Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/OA3WKmsXMdwZYnWfkQW2P5YjgEU.roa
File: OA3WKmsXMdwZYnWfkQW2P5YjgEU.roa (raw, json)
Hash identifier: GUP2P5syUDTJIfwl/A6jhF6oN1sxTd1TetS4GTdjoIc=
Subject key identifier: 38:0D:D6:2A:6B:17:31:DC:19:62:75:9F:91:05:B6:3F:96:23:80:45
Certificate issuer: /CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Certificate serial: 018EA7DDF5B19EA8AA35A74CF3BFACE91BF2
Authority key identifier: 70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/OA3WKmsXMdwZYnWfkQW2P5YjgEU.roa
Signing time: Thu 04 Apr 2024 06:48:45 +0000
ROA not before: Thu 04 Apr 2024 06:48:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 200738
IP address blocks: 45.129.20.0/24 maxlen: 24
45.129.21.0/24 maxlen: 24
45.129.22.0/24 maxlen: 24
45.129.23.0/24 maxlen: 24
77.83.124.0/22 maxlen: 22
92.114.56.0/22 maxlen: 22
93.114.240.0/22 maxlen: 22
109.230.216.0/23 maxlen: 23
109.230.222.0/24 maxlen: 24
134.255.215.0/24 maxlen: 24
176.100.208.0/22 maxlen: 22
176.100.212.0/22 maxlen: 22
176.100.224.0/20 maxlen: 20
176.100.224.0/24 maxlen: 24
176.100.225.0/24 maxlen: 24
185.97.168.0/22 maxlen: 22
185.159.252.0/22 maxlen: 22
185.170.147.0/24 maxlen: 24
188.215.8.0/22 maxlen: 22
193.26.148.0/22 maxlen: 22
193.31.36.0/22 maxlen: 22
193.35.14.0/23 maxlen: 23
193.35.26.0/23 maxlen: 23
2a06:6c0::/48 maxlen: 48
2a06:6c0:1::/48 maxlen: 48
2a06:6c0:2::/48 maxlen: 48
2a06:6c0:3::/48 maxlen: 48
2a06:6c0:11::/48 maxlen: 48
2a06:6c0:22::/48 maxlen: 48
2a06:6c0:23::/48 maxlen: 48
2a06:6c0:24::/48 maxlen: 48
2a06:6c0:25::/48 maxlen: 48
2a06:6c0:26::/48 maxlen: 48
2a06:6c0:254::/48 maxlen: 48
2a06:6c0:255::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.mft
rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Jun 2024 14:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:a7:dd:f5:b1:9e:a8:aa:35:a7:4c:f3:bf:ac:e9:1b:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7094a425595e923c4b53b9c000aa8f19ad923f20
Validity
Not Before: Apr 4 06:48:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=380dd62a6b1731dc1962759f9105b63f96238045
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:8f:90:8a:73:ba:81:df:1d:6d:9d:f9:aa:3e:
6c:87:48:73:40:19:61:83:77:5a:d1:86:0f:e7:0d:
60:f9:f3:b5:98:0c:c6:86:09:dc:e5:57:92:b0:54:
40:67:41:ab:3e:1e:a8:f3:b5:08:c9:b8:f3:0b:5c:
eb:11:90:64:02:6f:4c:db:cc:5f:3c:69:03:37:79:
76:ea:ee:30:a3:de:22:73:fa:18:31:92:05:bb:f5:
03:85:5e:e2:d4:80:c5:0f:8b:d9:ea:b5:1c:68:84:
ec:3f:d5:15:82:ae:ec:01:8f:6a:e9:ea:d3:3f:6f:
0b:04:c1:90:a2:07:25:eb:4e:35:06:d7:f3:2e:70:
3e:44:a2:8e:cc:9b:ff:c5:1c:fd:dd:53:9a:75:4f:
c6:f9:a7:2b:df:89:27:d5:b4:a2:40:9e:2d:19:cc:
81:a9:98:d5:6a:a2:9b:b1:8e:99:f6:36:7f:48:0e:
32:f7:4b:be:5d:cb:8f:7b:62:90:c4:fc:43:b0:b0:
ee:b0:a4:29:cf:71:ec:4d:b8:78:da:ba:05:79:2b:
33:76:76:c2:93:c3:b8:47:96:6b:e4:94:b7:8a:2a:
fd:c3:14:c8:3b:64:3b:a5:2e:29:4a:e3:d2:ed:de:
71:f5:9b:31:33:92:b8:d5:1c:ab:d9:07:b0:48:dd:
04:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:0D:D6:2A:6B:17:31:DC:19:62:75:9F:91:05:B6:3F:96:23:80:45
X509v3 Authority Key Identifier:
