH6Ni9hbpscutQ12rajeCqsCnB/zeibM1ynlfa4
yzozJiwIcnpfELkWzONhOgE76x+YpV6MWECXTty98/z+Mr72SzVMO2M9JPEu8NQP
rUA7sO3P0Lm/mxfjow43k7kyyXV2JtIkExGaYCQPyuC54VXGOm4QvBxhl5Yw9Hvw
H7S1+vlqnFtX+U6hPrhB2lhy3CpdGalbXdxctEWvwLlznS1J
-----END CERTIFICATE-----
Generated at Wed May 15 16:10:11 2024 by rpki-client on console-ams.rpki-client.org