Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/omyKQ0XqdMImp2o5ZxZI0oHwiYI.roa
File: omyKQ0XqdMImp2o5ZxZI0oHwiYI.roa (raw, json)
Hash identifier: /uq+BG8FllzdpidXRFdwjob9RrgvN6fhAsPyVjWEPbg=
Subject key identifier: A2:6C:8A:43:45:EA:74:C2:26:A7:6A:39:67:16:48:D2:81:F0:89:82
Certificate issuer: /CN=cd108c225f2478cd4230179890d07284be1636cd
Certificate serial: 01907BFD5690CF21F96520C9829FC839BCB4
Authority key identifier: CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/omyKQ0XqdMImp2o5ZxZI0oHwiYI.roa
Signing time: Thu 04 Jul 2024 04:25:18 +0000
ROA not before: Thu 04 Jul 2024 04:25:18 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212921
IP address blocks: 2.59.152.0/24 maxlen: 24
2.59.155.0/24 maxlen: 24
45.91.227.0/24 maxlen: 24
45.142.152.0/24 maxlen: 24
45.142.155.0/24 maxlen: 24
193.239.150.0/24 maxlen: 24
194.126.202.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.mft
rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Nov 2024 03:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:90:7b:fd:56:90:cf:21:f9:65:20:c9:82:9f:c8:39:bc:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd108c225f2478cd4230179890d07284be1636cd
Validity
Not Before: Jul 4 04:25:18 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a26c8a4345ea74c226a76a39671648d281f08982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:38:30:13:40:74:0f:c0:b9:87:e1:b7:80:b2:
15:f8:ec:3c:fb:bc:4c:0f:31:af:96:0d:56:e4:85:
a4:2d:b5:70:b6:22:0d:13:ce:b0:57:ed:4b:81:14:
ac:69:0d:09:65:a5:aa:be:32:73:a1:40:2e:35:58:
e3:b6:62:39:fd:a1:ae:ff:e3:fb:3b:06:41:bc:c5:
7c:f6:5f:65:92:b7:41:f9:37:03:a3:75:bb:53:b5:
40:73:b3:4b:de:11:36:f7:52:a6:a4:9e:0b:e9:53:
8d:bb:44:4f:b8:3d:5b:0e:84:1f:7c:28:5d:95:c9:
b2:7f:35:fa:af:8c:16:6d:89:29:90:7e:b5:d9:a6:
40:1e:76:8c:f7:58:fb:71:91:82:66:b5:06:5f:00:
e4:eb:25:30:9a:c8:4c:eb:d4:5d:df:4b:0d:66:fb:
57:e9:d6:db:25:2a:af:ef:b5:b8:6e:a4:9b:96:ef:
a7:cf:a7:2e:d0:fa:87:98:9a:08:1e:70:eb:81:31:
b3:ab:6f:6e:30:90:b4:5e:49:c0:b7:d5:5c:ab:ca:
e3:ea:71:d2:ca:d6:ca:d5:8c:da:b2:65:d7:74:71:
8a:3e:1e:d3:49:75:e4:2d:7f:d8:3d:a2:7c:3d:50:
5a:6f:6b:29:33:48:57:dc:c6:88:74:49:8c:9e:64:
d8:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:6C:8A:43:45:EA:74:C2:26:A7:6A:39:67:16:48:D2:81:F0:89:82
X509v3 Authority Key Identifier:
keyid:CD:10:8C:22:5F:24:78:CD:42:30:17:98:90:D0:72:84:BE:16:36:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRCMIl8keM1CMBeYkNByhL4WNs0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/omyKQ0XqdMImp2o5ZxZI0oHwiYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/348ce5-ca20-4848-8844-ae50273681a7/1/zRCMIl8keM1CMBeYkNByhL4WNs0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.152.0/24