keyid:70:94:A4:25:59:5E:92:3C:4B:53:B9:C0:00:AA:8F:19:AD:92:3F:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cJSkJVlekjxLU7nAAKqPGa2SPyA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/OA3WKmsXMdwZYnWfkQW2P5YjgEU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2a/963170-58be-46bb-a5de-777373e6055e/1/cJSkJVlekjxLU7nAAKqPGa2SPyA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.20.0/22
77.83.124.0/22
92.114.56.0/22
93.114.240.0/22
109.230.216.0/23
109.230.222.0/24
134.255.215.0/24
176.100.208.0/21
176.100.224.0/20
185.97.168.0/22
185.159.252.0/22
185.170.147.0/24
188.215.8.0/22
193.26.148.0/22
193.31.36.0/22
193.35.14.0/23
193.35.26.0/23
IPv6:
2a06:6c0::/46
2a06:6c0:11::/48
2a06:6c0:22::-2a06:6c0:26:ffff:ffff:ffff:ffff:ffff
2a06:6c0:254::/47
Signature Algorithm: sha256WithRSAEncryption
38:f4:d1:5c:9e:fe:c0:1e:5b:be:8b:bb:ae:b3:5b:e6:4e:86:
14:f1:ba:1b:24:26:81:e4:7b:f9:e3:a5:40:22:dd:34:68:23:
ff:43:02:95:d9:14:57:c6:a5:33:e1:ff:6b:86:18:82:c5:75:
58:79:67:bf:92:4e:73:d4:ba:f2:e7:ac:4d:48:2b:98:fa:c2:
90:04:5f:6d:93:67:a9:c0:33:bb:42:1a:21:78:1d:ee:0b:dc:
6b:86:2a:b8:ee:6c:15:7a:10:7a:37:df:34:f2:24:82:bf:b1:
3b:91:27:41:36:f1:06:29:ba:9f:00:46:c6:ce:39:0f:27:7b:
f0:19:1a:bf:3b:f5:24:15:45:ad:f4:cb:98:5e:08:15:56:f2:
51:45:91:a6:ad:3f:fc:c8:45:48:b3:b3:c1:0f:3b:0c:3a:78:
9a:df:98:82:0b:4d:5d:5a:31:35:e3:28:2f:06:a7:62:8b:3d:
81:10:9e:69:c2:38:b7:5b:6a:8c:c1:71:fe:b9:9e:fd:5b:c2:
19:8f:b6:29:ba:e8:52:6c:b0:86:a4:af:4b:5d:47:19:fe:b1:
96:b6:7b:58:7a:bd:99:0a:3c:7a:b5:c0:94:e9:20:b6:69:2d:
3f:b8:e8:97:07:1a:de:7d:3a:b6:53:f0:02:82:99:a9:28:48:
7e:b4:09:82
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAY6n3fWxnqiqNadM87+s6RvyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwOTRhNDI1NTk1ZTkyM2M0YjUzYjljMDAwYWE4ZjE5YWQ5
MjNmMjAwHhcNMjQwNDA0MDY0ODQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODBkZDYyYTZiMTczMWRjMTk2Mjc1OWY5MTA1YjYzZjk2MjM4MDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAgo+QinO6gd8dbZ35qj5sh0hzQBlh
g3da0YYP5w1g+fO1mAzGhgnc5VeSsFRAZ0GrPh6o87UIybjzC1zrEZBkAm9M28xf
PGkDN3l26u4wo94ic/oYMZIFu/UDhV7i1IDFD4vZ6rUcaITsP9UVgq7sAY9q6erT
P28LBMGQogcl6041BtfzLnA+RKKOzJv/xRz93VOadU/G+acr34kn1bSiQJ4tGcyB
qZjVaqKbsY6Z9jZ/SA4y90u+XcuPe2KQxPxDsLDusKQpz3HsTbh42roFeSszdnbC
k8O4R5Zr5JS3iir9wxTIO2Q7pS4pSuPS7d5x9ZsxM5K41Ryr2QewSN0ElQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFDgN1iprFzHcGWJ1n5EFtj+WI4BFMB8GA1UdIwQY
MBaAFHCUpCVZXpI8S1O5wACqjxmtkj8gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUt
Nzc3MzczZTYwNTVlLzEvT0EzV0ttc1hNZHdaWW5XZmtRVzJQNVlqZ0VVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYS85NjMxNzAtNThiZS00NmJiLWE1ZGUtNzc3MzczZTYwNTVl
LzEvY0pTa0pWbGVranhMVTduQUFLcVBHYTJTUHlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTBsBAIAATBmAwQCLYEU
AwQCTVN8AwQCXHI4AwQCXXLwAwQBbebYAwQAbebeAwQAhv/XAwQDsGTQAwQEsGTg
AwQCuWGoAwQCuZ/8AwQAuaqTAwQCvNcIAwQCwRqUAwQCwR8kAwQBwSMOAwQBwSMa
MDUEAgACMC8DBwIqBgbAAAADBwAqBgbAABEwEgMHASoGBsAAIgMHACoGBsAAJgMH
ASoGBsACVDANBgkqhkiG9w0BAQsFAAOCAQEAOPTRXJ7+wB5bvou7rrNb5k6GFPG6
GyQmgeR7+eOlQCLdNGgj/0MCldkUV8alM+H/a4YYgsV1WHlnv5JOc9S68uesTUgr
mPrCkARfbZNnqcAzu0IaIXgd7gvca4YquO5sFXoQejffNPIkgr+xO5EnQTbxBim6
nwBGxs45Dyd78Bkavzv1JBVFrfTLmF4IFVbyUUWRpq0//MhFSLOzwQ87DDp4mt+Y
ggtNXVoxNeMoLwanYos9gRCeacI4t1tqjMFx/rme/VvCGY+2KbroUmywhqSvS11H
Gf6xlrZ7WHq9mQo8erXAlOkgtmktP7jolwca3n06tlPwAoKZqShIfrQJgg==
-----END CERTIFICATE-----
Generated at Sat Jun 15 19:45:39 2024 by rpki-client on console-fra.rpki-client.org