Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/38MOrLb1UJ0T8ihCJv07A6lSIws.roa
File: 38MOrLb1UJ0T8ihCJv07A6lSIws.roa (raw, json)
Hash identifier: Z6FnfDeG0oO0J7ilSL38p+GDG6a/1of9eR+CyT5IQQc=
Subject key identifier: DF:C3:0E:AC:B6:F5:50:9D:13:F2:28:42:26:FD:3B:03:A9:52:23:0B
Certificate issuer: /CN=86d648bdba965461b1e8c11b9dd436c61382873c
Certificate serial: 018FCA10299D743282D7631925C98BB3A16D
Authority key identifier: 86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/38MOrLb1UJ0T8ihCJv07A6lSIws.roa
Signing time: Thu 30 May 2024 15:13:27 +0000
ROA not before: Thu 30 May 2024 15:13:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 34665
IP address blocks: 147.45.34.0/24 maxlen: 24
147.45.36.0/24 maxlen: 24
147.45.192.0/24 maxlen: 24
147.45.207.0/24 maxlen: 24
193.233.30.0/24 maxlen: 24
193.233.61.0/24 maxlen: 24
193.233.197.0/24 maxlen: 24
193.233.234.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.mft
rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 11:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:ca:10:29:9d:74:32:82:d7:63:19:25:c9:8b:b3:a1:6d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86d648bdba965461b1e8c11b9dd436c61382873c
Validity
Not Before: May 30 15:13:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=dfc30eacb6f5509d13f2284226fd3b03a952230b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:4b:12:d1:7b:0a:c6:84:f1:79:74:cd:0d:77:
cc:1f:19:2c:fe:ba:f0:ad:53:68:a3:7f:47:9c:65:
0b:e2:2c:82:bf:fb:9b:43:85:0d:cd:93:bc:27:8e:
47:0b:76:81:98:22:42:f7:e8:b0:40:4a:67:16:0a:
d2:2c:c7:ce:fc:3c:33:e1:1f:d9:63:c1:f8:09:10:
7a:9f:68:7f:58:98:24:48:92:f5:0f:77:67:ad:10:
91:8c:5d:e8:a8:f2:17:d4:80:32:07:b0:7e:64:33:
0f:d2:d9:59:38:cc:33:e6:7a:ec:31:da:0e:96:5e:
9f:46:13:78:74:71:26:86:26:4a:f0:9f:4d:8d:0a:
21:eb:4f:5d:54:da:fb:20:81:11:64:10:30:34:0a:
14:0b:d3:67:8c:0f:cd:16:31:0e:e3:bf:68:c7:99:
0f:d8:ba:9d:5f:78:32:71:ac:41:1d:8a:ef:34:c5:
76:9b:4b:75:f9:6c:cd:8b:72:b7:30:ab:a2:76:c9:
d7:f1:70:38:fb:e9:11:bb:4c:dc:c0:be:f5:d2:4e:
64:f0:9f:80:85:f9:cf:39:ef:00:51:e2:ed:6f:01:
cc:0b:fc:07:9e:5f:1e:6f:37:54:22:24:36:b8:c7:
01:e7:85:46:3e:fa:0b:2e:d9:9f:40:3f:98:8e:d7:
d6:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:C3:0E:AC:B6:F5:50:9D:13:F2:28:42:26:FD:3B:03:A9:52:23:0B
X509v3 Authority Key Identifier:
keyid:86:D6:48:BD:BA:96:54:61:B1:E8:C1:1B:9D:D4:36:C6:13:82:87:3C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/htZIvbqWVGGx6MEbndQ2xhOChzw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/38MOrLb1UJ0T8ihCJv07A6lSIws.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0c/ac58ea-c459-48ca-b82b-4dec4dafee49/1/htZIvbqWVGGx6MEbndQ2xhOChzw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.45.34.0/24