2.59.155.0/24
45.91.227.0/24
45.142.152.0/24
45.142.155.0/24
193.239.150.0/24
194.126.202.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:b3:76:ed:69:5f:46:42:da:48:7d:6f:08:c4:af:6f:1f:12:
69:bb:cf:29:e5:f2:1d:42:fc:e3:89:1e:8a:b9:a9:0f:1d:69:
33:fd:ba:5c:c3:83:63:9b:7d:93:8c:47:8f:8c:bc:09:2e:72:
2c:0e:7d:41:9f:a0:54:4f:d4:1b:71:a8:2b:10:d3:75:55:75:
f1:03:44:31:47:80:f9:c4:c1:e0:b4:ad:1d:f1:21:73:b9:ef:
b8:63:12:0a:12:d1:86:72:da:92:00:e4:fa:4c:74:55:89:3d:
c1:e7:3e:0b:ce:83:ce:c2:ff:f5:3c:86:82:11:5a:c4:30:dc:
95:af:ba:8a:14:d9:a4:3a:ee:60:4f:4a:74:f6:1a:2b:df:85:
ef:49:53:ca:ec:24:46:94:45:8b:03:8f:08:6a:97:c4:6f:09:
0b:2a:91:d5:7f:2b:03:61:ab:f1:ee:dd:fe:72:8f:0d:da:cb:
97:40:92:4a:d7:2f:d9:6e:23:b4:e9:f8:7e:fd:2f:b2:eb:12:
8c:99:83:d6:68:cc:e9:f4:6f:15:61:86:06:26:6e:dc:1d:66:
6e:6b:9f:19:7a:71:fd:91:c4:99:2d:49:4e:29:25:53:4c:83:
a9:0f:c4:5a:8b:02:95:76:9c:e4:a7:cc:64:da:6c:f4:bd:ea:
4c:47:ba:c8
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZB7/VaQzyH5ZSDJgp/IOby0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTA4YzIyNWYyNDc4Y2Q0MjMwMTc5ODkwZDA3Mjg0YmUx
NjM2Y2QwHhcNMjQwNzA0MDQyNTE4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjZjOGE0MzQ1ZWE3NGMyMjZhNzZhMzk2NzE2NDhkMjgxZjA4OTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2zgwE0B0D8C5h+G3gLIV+Ow8+7xM
DzGvlg1W5IWkLbVwtiINE86wV+1LgRSsaQ0JZaWqvjJzoUAuNVjjtmI5/aGu/+P7
OwZBvMV89l9lkrdB+TcDo3W7U7VAc7NL3hE291KmpJ4L6VONu0RPuD1bDoQffChd
lcmyfzX6r4wWbYkpkH612aZAHnaM91j7cZGCZrUGXwDk6yUwmshM69Rd30sNZvtX
6dbbJSqv77W4bqSblu+nz6cu0PqHmJoIHnDrgTGzq29uMJC0XknAt9Vcq8rj6nHS
ytbK1YzasmXXdHGKPh7TSXXkLX/YPaJ8PVBab2spM0hX3MaIdEmMnmTYnwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKJsikNF6nTCJqdqOWcWSNKB8ImCMB8GA1UdIwQY
MBaAFM0QjCJfJHjNQjAXmJDQcoS+FjbNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQt
YWU1MDI3MzY4MWE3LzEvb215S1EwWHFkTUltcDJvNVp4Wkkwb0h3aVlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy8zNDhjZTUtY2EyMC00ODQ4LTg4NDQtYWU1MDI3MzY4MWE3
LzEvelJDTUlsOGtlTTFDTUJlWWtOQnloTDRXTnMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAAjuYAwQA
AjubAwQALVvjAwQALY6YAwQALY6bAwQAwe+WAwQAwn7KMA0GCSqGSIb3DQEBCwUA
A4IBAQBrs3btaV9GQtpIfW8IxK9vHxJpu88p5fIdQvzjiR6KuakPHWkz/bpcw4Nj
m32TjEePjLwJLnIsDn1Bn6BUT9QbcagrENN1VXXxA0QxR4D5xMHgtK0d8SFzue+4
YxIKEtGGctqSAOT6THRViT3B5z4LzoPOwv/1PIaCEVrEMNyVr7qKFNmkOu5gT0p0
9hor34XvSVPK7CRGlEWLA48IapfEbwkLKpHVfysDYavx7t3+co8N2suXQJJK1y/Z
biO06fh+/S+y6xKMmYPWaMzp9G8VYYYGJm7cHWZua58ZenH9kcSZLUlOKSVTTIOp
D8RaiwKVdpzkp8xk2mz0vepMR7rI
-----END CERTIFICATE-----
Generated at Fri Nov 22 12:20:38 2024 by rpki-client on console-ams.rpki-client.org