Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/ogjgE295lY39e7LpYsD6ywdQpYw.roa
File: ogjgE295lY39e7LpYsD6ywdQpYw.roa (raw, json)
Hash identifier: gOx8LzM1oFhqDD0N2TXn9fTxAeFrnjyEJVEt6p5Yi68=
Subject key identifier: A2:08:E0:13:6F:79:95:8D:FD:7B:B2:E9:62:C0:FA:CB:07:50:A5:8C
Certificate issuer: /CN=bd4e6edd26ef1b16d848e98130e6fc4450b32752
Certificate serial: 018CC94CBB1145DC29C9E53F4E3136AC1F22
Authority key identifier: BD:4E:6E:DD:26:EF:1B:16:D8:48:E9:81:30:E6:FC:44:50:B3:27:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/ogjgE295lY39e7LpYsD6ywdQpYw.roa
Signing time: Tue 02 Jan 2024 08:31:38 +0000
ROA not before: Tue 02 Jan 2024 08:31:38 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 37480
IP address blocks: 80.89.179.0/24 maxlen: 24
80.89.176.0/24 maxlen: 24
80.89.178.0/24 maxlen: 24
80.89.177.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Jun 2024 11:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c9:4c:bb:11:45:dc:29:c9:e5:3f:4e:31:36:ac:1f:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bd4e6edd26ef1b16d848e98130e6fc4450b32752
Validity
Not Before: Jan 2 08:31:38 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a208e0136f79958dfd7bb2e962c0facb0750a58c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:58:e3:07:c8:c2:b2:44:fc:61:8d:d3:5e:e1:
9c:30:ae:ba:0f:d9:50:ad:db:3e:28:0e:56:20:92:
3a:df:e5:c1:17:c7:83:83:bf:f2:50:b8:aa:7c:23:
12:88:66:cb:d9:36:7c:ec:da:e5:e1:71:3e:ae:00:
6d:af:03:98:d3:f4:9f:02:22:84:0a:ed:30:c6:25:
99:b9:13:62:a1:33:09:40:91:80:52:b3:a1:6c:41:
77:9f:39:a7:75:23:ee:cb:84:b2:4c:29:e3:ec:32:
46:4e:93:d2:67:75:1e:df:e4:cb:dc:b0:f4:93:0a:
b3:b4:93:5b:dd:90:0c:10:30:61:a9:6f:20:c9:12:
ba:e6:d8:5b:09:e8:7b:16:ff:5a:58:bc:59:43:a3:
cd:a7:96:13:69:99:9a:b5:6f:7c:ac:61:e1:a3:1b:
ef:4e:08:cb:a5:4e:ee:81:04:2e:c7:84:62:b9:26:
c7:72:50:ce:78:7f:3c:9e:f8:d4:e0:e5:bf:da:7e:
c3:97:9a:11:3f:4a:13:57:4e:fd:57:3b:33:b1:cc:
e3:8c:be:44:d9:72:ca:94:3c:1f:f5:7b:e9:7a:67:
cc:26:08:66:f4:a2:e8:e4:43:df:2a:c7:b1:dc:f8:
ff:4d:3a:0e:b0:42:09:0e:c1:35:fa:00:b7:d7:c3:
3a:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:08:E0:13:6F:79:95:8D:FD:7B:B2:E9:62:C0:FA:CB:07:50:A5:8C
X509v3 Authority Key Identifier:
keyid:BD:4E:6E:DD:26:EF:1B:16:D8:48:E9:81:30:E6:FC:44:50:B3:27:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/ogjgE295lY39e7LpYsD6ywdQpYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/ace373-b81b-400c-845c-9628f5266542/1/vU5u3SbvGxbYSOmBMOb8RFCzJ1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.89.176.0/22
Signature Algorithm: sha256WithRSAEncryption
