Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/51f7f8-0595-4654-943b-1beac7440262/1/0BS1vS0dD_e46sXe0ppPr-pm48M.roa
File: 0BS1vS0dD_e46sXe0ppPr-pm48M.roa (raw, json)
Hash identifier: k2gSkkoZiBXZ+6Ti+oOOmPrDyn1fWAWuOQYnf2/w1kg=
Subject key identifier: D0:14:B5:BD:2D:1D:0F:F7:B8:EA:C5:DE:D2:9A:4F:AF:EA:66:E3:C3
Certificate issuer: /CN=01127566a5ac41e66b4c7537a60fdcbbfab39a17
Certificate serial: 018CC94D83406BEB245298A5FDA0FF69DA39
Authority key identifier: 01:12:75:66:A5:AC:41:E6:6B:4C:75:37:A6:0F:DC:BB:FA:B3:9A:17
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ARJ1ZqWsQeZrTHU3pg_cu_qzmhc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/51f7f8-0595-4654-943b-1beac7440262/1/0BS1vS0dD_e46sXe0ppPr-pm48M.roa
Signing time: Tue 02 Jan 2024 08:32:29 +0000
ROA not before: Tue 02 Jan 2024 08:32:29 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 209277
IP address blocks: 185.38.192.0/24 maxlen: 24
185.38.193.0/24 maxlen: 24
185.38.195.0/24 maxlen: 24
185.38.194.0/24 maxlen: 24
88.214.16.0/24 maxlen: 24
88.214.17.0/24 maxlen: 24
88.214.19.0/24 maxlen: 24
88.214.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/51f7f8-0595-4654-943b-1beac7440262/1/ARJ1ZqWsQeZrTHU3pg_cu_qzmhc.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/51f7f8-0595-4654-943b-1beac7440262/1/ARJ1ZqWsQeZrTHU3pg_cu_qzmhc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ARJ1ZqWsQeZrTHU3pg_cu_qzmhc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 27 Nov 2024 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4d:83:40:6b:eb:24:52:98:a5:fd:a0:ff:69:da:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01127566a5ac41e66b4c7537a60fdcbbfab39a17
Validity
Not Before: Jan 2 08:32:29 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=d014b5bd2d1d0ff7b8eac5ded29a4fafea66e3c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:44:e0:5e:8f:8e:49:a5:24:95:ad:18:50:4a:
24:2e:c9:5f:37:e4:67:c5:05:8a:c0:3d:cb:1c:42:
1a:1a:5b:d8:12:14:bb:84:1a:60:63:b9:bc:61:9e:
33:dc:e4:8c:b6:0f:fb:3b:6e:09:f5:f5:c8:64:5f:
00:d1:b8:d8:fa:e3:28:2f:a6:2c:0f:6f:f2:00:ac:
2e:10:a1:08:16:d9:d7:eb:0b:3c:75:fe:ad:9c:42:
a1:0a:e6:99:78:38:e0:ce:fb:71:d9:25:0f:1d:2d:
b9:9c:30:2e:0c:77:09:c5:c2:5a:b2:ee:c9:b8:a0:
1c:f4:45:42:38:8e:94:a0:08:98:5c:2f:c2:55:14:
c1:a6:0f:9d:35:c5:92:44:e6:bc:f4:86:4f:3b:5a:
32:e3:48:f5:c8:aa:c5:7a:74:4c:1e:aa:69:76:12:
a0:66:60:39:5f:30:60:9e:f2:7d:f3:99:3f:e6:14:
80:1c:17:88:a9:77:43:1b:bf:23:70:11:f6:ef:b4:
00:a3:22:56:20:99:97:46:1b:80:f7:98:f9:d5:67:
0c:2b:7e:9c:75:9f:61:4b:7a:9d:a9:64:4d:e8:61:
f2:a6:dc:a3:f3:67:5d:47:76:03:8c:0e:f8:94:1d:
d4:a3:51:de:86:88:6f:c7:9b:8a:25:1a:70:6c:d6:
d9:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:14:B5:BD:2D:1D:0F:F7:B8:EA:C5:DE:D2:9A:4F:AF:EA:66:E3:C3
X509v3 Authority Key Identifier:
keyid:01:12:75:66:A5:AC:41:E6:6B:4C:75:37:A6:0F:DC:BB:FA:B3:9A:17
