Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e27d9b-cad6-4e1d-9d07-b7a6608a8fbc/1/Ozt1JR4cr5vj3hE0hmHHirWhIQs.roa
File: Ozt1JR4cr5vj3hE0hmHHirWhIQs.roa (raw, json)
Hash identifier: m2fNW6KbRDmnpD3qqDCvsRgZgyV98d6UQXTS/G65uGI=
Subject key identifier: 3B:3B:75:25:1E:1C:AF:9B:E3:DE:11:34:86:61:C7:8A:B5:A1:21:0B
Certificate issuer: /CN=c9265b8ba9e6190f2609787cd9d92efd48efbd9d
Certificate serial: 018CC6B92ECDC105AF1D09C8B831564D5D6C
Authority key identifier: C9:26:5B:8B:A9:E6:19:0F:26:09:78:7C:D9:D9:2E:FD:48:EF:BD:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ySZbi6nmGQ8mCXh82dku_UjvvZ0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e27d9b-cad6-4e1d-9d07-b7a6608a8fbc/1/Ozt1JR4cr5vj3hE0hmHHirWhIQs.roa
Signing time: Mon 01 Jan 2024 20:31:14 +0000
ROA not before: Mon 01 Jan 2024 20:31:14 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8343
IP address blocks: 178.23.136.0/21 maxlen: 21
178.23.138.0/24 maxlen: 24
178.23.139.0/24 maxlen: 24
178.23.142.0/24 maxlen: 24
178.23.141.0/24 maxlen: 24
178.23.140.0/24 maxlen: 24
178.23.143.0/24 maxlen: 24
185.19.244.0/22 maxlen: 22
37.143.95.0/24 maxlen: 24
37.143.93.0/24 maxlen: 24
37.143.92.0/24 maxlen: 24
37.143.94.0/24 maxlen: 24
195.58.242.0/24 maxlen: 24
195.58.244.0/24 maxlen: 24
195.58.243.0/24 maxlen: 24
195.58.246.0/24 maxlen: 24
195.58.245.0/24 maxlen: 24
195.58.241.0/24 maxlen: 24
195.58.249.0/24 maxlen: 24
195.58.251.0/24 maxlen: 24
195.58.250.0/24 maxlen: 24
195.58.253.0/24 maxlen: 24
195.58.252.0/22 maxlen: 22
195.58.252.0/24 maxlen: 24
195.58.248.0/24 maxlen: 24
195.58.247.0/24 maxlen: 24
195.58.255.0/24 maxlen: 24
195.58.254.0/24 maxlen: 24
37.143.88.0/21 maxlen: 21
37.143.89.0/24 maxlen: 24
37.143.88.0/24 maxlen: 24
37.143.91.0/24 maxlen: 24
37.143.90.0/24 maxlen: 24
195.58.224.0/19 maxlen: 19
195.58.224.0/24 maxlen: 24
195.58.226.0/24 maxlen: 24
195.58.227.0/24 maxlen: 24
195.58.229.0/24 maxlen: 24
195.58.228.0/24 maxlen: 24
195.58.230.0/24 maxlen: 24
195.58.232.0/24 maxlen: 24
195.58.231.0/24 maxlen: 24
195.58.233.0/24 maxlen: 24
195.58.236.0/24 maxlen: 24
195.58.235.0/24 maxlen: 24
195.58.237.0/24 maxlen: 24
195.58.239.0/24 maxlen: 24
195.58.240.0/24 maxlen: 24
195.58.238.0/24 maxlen: 24
195.58.234.0/24 maxlen: 24
2a00:1b50:1::/48 maxlen: 48
2a00:1b50:1000::/48 maxlen: 48
2a00:1b50:10::/48 maxlen: 48
2a00:1b50::/32 maxlen: 32
2a00:1b50::/36 maxlen: 36