9c:98:b6:2c:4c:7d:5b:8b:84:01:a6:61:d8:63:ae:67:d5:2a:
97:b7:52:d0:33:5f:6d:bc:ce:3f:0b:fd:59:ea:87:d9:c9:44:
d3:6c:00:33:8b:8a:40:ac:7f:33:c0:b2:33:b2:a8:8d:50:3d:
6b:be:64:05:d2:14:70:11:7f:e9:c1:2c:3d:1d:bd:06:f5:04:
6e:6e:08:6d:99:12:13:7b:1f:8d:ca:f6:50:06:2b:e0:c6:0c:
b4:29:61:84:b1:1b:51:47:b3:cd:3f:aa:aa:1b:68:92:29:48:
7d:f0:42:ce:55:27:63:80:ad:80:e7:7a:ff:bf:df:42:48:71:
94:20:67:77:c1:c1:07:1d:e7:f1:99:ba:13:78:df:79:c4:be:
1b:e4:a2:20:89:33:28:0e:95:5c:d8:de:97:f2:1a:69:a1:f9:
6a:9f:da:2e:e4:20:c7:a5:a7:38:a3:b4:57:53:ee:96:3f:7b:
b0:0a:bd:f1:5e:fb:de:b1:68:85:82:d3:54:d7:6c:17:c1:aa:
cc:ee:56:47:ad:6f:2e:03:68:5c:17:ab:91:08:88:2b:56:de:
f8:4b:40:2c:da:cc:27:7e:1c:19:ce:f5:84:d1:cb:dd:02:bc:
0a:22:e2:01:7b:16:8c:6e:47:e9:0a:d1:08:ca:58:fa:60:b2:
62:52:22:79
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYzJTLsRRdwpyeU/TjE2rB8iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkNGU2ZWRkMjZlZjFiMTZkODQ4ZTk4MTMwZTZmYzQ0NTBi
MzI3NTIwHhcNMjQwMTAyMDgzMTM4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMjA4ZTAxMzZmNzk5NThkZmQ3YmIyZTk2MmMwZmFjYjA3NTBhNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhFjjB8jCskT8YY3TXuGcMK66D9lQ
rds+KA5WIJI63+XBF8eDg7/yULiqfCMSiGbL2TZ87Nrl4XE+rgBtrwOY0/SfAiKE
Cu0wxiWZuRNioTMJQJGAUrOhbEF3nzmndSPuy4SyTCnj7DJGTpPSZ3Ue3+TL3LD0
kwqztJNb3ZAMEDBhqW8gyRK65thbCeh7Fv9aWLxZQ6PNp5YTaZmatW98rGHhoxvv
TgjLpU7ugQQux4RiuSbHclDOeH88nvjU4OW/2n7Dl5oRP0oTV079VzszsczjjL5E
2XLKlDwf9XvpemfMJghm9KLo5EPfKsex3Pj/TToOsEIJDsE1+gC318M6LQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKII4BNveZWN/Xuy6WLA+ssHUKWMMB8GA1UdIwQY
MBaAFL1Obt0m7xsW2EjpgTDm/ERQsydSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdlU1dTNTYnZHeGJZU09tQk1PYjhSRkN6SjFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy9hY2UzNzMtYjgxYi00MDBjLTg0NWMt
OTYyOGY1MjY2NTQyLzEvb2dqZ0UyOTVsWTM5ZTdMcFlzRDZ5d2RRcFl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy9hY2UzNzMtYjgxYi00MDBjLTg0NWMtOTYyOGY1MjY2NTQy
LzEvdlU1dTNTYnZHeGJZU09tQk1PYjhSRkN6SjFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCUFmwMA0G
CSqGSIb3DQEBCwUAA4IBAQCcmLYsTH1bi4QBpmHYY65n1SqXt1LQM19tvM4/C/1Z
6ofZyUTTbAAzi4pArH8zwLIzsqiNUD1rvmQF0hRwEX/pwSw9Hb0G9QRubghtmRIT
ex+NyvZQBivgxgy0KWGEsRtRR7PNP6qqG2iSKUh98ELOVSdjgK2A53r/v99CSHGU
IGd3wcEHHefxmboTeN95xL4b5KIgiTMoDpVc2N6X8hppoflqn9ou5CDHpac4o7RX
U+6WP3uwCr3xXvvesWiFgtNU12wXwarM7lZHrW8uA2hcF6uRCIgrVt74S0As2swn
fhwZzvWE0cvdArwKIuIBexaMbkfpCtEIylj6YLJiUiJ5
-----END CERTIFICATE-----
Generated at Fri Jun 7 17:58:52 2024 by rpki-client on console-fra.rpki-client.org