Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/13/f92b9f-4758-4428-a22c-9db57c3fe41d/1/O5tRNCoI7U2OqO_yWgHvFOiGnSM.roa
File: O5tRNCoI7U2OqO_yWgHvFOiGnSM.roa (raw, json)
Hash identifier: aEcJ92H8dPem322Iw272Hzn7BNcMc5r5z6IHx95soKs=
Subject key identifier: 3B:9B:51:34:2A:08:ED:4D:8E:A8:EF:F2:5A:01:EF:14:E8:86:9D:23
Certificate issuer: /CN=77bc91f78a3350bacbbfbe376f8813212d149931
Certificate serial: 018CC3B73606310957D1BF1357F01DC32257
Authority key identifier: 77:BC:91:F7:8A:33:50:BA:CB:BF:BE:37:6F:88:13:21:2D:14:99:31
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7yR94ozULrLv743b4gTIS0UmTE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/13/f92b9f-4758-4428-a22c-9db57c3fe41d/1/O5tRNCoI7U2OqO_yWgHvFOiGnSM.roa
Signing time: Mon 01 Jan 2024 06:30:13 +0000
ROA not before: Mon 01 Jan 2024 06:30:13 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 203223
IP address blocks: 185.153.12.0/22 maxlen: 22
185.141.184.0/22 maxlen: 22
146.0.208.0/22 maxlen: 22
212.15.64.0/20 maxlen: 20
2a07:2580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/13/f92b9f-4758-4428-a22c-9db57c3fe41d/1/d7yR94ozULrLv743b4gTIS0UmTE.crl
rsync://rpki.ripe.net/repository/DEFAULT/13/f92b9f-4758-4428-a22c-9db57c3fe41d/1/d7yR94ozULrLv743b4gTIS0UmTE.mft
rsync://rpki.ripe.net/repository/DEFAULT/d7yR94ozULrLv743b4gTIS0UmTE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Nov 2024 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c3:b7:36:06:31:09:57:d1:bf:13:57:f0:1d:c3:22:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77bc91f78a3350bacbbfbe376f8813212d149931
Validity
Not Before: Jan 1 06:30:13 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b9b51342a08ed4d8ea8eff25a01ef14e8869d23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:50:97:da:b4:1a:ed:56:79:d6:4f:e5:3e:d7:
e4:6a:97:54:fd:a6:d8:e4:3a:54:3b:f1:df:04:80:
bb:f8:95:af:d5:13:47:5d:20:34:49:c9:65:1e:fb:
ef:f1:9e:0a:01:a4:cb:79:0b:63:c7:3f:34:85:ff:
4f:e5:ca:f0:de:0a:92:e3:9e:63:c3:1d:a2:63:94:
68:24:eb:a2:ca:d4:4b:37:ff:a7:05:45:be:9f:43:
0d:3f:6c:e8:5c:2c:ac:cd:2d:2e:19:34:2d:86:9b:
8e:98:02:1f:21:af:d5:ec:d7:6e:8f:66:ac:24:3a:
63:2b:28:98:c7:1e:06:60:34:21:ee:71:20:31:39:
a6:c0:14:e1:c1:ec:bd:55:8b:b4:9b:9b:6d:06:de:
e1:f8:f0:1f:8d:28:d2:17:bf:66:41:ef:84:1b:96:
4d:06:14:6f:b1:c9:61:7b:ff:7d:01:6e:c2:0c:0a:
61:1c:52:4f:5a:11:06:0e:47:eb:ee:9b:0d:7d:bb:
8d:ff:31:a8:08:10:6a:54:70:84:f6:0f:6e:91:67:
ed:3f:ea:fc:8e:4b:4e:8c:fd:30:d7:7c:ec:96:9e:
64:91:a2:05:d4:07:7d:c0:2d:cc:b7:0a:0e:52:b9:
e8:49:e7:2c:29:03:c9:f9:39:77:6d:02:47:fe:0f:
18:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:9B:51:34:2A:08:ED:4D:8E:A8:EF:F2:5A:01:EF:14:E8:86:9D:23
X509v3 Authority Key Identifier:
keyid:77:BC:91:F7:8A:33:50:BA:CB:BF:BE:37:6F:88:13:21:2D:14:99:31
