Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/oAaBcFOThiElho-CeDPX7KwdMxg.roa
File: oAaBcFOThiElho-CeDPX7KwdMxg.roa (raw, json)
Hash identifier: uC63yLlV68dA0w6G+PmekQjKMteLIKS+KUsNhsN2qqI=
Subject key identifier: A0:06:81:70:53:93:86:21:25:86:8F:82:78:33:D7:EC:AC:1D:33:18
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 018F2E10C792AB3CDDC821034397EE4887B5
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/oAaBcFOThiElho-CeDPX7KwdMxg.roa
Signing time: Tue 30 Apr 2024 08:13:22 +0000
ROA not before: Tue 30 Apr 2024 08:13:22 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 8300
IP address blocks: 193.5.20.0/23 maxlen: 23
193.5.30.0/24 maxlen: 24
193.5.158.0/23 maxlen: 24
193.134.248.0/23 maxlen: 23
194.209.74.0/24 maxlen: 24
212.243.101.0/24 maxlen: 24
2001:918:1ab::/48 maxlen: 48
2001:918:f00::/40 maxlen: 40
2001:918:ff70::/44 maxlen: 48
2001:918:ffb7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Jun 2024 01:00:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:2e:10:c7:92:ab:3c:dd:c8:21:03:43:97:ee:48:87:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Apr 30 08:13:22 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a00681705393862125868f827833d7ecac1d3318
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:6a:d6:ed:6a:71:d4:82:23:86:b5:eb:00:a2:
66:0d:10:e8:23:4d:bd:bb:b4:a6:28:24:8e:23:18:
86:79:42:e6:eb:18:69:f3:f5:e3:f5:96:de:72:7d:
e2:80:3b:3d:cb:da:d7:3d:d8:d4:2f:c6:b2:c3:97:
09:a8:ad:12:65:07:a6:ec:1a:09:35:53:07:3e:e0:
38:eb:ba:3d:f4:7f:d3:8d:6f:e7:44:5f:21:23:d2:
33:04:3f:b7:cf:48:a5:23:c0:64:e4:e1:c0:d6:47:
6f:f1:d9:36:d2:a5:ad:0e:b2:f9:16:3d:bb:eb:96:
da:26:86:9b:b2:df:de:a9:41:7a:df:fc:e7:1a:3b:
8a:b1:d3:b3:1b:ff:d8:24:a1:fa:35:b0:97:a5:d7:
69:59:81:34:47:8d:7a:e3:f8:83:9d:4e:d3:a1:46:
4c:95:65:36:03:8d:7a:51:90:ac:1e:03:f7:79:8a:
f1:b2:75:e3:fa:62:d1:40:2d:61:e4:c1:f3:4e:55:
d1:91:6f:53:de:f9:ea:99:6f:09:61:47:0c:dd:b2:
ee:e6:46:b9:64:01:c5:48:12:c9:4f:28:5a:c6:af:
4d:cd:61:74:5f:4d:d6:78:fc:79:53:7c:bb:36:71:
52:07:0e:b3:1a:50:06:b6:f4:76:4f:52:ec:a6:11:
7b:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:06:81:70:53:93:86:21:25:86:8F:82:78:33:D7:EC:AC:1D:33:18
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/oAaBcFOThiElho-CeDPX7KwdMxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.5.20.0/23
193.5.30.0/24
193.5.158.0/23
193.134.248.0/23
194.209.74.0/24
212.243.101.0/24
IPv6:
2001:918:1ab::/48
2001:918:f00::/40
