Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/o6rZZKPAi8kS3AZVflPSnLGegLE.roa
File: o6rZZKPAi8kS3AZVflPSnLGegLE.roa (raw, json)
Hash identifier: Z7q63i91R0H0CqdXish4NaGKwjR0fCHFfdaemYUj+J4=
Subject key identifier: A3:AA:D9:64:A3:C0:8B:C9:12:DC:06:55:7E:53:D2:9C:B1:9E:80:B1
Certificate issuer: /CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Certificate serial: 018CC8DF373612F293CF5B3F551CF78C3143
Authority key identifier: 3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/o6rZZKPAi8kS3AZVflPSnLGegLE.roa
Signing time: Tue 02 Jan 2024 06:32:00 +0000
ROA not before: Tue 02 Jan 2024 06:32:00 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 3320
IP address blocks: 213.209.136.0/24 maxlen: 24
213.209.149.0/24 maxlen: 24
213.209.156.0/24 maxlen: 24
77.90.156.0/24 maxlen: 24
77.90.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.mft
rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 02 May 2024 14:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c8:df:37:36:12:f2:93:cf:5b:3f:55:1c:f7:8c:31:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3b476e12e8987e5b302cdc24bdd9db3fe83c8449
Validity
Not Before: Jan 2 06:32:00 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3aad964a3c08bc912dc06557e53d29cb19e80b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:ee:6f:89:3f:da:0c:d8:cf:28:b6:0f:f0:10:
fa:0d:11:a7:97:43:08:19:4d:f5:60:bb:48:39:d6:
2d:38:73:7a:cf:1b:e8:ea:cf:78:9f:02:3c:51:2d:
da:7f:f0:40:a5:e6:70:5d:10:09:b1:c0:5f:65:06:
0f:62:c1:82:48:04:61:57:c6:4c:e0:10:04:0c:c7:
0a:b6:64:1d:ff:38:de:99:62:70:1c:e4:38:a8:7f:
c7:2c:e1:1e:d6:d2:65:db:69:db:51:4f:1b:07:ba:
54:52:3c:69:24:d5:28:ba:76:05:a9:6c:63:2b:ab:
a9:ab:e3:dc:11:6a:23:5f:b9:17:96:87:42:99:0e:
64:b0:97:16:7c:b2:0a:c8:81:03:0b:2a:79:0f:ed:
73:b0:32:cc:c5:ad:a1:02:14:3a:3d:0a:e5:0f:3d:
38:62:f7:16:11:ea:55:a8:c1:62:53:17:d1:e3:b3:
31:58:c8:eb:5e:0b:82:ab:fa:ff:c7:74:83:94:1f:
af:df:46:61:fa:39:a7:a4:e2:2a:cc:e6:da:f6:aa:
e6:47:e4:1a:18:c7:26:e9:26:4f:41:8c:d9:21:c8:
61:e2:1e:03:34:fd:41:a7:4d:9b:f2:7a:d7:9b:37:
94:2f:2c:1e:74:73:d2:ed:d8:76:d5:e9:65:da:0f:
77:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:AA:D9:64:A3:C0:8B:C9:12:DC:06:55:7E:53:D2:9C:B1:9E:80:B1
X509v3 Authority Key Identifier:
keyid:3B:47:6E:12:E8:98:7E:5B:30:2C:DC:24:BD:D9:DB:3F:E8:3C:84:49
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O0duEuiYflswLNwkvdnbP-g8hEk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/o6rZZKPAi8kS3AZVflPSnLGegLE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/34/d90c6f-6576-46b9-8313-6cbff3c4da01/1/O0duEuiYflswLNwkvdnbP-g8hEk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.156.0/24