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ARJ1ZqWsQeZrTHU3pg_cu_qzmhc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/51f7f8-0595-4654-943b-1beac7440262/1/0BS1vS0dD_e46sXe0ppPr-pm48M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/51f7f8-0595-4654-943b-1beac7440262/1/ARJ1ZqWsQeZrTHU3pg_cu_qzmhc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.16.0/22
185.38.192.0/22
Signature Algorithm: sha256WithRSAEncryption
31:35:b1:46:d5:fe:1d:c2:ff:d4:f8:c3:db:6c:e1:83:0f:34:
08:4b:a7:e2:18:33:9e:1c:27:ac:cf:69:c8:bc:48:6e:91:fa:
2f:6a:a9:43:74:78:23:a5:df:e2:dc:ac:ec:b0:e4:2d:1e:a6:
97:4e:97:85:83:07:31:d4:fc:80:0a:82:32:51:6c:d6:df:51:
00:e3:76:37:8c:5b:11:1d:9d:dc:0a:54:73:bd:62:49:22:a5:
ca:de:cf:9c:f2:24:b9:4b:1c:9e:4d:81:82:27:aa:cf:28:8d:
ce:b0:98:23:4b:db:ab:00:fa:44:39:dc:8f:d5:7a:4e:a1:e3:
9e:48:f2:a1:56:cc:03:b3:76:d5:1b:f7:c2:a1:14:91:f1:c9:
a4:63:5e:7d:02:90:22:40:06:7e:46:a4:75:f3:d7:fd:0e:ce:
58:c7:43:fb:a3:dc:92:4e:35:e3:d3:85:53:9d:31:5e:66:70:
41:37:f6:86:67:ed:87:d8:70:d8:c2:b9:e4:12:65:e1:f1:ae:
09:3e:85:0e:01:52:a8:87:eb:03:ff:69:c9:79:a7:ec:90:22:
a5:87:e3:e6:95:03:1b:1c:a7:72:8a:33:83:79:05:c3:c6:03:
f7:7f:e9:be:02:ad:91:30:21:78:f2:45:67:44:7a:6f:f8:06:
61:66:e7:87
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAYzJTYNAa+skUpil/aD/ado5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxMTI3NTY2YTVhYzQxZTY2YjRjNzUzN2E2MGZkY2JiZmFi
MzlhMTcwHhcNMjQwMTAyMDgzMjI5WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMDE0YjViZDJkMWQwZmY3YjhlYWM1ZGVkMjlhNGZhZmVhNjZlM2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUTgXo+OSaUkla0YUEokLslfN+Rn
xQWKwD3LHEIaGlvYEhS7hBpgY7m8YZ4z3OSMtg/7O24J9fXIZF8A0bjY+uMoL6Ys
D2/yAKwuEKEIFtnX6ws8df6tnEKhCuaZeDjgzvtx2SUPHS25nDAuDHcJxcJasu7J
uKAc9EVCOI6UoAiYXC/CVRTBpg+dNcWSROa89IZPO1oy40j1yKrFenRMHqppdhKg
ZmA5XzBgnvJ985k/5hSAHBeIqXdDG78jcBH277QAoyJWIJmXRhuA95j51WcMK36c
dZ9hS3qdqWRN6GHyptyj82ddR3YDjA74lB3Uo1Hehohvx5uKJRpwbNbZtQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNAUtb0tHQ/3uOrF3tKaT6/qZuPDMB8GA1UdIwQY
MBaAFAESdWalrEHma0x1N6YP3Lv6s5oXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQVJKMVpxV3NRZVpyVEhVM3BnX2N1X3F6bWhjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC81MWY3ZjgtMDU5NS00NjU0LTk0M2It
MWJlYWM3NDQwMjYyLzEvMEJTMXZTMGREX2U0NnNYZTBwcFByLXBtNDhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC81MWY3ZjgtMDU5NS00NjU0LTk0M2ItMWJlYWM3NDQwMjYy
LzEvQVJKMVpxV3NRZVpyVEhVM3BnX2N1X3F6bWhjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCWNYQAwQC
uSbAMA0GCSqGSIb3DQEBCwUAA4IBAQAxNbFG1f4dwv/U+MPbbOGDDzQIS6fiGDOe
HCesz2nIvEhukfovaqlDdHgjpd/i3KzssOQtHqaXTpeFgwcx1PyACoIyUWzW31EA
43Y3jFsRHZ3cClRzvWJJIqXK3s+c8iS5SxyeTYGCJ6rPKI3OsJgjS9urAPpEOdyP
1XpOoeOeSPKhVswDs3bVG/fCoRSR8cmkY159ApAiQAZ+RqR189f9Ds5Yx0P7o9yS
TjXj04VTnTFeZnBBN/aGZ+2H2HDYwrnkEmXh8a4JPoUOAVKoh+sD/2nJeafskCKl
h+PmlQMbHKdyijODeQXDxgP3f+m+Aq2RMCF48kVnRHpv+AZhZueH
-----END CERTIFICATE-----
Generated at Wed Nov 27 00:16:04 2024 by rpki-client on console-ams.rpki-client.org