Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/32/f77aca-ad91-403f-b98d-de73a81e357d/1/oM7NgPxB6Z4EU6UvUuGMqhpflQQ.roa
File: oM7NgPxB6Z4EU6UvUuGMqhpflQQ.roa (raw, json)
Hash identifier: 6EIrhUrFfG7syRzrvs52yDHcsB6kuoeby7Sl19+meZw=
Subject key identifier: A0:CE:CD:80:FC:41:E9:9E:04:53:A5:2F:52:E1:8C:AA:1A:5F:95:04
Certificate issuer: /CN=2ff8cf7561fcd6d766b7aad31dbf785f029149f0
Certificate serial: 018CC9BB0FA9A7B614A617EB1E64C527545B
Authority key identifier: 2F:F8:CF:75:61:FC:D6:D7:66:B7:AA:D3:1D:BF:78:5F:02:91:49:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L_jPdWH81tdmt6rTHb94XwKRSfA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/32/f77aca-ad91-403f-b98d-de73a81e357d/1/oM7NgPxB6Z4EU6UvUuGMqhpflQQ.roa
Signing time: Tue 02 Jan 2024 10:32:08 +0000
ROA not before: Tue 02 Jan 2024 10:32:08 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 59455
IP address blocks: 194.147.255.0/24 maxlen: 24
194.149.89.0/24 maxlen: 24
185.80.12.0/22 maxlen: 22
194.147.241.0/24 maxlen: 24
194.147.244.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/32/f77aca-ad91-403f-b98d-de73a81e357d/1/L_jPdWH81tdmt6rTHb94XwKRSfA.crl
rsync://rpki.ripe.net/repository/DEFAULT/32/f77aca-ad91-403f-b98d-de73a81e357d/1/L_jPdWH81tdmt6rTHb94XwKRSfA.mft
rsync://rpki.ripe.net/repository/DEFAULT/L_jPdWH81tdmt6rTHb94XwKRSfA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 13:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:bb:0f:a9:a7:b6:14:a6:17:eb:1e:64:c5:27:54:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ff8cf7561fcd6d766b7aad31dbf785f029149f0
Validity
Not Before: Jan 2 10:32:08 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a0cecd80fc41e99e0453a52f52e18caa1a5f9504
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:3a:8b:08:72:ab:e9:ed:ac:85:25:36:c7:51:
ff:a8:2b:75:fe:50:52:41:a5:e9:a9:f3:db:b4:f4:
27:be:7c:58:2c:c2:8c:55:8b:d5:10:49:5c:14:3a:
3d:fc:3a:79:ab:b5:d0:d9:e2:39:02:c7:65:ec:1f:
00:66:0a:87:08:8d:92:11:79:52:49:ef:30:99:d8:
cc:d9:03:c2:fb:78:f4:43:0c:6d:ff:f6:14:0b:11:
2b:3a:8f:44:47:ad:9e:55:cd:f0:ea:14:93:41:36:
bf:ba:a4:d4:7b:76:46:f6:9e:b3:92:27:13:00:7d:
93:76:f0:67:84:4a:69:42:7b:a0:4c:17:12:e1:44:
04:10:95:ba:df:a9:b2:64:d4:d3:68:5b:fb:53:02:
cd:93:ac:3d:05:f9:e6:6b:f7:c5:67:2d:48:4f:66:
62:02:99:87:79:a2:ff:e0:21:57:f2:4d:7b:f6:39:
f7:80:78:7c:ff:2a:b2:40:92:09:e6:25:33:3a:a9:
74:64:1b:76:d2:bb:83:12:53:ee:9b:80:48:e9:27:
5e:a7:04:cd:e4:e9:57:b1:ce:f6:12:04:bd:5f:f9:
f1:49:08:b2:5c:52:ab:b5:d1:b8:33:6b:cf:36:7e:
7d:97:a6:96:4d:ae:e6:2c:ea:a1:58:96:c6:f9:9e:
86:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:CE:CD:80:FC:41:E9:9E:04:53:A5:2F:52:E1:8C:AA:1A:5F:95:04
X509v3 Authority Key Identifier:
