Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/ob11QiTeMOnpQjMbA656iEcnakE.roa
File: ob11QiTeMOnpQjMbA656iEcnakE.roa (raw, json)
Hash identifier: 0IB9ENexloIbxRN9hOnxvUNlVgSJSj92lmM4Bp5xXW4=
Subject key identifier: A1:BD:75:42:24:DE:30:E9:E9:42:33:1B:03:AE:7A:88:47:27:6A:41
Certificate issuer: /CN=1afba38a8707fd231c3887e4a52bdcdedab20323
Certificate serial: 018CC2DB2966E90C07361235E12F67918467
Authority key identifier: 1A:FB:A3:8A:87:07:FD:23:1C:38:87:E4:A5:2B:DC:DE:DA:B2:03:23
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GvujiocH_SMcOIfkpSvc3tqyAyM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/ob11QiTeMOnpQjMbA656iEcnakE.roa
Signing time: Mon 01 Jan 2024 02:29:52 +0000
ROA not before: Mon 01 Jan 2024 02:29:52 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 207369
IP address blocks: 185.39.79.0/24 maxlen: 24
185.138.184.0/23 maxlen: 23
185.138.184.0/22 maxlen: 22
185.138.186.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/GvujiocH_SMcOIfkpSvc3tqyAyM.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/GvujiocH_SMcOIfkpSvc3tqyAyM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GvujiocH_SMcOIfkpSvc3tqyAyM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 09 Jun 2024 01:03:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:db:29:66:e9:0c:07:36:12:35:e1:2f:67:91:84:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1afba38a8707fd231c3887e4a52bdcdedab20323
Validity
Not Before: Jan 1 02:29:52 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a1bd754224de30e9e942331b03ae7a8847276a41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:8c:b7:9c:0c:1f:f2:0a:4d:48:a5:05:80:8a:
1f:6d:d6:eb:43:4b:03:fa:93:a2:ee:3c:b0:a7:9f:
84:f0:0d:17:fa:15:90:82:51:9e:79:68:b5:e5:ad:
3e:59:94:7f:e7:2d:d5:50:fa:5f:0f:12:5e:e6:41:
47:1e:d9:96:11:c3:53:9e:f0:f6:e0:50:3c:56:e9:
ff:3a:e0:45:e6:6a:35:e1:37:97:a7:88:23:55:16:
f2:3e:58:e0:91:98:a7:51:e1:96:f9:b8:c0:89:3c:
02:84:cb:fc:22:72:c4:08:8c:f0:ac:4d:42:00:da:
cd:5a:8b:56:7d:1d:21:ad:fc:b1:70:fe:62:24:f4:
ad:8b:bc:ab:2a:c8:ef:42:4e:e4:42:10:bd:e0:f8:
05:22:8c:d3:ae:a6:17:25:5d:66:15:f3:6d:3e:38:
19:01:40:80:bf:23:05:63:9f:d2:42:68:20:df:23:
24:5c:3f:82:9f:b7:17:d1:c6:25:83:94:72:9d:2e:
0f:8e:ea:f3:b1:70:b9:fb:d5:d7:b6:c9:b1:89:1e:
7a:69:32:7d:ba:b9:2c:f7:b4:74:2d:77:c5:e0:c1:
48:22:d7:02:31:65:32:e0:dd:d3:a3:f6:a7:3a:1f:
cd:a0:74:9c:6c:b4:ea:bd:37:1a:77:8e:b5:40:a1:
4b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:BD:75:42:24:DE:30:E9:E9:42:33:1B:03:AE:7A:88:47:27:6A:41
X509v3 Authority Key Identifier:
keyid:1A:FB:A3:8A:87:07:FD:23:1C:38:87:E4:A5:2B:DC:DE:DA:B2:03:23
