Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/5cecc0-2a53-4500-85ae-e8b60a2dd6b4/1/ozOjTfdhEeLQZmzBcbPFo1hpjnM.roa
File: ozOjTfdhEeLQZmzBcbPFo1hpjnM.roa (raw, json)
Hash identifier: bSrvPx+NwrXsBd1YcD4mFvbehRu1NgazlEGdHbv/pcA=
Subject key identifier: A3:33:A3:4D:F7:61:11:E2:D0:66:6C:C1:71:B3:C5:A3:58:69:8E:73
Certificate issuer: /CN=d49922ca8d139a4d03d6d57cbc8177dc05feb9ec
Certificate serial: 018CC8DE3C3FADED31EFA9F2F8CA1E4E3073
Authority key identifier: D4:99:22:CA:8D:13:9A:4D:03:D6:D5:7C:BC:81:77:DC:05:FE:B9:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1Jkiyo0Tmk0D1tV8vIF33AX-uew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/5cecc0-2a53-4500-85ae-e8b60a2dd6b4/1/ozOjTfdhEeLQZmzBcbPFo1hpjnM.roa
Signing time: Tue 02 Jan 2024 06:30:56 +0000
ROA not before: Tue 02 Jan 2024 06:30:56 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 211347
IP address blocks: 178.237.201.0/24 maxlen: 24
178.237.207.0/24 maxlen: 24
2a04:7e00::/48 maxlen: 48
2a04:7e00:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/5cecc0-2a53-4500-85ae-e8b60a2dd6b4/1/1Jkiyo0Tmk0D1tV8vIF33AX-uew.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/5cecc0-2a53-4500-85ae-e8b60a2dd6b4/1/1Jkiyo0Tmk0D1tV8vIF33AX-uew.mft
rsync://rpki.ripe.net/repository/DEFAULT/1Jkiyo0Tmk0D1tV8vIF33AX-uew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 May 2024 07:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:de:3c:3f:ad:ed:31:ef:a9:f2:f8:ca:1e:4e:30:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d49922ca8d139a4d03d6d57cbc8177dc05feb9ec
Validity
Not Before: Jan 2 06:30:56 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a333a34df76111e2d0666cc171b3c5a358698e73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:58:f4:21:c7:95:70:b5:c9:37:37:02:72:f7:
f6:5a:41:65:a7:45:92:f8:9e:f1:25:6d:6c:66:2e:
f5:1d:d1:f8:65:14:d4:55:20:16:19:82:5e:37:8d:
ef:a4:1b:0b:92:b0:62:d3:4f:39:21:05:8f:94:67:
60:83:52:f6:1c:25:7b:8e:30:08:49:f2:2e:b7:00:
94:91:63:3c:14:09:d7:0f:f1:05:18:93:30:08:21:
15:05:5d:e9:68:d5:92:38:ed:9c:0f:dc:a8:1c:1a:
81:93:10:10:14:1b:c1:56:e6:49:e0:77:89:df:1f:
ee:57:50:84:2d:6e:e2:20:d9:93:6c:6b:01:8d:01:
69:05:18:d9:13:08:18:60:6a:74:13:7b:7b:ea:4f:
61:dc:5e:1c:7a:ea:ac:79:24:34:b6:42:30:1c:c0:
31:56:e7:61:5d:3a:97:b4:42:88:71:4f:15:b7:91:
f2:5c:e0:0c:ae:89:e8:f4:5d:3e:a1:74:6f:37:2b:
f7:ed:b1:31:16:91:98:c8:4c:44:88:bd:fa:49:8d:
50:41:1a:01:28:e7:38:f1:3a:82:1f:dc:a3:cc:9b:
b2:b0:e7:b7:3e:1c:8f:d2:7c:50:ee:93:1d:1a:d2:
49:0a:73:af:30:be:b8:35:05:22:67:06:d7:ae:a7:
cb:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:33:A3:4D:F7:61:11:E2:D0:66:6C:C1:71:B3:C5:A3:58:69:8E:73
X509v3 Authority Key Identifier:
keyid:D4:99:22:CA:8D:13:9A:4D:03:D6:D5:7C:BC:81:77:DC:05:FE:B9:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1Jkiyo0Tmk0D1tV8vIF33AX-uew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5cecc0-2a53-4500-85ae-e8b60a2dd6b4/1/ozOjTfdhEeLQZmzBcbPFo1hpjnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/5cecc0-2a53-4500-85ae-e8b60a2dd6b4/1/1Jkiyo0Tmk0D1tV8vIF33AX-uew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.237.201.0/24
178.237.207.0/24
IPv6:
2a04:7e00::/47
Signature Algorithm: sha256WithRSAEncryption
37:4c:48:6f:8b:1b:a6:75:8d:e1:06:3c:bd:74:c6:2a:8a:62:
1f:24:ee:bd:28:b9:b2:21:58:ac:c1:08:c9:db:5b:b5:af:c5:
3d:09:56:2e:53:80:0b:72:72:ae:d9:f6:06:be:9f:4a:13:34:
f7:ca:d6:2f:c2:d7:29:e1:ff:0b:96:c3:c1:d5:27:4e:6a:dd:
51:26:e4:53:22:f3:2f:2d:de:89:20:38:bb:06:57:a5:d1:71:
7e:b7:50:75:83:57:ee:62:22:96:3f:42:52:60:91:34:c0:11:
8c:c8:e9:e2:73:17:81:18:bc:46:72:24:a2:76:e6:f8:45:bc:
1f:b4:a9:7e:49:83:06:d9:ec:70:a7:6a:75:e5:e1:f5:da:6e:
ad:de:5a:77:10:d4:31:b0:15:5b:51:5c:82:3e:ef:bd:e2:47:
f0:2f:56:a8:5c:95:44:88:0c:91:a5:05:9d:16:a6:66:5f:ad:
89:19:fc:a8:66:66:71:8f:bc:14:0e:25:75:7f:f7:72:79:8b:
e1:89:a4:ce:76:ee:a0:b6:70:76:e0:bf:a9:99:6e:18:a2:03:
bf:1f:cf:14:e3:ef:a6:34:5b:b9:25:df:87:d9:76:7e:87:1a:
09:ad:a8:3a:35:45:3b:db:d2:60:9d:01:cb:8d:2a:f7:fe:0d:
4a:f5:d6:11
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAYzI3jw/re0x76ny+MoeTjBzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0OTkyMmNhOGQxMzlhNGQwM2Q2ZDU3Y2JjODE3N2RjMDVm
ZWI5ZWMwHhcNMjQwMTAyMDYzMDU2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzMzYTM0ZGY3NjExMWUyZDA2NjZjYzE3MWIzYzVhMzU4Njk4ZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtlj0IceVcLXJNzcCcvf2WkFlp0WS
+J7xJW1sZi71HdH4ZRTUVSAWGYJeN43vpBsLkrBi0085IQWPlGdgg1L2HCV7jjAI
SfIutwCUkWM8FAnXD/EFGJMwCCEVBV3paNWSOO2cD9yoHBqBkxAQFBvBVuZJ4HeJ
3x/uV1CELW7iINmTbGsBjQFpBRjZEwgYYGp0E3t76k9h3F4ceuqseSQ0tkIwHMAx
VudhXTqXtEKIcU8Vt5HyXOAMrono9F0+oXRvNyv37bExFpGYyExEiL36SY1QQRoB
KOc48TqCH9yjzJuysOe3PhyP0nxQ7pMdGtJJCnOvML64NQUiZwbXrqfL6QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFKMzo033YRHi0GZswXGzxaNYaY5zMB8GA1UdIwQY
MBaAFNSZIsqNE5pNA9bVfLyBd9wF/rnsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUpraXlvMFRtazBEMXRWOHZJRjMzQVgtdWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC81Y2VjYzAtMmE1My00NTAwLTg1YWUt
ZThiNjBhMmRkNmI0LzEvb3pPalRmZGhFZUxRWm16QmNiUEZvMWhwam5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC81Y2VjYzAtMmE1My00NTAwLTg1YWUtZThiNjBhMmRkNmI0
LzEvMUpraXlvMFRtazBEMXRWOHZJRjMzQVgtdWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQAsu3JAwQA
su3PMA8EAgACMAkDBwEqBH4AAAAwDQYJKoZIhvcNAQELBQADggEBADdMSG+LG6Z1
jeEGPL10xiqKYh8k7r0oubIhWKzBCMnbW7WvxT0JVi5TgAtycq7Z9ga+n0oTNPfK
1i/C1ynh/wuWw8HVJ05q3VEm5FMi8y8t3okgOLsGV6XRcX63UHWDV+5iIpY/QlJg
kTTAEYzI6eJzF4EYvEZyJKJ25vhFvB+0qX5JgwbZ7HCnanXl4fXabq3eWncQ1DGw
FVtRXII+773iR/AvVqhclUSIDJGlBZ0WpmZfrYkZ/KhmZnGPvBQOJXV/93J5i+GJ
pM527qC2cHbgv6mZbhiiA78fzxTj76Y0W7kl34fZdn6HGgmtqDo1RTvb0mCdAcuN
Kvf+DUr11hE=
-----END CERTIFICATE-----
Generated at Wed May 29 16:42:25 2024 by rpki-client on console-fra.rpki-client.org