keyid:2F:F8:CF:75:61:FC:D6:D7:66:B7:AA:D3:1D:BF:78:5F:02:91:49:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L_jPdWH81tdmt6rTHb94XwKRSfA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f77aca-ad91-403f-b98d-de73a81e357d/1/oM7NgPxB6Z4EU6UvUuGMqhpflQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/32/f77aca-ad91-403f-b98d-de73a81e357d/1/L_jPdWH81tdmt6rTHb94XwKRSfA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.80.12.0/22
194.147.241.0/24
194.147.244.0/24
194.147.255.0/24
194.149.89.0/24
Signature Algorithm: sha256WithRSAEncryption
77:e9:ab:95:f9:1f:06:3f:d3:4e:5c:36:6b:ed:aa:dc:22:fe:
86:ab:26:72:79:cf:97:3c:e2:b5:73:25:f5:00:54:c1:21:21:
ca:c7:bb:6d:ec:39:3a:ea:bb:36:0c:0a:17:80:a7:0b:3e:c3:
24:b1:9f:cc:38:44:bc:b4:f6:89:aa:72:8c:58:68:cd:08:92:
a1:e3:08:cb:d2:21:64:2c:b1:36:bc:a1:09:03:4a:63:d2:fd:
b9:d1:f3:18:db:22:9c:05:c1:dd:29:4c:b3:83:82:c9:30:7b:
24:3a:aa:23:ec:b6:65:06:10:73:98:a1:8b:5e:f5:ce:29:76:
d5:14:73:3d:11:2a:ba:80:3f:86:4d:f4:29:f5:b7:cb:c2:42:
9f:3e:41:40:ae:f3:60:3c:2d:78:16:ee:c5:f4:08:d4:ba:3b:
c6:64:52:99:60:ef:43:6a:aa:ee:23:c3:b0:e7:21:f0:e1:59:
6a:1e:8d:20:ee:6d:72:69:81:63:3c:1a:a4:a0:28:36:af:24:
ed:9d:ef:aa:a4:c8:f7:01:1e:eb:71:57:80:1e:06:6e:ad:df:
fe:cc:53:c7:b5:19:cd:1c:f7:4e:6e:21:0d:ab:9e:da:41:fa:
8d:f9:8b:77:9c:98:07:3a:d3:9d:7c:ea:33:84:13:99:cd:d8:
73:00:39:21
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzJuw+pp7YUphfrHmTFJ1RbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmZjhjZjc1NjFmY2Q2ZDc2NmI3YWFkMzFkYmY3ODVmMDI5
MTQ5ZjAwHhcNMjQwMTAyMTAzMjA4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMGNlY2Q4MGZjNDFlOTllMDQ1M2E1MmY1MmUxOGNhYTFhNWY5NTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjqLCHKr6e2shSU2x1H/qCt1/lBS
QaXpqfPbtPQnvnxYLMKMVYvVEElcFDo9/Dp5q7XQ2eI5Asdl7B8AZgqHCI2SEXlS
Se8wmdjM2QPC+3j0Qwxt//YUCxErOo9ER62eVc3w6hSTQTa/uqTUe3ZG9p6zkicT
AH2TdvBnhEppQnugTBcS4UQEEJW636myZNTTaFv7UwLNk6w9Bfnma/fFZy1IT2Zi
ApmHeaL/4CFX8k179jn3gHh8/yqyQJIJ5iUzOql0ZBt20ruDElPum4BI6SdepwTN
5OlXsc72EgS9X/nxSQiyXFKrtdG4M2vPNn59l6aWTa7mLOqhWJbG+Z6G+QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKDOzYD8QemeBFOlL1LhjKoaX5UEMB8GA1UdIwQY
MBaAFC/4z3Vh/NbXZreq0x2/eF8CkUnwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTF9qUGRXSDgxdGRtdDZyVEhiOTRYd0tSU2ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMi9mNzdhY2EtYWQ5MS00MDNmLWI5OGQt
ZGU3M2E4MWUzNTdkLzEvb003TmdQeEI2WjRFVTZVdlV1R01xaHBmbFFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMi9mNzdhY2EtYWQ5MS00MDNmLWI5OGQtZGU3M2E4MWUzNTdk
LzEvTF9qUGRXSDgxdGRtdDZyVEhiOTRYd0tSU2ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCuVAMAwQA
wpPxAwQAwpP0AwQAwpP/AwQAwpVZMA0GCSqGSIb3DQEBCwUAA4IBAQB36auV+R8G
P9NOXDZr7arcIv6GqyZyec+XPOK1cyX1AFTBISHKx7tt7Dk66rs2DAoXgKcLPsMk
sZ/MOES8tPaJqnKMWGjNCJKh4wjL0iFkLLE2vKEJA0pj0v250fMY2yKcBcHdKUyz
g4LJMHskOqoj7LZlBhBzmKGLXvXOKXbVFHM9ESq6gD+GTfQp9bfLwkKfPkFArvNg
PC14Fu7F9AjUujvGZFKZYO9DaqruI8Ow5yHw4VlqHo0g7m1yaYFjPBqkoCg2ryTt
ne+qpMj3AR7rcVeAHgZurd/+zFPHtRnNHPdObiENq57aQfqN+Yt3nJgHOtOdfOoz
hBOZzdhzADkh
-----END CERTIFICATE-----
Generated at Fri Jun 7 15:51:15 2024 by rpki-client on console-fra.rpki-client.org