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7yR94ozULrLv743b4gTIS0UmTE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f92b9f-4758-4428-a22c-9db57c3fe41d/1/O5tRNCoI7U2OqO_yWgHvFOiGnSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/13/f92b9f-4758-4428-a22c-9db57c3fe41d/1/d7yR94ozULrLv743b4gTIS0UmTE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.0.208.0/22
185.141.184.0/22
185.153.12.0/22
212.15.64.0/20
IPv6:
2a07:2580::/29
Signature Algorithm: sha256WithRSAEncryption
98:13:d6:45:70:cd:ef:2b:47:b1:b2:bc:a2:d2:c9:d8:30:ca:
d2:a6:eb:02:7d:fa:75:c7:aa:ee:8f:55:4f:55:8d:24:04:6e:
45:94:2e:fb:08:15:84:84:78:e5:d0:d3:42:70:7e:cf:6e:b1:
33:48:4f:00:1d:a2:af:45:ab:68:32:6d:37:00:f1:18:76:04:
92:b8:a2:ff:e7:35:6d:e3:28:14:a0:9a:a5:2d:05:c2:18:3c:
44:e2:1b:8e:c2:c3:aa:9e:f4:4d:93:19:5e:33:cf:f3:34:25:
5a:ff:33:10:0b:57:ae:d7:3c:50:37:20:df:30:c1:32:ad:0a:
a9:80:b6:eb:e6:aa:52:45:e2:d8:bd:c7:77:fb:f1:fd:fc:25:
22:3e:8a:4b:6e:87:7e:de:6a:aa:ce:6d:cc:fa:66:22:0d:83:
9a:8a:ec:3d:b1:8e:b1:51:89:c4:bf:e8:dc:42:52:5c:11:97:
2a:04:ab:17:83:ea:31:44:8f:94:62:8e:b2:2f:b2:06:1c:1b:
1e:57:0d:1d:c7:02:6c:a8:41:8f:16:41:1a:cd:c0:87:58:d5:
b3:9d:ee:6b:63:9d:12:4e:25:ae:49:9b:1e:e1:7c:57:5c:aa:
a1:e6:c1:f6:be:8d:d7:96:e9:d4:ef:ce:95:f2:11:5d:2d:be:
2f:dc:20:15
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzDtzYGMQlX0b8TV/AdwyJXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YmM5MWY3OGEzMzUwYmFjYmJmYmUzNzZmODgxMzIxMmQx
NDk5MzEwHhcNMjQwMTAxMDYzMDEzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjliNTEzNDJhMDhlZDRkOGVhOGVmZjI1YTAxZWYxNGU4ODY5ZDIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1CX2rQa7VZ51k/lPtfkapdU/abY
5DpUO/HfBIC7+JWv1RNHXSA0ScllHvvv8Z4KAaTLeQtjxz80hf9P5crw3gqS455j
wx2iY5RoJOuiytRLN/+nBUW+n0MNP2zoXCyszS0uGTQthpuOmAIfIa/V7Nduj2as
JDpjKyiYxx4GYDQh7nEgMTmmwBThwey9VYu0m5ttBt7h+PAfjSjSF79mQe+EG5ZN
BhRvsclhe/99AW7CDAphHFJPWhEGDkfr7psNfbuN/zGoCBBqVHCE9g9ukWftP+r8
jktOjP0w13zslp5kkaIF1Ad9wC3MtwoOUrnoSecsKQPJ+Tl3bQJH/g8YzQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDubUTQqCO1Njqjv8loB7xTohp0jMB8GA1UdIwQY
MBaAFHe8kfeKM1C6y7++N2+IEyEtFJkxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDd5Ujk0b3pVTHJMdjc0M2I0Z1RJUzBVbVRFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMy9mOTJiOWYtNDc1OC00NDI4LWEyMmMt
OWRiNTdjM2ZlNDFkLzEvTzV0Uk5Db0k3VTJPcU9feVdnSHZGT2lHblNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMy9mOTJiOWYtNDc1OC00NDI4LWEyMmMtOWRiNTdjM2ZlNDFk
LzEvZDd5Ujk0b3pVTHJMdjc0M2I0Z1RJUzBVbVRFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQCkgDQAwQC
uY24AwQCuZkMAwQE1A9AMA0EAgACMAcDBQMqByWAMA0GCSqGSIb3DQEBCwUAA4IB
AQCYE9ZFcM3vK0exsryi0snYMMrSpusCffp1x6ruj1VPVY0kBG5FlC77CBWEhHjl
0NNCcH7PbrEzSE8AHaKvRatoMm03APEYdgSSuKL/5zVt4ygUoJqlLQXCGDxE4huO
wsOqnvRNkxleM8/zNCVa/zMQC1eu1zxQNyDfMMEyrQqpgLbr5qpSReLYvcd3+/H9
/CUiPopLbod+3mqqzm3M+mYiDYOaiuw9sY6xUYnEv+jcQlJcEZcqBKsXg+oxRI+U
Yo6yL7IGHBseVw0dxwJsqEGPFkEazcCHWNWzne5rY50STiWuSZse4XxXXKqh5sH2
vo3XlunU786V8hFdLb4v3CAV
-----END CERTIFICATE-----
Generated at Sat Nov 23 10:35:11 2024 by rpki-client on console-ams.rpki-client.org