Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/OekVUlL62k3MfmorH64N4csCLHk.roa
File: OekVUlL62k3MfmorH64N4csCLHk.roa (raw, json)
Hash identifier: xQ9rcTAtQmygtTqy6Ajl+ad6ty0/daQ/dFCY09VssX8=
Subject key identifier: 39:E9:15:52:52:FA:DA:4D:CC:7E:6A:2B:1F:AE:0D:E1:CB:02:2C:79
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0192B45A696FED3BEA5A29640F5FD6168D63
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/OekVUlL62k3MfmorH64N4csCLHk.roa
Signing time: Tue 22 Oct 2024 13:11:16 +0000
ROA not before: Tue 22 Oct 2024 13:11:16 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 202759
IP address blocks: 95.156.206.0/24 maxlen: 24
185.193.49.0/24 maxlen: 24
188.214.36.0/24 maxlen: 24
188.214.37.0/24 maxlen: 24
2a03:f80:372::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:b4:5a:69:6f:ed:3b:ea:5a:29:64:0f:5f:d6:16:8d:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Oct 22 13:11:16 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=39e9155252fada4dcc7e6a2b1fae0de1cb022c79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:73:07:75:3e:f8:ee:c1:ed:ac:9b:52:4b:8c:
00:19:9c:c1:e6:aa:d3:2f:40:c3:76:99:60:a6:40:
ad:c4:25:19:9d:56:42:28:46:c1:e9:da:c7:bc:ab:
35:60:a0:22:7d:43:ad:3d:54:8e:37:ac:e0:7b:cd:
bd:5f:00:45:7d:2c:f3:64:87:d4:4b:7f:cb:21:21:
74:50:70:0f:66:66:fc:cd:1a:17:cd:32:30:75:21:
2d:51:91:1f:8b:27:98:41:73:c3:b6:35:df:fd:ef:
1d:c8:a8:3b:82:e7:cd:d7:27:67:de:cb:c7:2f:21:
2f:3d:51:43:19:56:8b:03:b3:f8:6b:b3:2e:1b:19:
b7:1a:fd:6c:ec:69:b7:34:c5:f4:b7:8f:1f:72:9b:
31:c0:d2:51:79:12:35:a0:a1:d3:93:72:f4:67:63:
3c:26:d0:cf:a5:cc:23:1e:b9:a3:1b:16:02:4c:cb:
2d:70:86:61:d6:2a:99:8c:b8:2b:8c:e9:d1:4b:45:
f1:f0:f4:bd:c5:dd:16:5a:29:43:7a:ea:df:bd:88:
a4:15:a0:4b:6f:8e:b3:60:8b:23:f9:2f:49:a5:86:
5c:7f:99:31:1d:35:1a:05:cb:17:e4:89:ca:ae:48:
6c:56:2a:de:60:d1:a2:ff:bf:c0:0e:4a:80:28:7a:
5e:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:E9:15:52:52:FA:DA:4D:CC:7E:6A:2B:1F:AE:0D:E1:CB:02:2C:79
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/OekVUlL62k3MfmorH64N4csCLHk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.156.206.0/24
185.193.49.0/24
188.214.36.0/23
IPv6:
2a03:f80:372::/48
Signature Algorithm: sha256WithRSAEncryption
24:50:cb:76:06:d8:31:10:2d:9d:1f:ad:ce:a0:b0:66:d8:8d:
a9:ca:17:cb:5b:3d:c8:a9:9f:0f:d6:18:8a:4d:d4:75:19:94:
90:23:ee:7e:9a:bb:a0:00:bd:04:c2:90:3c:f2:93:07:b0:09:
31:ce:2e:6c:04:4a:28:6b:8b:72:0d:97:29:49:64:e9:5c:22:
e7:54:4c:28:38:58:52:3c:5a:d1:59:b6:72:e7:d5:cb:66:f0:
c9:f9:01:df:a2:18:fa:14:ac:83:fd:d0:c0:31:ac:7d:de:66:
9e:00:1a:ed:bd:30:63:de:58:2e:e2:61:a6:5b:95:4b:56:a2:
a1:e5:f5:af:6f:0f:11:bb:93:f4:46:29:f6:ca:7b:2e:55:d1:
e7:02:44:9c:3f:27:e8:9f:31:86:c1:cd:1c:9c:ed:c1:c8:c8:
b7:41:bf:78:97:83:f1:e2:27:c2:ca:88:02:65:d0:89:c6:d0:
de:d6:85:27:78:cc:e9:d1:3a:9a:d8:e7:c1:20:ea:4b:aa:2c:
00:c8:3e:95:28:1d:b5:b1:14:d0:b4:a4:44:f2:0b:cc:e7:95:
45:b3:e5:59:d3:b4:7c:48:e6:c2:c1:a2:3a:76:bb:5a:7d:dc:
b5:ce:03:96:36:35:b2:6a:cd:25:74:78:41:45:64:a0:8d:34:
f9:94:e2:10
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZK0Wmlv7TvqWilkD1/WFo1jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjQxMDIyMTMxMTE2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOWU5MTU1MjUyZmFkYTRkY2M3ZTZhMmIxZmFlMGRlMWNiMDIyYzc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3HMHdT747sHtrJtSS4wAGZzB5qrT
L0DDdplgpkCtxCUZnVZCKEbB6drHvKs1YKAifUOtPVSON6zge829XwBFfSzzZIfU
S3/LISF0UHAPZmb8zRoXzTIwdSEtUZEfiyeYQXPDtjXf/e8dyKg7gufN1ydn3svH
LyEvPVFDGVaLA7P4a7MuGxm3Gv1s7Gm3NMX0t48fcpsxwNJReRI1oKHTk3L0Z2M8
JtDPpcwjHrmjGxYCTMstcIZh1iqZjLgrjOnRS0Xx8PS9xd0WWilDeurfvYikFaBL
b46zYIsj+S9JpYZcf5kxHTUaBcsX5InKrkhsVireYNGi/7/ADkqAKHpeuwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFDnpFVJS+tpNzH5qKx+uDeHLAix5MB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvT2VrVlVsTDYyazNNZm1vckg2NE40Y3NDTEhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQAX5zOAwQA
ucExAwQBvNYkMA8EAgACMAkDBwAqAw+AA3IwDQYJKoZIhvcNAQELBQADggEBACRQ
y3YG2DEQLZ0frc6gsGbYjanKF8tbPcipnw/WGIpN1HUZlJAj7n6au6AAvQTCkDzy
kwewCTHOLmwESihri3INlylJZOlcIudUTCg4WFI8WtFZtnLn1ctm8Mn5Ad+iGPoU
rIP90MAxrH3eZp4AGu29MGPeWC7iYaZblUtWoqHl9a9vDxG7k/RGKfbKey5V0ecC
RJw/J+ifMYbBzRyc7cHIyLdBv3iXg/HiJ8LKiAJl0InG0N7WhSd4zOnROprY58Eg
6kuqLADIPpUoHbWxFNC0pETyC8znlUWz5VnTtHxI5sLBojp2u1p93LXOA5Y2NbJq
zSV0eEFFZKCNNPmU4hA=
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:17:47 2024 by rpki-client on console-ams.rpki-client.org