77.90.184.0/24
213.209.136.0/24
213.209.149.0/24
213.209.156.0/24
Signature Algorithm: sha256WithRSAEncryption
78:7e:af:97:75:a3:81:2a:55:34:cb:d8:f3:ba:8f:ff:dc:fa:
d2:58:91:47:be:11:0c:50:04:cf:ba:4b:9b:61:5d:06:03:07:
a2:d3:e3:08:6e:44:16:3f:db:2a:98:28:fe:d3:7c:23:77:7c:
eb:e1:f9:f0:5b:ac:39:31:97:c7:75:98:b0:f2:7c:0d:df:9d:
ca:40:52:eb:44:57:f7:97:37:5e:97:08:4b:d2:1f:4a:8d:c9:
97:f0:84:60:6b:62:5d:cd:66:2a:5d:90:68:f3:a9:3f:1b:b8:
f3:42:4e:7e:da:e0:e9:26:ff:93:b3:6f:69:68:73:80:28:c0:
90:61:17:05:c1:25:2e:38:75:01:b8:b8:0b:72:6f:3c:e5:94:
10:3a:55:19:95:d5:18:0a:c6:94:34:2c:0b:60:47:7e:1e:f5:
42:b6:f8:34:f9:31:fd:08:1c:aa:58:0f:37:4b:27:4c:6e:33:
67:3e:3e:06:54:2e:f4:b6:8f:4b:4d:c3:89:9e:fd:95:c8:6b:
40:fd:18:50:16:16:77:b1:08:1f:e1:33:47:af:3b:07:c5:45:
46:04:4a:c6:82:93:6d:04:ba:02:bb:9b:ae:b9:d7:21:f0:83:
d7:d1:34:b9:cd:56:46:fc:94:b0:46:a2:f8:dd:1a:80:10:97:
ae:da:bc:c8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAYzI3zc2EvKTz1s/VRz3jDFDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiNDc2ZTEyZTg5ODdlNWIzMDJjZGMyNGJkZDlkYjNmZTgz
Yzg0NDkwHhcNMjQwMTAyMDYzMjAwWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2FhZDk2NGEzYzA4YmM5MTJkYzA2NTU3ZTUzZDI5Y2IxOWU4MGIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiO5viT/aDNjPKLYP8BD6DRGnl0MI
GU31YLtIOdYtOHN6zxvo6s94nwI8US3af/BApeZwXRAJscBfZQYPYsGCSARhV8ZM
4BAEDMcKtmQd/zjemWJwHOQ4qH/HLOEe1tJl22nbUU8bB7pUUjxpJNUounYFqWxj
K6upq+PcEWojX7kXlodCmQ5ksJcWfLIKyIEDCyp5D+1zsDLMxa2hAhQ6PQrlDz04
YvcWEepVqMFiUxfR47MxWMjrXguCq/r/x3SDlB+v30Zh+jmnpOIqzOba9qrmR+Qa
GMcm6SZPQYzZIchh4h4DNP1Bp02b8nrXmzeULywedHPS7dh21ell2g93uwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFKOq2WSjwIvJEtwGVX5T0pyxnoCxMB8GA1UdIwQY
MBaAFDtHbhLomH5bMCzcJL3Z2z/oPIRJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMt
NmNiZmYzYzRkYTAxLzEvbzZyWlpLUEFpOGtTM0FaVmZsUFNuTEdlZ0xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNC9kOTBjNmYtNjU3Ni00NmI5LTgzMTMtNmNiZmYzYzRkYTAx
LzEvTzBkdUV1aVlmbHN3TE53a3ZkbmJQLWc4aEVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQATVqcAwQA
TVq4AwQA1dGIAwQA1dGVAwQA1dGcMA0GCSqGSIb3DQEBCwUAA4IBAQB4fq+XdaOB
KlU0y9jzuo//3PrSWJFHvhEMUATPukubYV0GAwei0+MIbkQWP9sqmCj+03wjd3zr
4fnwW6w5MZfHdZiw8nwN353KQFLrRFf3lzdelwhL0h9KjcmX8IRga2JdzWYqXZBo
86k/G7jzQk5+2uDpJv+Ts29paHOAKMCQYRcFwSUuOHUBuLgLcm885ZQQOlUZldUY
CsaUNCwLYEd+HvVCtvg0+TH9CByqWA83SydMbjNnPj4GVC70to9LTcOJnv2VyGtA
/RhQFhZ3sQgf4TNHrzsHxUVGBErGgpNtBLoCu5uuudch8IPX0TS5zVZG/JSwRqL4
3RqAEJeu2rzI
-----END CERTIFICATE-----
Generated at Wed May 1 22:44:56 2024 by rpki-client on console-fra.rpki-client.org