Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/OSETpnflu-iGDDD7AoYgCdDtO7M.roa
File: OSETpnflu-iGDDD7AoYgCdDtO7M.roa (raw, json)
Hash identifier: 8QmloUl9kxJhTxAp8RX1WaedMb1MnGu5Rx7Po55/GJs=
Subject key identifier: 39:21:13:A6:77:E5:BB:E8:86:0C:30:FB:02:86:20:09:D0:ED:3B:B3
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 01918398EC9A0DE21CC9490250C74C36F800
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/OSETpnflu-iGDDD7AoYgCdDtO7M.roa
Signing time: Sat 24 Aug 2024 08:55:22 +0000
ROA not before: Sat 24 Aug 2024 08:55:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 26548
IP address blocks: 46.161.56.0/21 maxlen: 24
91.243.88.0/22 maxlen: 22
91.243.92.0/22 maxlen: 22
146.185.200.0/24 maxlen: 24
146.185.201.0/24 maxlen: 24
146.185.202.0/24 maxlen: 24
146.185.203.0/24 maxlen: 24
146.185.204.0/23 maxlen: 24
146.185.206.0/24 maxlen: 24
193.93.192.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Nov 2024 16:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:91:83:98:ec:9a:0d:e2:1c:c9:49:02:50:c7:4c:36:f8:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Aug 24 08:55:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=392113a677e5bbe8860c30fb02862009d0ed3bb3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c3:f4:cd:80:e1:17:e4:b1:42:32:58:2b:16:
8a:53:b1:20:83:16:9d:db:ce:58:76:1c:f1:e8:a2:
bd:1d:fc:10:41:fa:c7:85:f7:18:15:cb:0a:7a:d2:
71:fd:20:41:f4:7b:20:64:40:b3:e1:b0:24:7b:50:
20:e5:df:03:f2:46:86:56:cb:b1:86:d1:c1:fd:d8:
25:32:c8:f6:75:c4:49:f0:a9:70:72:f5:10:2b:f0:
f9:fe:0b:18:1f:3e:a0:e4:2c:e1:a5:35:27:f8:f9:
d1:3b:1f:3a:3f:1a:94:99:71:31:59:c2:eb:93:86:
a2:88:08:09:1e:7c:ee:e3:01:e4:e9:65:cc:b8:90:
75:9c:ad:08:0c:fa:65:93:b6:dd:04:af:1f:43:67:
89:3f:8a:af:b5:2d:64:a4:7d:ee:1c:cd:29:8c:c7:
6d:d5:4e:6f:b6:4c:88:ba:80:35:67:b9:3b:05:fb:
7f:29:c3:2c:f3:d2:3f:43:3e:dd:fb:94:38:62:1d:
6d:10:40:57:10:52:00:ab:ac:e4:1b:57:34:8c:27:
51:17:1c:49:8e:94:8f:b5:2b:1d:e8:c8:10:ce:25:
19:7b:94:06:de:7b:cb:70:11:10:13:fe:2e:86:7c:
c6:0d:70:60:88:2d:7d:b7:5a:6e:de:ee:dc:e7:9e:
18:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:21:13:A6:77:E5:BB:E8:86:0C:30:FB:02:86:20:09:D0:ED:3B:B3
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/OSETpnflu-iGDDD7AoYgCdDtO7M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.161.56.0/21
91.243.88.0/21
146.185.200.0-146.185.206.255
193.93.192.0/22
Signature Algorithm: sha256WithRSAEncryption
7b:bf:d4:04:8f:ea:80:ce:ba:76:d5:ad:9a:1e:d1:73:2d:95:
cf:54:4f:81:bd:00:76:4b:2c:b0:ff:1d:82:26:29:3b:70:a3:
d0:e3:0b:ad:37:c1:ed:64:ec:e0:26:56:38:16:a8:c3:a2:81:
9f:c3:9d:a4:63:29:e1:57:32:e4:36:d4:81:8d:64:9e:ae:e1:
ca:35:03:e5:82:2d:5b:ac:43:5c:c6:a0:a2:c0:43:7e:26:ce:
e6:1f:18:31:df:70:5c:ef:d1:0b:ea:dc:83:08:71:a5:8f:2d:
07:f7:3c:ea:47:aa:dc:6f:77:25:42:86:dc:f3:6f:eb:84:09:
2b:28:56:a6:1d:8f:4b:ca:7d:b4:a0:d1:f8:a0:e6:2e:c9:9f:
a1:eb:d0:cb:25:8e:22:97:af:2c:67:7e:96:a4:08:a5:71:4b:
d7:28:e0:eb:be:11:09:17:d7:02:7b:c5:0d:96:4d:ab:0a:e9:
cc:39:76:30:9b:a5:80:df:0c:d0:84:9d:93:d9:82:3c:24:93:
5e:85:b7:73:0b:33:e3:9c:cd:2b:61:2a:bc:d9:a8:fa:03:61:
0f:2f:0d:c2:d5:71:ad:18:fb:51:d5:02:22:c8:ea:42:d0:e0:
83:3a:49:1d:5e:9d:bd:5c:4d:40:2f:6c:72:cc:6f:6a:27:88:
7f:21:9c:a2
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZGDmOyaDeIcyUkCUMdMNvgAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjQwODI0MDg1NTIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOTIxMTNhNjc3ZTViYmU4ODYwYzMwZmIwMjg2MjAwOWQwZWQzYmIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxMP0zYDhF+SxQjJYKxaKU7Eggxad
285Ydhzx6KK9HfwQQfrHhfcYFcsKetJx/SBB9HsgZECz4bAke1Ag5d8D8kaGVsux
htHB/dglMsj2dcRJ8KlwcvUQK/D5/gsYHz6g5CzhpTUn+PnROx86PxqUmXExWcLr
k4aiiAgJHnzu4wHk6WXMuJB1nK0IDPplk7bdBK8fQ2eJP4qvtS1kpH3uHM0pjMdt
1U5vtkyIuoA1Z7k7Bft/KcMs89I/Qz7d+5Q4Yh1tEEBXEFIAq6zkG1c0jCdRFxxJ
jpSPtSsd6MgQziUZe5QG3nvLcBEQE/4uhnzGDXBgiC19t1pu3u7c554YowIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFDkhE6Z35bvohgww+wKGIAnQ7TuzMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvT1NFVHBuZmx1LWlHREREN0FvWWdDZER0TzdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgAwQDLqE4AwQD
W/NYMAwDBAOSucgDBACSuc4DBALBXcAwDQYJKoZIhvcNAQELBQADggEBAHu/1ASP
6oDOunbVrZoe0XMtlc9UT4G9AHZLLLD/HYImKTtwo9DjC603we1k7OAmVjgWqMOi
gZ/DnaRjKeFXMuQ21IGNZJ6u4co1A+WCLVusQ1zGoKLAQ34mzuYfGDHfcFzv0Qvq
3IMIcaWPLQf3POpHqtxvdyVChtzzb+uECSsoVqYdj0vKfbSg0fig5i7Jn6Hr0Msl
jiKXryxnfpakCKVxS9co4Ou+EQkX1wJ7xQ2WTasK6cw5djCbpYDfDNCEnZPZgjwk
k16Ft3MLM+OczSthKrzZqPoDYQ8vDcLVca0Y+1HVAiLI6kLQ4IM6SR1enb1cTUAv
bHLMb2oniH8hnKI=
-----END CERTIFICATE-----
Generated at Fri Nov 22 02:07:32 2024 by rpki-client on console-ams.rpki-client.org