Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/oUf3XZYQKKuUMRhRUgiVSv9JyGQ.roa
File: oUf3XZYQKKuUMRhRUgiVSv9JyGQ.roa (raw, json)
Hash identifier: E10q5+iIOHFKWv80jp2miijHhuKprrYoOrowRq3V7/c=
Subject key identifier: A1:47:F7:5D:96:10:28:AB:94:31:18:51:52:08:95:4A:FF:49:C8:64
Certificate issuer: /CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Certificate serial: 018EC91EDE4257E0EBE7E5E4EDFDA25E6E0C
Authority key identifier: 00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/oUf3XZYQKKuUMRhRUgiVSv9JyGQ.roa
Signing time: Wed 10 Apr 2024 17:47:07 +0000
ROA not before: Wed 10 Apr 2024 17:47:07 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 89.46.10.0/24 maxlen: 24
93.114.61.0/24 maxlen: 24
185.81.180.0/23 maxlen: 23
185.81.180.0/24 maxlen: 24
185.81.181.0/24 maxlen: 24
185.81.183.0/24 maxlen: 24
195.242.242.0/24 maxlen: 24
195.242.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 03 May 2024 07:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8e:c9:1e:de:42:57:e0:eb:e7:e5:e4:ed:fd:a2:5e:6e:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00aff6b4effe7c363ef200f6f3e5888b915ba681
Validity
Not Before: Apr 10 17:47:07 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a147f75d961028ab943118515208954aff49c864
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b2:b9:5a:d6:18:ff:32:ab:08:bc:0c:1a:f9:
0f:e0:75:cb:68:eb:17:3c:08:32:80:ab:dc:34:89:
8f:78:62:fe:f9:9b:53:df:be:b8:ae:3d:c0:b5:1c:
3a:47:73:6d:00:cf:b3:89:67:0e:c8:cf:97:ed:ac:
4d:35:1c:12:6f:86:35:28:d5:13:7b:0b:7f:3c:31:
a1:aa:71:a3:3f:8b:80:74:7f:6e:79:bf:5d:3f:e7:
a7:7e:a2:6b:16:98:1b:9c:7e:8a:98:21:0d:b1:f1:
98:47:b4:50:95:71:96:84:c1:59:dc:13:6d:e8:48:
a1:86:7c:1b:db:bc:bd:ab:bd:e4:04:e8:96:22:de:
91:09:22:c9:e7:c8:1a:ba:7f:9c:cf:38:4c:20:21:
8f:12:02:85:d4:bb:8e:80:64:6c:d1:50:06:97:b6:
b3:19:17:96:bd:46:43:94:21:c2:4a:67:5a:2b:f4:
6d:2c:44:fd:8f:dd:6e:b5:6d:8e:22:bb:b2:a0:43:
0f:e7:7c:05:20:d9:a1:11:41:28:07:66:3a:0e:16:
3a:b6:dc:a9:0e:49:8e:d7:9a:9e:49:f1:97:34:eb:
3d:91:b5:45:20:51:17:db:7e:79:ae:a1:eb:00:6b:
d8:96:18:bf:8f:14:4a:3f:02:dd:fa:25:ff:a8:ce:
c7:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:47:F7:5D:96:10:28:AB:94:31:18:51:52:08:95:4A:FF:49:C8:64
X509v3 Authority Key Identifier:
keyid:00:AF:F6:B4:EF:FE:7C:36:3E:F2:00:F6:F3:E5:88:8B:91:5B:A6:81
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AK_2tO_-fDY-8gD28-WIi5FbpoE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/oUf3XZYQKKuUMRhRUgiVSv9JyGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/098d13-6d6d-4294-9753-a8773de768f7/1/AK_2tO_-fDY-8gD28-WIi5FbpoE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.46.10.0/24