2a00:1b50:1000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/e27d9b-cad6-4e1d-9d07-b7a6608a8fbc/1/ySZbi6nmGQ8mCXh82dku_UjvvZ0.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/e27d9b-cad6-4e1d-9d07-b7a6608a8fbc/1/ySZbi6nmGQ8mCXh82dku_UjvvZ0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ySZbi6nmGQ8mCXh82dku_UjvvZ0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 12:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b9:2e:cd:c1:05:af:1d:09:c8:b8:31:56:4d:5d:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9265b8ba9e6190f2609787cd9d92efd48efbd9d
Validity
Not Before: Jan 1 20:31:14 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=3b3b75251e1caf9be3de11348661c78ab5a1210b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:83:1d:0f:aa:f4:11:8a:d4:46:31:c6:a8:16:
70:8d:fc:f9:22:17:51:76:44:93:06:da:42:89:e6:
9a:d1:78:92:24:37:76:f1:fe:08:dd:bf:db:44:de:
f2:82:52:3e:6c:1d:0b:b5:29:6e:42:98:5c:3d:f8:
03:d1:d0:12:bf:f1:d7:b6:3f:20:0e:d3:4d:5d:9d:
7f:d2:92:14:e4:03:b6:a3:0b:c0:25:96:ed:a9:44:
90:fb:00:45:b5:2e:1b:da:6b:22:ca:17:0d:9f:90:
1d:94:e0:eb:f5:66:98:79:df:e4:cb:ad:11:5f:d9:
d8:1e:02:b4:8c:48:ca:0d:35:e4:3f:fa:63:62:f5:
67:04:c4:1f:6c:6e:1b:46:eb:15:93:ef:e2:03:2a:
ff:36:cb:eb:cc:33:ca:82:2b:68:00:f1:a8:a8:36:
12:fc:e9:db:c8:9e:59:01:62:68:78:29:29:99:e8:
1c:79:65:bb:4d:d4:69:8b:7b:c7:9a:cc:46:6f:e5:
ec:10:4b:8c:97:fb:bd:92:dc:48:8a:e3:70:54:2a:
2d:ee:9f:fc:e8:d0:71:3e:3f:2d:79:e4:91:3b:2c:
a8:d9:a1:f4:7b:5a:0a:15:12:4d:b0:87:bd:09:93:
39:8a:7a:25:66:de:9d:72:d7:7c:0f:b9:da:26:bc:
77:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:3B:75:25:1E:1C:AF:9B:E3:DE:11:34:86:61:C7:8A:B5:A1:21:0B
X509v3 Authority Key Identifier:
keyid:C9:26:5B:8B:A9:E6:19:0F:26:09:78:7C:D9:D9:2E:FD:48:EF:BD:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ySZbi6nmGQ8mCXh82dku_UjvvZ0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e27d9b-cad6-4e1d-9d07-b7a6608a8fbc/1/Ozt1JR4cr5vj3hE0hmHHirWhIQs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e27d9b-cad6-4e1d-9d07-b7a6608a8fbc/1/ySZbi6nmGQ8mCXh82dku_UjvvZ0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.88.0/21
178.23.136.0/21
185.19.244.0/22
195.58.224.0/19
IPv6:
2a00:1b50::/32
Signature Algorithm: sha256WithRSAEncryption
b9:e0:2c:b7:68:27:dd:2f:cb:3e:f2:37:88:23:43:d3:b2:09:
0f:26:3c:39:66:de:1c:f1:a1:d8:b1:ea:12:9f:d0:c0:7b:76:
13:c6:27:96:56:5c:4e:bd:22:57:8f:29:79:1e:a6:fc:15:db:
7f:bb:41:1f:aa:98:98:c0:f3:39:2b:46:ac:c0:7d:cf:6a:ae:
88:4d:eb:e6:17:33:04:4b:4c:33:34:43:ae:b5:4c:3a:07:6e:
be:f1:c4:f5:fc:88:62:ad:5e:b3:f2:d5:2f:e7:31:39:a7:19:
40:c4:25:74:f7:51:7a:0a:a5:b7:b3:a1:c2:c5:9f:23:53:ba:
2c:a0:44:29:96:92:75:84:59:42:3d:ed:86:e8:50:09:94:c3:
6c:32:96:4e:cf:ef:f6:74:70:bb:a5:1d:eb:58:ea:8d:d8:e5:
7e:7a:ab:95:77:de:1a:e0:8d:24:e3:11:a7:32:56:94:5c:b4:
83:18:c9:aa:ce:f9:4a:88:aa:88:f3:08:23:a6:9f:f5:95:c5:
58:d2:af:03:25:a7:88:77:26:30:de:f2:ce:8e:26:e4:d3:c3:
b2:f0:ab:08:dd:9c:f4:33:48:44:53:86:38:88:c4:a6:32:2d:
11:69:22:a9:fe:b3:17:d2:3c:5b:7d:63:42:34:5a:e2:34:f8:
22:76:96:0f
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAYzGuS7NwQWvHQnIuDFWTV1sMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5MjY1YjhiYTllNjE5MGYyNjA5Nzg3Y2Q5ZDkyZWZkNDhl
ZmJkOWQwHhcNMjQwMTAxMjAzMTE0WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjNiNzUyNTFlMWNhZjliZTNkZTExMzQ4NjYxYzc4YWI1YTEyMTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqoMdD6r0EYrURjHGqBZwjfz5IhdR
dkSTBtpCieaa0XiSJDd28f4I3b/bRN7yglI+bB0LtSluQphcPfgD0dASv/HXtj8g
DtNNXZ1/0pIU5AO2owvAJZbtqUSQ+wBFtS4b2msiyhcNn5AdlODr9WaYed/ky60R
X9nYHgK0jEjKDTXkP/pjYvVnBMQfbG4bRusVk+/iAyr/NsvrzDPKgitoAPGoqDYS
/OnbyJ5ZAWJoeCkpmegceWW7TdRpi3vHmsxGb+XsEEuMl/u9ktxIiuNwVCot7p/8
6NBxPj8teeSROyyo2aH0e1oKFRJNsIe9CZM5inolZt6dctd8D7naJrx3cwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFDs7dSUeHK+b494RNIZhx4q1oSELMB8GA1UdIwQY
MBaAFMkmW4up5hkPJgl4fNnZLv1I772dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVNaYmk2bm1HUThtQ1hoODJka3VfVWp2dlowLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMjdkOWItY2FkNi00ZTFkLTlkMDct
YjdhNjYwOGE4ZmJjLzEvT3p0MUpSNGNyNXZqM2hFMGhtSEhpcldoSVFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMjdkOWItY2FkNi00ZTFkLTlkMDctYjdhNjYwOGE4ZmJj
LzEveVNaYmk2bm1HUThtQ1hoODJka3VfVWp2dlowLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDJY9YAwQD
sheIAwQCuRP0AwQFwzrgMA0EAgACMAcDBQAqABtQMA0GCSqGSIb3DQEBCwUAA4IB
AQC54Cy3aCfdL8s+8jeII0PTsgkPJjw5Zt4c8aHYseoSn9DAe3YTxieWVlxOvSJX
jyl5Hqb8Fdt/u0EfqpiYwPM5K0aswH3Paq6ITevmFzMES0wzNEOutUw6B26+8cT1
/IhirV6z8tUv5zE5pxlAxCV091F6CqW3s6HCxZ8jU7osoEQplpJ1hFlCPe2G6FAJ
lMNsMpZOz+/2dHC7pR3rWOqN2OV+equVd94a4I0k4xGnMlaUXLSDGMmqzvlKiKqI
8wgjpp/1lcVY0q8DJaeIdyYw3vLOjibk08Oy8KsI3Zz0M0hEU4Y4iMSmMi0RaSKp
/rMX0jxbfWNCNFriNPgidpYP
-----END CERTIFICATE-----
Generated at Fri Nov 22 18:05:30 2024 by rpki-client on console-fra.rpki-client.org