147.45.36.0/24
147.45.192.0/24
147.45.207.0/24
193.233.30.0/24
193.233.61.0/24
193.233.197.0/24
193.233.234.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:66:4a:ff:67:20:f4:96:28:af:ef:84:8a:94:26:c9:5e:7d:
66:83:a1:24:15:bb:bf:3c:45:fb:31:bb:15:a1:f6:54:a9:6e:
b5:57:5f:5a:2f:2b:03:4c:46:a4:12:c2:fd:dd:41:6b:d8:15:
fa:09:fa:4e:2d:1b:a0:7b:cd:0a:07:10:94:24:56:6a:08:a2:
c9:dd:a4:72:8f:5a:13:d5:10:27:78:ca:9a:63:4a:24:1b:4b:
05:14:ad:27:a1:bd:85:07:89:e5:27:d9:73:a7:18:3d:c6:c8:
bc:4b:6a:f3:8d:56:1f:82:2d:7f:68:6a:6b:cc:b4:a4:97:82:
1c:7a:46:8a:fd:fe:dd:ca:f4:66:ab:f3:4c:0f:6b:a4:80:5c:
57:33:1f:06:d4:e1:08:d1:76:d9:b1:8e:7f:9d:15:ac:fb:bb:
28:af:8b:f1:c4:5a:8a:82:fd:13:f2:f6:25:4f:1e:b2:a7:6d:
d5:54:61:5e:c8:7f:ba:a5:c9:a9:20:63:7a:a1:7d:b4:bb:62:
c6:8c:c0:a7:25:68:4b:cc:8b:a3:c9:e6:b5:95:2c:cd:cc:1c:
82:48:58:13:b3:b8:fd:75:45:90:71:72:fb:91:58:cb:51:a0:
c0:f9:7c:95:f4:8e:48:c9:80:7b:13:59:13:a4:4b:9c:60:a9:
7e:3d:11:fd
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAY/KECmddDKC12MZJcmLs6FtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZDY0OGJkYmE5NjU0NjFiMWU4YzExYjlkZDQzNmM2MTM4
Mjg3M2MwHhcNMjQwNTMwMTUxMzI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmMzMGVhY2I2ZjU1MDlkMTNmMjI4NDIyNmZkM2IwM2E5NTIyMzBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo0sS0XsKxoTxeXTNDXfMHxks/rrw
rVNoo39HnGUL4iyCv/ubQ4UNzZO8J45HC3aBmCJC9+iwQEpnFgrSLMfO/Dwz4R/Z
Y8H4CRB6n2h/WJgkSJL1D3dnrRCRjF3oqPIX1IAyB7B+ZDMP0tlZOMwz5nrsMdoO
ll6fRhN4dHEmhiZK8J9NjQoh609dVNr7IIERZBAwNAoUC9NnjA/NFjEO479ox5kP
2LqdX3gycaxBHYrvNMV2m0t1+WzNi3K3MKuidsnX8XA4++kRu0zcwL710k5k8J+A
hfnPOe8AUeLtbwHMC/wHnl8ebzdUIiQ2uMcB54VGPvoLLtmfQD+YjtfWeQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFN/DDqy29VCdE/IoQib9OwOpUiMLMB8GA1UdIwQY
MBaAFIbWSL26llRhsejBG53UNsYTgoc8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmIt
NGRlYzRkYWZlZTQ5LzEvMzhNT3JMYjFVSjBUOGloQ0p2MDdBNmxTSXdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYy9hYzU4ZWEtYzQ1OS00OGNhLWI4MmItNGRlYzRkYWZlZTQ5
LzEvaHRaSXZicVdWR0d4Nk1FYm5kUTJ4aE9DaHp3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQAky0iAwQA
ky0kAwQAky3AAwQAky3PAwQAwekeAwQAwek9AwQAwenFAwQAwenqMA0GCSqGSIb3
DQEBCwUAA4IBAQBaZkr/ZyD0liiv74SKlCbJXn1mg6EkFbu/PEX7MbsVofZUqW61
V19aLysDTEakEsL93UFr2BX6CfpOLRuge80KBxCUJFZqCKLJ3aRyj1oT1RAneMqa
Y0okG0sFFK0nob2FB4nlJ9lzpxg9xsi8S2rzjVYfgi1/aGprzLSkl4IcekaK/f7d
yvRmq/NMD2ukgFxXMx8G1OEI0XbZsY5/nRWs+7sor4vxxFqKgv0T8vYlTx6yp23V
VGFeyH+6pcmpIGN6oX20u2LGjMCnJWhLzIujyea1lSzNzByCSFgTs7j9dUWQcXL7
kVjLUaDA+XyV9I5IyYB7E1kTpEucYKl+PRH9
-----END CERTIFICATE-----
Generated at Fri Nov 22 14:32:08 2024 by rpki-client on console-ams.rpki-client.org