93.114.61.0/24
185.81.180.0/23
185.81.183.0/24
195.242.242.0/23
Signature Algorithm: sha256WithRSAEncryption
67:8d:e9:d8:f8:6c:6a:13:e9:68:6c:12:c6:80:1f:ad:a7:3e:
27:2b:53:2b:49:60:eb:20:8b:ff:fb:d6:bb:d3:9c:1f:f9:c6:
8f:6e:f0:db:77:21:ad:22:b1:9c:b5:4f:22:2f:92:06:cf:7e:
d6:19:0f:99:ed:84:70:37:d8:27:bf:76:1e:d7:be:1a:3c:8f:
f7:4d:80:24:ca:e7:77:2d:fe:a3:ce:2d:e9:9b:e9:85:0c:7b:
50:ee:44:31:41:d3:ba:47:04:ff:61:d6:8c:f8:e1:ac:c8:7f:
cf:f6:55:84:f4:60:50:9a:7a:94:99:0e:94:d6:f0:5f:7a:ca:
41:61:15:bc:c9:f0:1e:c3:b4:43:ea:79:d3:0e:93:b8:f9:07:
c9:38:72:f2:55:98:89:99:e5:4a:f7:ba:ec:30:cd:fb:0a:09:
da:28:34:59:9e:78:1b:16:c5:e4:97:2d:bc:a3:9a:52:de:dd:
7d:2a:7b:65:70:6f:c4:54:e0:0b:60:c4:33:72:0f:af:c1:e7:
54:4f:9b:08:c1:20:9a:28:bf:7f:da:5d:7d:98:77:96:4b:e8:
8d:8b:2b:5f:07:fe:f1:16:89:01:c7:09:31:b3:e1:5a:cd:0f:
1c:8d:2a:33:aa:ad:79:2c:2b:f3:a1:4f:09:05:fb:ec:93:45:
57:5d:80:e9
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAY7JHt5CV+Dr5+Xk7f2iXm4MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwYWZmNmI0ZWZmZTdjMzYzZWYyMDBmNmYzZTU4ODhiOTE1
YmE2ODEwHhcNMjQwNDEwMTc0NzA3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTQ3Zjc1ZDk2MTAyOGFiOTQzMTE4NTE1MjA4OTU0YWZmNDljODY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbK5WtYY/zKrCLwMGvkP4HXLaOsX
PAgygKvcNImPeGL++ZtT3764rj3AtRw6R3NtAM+ziWcOyM+X7axNNRwSb4Y1KNUT
ewt/PDGhqnGjP4uAdH9ueb9dP+enfqJrFpgbnH6KmCENsfGYR7RQlXGWhMFZ3BNt
6Eihhnwb27y9q73kBOiWIt6RCSLJ58gaun+czzhMICGPEgKF1LuOgGRs0VAGl7az
GReWvUZDlCHCSmdaK/RtLET9j91utW2OIruyoEMP53wFINmhEUEoB2Y6DhY6ttyp
DkmO15qeSfGXNOs9kbVFIFEX2355rqHrAGvYlhi/jxRKPwLd+iX/qM7HAwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKFH912WECirlDEYUVIIlUr/SchkMB8GA1UdIwQY
MBaAFACv9rTv/nw2PvIA9vPliIuRW6aBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMt
YTg3NzNkZTc2OGY3LzEvb1VmM1haWVFLS3VVTVJoUlVnaVZTdjlKeUdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC8wOThkMTMtNmQ2ZC00Mjk0LTk3NTMtYTg3NzNkZTc2OGY3
LzEvQUtfMnRPXy1mRFktOGdEMjgtV0lpNUZicG9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQAWS4KAwQA
XXI9AwQBuVG0AwQAuVG3AwQBw/LyMA0GCSqGSIb3DQEBCwUAA4IBAQBnjenY+Gxq
E+lobBLGgB+tpz4nK1MrSWDrIIv/+9a705wf+caPbvDbdyGtIrGctU8iL5IGz37W
GQ+Z7YRwN9gnv3Ye174aPI/3TYAkyud3Lf6jzi3pm+mFDHtQ7kQxQdO6RwT/YdaM
+OGsyH/P9lWE9GBQmnqUmQ6U1vBfespBYRW8yfAew7RD6nnTDpO4+QfJOHLyVZiJ
meVK97rsMM37CgnaKDRZnngbFsXkly28o5pS3t19KntlcG/EVOALYMQzcg+vwedU
T5sIwSCaKL9/2l19mHeWS+iNiytfB/7xFokBxwkxs+FazQ8cjSozqq15LCvzoU8J
Bfvsk0VXXYDp
-----END CERTIFICATE-----
Generated at Thu May 2 12:48:26 2024 by rpki-client on console-ams.rpki-client.org