2001:918:ff70::/44
2001:918:ffb7::/48
Signature Algorithm: sha256WithRSAEncryption
79:f2:74:62:7a:cc:e4:c9:76:67:0b:36:44:04:b0:83:ea:12:
6b:6f:cb:7c:40:4c:a7:c4:69:97:c2:0a:ca:c4:ad:15:f2:86:
24:b1:ee:b0:28:62:cd:ea:8c:08:90:8c:30:4a:15:bd:9c:61:
44:6f:51:f6:a5:06:af:ff:28:72:25:c1:a7:74:df:db:0f:b8:
5b:b6:40:97:5f:85:50:c6:03:a5:c8:31:b8:a5:26:43:76:4d:
68:88:0a:9a:f3:3a:e2:20:b9:bb:07:45:88:a1:7e:21:8c:b8:
f2:8c:f6:e3:50:cc:6f:ee:89:c4:f2:56:83:96:c7:b2:d7:e7:
95:fa:c2:f2:a6:2d:54:15:81:f3:c1:00:94:63:df:db:ef:4c:
eb:8b:42:b9:fa:f0:dc:d9:aa:f8:82:22:8f:1f:db:f6:4f:92:
e7:6e:3c:77:c3:93:5f:37:3b:54:6c:5f:aa:a7:ea:2a:cf:93:
9f:40:4b:63:09:c8:63:76:9e:ee:33:22:9a:8b:94:1e:6f:b3:
27:b3:20:6a:e4:21:96:c6:b4:05:27:98:d2:b9:7a:42:de:2a:
43:95:ac:a0:b0:8a:2c:85:07:da:77:bf:6b:fd:60:e0:f2:41:
6c:f0:16:f5:93:10:51:cb:be:df:c7:6e:7e:af:d7:09:2e:e5:
92:b9:bb:35
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAY8uEMeSqzzdyCEDQ5fuSIe1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjQwNDMwMDgxMzIyWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDA2ODE3MDUzOTM4NjIxMjU4NjhmODI3ODMzZDdlY2FjMWQzMzE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WrW7Wpx1IIjhrXrAKJmDRDoI029
u7SmKCSOIxiGeULm6xhp8/Xj9Zbecn3igDs9y9rXPdjUL8ayw5cJqK0SZQem7BoJ
NVMHPuA467o99H/TjW/nRF8hI9IzBD+3z0ilI8Bk5OHA1kdv8dk20qWtDrL5Fj27
65baJoabst/eqUF63/znGjuKsdOzG//YJKH6NbCXpddpWYE0R4164/iDnU7ToUZM
lWU2A416UZCsHgP3eYrxsnXj+mLRQC1h5MHzTlXRkW9T3vnqmW8JYUcM3bLu5ka5
ZAHFSBLJTyhaxq9NzWF0X03WePx5U3y7NnFSBw6zGlAGtvR2T1LsphF7hQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFKAGgXBTk4YhJYaPgngz1+ysHTMYMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvb0FhQmNGT1RoaUVsaG8tQ2VEUFg3S3dkTXhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUtYmQxOTI2NzZjOWJi
LzEvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzAqBAIAATAkAwQBwQUUAwQA
wQUeAwQBwQWeAwQBwYb4AwQAwtFKAwQA1PNlMCkEAgACMCMDBwAgAQkYAasDBgAg
AQkYDwMHBCABCRj/cAMHACABCRj/tzANBgkqhkiG9w0BAQsFAAOCAQEAefJ0YnrM
5Ml2Zws2RASwg+oSa2/LfEBMp8Rpl8IKysStFfKGJLHusChizeqMCJCMMEoVvZxh
RG9R9qUGr/8ociXBp3Tf2w+4W7ZAl1+FUMYDpcgxuKUmQ3ZNaIgKmvM64iC5uwdF
iKF+IYy48oz241DMb+6JxPJWg5bHstfnlfrC8qYtVBWB88EAlGPf2+9M64tCufrw
3Nmq+IIijx/b9k+S5248d8OTXzc7VGxfqqfqKs+Tn0BLYwnIY3ae7jMimouUHm+z
J7MgauQhlsa0BSeY0rl6Qt4qQ5WsoLCKLIUH2ne/a/1g4PJBbPAW9ZMQUcu+38du
fq/XCS7lkrm7NQ==
-----END CERTIFICATE-----
Generated at Sat Jun 1 08:32:35 2024 by rpki-client on console-ams.rpki-client.org