Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/pOJ8TENBhHUvXNElSwI4dP8UU6c.roa
File: pOJ8TENBhHUvXNElSwI4dP8UU6c.roa (raw, json)
Hash identifier: f6hjgYRiuJHikBeLg1d3/o03anemRCvrS7UgvQkgRA0=
Subject key identifier: A4:E2:7C:4C:43:41:84:75:2F:5C:D1:25:4B:02:38:74:FF:14:53:A7
Certificate issuer: /CN=9d210f2259093aaf45285922a588e9a661aba9fa
Certificate serial: 018CC2DB22692810C2BC91425C45733CF52C
Authority key identifier: 9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/pOJ8TENBhHUvXNElSwI4dP8UU6c.roa
Signing time: Mon 01 Jan 2024 02:29:50 +0000
ROA not before: Mon 01 Jan 2024 02:29:50 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 6453
IP address blocks: 217.196.16.0/20 maxlen: 20
77.245.96.0/20 maxlen: 20
93.185.64.0/20 maxlen: 20
95.141.128.0/20 maxlen: 20
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 May 2024 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:22:69:28:10:c2:bc:91:42:5c:45:73:3c:f5:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d210f2259093aaf45285922a588e9a661aba9fa
Validity
Not Before: Jan 1 02:29:50 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a4e27c4c434184752f5cd1254b023874ff1453a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:e7:d7:2e:53:c9:10:4d:d0:b0:37:b0:f9:c3:
0f:a1:50:f5:75:5d:de:37:a7:96:56:6f:2f:76:ee:
f9:33:2c:04:ee:7e:7e:5e:f6:40:93:4d:ed:87:1e:
e2:24:4f:4f:5b:00:0a:fa:b5:d3:b5:6c:3c:bd:57:
9b:0e:b3:de:3c:2c:6a:d2:01:d3:15:28:12:80:eb:
63:ed:45:ff:ee:5b:52:e7:64:3a:00:c2:95:b1:45:
2f:d8:e6:1d:fa:ca:e5:83:67:4b:e0:86:8a:bc:fe:
5d:67:06:aa:14:5d:20:8a:67:29:38:58:31:f1:4c:
37:79:33:0b:f9:ad:43:b1:02:e8:51:1b:e3:a1:78:
c7:40:e7:fa:02:6b:51:61:e2:3f:00:c3:8d:f7:16:
c2:c6:d9:06:b9:c2:1f:ac:bf:1c:10:cf:83:e5:e0:
22:31:a2:7b:5e:1e:58:fe:21:6f:9e:02:7b:38:b2:
8e:d4:ee:10:f9:06:4f:77:7f:95:e1:0e:46:7e:0c:
33:b5:48:7e:e3:f0:e4:5c:75:6c:fd:31:84:11:7c:
fc:89:24:92:37:af:5d:49:1b:6c:86:5b:4b:4a:86:
c3:c1:75:3d:a7:f6:b0:78:39:6f:e2:23:d4:e5:8a:
b8:43:aa:15:51:29:6e:78:20:ca:18:ab:c5:c3:42:
34:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:E2:7C:4C:43:41:84:75:2F:5C:D1:25:4B:02:38:74:FF:14:53:A7
X509v3 Authority Key Identifier:
keyid:9D:21:0F:22:59:09:3A:AF:45:28:59:22:A5:88:E9:A6:61:AB:A9:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSEPIlkJOq9FKFkipYjppmGrqfo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/pOJ8TENBhHUvXNElSwI4dP8UU6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1a/93686d-11f5-4e3e-b5c4-43843c2e943b/1/nSEPIlkJOq9FKFkipYjppmGrqfo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.245.96.0/20