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GvujiocH_SMcOIfkpSvc3tqyAyM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/ob11QiTeMOnpQjMbA656iEcnakE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/7a9ba2-6a6a-4c7c-882a-0996aed32f3b/1/GvujiocH_SMcOIfkpSvc3tqyAyM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.39.79.0/24
185.138.184.0/22
Signature Algorithm: sha256WithRSAEncryption
6b:d7:40:ed:7e:19:18:c2:5e:0d:0a:50:e3:8a:47:0e:05:18:
ba:53:35:42:18:ea:f8:9e:62:4b:da:4d:82:df:5e:41:03:b9:
32:ea:a3:90:ba:da:fd:94:ea:b0:5c:41:1e:3d:ba:d0:9f:c5:
cd:19:9b:db:80:f6:d7:31:83:de:ba:a2:d8:30:9d:b1:ab:df:
ee:50:89:c9:57:c9:f1:9d:4b:d6:74:fe:63:f2:0c:dd:7a:d9:
e4:1c:ea:be:f3:ad:56:c6:1e:a8:f6:d0:d6:9b:56:56:cb:45:
21:1c:49:8f:ed:f2:df:27:8c:14:6b:87:69:5c:c5:42:cc:d4:
22:bf:6f:3d:30:2f:ba:a2:d5:2a:44:c1:38:2c:08:76:bb:2c:
5c:d2:15:ad:be:e7:62:f4:c6:3a:b5:d0:07:10:ac:f9:8f:f9:
8b:9c:69:7f:89:1b:69:47:51:a0:50:61:a6:3e:05:15:2b:a6:
16:52:c5:40:f0:c7:49:c1:c0:b2:d8:b4:08:2b:c4:37:f3:14:
3d:d0:bf:53:ce:76:43:81:ab:b1:1b:3c:05:17:5d:4d:43:b0:
03:c6:04:d9:68:ca:83:50:a3:e3:8a:ed:a1:23:fe:c1:06:e5:
aa:53:b9:2d:98:7b:09:68:c6:bd:66:d9:34:14:1a:04:9e:da:
a7:ab:3f:da
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzC2ylm6QwHNhI14S9nkYRnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZmJhMzhhODcwN2ZkMjMxYzM4ODdlNGE1MmJkY2RlZGFi
MjAzMjMwHhcNMjQwMTAxMDIyOTUyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMWJkNzU0MjI0ZGUzMGU5ZTk0MjMzMWIwM2FlN2E4ODQ3Mjc2YTQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiYy3nAwf8gpNSKUFgIofbdbrQ0sD
+pOi7jywp5+E8A0X+hWQglGeeWi15a0+WZR/5y3VUPpfDxJe5kFHHtmWEcNTnvD2
4FA8Vun/OuBF5mo14TeXp4gjVRbyPljgkZinUeGW+bjAiTwChMv8InLECIzwrE1C
ANrNWotWfR0hrfyxcP5iJPSti7yrKsjvQk7kQhC94PgFIozTrqYXJV1mFfNtPjgZ
AUCAvyMFY5/SQmgg3yMkXD+Cn7cX0cYlg5RynS4PjurzsXC5+9XXtsmxiR56aTJ9
urks97R0LXfF4MFIItcCMWUy4N3To/anOh/NoHScbLTqvTcad461QKFL/QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKG9dUIk3jDp6UIzGwOueohHJ2pBMB8GA1UdIwQY
MBaAFBr7o4qHB/0jHDiH5KUr3N7asgMjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3Z1amlvY0hfU01jT0lma3BTdmMzdHF5QXlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy83YTliYTItNmE2YS00YzdjLTg4MmEt
MDk5NmFlZDMyZjNiLzEvb2IxMVFpVGVNT25wUWpNYkE2NTZpRWNuYWtFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy83YTliYTItNmE2YS00YzdjLTg4MmEtMDk5NmFlZDMyZjNi
LzEvR3Z1amlvY0hfU01jT0lma3BTdmMzdHF5QXlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAuSdPAwQC
uYq4MA0GCSqGSIb3DQEBCwUAA4IBAQBr10DtfhkYwl4NClDjikcOBRi6UzVCGOr4
nmJL2k2C315BA7ky6qOQutr9lOqwXEEePbrQn8XNGZvbgPbXMYPeuqLYMJ2xq9/u
UInJV8nxnUvWdP5j8gzdetnkHOq+861Wxh6o9tDWm1ZWy0UhHEmP7fLfJ4wUa4dp
XMVCzNQiv289MC+6otUqRME4LAh2uyxc0hWtvudi9MY6tdAHEKz5j/mLnGl/iRtp
R1GgUGGmPgUVK6YWUsVA8MdJwcCy2LQIK8Q38xQ90L9TznZDgauxGzwFF11NQ7AD
xgTZaMqDUKPjiu2hI/7BBuWqU7ktmHsJaMa9Ztk0FBoEntqnqz/a
-----END CERTIFICATE-----
Generated at Sat Jun 8 09:23:48 2024 by rpki-client on console-fra.rpki-client.org