93.185.64.0/20
95.141.128.0/20
217.196.16.0/20
Signature Algorithm: sha256WithRSAEncryption
8d:c7:c2:e0:e4:39:5e:ef:aa:12:a3:8c:9a:63:3f:8b:a7:83:
ed:91:8a:e9:ff:12:de:41:c7:e1:d2:e7:79:1a:2b:d3:29:8c:
36:84:87:c7:c1:0b:9b:67:74:86:98:c5:62:63:d7:bd:db:21:
9b:b8:b3:bf:b2:d3:4d:50:b8:d6:08:ee:9a:9d:2f:a5:2c:27:
d4:4c:c0:12:d5:a4:e7:b5:4b:b1:bf:e5:87:95:3b:d1:04:be:
c5:86:7b:c0:f0:40:1e:de:c5:e8:d5:f6:f6:22:1c:df:55:22:
a7:d4:87:0c:10:e1:46:c2:ab:f3:b9:75:57:2c:ab:71:4d:33:
14:c3:3e:2b:89:e0:b9:3a:47:8c:77:3d:2c:43:5c:7d:a0:f0:
50:38:fa:37:a7:b8:e9:9c:69:ea:f4:33:65:e7:2f:2b:eb:7a:
df:0d:62:1e:18:24:55:5f:c3:ca:f4:51:b8:c8:fd:c8:f5:de:
fa:ba:67:62:d3:47:23:bc:2e:50:6b:40:f4:78:0e:41:58:23:
0a:b8:d6:c1:3a:3d:58:86:5f:46:17:de:4b:e5:2b:53:71:c9:
ca:08:4e:1e:5c:ad:d9:e1:6a:c6:a5:a2:fa:bf:5b:95:9e:05:
40:13:6a:f3:47:97:fb:57:25:3c:f0:56:c9:0f:41:9e:63:e5:
59:42:58:df
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAYzC2yJpKBDCvJFCXEVzPPUsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMjEwZjIyNTkwOTNhYWY0NTI4NTkyMmE1ODhlOWE2NjFh
YmE5ZmEwHhcNMjQwMTAxMDIyOTUwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGUyN2M0YzQzNDE4NDc1MmY1Y2QxMjU0YjAyMzg3NGZmMTQ1M2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtefXLlPJEE3QsDew+cMPoVD1dV3e
N6eWVm8vdu75MywE7n5+XvZAk03thx7iJE9PWwAK+rXTtWw8vVebDrPePCxq0gHT
FSgSgOtj7UX/7ltS52Q6AMKVsUUv2OYd+srlg2dL4IaKvP5dZwaqFF0gimcpOFgx
8Uw3eTML+a1DsQLoURvjoXjHQOf6AmtRYeI/AMON9xbCxtkGucIfrL8cEM+D5eAi
MaJ7Xh5Y/iFvngJ7OLKO1O4Q+QZPd3+V4Q5GfgwztUh+4/DkXHVs/TGEEXz8iSSS
N69dSRtshltLSobDwXU9p/aweDlv4iPU5Yq4Q6oVUSlueCDKGKvFw0I0qwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFKTifExDQYR1L1zRJUsCOHT/FFOnMB8GA1UdIwQY
MBaAFJ0hDyJZCTqvRShZIqWI6aZhq6n6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQt
NDM4NDNjMmU5NDNiLzEvcE9KOFRFTkJoSFV2WE5FbFN3STRkUDhVVTZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYS85MzY4NmQtMTFmNS00ZTNlLWI1YzQtNDM4NDNjMmU5NDNi
LzEvblNFUElsa0pPcTlGS0ZraXBZanBwbUdycWZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQETfVgAwQE
XblAAwQEX42AAwQE2cQQMA0GCSqGSIb3DQEBCwUAA4IBAQCNx8Lg5Dle76oSo4ya
Yz+Lp4PtkYrp/xLeQcfh0ud5GivTKYw2hIfHwQubZ3SGmMViY9e92yGbuLO/stNN
ULjWCO6anS+lLCfUTMAS1aTntUuxv+WHlTvRBL7FhnvA8EAe3sXo1fb2IhzfVSKn
1IcMEOFGwqvzuXVXLKtxTTMUwz4rieC5OkeMdz0sQ1x9oPBQOPo3p7jpnGnq9DNl
5y8r63rfDWIeGCRVX8PK9FG4yP3I9d76umdi00cjvC5Qa0D0eA5BWCMKuNbBOj1Y
hl9GF95L5StTccnKCE4eXK3Z4WrGpaL6v1uVngVAE2rzR5f7VyU88FbJD0GeY+VZ
Qljf
-----END CERTIFICATE-----
Generated at Mon May 20 12:25:27 2024 by rpki-client on console-ams.rpki-client.org